Model Inversion Attacks in Federated Learning

Abstract:

Federated learning is considered a privacy-preserving learning paradigm as it allows multiple participants to collaboratively train a model without sharing their raw data. However, recent research has shown that federated learning is susceptible to privacy attacks where sensitive information can be inferred from model updates. In this talk, we will introduce model inversion attack (MIA), in which a malicious parameter server can reconstruct individual participants’ local data samples through model updates. In particular, we will introduce scale-MIA, a powerful MIA that can accurately and efficiently reconstruct participants’ training samples from aggregated model updates in federated learning. Scale-MIA also breaks the state-of-the-art secure aggregation protocol, which is a specialized secure multi-party computation (MPC) protocol designed for privacy-preserving federated learning that allows clients to securely compute the summation of model updates without exposing individual values. Scale-MIA represents a powerful novel approach to breach privacy in federated learning settings, prompting the need for robust defense mechanisms against such advanced attacks.

Bio:

Wenjing Lou is the W. C. English Endowed Professor of Computer Science at Virginia Tech and a Fellow of the IEEE and ACM. Her research interests cover many topics in the cybersecurity field, with her current research interest focusing on security and privacy problems in wireless networks, blockchain, trustworthy machine learning, and Internet of Things (IoT) systems. Prof. Lou is a highly cited researcher by the Web of Science Group. She received the Virginia Tech Alumni Award for Research Excellence in 2018, the highest university-level faculty research award. She received the INFOCOM Test-of-Time paper award in 2020. She is the TPC chair for IEEE INFOCOM 2019 and ACM WiSec 2020. She was the Steering Committee Chair for IEEE CNS conference from 2013 to 2020. She is currently the vice chair of IEEE INFOCOM and a steering committee member of IEEE CNS. She served as a program director at the US National Science Foundation (NSF) from 2014 to 2017.