Vertical Federated Learning (VFL) aims to enable collaborative training of deep learning models while maintaining privacy protection. However, the VFL procedure still has components that are vulnerable to attacks by malicious parties. In our work, we consider feature reconstruction attacks, a common risk targeting input data compromise. We theoretically claim that feature reconstruction attacks cannot succeed without knowledge of the prior distribution on data. Consequently, we demonstrate that even simple model architecture transformations can significantly impact the protection of input data during VFL. Confirming these findings with experimental results, we show that MLP-based models are resistant to state-of-the-art feature reconstruction attacks.
Just a Simple Transformation is Enough for Data Protection in Vertical Federated Learning
MLP-based models in vertical federated learning are resistant to feature reconstruction attacks due to model architecture transformations enhancing data privacy.
- Year
- 2024
- Venue
- arXiv 2024
- Authors
- 4
- Hosting
- Abstract onlyARXIV-DEFAULT
Cite
Notes
Only stored in your browser.
Attribution
- Abstract & full text
- arxiv.org/abs/2412.11689ARXIV-DEFAULT
- TL;DR
- Semantic Scholar