CAFE: Catastrophic Data Leakage in Vertical Federated Learning

10/26/2021

∙

Recent studies show that private training data can be leaked through the gradients sharing mechanism deployed in distributed machine learning systems, such as federated learning (FL). Increasing batch size to complicate data recovery is often viewed as a promising defense strategy against data leakage. In this paper, we revisit this defense premise and propose an advanced data leakage attack with theoretical justification to efficiently recover batch data from the shared aggregated gradients. We name our proposed method as catastrophic data leakage in vertical federated learning (CAFE). Comparing to existing data leakage attacks, our extensive experimental results on vertical FL settings demonstrate the effectiveness of CAFE to perform large-batch data leakage attack with improved data recovery quality. We also propose a practical countermeasure to mitigate CAFE. Our results suggest that private data participated in standard FL, especially the vertical case, have a high risk of being leaked from the training gradients. Our analysis implies unprecedented and practical data leakage risks in those learning settings. The code of our work is available at https://github.com/DeRafael/CAFE.

READ FULL TEXT

CAFE: Catastrophic Data Leakage in Vertical Federated Learning

Provable Defense against Privacy Leakage in Federated Learning from Representation Perspective

User Label Leakage from Gradients in Federated Learning

Recovering Private Text in Federated Learning of Language Models

Towards General Deep Leakage in Federated Learning

Deep Leakage from Model in Federated Learning

PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider

A Quantitative Metric for Privacy Leakage in Federated Learning

CAFE: Catastrophic Data Leakage in Vertical Federated Learning

Related Research

Provable Defense against Privacy Leakage in Federated Learning from Representation Perspective

User Label Leakage from Gradients in Federated Learning

Recovering Private Text in Federated Learning of Language Models

Towards General Deep Leakage in Federated Learning

Deep Leakage from Model in Federated Learning

PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider

A Quantitative Metric for Privacy Leakage in Federated Learning