University of Twente Student Theses
About the effect of white-box membership inference attacks on federated learning in large networks
Jansen, L.W.L. (2022) About the effect of white-box membership inference attacks on federated learning in large networks.
PDF
3MB |
Abstract: | Deep learning algorithms have a wide variety of applications, such as simulating chess, image recognition, and assistance with medical diagnosis. These deep learning methods require a vast amount of data to perform well on their tasks. In applications that involve sensitive data, there are various security and privacy concerns for sharing them for deep learning. Federated learning is a novel decentralized deep learning approach used to protect better the confidentiality of individual training datasets from multiple data owners. In contrast to traditional learning methods that collect all data in a central place to do training, federated learning shares a model throughout a network for participants to use for training on their local data records. Once sufficiently trained, the model weights are sent back to the central entity that aggregates them into a new global model. Recent research shows various ways to extract information from these updates to infer properties about the training data in small networks. Therefore, the effects of inference attacks in larger networks are currently unknown, while current applications of federated learning can have thousands of network participants. In this work, we expand the state of the art by studying the attack performance of membership inference attacks from Nasr et al. [16] in a federated network with an increased number of participants. This research shows that when increasing the number of participants to 25, the membership inference attack accuracy increases up to 84.85%. |
Item Type: | Essay (Master) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/93521 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page