Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/109211
PIRA download icon_1.1View/Download Full Text
Title: GradFilt : class-wise targeted data reconstruction from gradients in federated learning
Authors: Zhang, R 
Guo, S
Li, P 
Issue Date: 2024
Source: In WWW '24 Companion: Companion Proceedings of the ACM Web Conference 2024, p. 698-701. New York, NY: The Association for Computing Machinery, 2024
Abstract: Gradient Inversion Attacks (GIAs) have shown that private training data can be recovered from gradient updates in Federated Learning (FL). However, these GIAs can only recover the entire batch of data with limited performance or stochastically restore some random instances. In this paper, we propose a class-wise targeted attack, named GradFilt, which can reconstruct the training data of some specified class(es) from the batch-averaged gradients. By modifying the parameters of the classification layer, we create a filter within the FL model that eliminates the gradients of non-target data while preserving the gradients of target data. We evaluate GradFilt with image datasets on popular FL model architectures. The results show that GradFilt can effectively reconstruct the desired samples with higher accuracies than the existing GIAs. Moreover, we can also achieve 100% success rate in restoring the batch labels. We hope this work can raise awareness of the privacy risks in FL and inspire effective defense mechanisms.
Keywords: Federated Learning
Gradient Inversion
Privacy Leakage
Publisher: Association for Computing Machinery
ISBN: 979-8-4007-0172-6
DOI: 10.1145/3589335.3651514
Description: WWW '24: The ACM Web Conference 2024, Singapore, Singapore, May 13-17, 2024
Rights: © 2024 Copyright held by the owner/author(s).
This work is licensed under a Creative Commons Attribution-NonCommercial-Share Alike International 4.0 License (https://creativecommons.org/licenses/by-nc-sa/4.0/).
The following publication Zhang, R., Guo, S., & Li, P. (2024). GradFilt: Class-wise Targeted Data Reconstruction from Gradients in Federated Learning Companion Proceedings of the ACM Web Conference 2024, Singapore, Singapore is available at https://doi.org/10.1145/3589335.3651514.
Appears in Collections:Conference Paper

Files in This Item:
File Description SizeFormat 
3589335.3651514.pdf5.61 MBAdobe PDFView/Open
Open Access Information
Status open access
File Version Version of Record
Access
View full-text via PolyU eLinks SFX Query
Show full item record

Page views

79
Citations as of Apr 14, 2025

Downloads

30
Citations as of Apr 14, 2025

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.