Evaluating Differential Privacy in Federated Learning Based on Membership Inference Attacks

Peng He, Xinyu Wang, Weijiao Zhang*, Zhongkai Wang, Song Wang, Chuangxin Ou, Guozheng Li*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

While machine learning has achieved tremendous success, the privacy security of its models faces challenges. To protect the privacy of machine learning models, researchers have proposed methods such as federated learning and differential privacy. However, the effectiveness of these methods in defending against attacks on model privacy at the practical level has not been comprehensively evaluated. In this paper, we focus on membership inference attacks targeting the privacy of machine learning models. By employing classical black-box membership inference attacks and a white-box membership inference attack proposed in this paper, we evaluate the privacy performance of the federated differential privacy framework in scenarios where privacy attacks are actively defended. Experimental results demonstrate that compared to centralized learning with differential privacy methods, models trained using the federated differential privacy framework exhibit stronger privacy performance and higher utility. We investigate the impact of differential privacy implementation mechanisms and privacy budgets on the privacy performance of federated learning models, providing insights and guidance for selecting critical privacy mechanisms and parameters in the practical application of the federated differential privacy framework.

Original languageEnglish
Title of host publicationProceedings - 2024 10th International Conference on Big Data Computing and Communications, BIGCOM 2024
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages196-203
Number of pages8
Edition2024
ISBN (Electronic)9798331509538
DOIs
Publication statusPublished - 2024
Event10th International Conference on Big Data Computing and Communications, BIGCOM 2024 - Dalian, China
Duration: 9 Aug 202411 Aug 2024

Conference

Conference10th International Conference on Big Data Computing and Communications, BIGCOM 2024
Country/TerritoryChina
CityDalian
Period9/08/2411/08/24

Keywords

  • Differential Privacy
  • Federated Learning
  • Membership Inference Attacks

Fingerprint

Dive into the research topics of 'Evaluating Differential Privacy in Federated Learning Based on Membership Inference Attacks'. Together they form a unique fingerprint.

Cite this