Abstract
Distributed machine learning (DML) enables model training on a large corpus of decentralized data from users and only collects local models or gradients for global synchronization on the cloud. Recent studies show that a third party can recover the training data in the DML system through publicly shared gradients. Our investigation has revealed that existing techniques (e.g., DLG) can only recover the training data on uniform weight distribution and fail to recover the training data on other weights initialization (e.g., normal distribution) or during the training stage. In this work, we provide an analysis of how weight distribution can affect the training data recovery from gradients. Based on this analysis, we propose a self-adaptive privacy attack from gradients, SAPAG - a general gradient attack algorithm that can recover the training data in DML with any weight initialization and in any training phase. Our algorithm exploits not only the gradients but also the variance of gradients. Specifically, we exploit the variance of gradients distribution and the Deep Neural Network (DNN) architecture and design an adaptive Gaussian kernel of gradient difference as a distance measure. Our experimental results on various benchmark datasets and tasks demonstrate the generalizability of SAPAG. SAPAG outperforms the state-of-the-art algorithms in terms of both the data recovery performance and the recovery speed.
Original language | English (US) |
---|---|
Title of host publication | 2022 International Joint Conference on Neural Networks, IJCNN 2022 - Proceedings |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 9781728186719 |
DOIs | |
State | Published - 2022 |
Externally published | Yes |
Event | 2022 International Joint Conference on Neural Networks, IJCNN 2022 - Padua, Italy Duration: Jul 18 2022 → Jul 23 2022 |
Publication series
Name | Proceedings of the International Joint Conference on Neural Networks |
---|---|
Volume | 2022-July |
Conference
Conference | 2022 International Joint Conference on Neural Networks, IJCNN 2022 |
---|---|
Country/Territory | Italy |
City | Padua |
Period | 7/18/22 → 7/23/22 |
Bibliographical note
Publisher Copyright:© 2022 IEEE.