Unleashing the Tiger: Inference Attacks on Split Learning

Add code
Dec 04, 2020
Dario Pasquini, Giuseppe Ateniese, Massimo Bernaschi
Figure 1 for Unleashing the Tiger: Inference Attacks on Split Learning
Figure 2 for Unleashing the Tiger: Inference Attacks on Split Learning
Figure 3 for Unleashing the Tiger: Inference Attacks on Split Learning
Figure 4 for Unleashing the Tiger: Inference Attacks on Split Learning

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

We investigate the security of split learning -- a novel collaborative machine learning framework that enables peak performance by requiring minimal resources consumption. In the paper, we make explicit the vulnerabilities of the protocol and demonstrate its inherent insecurity by introducing general attack strategies targeting the reconstruction of clients' private training sets. More prominently, we demonstrate that a malicious server can actively hijack the learning process of the distributed model and bring it into an insecure state that enables inference attacks on clients' data. We implement different adaptations of the attack and test them on various datasets as well as within realistic threat scenarios. To make our results reproducible, we made our code available at https://github.com/pasquini-dario/SplitNN_FSHA.

* 11 pages. Work in progress  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon