Matches in SemOpenAlex for { <https://semopenalex.org/work/W4366999510> ?p ?o ?g. }
Showing items 1 to 51 of
51
with 100 items per page.
- W4366999510 abstract "Federated Learning with Model Distillation (FedMD) is a nascent collaborative learning paradigm, where only output logits of public datasets are transmitted as distilled knowledge, instead of passing on private model parameters that are susceptible to gradient inversion attacks, a known privacy risk in federated learning. In this paper, we found that even though sharing output logits of public datasets is safer than directly sharing gradients, there still exists a substantial risk of data exposure caused by carefully designed malicious attacks. Our study shows that a malicious server can inject a PLI (Paired-Logits Inversion) attack against FedMD and its variants by training an inversion neural network that exploits the confidence gap between the server and client models. Experiments on multiple facial recognition datasets validate that under FedMD-like schemes, by using paired server-client logits of public datasets only, the malicious server is able to reconstruct private images on all tested benchmarks with a high success rate." @default.
- W4366999510 created "2023-04-27" @default.
- W4366999510 creator A5023363049 @default.
- W4366999510 creator A5077322975 @default.
- W4366999510 creator A5081892303 @default.
- W4366999510 date "2023-04-22" @default.
- W4366999510 modified "2023-09-25" @default.
- W4366999510 title "Breaching FedMD: Image Recovery via Paired-Logits Inversion Attack" @default.
- W4366999510 doi "https://doi.org/10.48550/arxiv.2304.11436" @default.
- W4366999510 hasPublicationYear "2023" @default.
- W4366999510 type Work @default.
- W4366999510 citedByCount "0" @default.
- W4366999510 crossrefType "posted-content" @default.
- W4366999510 hasAuthorship W4366999510A5023363049 @default.
- W4366999510 hasAuthorship W4366999510A5077322975 @default.
- W4366999510 hasAuthorship W4366999510A5081892303 @default.
- W4366999510 hasBestOaLocation W43669995101 @default.
- W4366999510 hasConcept C109007969 @default.
- W4366999510 hasConcept C151730666 @default.
- W4366999510 hasConcept C154945302 @default.
- W4366999510 hasConcept C165696696 @default.
- W4366999510 hasConcept C1893757 @default.
- W4366999510 hasConcept C38652104 @default.
- W4366999510 hasConcept C41008148 @default.
- W4366999510 hasConcept C50644808 @default.
- W4366999510 hasConcept C86803240 @default.
- W4366999510 hasConceptScore W4366999510C109007969 @default.
- W4366999510 hasConceptScore W4366999510C151730666 @default.
- W4366999510 hasConceptScore W4366999510C154945302 @default.
- W4366999510 hasConceptScore W4366999510C165696696 @default.
- W4366999510 hasConceptScore W4366999510C1893757 @default.
- W4366999510 hasConceptScore W4366999510C38652104 @default.
- W4366999510 hasConceptScore W4366999510C41008148 @default.
- W4366999510 hasConceptScore W4366999510C50644808 @default.
- W4366999510 hasConceptScore W4366999510C86803240 @default.
- W4366999510 hasLocation W43669995101 @default.
- W4366999510 hasOpenAccess W4366999510 @default.
- W4366999510 hasPrimaryLocation W43669995101 @default.
- W4366999510 hasRelatedWork W1527191935 @default.
- W4366999510 hasRelatedWork W1555721731 @default.
- W4366999510 hasRelatedWork W2152018389 @default.
- W4366999510 hasRelatedWork W228411881 @default.
- W4366999510 hasRelatedWork W2374725260 @default.
- W4366999510 hasRelatedWork W2393933887 @default.
- W4366999510 hasRelatedWork W2964604098 @default.
- W4366999510 hasRelatedWork W2997512100 @default.
- W4366999510 hasRelatedWork W3006507989 @default.
- W4366999510 hasRelatedWork W3048799479 @default.
- W4366999510 isParatext "false" @default.
- W4366999510 isRetracted "false" @default.
- W4366999510 workType "article" @default.