Poster
in
Workshop: Privacy in Machine Learning (PriML) 2021
Efficient passive membership inference attack in federated learning
CHUAN XU · Giovanni Neglia · Oualid ZARI
Abstract:
In cross-device federated learning (FL) setting, clients such as mobiles cooperate with the server to train a global machine learning model, while maintaining their data locally. However, recent work shows that client's private information can still be disclosed to an adversary who just eavesdrops the messages exchanged between the client and the server. For example, the adversary can infer whether the client owns a specific data instance, which is called a passive membership inference attack. In this paper, we propose a new passive inference attack that requires much less computation power and memory than existing methods. Our empirical results show that our attack achieves a higher accuracy on CIFAR100 dataset (mora than $4$ percentage points) with three orders of magnitude less memory space and five orders of magnitude less calculations.
Chat is not available.