English

Protection against Source Inference Attacks in Federated Learning using Unary Encoding and Shuffling

Cryptography and Security 2024-11-12 v1

Abstract

Federated Learning (FL) enables clients to train a joint model without disclosing their local data. Instead, they share their local model updates with a central server that moderates the process and creates a joint model. However, FL is susceptible to a series of privacy attacks. Recently, the source inference attack (SIA) has been proposed where an honest-but-curious central server tries to identify exactly which client owns a specific data record. n this work, we propose a defense against SIAs by using a trusted shuffler, without compromising the accuracy of the joint model. We employ a combination of unary encoding with shuffling, which can effectively blend all clients' model updates, preventing the central server from inferring information about each client's model update separately. In order to address the increased communication cost of unary encoding we employ quantization. Our preliminary experiments show promising results; the proposed mechanism notably decreases the accuracy of SIAs without compromising the accuracy of the joint model.

Keywords

Cite

@article{arxiv.2411.06458,
  title  = {Protection against Source Inference Attacks in Federated Learning using Unary Encoding and Shuffling},
  author = {Andreas Athanasiou and Kangsoo Jung and Catuscia Palamidessi},
  journal= {arXiv preprint arXiv:2411.06458},
  year   = {2024}
}

Comments

CCS 2024 - The ACM Conference on Computer and Communications Security, ACM, Oct 2024, Salt Lake City, United States

R2 v1 2026-06-28T19:54:44.503Z