Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer

by   Hongyan Chang, et al.

Collaborative (federated) learning enables multiple parties to train a model without sharing their private data, but through repeated sharing of the parameters of their local models. Despite its advantages, this approach has many known privacy and security weaknesses and performance overhead, in addition to being limited only to models with homogeneous architectures. Shared parameters leak a significant amount of information about the local (and supposedly private) datasets. Besides, federated learning is severely vulnerable to poisoning attacks, where some participants can adversarially influence the aggregate parameters. Large models, with high dimensional parameter vectors, are in particular highly susceptible to privacy and security attacks: curse of dimensionality in federated learning. We argue that sharing parameters is the most naive way of information exchange in collaborative learning, as they open all the internal state of the model to inference attacks, and maximize the model's malleability by stealthy poisoning attacks. We propose Cronus, a robust collaborative machine learning framework. The simple yet effective idea behind designing Cronus is to control, unify, and significantly reduce the dimensions of the exchanged information between parties, through robust knowledge transfer between their black-box local models. We evaluate all existing federated learning algorithms against poisoning attacks, and we show that Cronus is the only secure method, due to its tight robustness guarantee. Treating local models as black-box, reduces the information leakage through models, and enables us using existing privacy-preserving algorithms that mitigate the risk of information leakage through the model's output (predictions). Cronus also has a significantly lower sample complexity, compared to federated learning, which does not bind its security to the number of participants.


A Hybrid Approach to Privacy-Preserving Federated Learning

Training machine learning models often requires data from multiple parti...

Matrix Sketching for Secure Collaborative Machine Learning

Collaborative machine learning (ML), also known as federated ML, allows ...

Adversarial Representation Sharing: A Quantitative and Secure Collaborative Learning Framework

The performance of deep learning models highly depends on the amount of ...

Secure Forward Aggregation for Vertical Federated Neural Networks

Vertical federated learning (VFL) is attracting much attention because i...

FLAP – A Federated Learning Framework for Attribute-based Access Control Policies

Technology advances in areas such as sensors, IoT, and robotics, enable ...

Desirable Companion for Vertical Federated Learning: New Zeroth-Order Gradient Based Algorithm

Vertical federated learning (VFL) attracts increasing attention due to t...

Membership Inference Attacks on Deep Regression Models for Neuroimaging

Ensuring the privacy of research participants is vital, even more so in ...

Please sign up or login with your details

Forgot password? Click here to reset