Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone

08/11/2022
by   Aghiles Ait Messaoud, et al.
0

Federated Learning (FL) opens new perspectives for training machine learning models while keeping personal data on the users premises. Specifically, in FL, models are trained on the users devices and only model updates (i.e., gradients) are sent to a central server for aggregation purposes. However, the long list of inference attacks that leak private data from gradients, published in the recent years, have emphasized the need of devising effective protection mechanisms to incentivize the adoption of FL at scale. While there exist solutions to mitigate these attacks on the server side, little has been done to protect users from attacks performed on the client side. In this context, the use of Trusted Execution Environments (TEEs) on the client side are among the most proposing solutions. However, existing frameworks (e.g., DarkneTZ) require statically putting a large portion of the machine learning model into the TEE to effectively protect against complex attacks or a combination of attacks. We present GradSec, a solution that allows protecting in a TEE only sensitive layers of a machine learning model, either statically or dynamically, hence reducing both the TCB size and the overall training time by up to 30 respectively compared to state-of-the-art competitors.

READ FULL TEXT

page 4

page 8

page 10

research
08/08/2023

A Survey on Decentralized Federated Learning

In recent years, federated learning (FL) has become a very popular parad...
research
07/12/2022

Efficient and Privacy Preserving Group Signature for Federated Learning

Federated Learning (FL) is a Machine Learning (ML) technique that aims t...
research
05/15/2018

Understanding and Controlling User Linkability in Decentralized Learning

Machine Learning techniques are widely used by online services (e.g. Goo...
research
05/19/2021

Separation of Powers in Federated Learning

Federated Learning (FL) enables collaborative training among mutually di...
research
10/26/2021

FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective

Federated learning (FL) is a popular distributed learning framework that...
research
07/18/2023

Application of BadNets in Spam Filters

Spam filters are a crucial component of modern email systems, as they he...
research
06/10/2022

Deep Leakage from Model in Federated Learning

Distributed machine learning has been widely used in recent years to tac...

Please sign up or login with your details

Forgot password? Click here to reset