Abstract
While machine learning has achieved tremendous success, the privacy security of its models faces challenges. To protect the privacy of machine learning models, researchers have proposed methods such as federated learning and differential privacy. However, the effectiveness of these methods in defending against attacks on model privacy at the practical level has not been comprehensively evaluated. In this paper, we focus on membership inference attacks targeting the privacy of machine learning models. By employing classical black-box membership inference attacks and a white-box membership inference attack proposed in this paper, we evaluate the privacy performance of the federated differential privacy framework in scenarios where privacy attacks are actively defended. Experimental results demonstrate that compared to centralized learning with differential privacy methods, models trained using the federated differential privacy framework exhibit stronger privacy performance and higher utility. We investigate the impact of differential privacy implementation mechanisms and privacy budgets on the privacy performance of federated learning models, providing insights and guidance for selecting critical privacy mechanisms and parameters in the practical application of the federated differential privacy framework.
Original language | English |
---|---|
Title of host publication | Proceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 196-203 |
Number of pages | 8 |
Edition | 2024 |
ISBN (Electronic) | 9798331509538 |
DOIs | |
Publication status | Published - 2024 |
Event | 10th International Conference on Big Data Computing and Communications, BIGCOM 2024 - Dalian, China Duration: 9 Aug 2024 → 11 Aug 2024 |
Conference
Conference | 10th International Conference on Big Data Computing and Communications, BIGCOM 2024 |
---|---|
Country/Territory | China |
City | Dalian |
Period | 9/08/24 → 11/08/24 |
Keywords
- Differential Privacy
- Federated Learning
- Membership Inference Attacks