Gradient Inversion with Generative Image Prior
Federated Learning (FL) is a distributed learning framework, in which the local data never leaves clients devices to preserve privacy, and the server trains models on the data via accessing only the gradients of those local data. Without further privacy mechanisms such as differential privacy, this...
Saved in:
| Published in | arXiv.org |
|---|---|
| Main Authors | , , , , |
| Format | Paper |
| Language | English |
| Published |
Ithaca
Cornell University Library, arXiv.org
28.10.2021
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Federated Learning (FL) is a distributed learning framework, in which the local data never leaves clients devices to preserve privacy, and the server trains models on the data via accessing only the gradients of those local data. Without further privacy mechanisms such as differential privacy, this leaves the system vulnerable against an attacker who inverts those gradients to reveal clients sensitive data. However, a gradient is often insufficient to reconstruct the user data without any prior knowledge. By exploiting a generative model pretrained on the data distribution, we demonstrate that data privacy can be easily breached. Further, when such prior knowledge is unavailable, we investigate the possibility of learning the prior from a sequence of gradients seen in the process of FL training. We experimentally show that the prior in a form of generative model is learnable from iterative interactions in FL. Our findings strongly suggest that additional mechanisms are necessary to prevent privacy leakage in FL. |
|---|---|
| AbstractList | Federated Learning (FL) is a distributed learning framework, in which the local data never leaves clients devices to preserve privacy, and the server trains models on the data via accessing only the gradients of those local data. Without further privacy mechanisms such as differential privacy, this leaves the system vulnerable against an attacker who inverts those gradients to reveal clients sensitive data. However, a gradient is often insufficient to reconstruct the user data without any prior knowledge. By exploiting a generative model pretrained on the data distribution, we demonstrate that data privacy can be easily breached. Further, when such prior knowledge is unavailable, we investigate the possibility of learning the prior from a sequence of gradients seen in the process of FL training. We experimentally show that the prior in a form of generative model is learnable from iterative interactions in FL. Our findings strongly suggest that additional mechanisms are necessary to prevent privacy leakage in FL. |
| Author | Oh, Sewoong Lee, Kangwook Jeon, Jinwoo Kim, Jaechang Jungseul Ok |
| Author_xml | – sequence: 1 givenname: Jinwoo surname: Jeon fullname: Jeon, Jinwoo – sequence: 2 givenname: Jaechang surname: Kim fullname: Kim, Jaechang – sequence: 3 givenname: Kangwook surname: Lee fullname: Lee, Kangwook – sequence: 4 givenname: Sewoong surname: Oh fullname: Oh, Sewoong – sequence: 5 fullname: Jungseul Ok |
| BookMark | eNqNyrEOgjAQgOHGaCIq79DEGVOuFnE2imwO7KSJp5boVa8FX18HH8DpH75_JsbkCUciAa3zrFwDTEUaQqeUgmIDxuhErCq2Z4cUZU0DcnCe5NvFm6yQkG10A8r6Ya8oT-w8L8TkYu8B01_nYnnYN7tj9mT_6jHEtvM905daMGWZmwK2Sv93fQAd1TQN |
| ContentType | Paper |
| Copyright | 2021. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| Copyright_xml | – notice: 2021. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
| DBID | 8FE 8FG ABJCF ABUWG AFKRA AZQEC BENPR BGLVJ CCPQU DWQXO HCIFZ L6V M7S PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| DatabaseName | ProQuest SciTech Collection ProQuest Technology Collection Materials Science & Engineering Collection ProQuest Central (Alumni) ProQuest Central UK/Ireland ProQuest Central Essentials AUTh Library subscriptions: ProQuest Central Technology Collection ProQuest One Community College ProQuest Central SciTech Premium Collection (Proquest) (PQ_SDU_P3) ProQuest Engineering Collection Engineering Database Publicly Available Content Database ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic ProQuest One Academic UKI Edition ProQuest Central China Engineering collection |
| DatabaseTitle | Publicly Available Content Database Engineering Database Technology Collection ProQuest Central Essentials ProQuest One Academic Eastern Edition ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central ProQuest Engineering Collection ProQuest One Academic UKI Edition ProQuest Central Korea Materials Science & Engineering Collection ProQuest One Academic Engineering Collection |
| DatabaseTitleList | Publicly Available Content Database |
| Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Physics |
| EISSN | 2331-8422 |
| Genre | Working Paper/Pre-Print |
| GroupedDBID | 8FE 8FG ABJCF ABUWG AFKRA ALMA_UNASSIGNED_HOLDINGS AZQEC BENPR BGLVJ CCPQU DWQXO FRJ HCIFZ L6V M7S M~E PIMPY PQEST PQQKQ PQUKI PRINS PTHSS |
| ID | FETCH-proquest_journals_25881562903 |
| IEDL.DBID | BENPR |
| IngestDate | Thu Oct 10 20:19:37 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-proquest_journals_25881562903 |
| OpenAccessLink | https://www.proquest.com/docview/2588156290?pq-origsite=%requestingapplication% |
| PQID | 2588156290 |
| PQPubID | 2050157 |
| ParticipantIDs | proquest_journals_2588156290 |
| PublicationCentury | 2000 |
| PublicationDate | 20211028 |
| PublicationDateYYYYMMDD | 2021-10-28 |
| PublicationDate_xml | – month: 10 year: 2021 text: 20211028 day: 28 |
| PublicationDecade | 2020 |
| PublicationPlace | Ithaca |
| PublicationPlace_xml | – name: Ithaca |
| PublicationTitle | arXiv.org |
| PublicationYear | 2021 |
| Publisher | Cornell University Library, arXiv.org |
| Publisher_xml | – name: Cornell University Library, arXiv.org |
| SSID | ssj0002672553 |
| Score | 3.368193 |
| SecondaryResourceType | preprint |
| Snippet | Federated Learning (FL) is a distributed learning framework, in which the local data never leaves clients devices to preserve privacy, and the server trains... |
| SourceID | proquest |
| SourceType | Aggregation Database |
| SubjectTerms | Clients Electronic devices Federated learning Iterative methods Privacy |
| Title | Gradient Inversion with Generative Image Prior |
| URI | https://www.proquest.com/docview/2588156290 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LSwMxEB5sF8GbT3zUEtBrdJvNbpKToOy2Ci2LKPRW8lrwoG1316u_3SRu9SD0GAJJCMk3mW--zABcV1pXNCEGC1pR56AwhmWsK1wxkaqEKynDp7DpLJu80qd5Ou8It6aTVW4wMQC1WWrPkd-SlPvEJkTEd6s19lWjfHS1K6HRg4iMqA_TRvf5rHz-ZVlIxtybOfkHtMF6FPsQlXJl6wPYsR-HsBtEl7o5gptxHQRXLfLZLgJvhTwvin5yQXsgQo_v7sKjsn5b1sdwVeQvDxO8mWTRHYRm8bfs5AT6zqO3p4Bia7hVVI-MM64pJ1JkmsVKGcFjmSl9BoNtI51v776APeKFFw5gCR9Av60_7aWznK0aQo8X42G3Sa41_cq_Ae-geOc |
| link.rule.ids | 786,790,12792,21416,33406,33777,43633,43838 |
| linkProvider | ProQuest |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1NTwMhEJ1oG6M3P6O1Kole0RXYXTh5MG632jY91KS3DbCQeLCtu9v_L-BWDyY9k8CEDG-Yx2MG4M5qbRklJRbMMpegpCmWkbbYpiJWlCspw6ew8STJ39nrPJ63hFvdyio3mBiAulxqz5E_kJj7wiZERE-rL-y7RvnX1baFxi50GU2o93OeDX45FpKk7sZM_8FsiB3ZIXSncmWqI9gxi2PYC5JLXZ_A_aAKcqsG-VoXgbVCnhVFP5WgPQyh4ac77mhafSyrU7jNXmbPOd4sUrRuUBd_RtMz6Lh83pwDikzJjWL6sXShNeZEikSnkVKl4JFMlL6A_raZetuHb2A_n41HxWg4ebuEA-IlGA5qCe9Dp6nW5srF0EZdh436Bv0BeFc |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Gradient+Inversion+with+Generative+Image+Prior&rft.jtitle=arXiv.org&rft.au=Jeon%2C+Jinwoo&rft.au=Kim%2C+Jaechang&rft.au=Lee%2C+Kangwook&rft.au=Oh%2C+Sewoong&rft.date=2021-10-28&rft.pub=Cornell+University+Library%2C+arXiv.org&rft.eissn=2331-8422 |