Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification

Add code
Feb 01, 2022
Yuxin Wen, Jonas Geiping, Liam Fowl, Micah Goldblum, Tom Goldstein
Figure 1 for Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification
Figure 2 for Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification
Figure 3 for Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification
Figure 4 for Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Federated learning (FL) has rapidly risen in popularity due to its promise of privacy and efficiency. Previous works have exposed privacy vulnerabilities in the FL pipeline by recovering user data from gradient updates. However, existing attacks fail to address realistic settings because they either 1) require a `toy' settings with very small batch sizes, or 2) require unrealistic and conspicuous architecture modifications. We introduce a new strategy that dramatically elevates existing attacks to operate on batches of arbitrarily large size, and without architectural modifications. Our model-agnostic strategy only requires modifications to the model parameters sent to the user, which is a realistic threat model in many scenarios. We demonstrate the strategy in challenging large-scale settings, obtaining high-fidelity data extraction in both cross-device and cross-silo federated learning.

* First three authors contributed equally, order chosen randomly. 21 pages, 9 figures  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon