Home Community KDk: A Novel Machine Learning Framework that Protects Vertical Federated Learning from All of the Known Sorts of Label Inference Attacks with Very High Performance

KDk: A Novel Machine Learning Framework that Protects Vertical Federated Learning from All of the Known Sorts of Label Inference Attacks with Very High Performance

0
KDk: A Novel Machine Learning Framework that Protects Vertical Federated Learning from All of the Known Sorts of Label Inference Attacks with Very High Performance

Federated Learning (FL) has emerged as a pivotal technology in recent times, enabling collaborative model training across disparate entities without centralizing data. This approach is especially advantageous when organizations or individuals must cooperate on model development without compromising sensitive data. 

By keeping data locally and performing model updates locally, FL reduces communication costs and facilitates the mixing of heterogeneous data, maintaining the unique characteristics of every participant’s dataset. Nonetheless, despite its advantages, FL still poses risks of indirect information leakage, especially in the course of the model aggregation stage.

FL encompasses various data partition strategies, including Horizontal FL (HFL), Vertical FL (VFL), and Transfer Learning. HFL involves parties with the identical attribute space but different sample spaces, making it suitable for scenarios where regional branches of the identical business aim to construct a richer dataset. Conversely, VFL involves non-competing entities with vertically partitioned data sharing overlapping data samples but differing within the feature space. 

Finally, Transfer Learning is applicable when there may be little overlap in data samples and features amongst multiple subjects with heterogeneous distributions. Each category presents unique challenges and benefits, with HFL emphasizing independent training, VFL leveraging deeper attribute dimensions for more accurate models, and Transfer Learning addressing scenarios with diverse data distributions.

Despite the absence of raw data sharing in FL, combining information across features and the presence of compromised participants can still result in privacy leakage. Label Inference Attacks pose a major concern on this context, as they’ll exploit the sensitivity of labels to disclose confidential details about clients.

To deal with this issue, researchers on the University of Pavia concentrate on defending against label inference attacks within the VFL scenario. They consider the attacks and propose a defense mechanism called KD𝑘 (Knowledge Discovery and 𝑘-anonymity).

KD𝑘 relies on a Knowledge Distillation (KD) step and an obfuscation algorithm to boost privacy protection. KD is a machine learning compression technique that transfers knowledge from a bigger teacher model to a smaller student model, producing softer probability distributions as an alternative of hard labels. 

Of their framework, an lively participant features a teacher network to generate soft labels, that are then processed using 𝑘-anonymity so as to add uncertainty. By grouping the 𝑘 labels with the best probabilities, it becomes difficult for attackers to infer essentially the most probable label accurately. The server’s top model then uses this partially anonymized data for collaborative VFL tasks.

The experimental findings illustrate a notable reduction within the accuracy of label inference attacks across all three types outlined by Fu et al., substantiating the efficacy of the proposed defense mechanism. The contributions of the research encompass the event of a strong countermeasure tailored to combat label inference attacks, validated through an in depth experimental campaign. Moreover, the study offers a comprehensive comparison with existing defense strategies, highlighting the superior performance of the proposed approach.


Take a look at the Paper. All credit for this research goes to the researchers of this project. Also, don’t forget to follow us on Twitter. Join our Telegram ChannelDiscord Channel, and LinkedIn Group.

If you happen to like our work, you’ll love our newsletter..

Don’t Forget to hitch our 40k+ ML SubReddit


Arshad is an intern at MarktechPost. He’s currently pursuing his Int. MSc Physics from the Indian Institute of Technology Kharagpur. Understanding things to the elemental level results in latest discoveries which result in advancement in technology. He’s keen about understanding the character fundamentally with the assistance of tools like mathematical models, ML models and AI.


🐝 Join the Fastest Growing AI Research Newsletter Read by Researchers from Google + NVIDIA + Meta + Stanford + MIT + Microsoft and lots of others…

LEAVE A REPLY

Please enter your comment!
Please enter your name here