| Presentation | 2024-02-29 Proposal of a Data Leakage Attack against a Vertical Federated Learning System based on Knowledge Distillation Takumi Suimon, Yuki Koizumi, Junji Takemasa, Toru Hasegawa, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Vertical federated learning is a method for participants who have data with the same samples but different features to collaboratively train a machine learning model while keeping their data private. In traditional vertical federated learning, the samples to be inferred are limited, and all participants have to involve during inference phase. To overcome these limitations, Vertical Federated Knowledge Transfer (VFedTrans) has been proposed. In VFedTrans, participants can make inference locally while keeping their data private by using latent representation derived from federated singular value decomposition (FedSVD). This approach also makes the data leakage attacks against the traditional vertical federated learning invalid for VFedTrans. However, this work proposes an attack in which a semi-honest participant infers a linear relationship between latent representation and the original data with neural network and then reconstructs data of other participants. Furthermore, we use two datasets on healthcare and finance and evaluate our attack method. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Vertical Federated Learning / Knowledge Distillation / Knowledge Transfer / Privacy Attack |
| Paper # | NS2023-187 |
| Date of Issue | 2024-02-22 (NS) |
| Conference Information | |
| Committee | NS / IN |
|---|---|
| Conference Date | 2024/2/29(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa Convention Center |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | General |
| Chair | Tetsuya Oishi(NTT) / Kunio Hato(NTT) |
| Vice Chair | Takumi Miyoshi(Shibaura Inst. of Tech.) / Tsutomu Murase(Nagoya Univ.) |
| Secretary | Takumi Miyoshi(NTT) / Tsutomu Murase(Kogakuin Univ.) |
| Assistant | Hiroshi Yamamoto(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Network Systems / Technical Committee on Information Networks |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Proposal of a Data Leakage Attack against a Vertical Federated Learning System based on Knowledge Distillation |
| Sub Title (in English) | |
| Keyword(1) | Vertical Federated Learning |
| Keyword(2) | Knowledge Distillation |
| Keyword(3) | Knowledge Transfer |
| Keyword(4) | Privacy Attack |
| 1st Author's Name | Takumi Suimon |
| 1st Author's Affiliation | Osaka University(Osaka Univ.) |
| 2nd Author's Name | Yuki Koizumi |
| 2nd Author's Affiliation | Osaka University(Osaka Univ.) |
| 3rd Author's Name | Junji Takemasa |
| 3rd Author's Affiliation | Osaka University(Osaka Univ.) |
| 4th Author's Name | Toru Hasegawa |
| 4th Author's Affiliation | Osaka University(Osaka Univ.) |
| Date | 2024-02-29 |
| Paper # | NS2023-187 |
| Volume (vol) | vol.123 |
| Number (no) | NS-397 |
| Page | pp.pp.90-95(NS), |
| #Pages | 6 |
| Date of Issue | 2024-02-22 (NS) |