Journal of Computer Applications ›› 2023, Vol. 43 ›› Issue (2): 437-449.DOI: 10.11772/j.issn.1001-9081.2021122072
• Cyber security • Previous Articles Next Articles
Teng WANG1, Zheng HUO2(), Yaxin HUANG2, Yilin FAN2
Received:
2021-12-09
Revised:
2022-01-21
Accepted:
2022-01-28
Online:
2023-02-08
Published:
2023-02-10
Contact:
Zheng HUO
About author:
WANG Teng, born in 1980, Ph. D., senior engineer. His research interests include machine learning, digital governance.Supported by:
通讯作者:
霍峥
作者简介:
王腾(1980—),男,贵州遵义人,高级工程师,博士,主要研究方向:机器学习、数字化治理基金资助:
CLC Number:
Teng WANG, Zheng HUO, Yaxin HUANG, Yilin FAN. Review on privacy-preserving technologies in federated learning[J]. Journal of Computer Applications, 2023, 43(2): 437-449.
王腾, 霍峥, 黄亚鑫, 范艺琳. 联邦学习中的隐私保护技术研究综述[J]. 《计算机应用》唯一官方网站, 2023, 43(2): 437-449.
Add to citation manager EndNote|Ris|BibTeX
URL: https://www.joca.cn/EN/10.11772/j.issn.1001-9081.2021122072
方法 来源 | 环境 | 攻击模型 | 安全 防御 | 隐私 保护 | 评价 标准 | ||
---|---|---|---|---|---|---|---|
机器学习 | 联邦学习 | 安全攻击 | 隐私攻击 | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
本文工作 | √ | √ | √ | √ |
Tab.1 Reviews related to privacy-preserving technologies in federated learning
方法 来源 | 环境 | 攻击模型 | 安全 防御 | 隐私 保护 | 评价 标准 | ||
---|---|---|---|---|---|---|---|
机器学习 | 联邦学习 | 安全攻击 | 隐私攻击 | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
文献[ | √ | √ | √ | ||||
本文工作 | √ | √ | √ | √ |
攻击名称 | 描述 | 攻击类型 | 攻击阶段 | 文献 |
---|---|---|---|---|
数据泄露 攻击 | 数据泄露攻击是指恶意服务器采取训练简单或易攻击模型的手段,通过参与方上传的参数获取参与方的敏感数据或数据特征 | HbC攻击 | 预测 阶段 | Liu[ |
属性推理 攻击 | 攻击者结合辅助数据训练用来攻击模型的分类器,以判断观察到的更新是否为基于“包含目标属性”数据集的训练结果[ | HbC攻击 | Melis[ | |
模型反演 攻击 | 攻击者试图重构训练数据中特定个体的敏感信息。攻击者反复发送数据并查看预测结果,推测机器学习模型的参数或功能,从而复制出一个功能相似甚至完全相同的机器学习模型 | HbC攻击 | 训练 阶段 | Tramèr[ |
成员推断 攻击 | 对指定的模型和数据样本,攻击者可推断某个样本是否为训练样本。若训练样本均为敏感数据,成员隶属推断攻击将直接给个体带来隐私威胁 | HbC攻击 | Shokri[ |
Tab. 2 Classification of privacy attack models
攻击名称 | 描述 | 攻击类型 | 攻击阶段 | 文献 |
---|---|---|---|---|
数据泄露 攻击 | 数据泄露攻击是指恶意服务器采取训练简单或易攻击模型的手段,通过参与方上传的参数获取参与方的敏感数据或数据特征 | HbC攻击 | 预测 阶段 | Liu[ |
属性推理 攻击 | 攻击者结合辅助数据训练用来攻击模型的分类器,以判断观察到的更新是否为基于“包含目标属性”数据集的训练结果[ | HbC攻击 | Melis[ | |
模型反演 攻击 | 攻击者试图重构训练数据中特定个体的敏感信息。攻击者反复发送数据并查看预测结果,推测机器学习模型的参数或功能,从而复制出一个功能相似甚至完全相同的机器学习模型 | HbC攻击 | 训练 阶段 | Tramèr[ |
成员推断 攻击 | 对指定的模型和数据样本,攻击者可推断某个样本是否为训练样本。若训练样本均为敏感数据,成员隶属推断攻击将直接给个体带来隐私威胁 | HbC攻击 | Shokri[ |
方法类型 | 参考文献 | 保护模型 | 防御阶段 |
---|---|---|---|
基于差分隐私的隐私保护技术 | Skeches[ | 神经网络 | 训练阶段 |
Beyesian DP[ | 任意 | 训练阶段 | |
Hamm and Cao[ | 回归 | 预测阶段 | |
DPGAN[ | 生成模型 | 训练/生成阶段 | |
基于同态加密的隐私保护技术 | Phong[ | 神经网络 | 训练阶段 |
Orlandi[ | 预测阶段 | ||
基于安全多方计算的隐私保护技术 | Renuga[ | 神经网络 | 训练阶段 |
Pivot[ | 树模型 |
Tab. 3 Comparison of privacy-preserving methods in federated learning
方法类型 | 参考文献 | 保护模型 | 防御阶段 |
---|---|---|---|
基于差分隐私的隐私保护技术 | Skeches[ | 神经网络 | 训练阶段 |
Beyesian DP[ | 任意 | 训练阶段 | |
Hamm and Cao[ | 回归 | 预测阶段 | |
DPGAN[ | 生成模型 | 训练/生成阶段 | |
基于同态加密的隐私保护技术 | Phong[ | 神经网络 | 训练阶段 |
Orlandi[ | 预测阶段 | ||
基于安全多方计算的隐私保护技术 | Renuga[ | 神经网络 | 训练阶段 |
Pivot[ | 树模型 |
1 | ZHOU L N, PAN S M, WANG J W, et al. Machine learning on big data: opportunities and challenges[J]. Neurocomputing, 2017, 237: 350-361. 10.1016/j.neucom.2017.01.026 |
2 | 中华人民共和国网络安全法[EB/OL]. (2016-11-07) [2021-11-15].. 10.4236/blr.2016.73024 |
Network security law of the People’s Republic of China[EB/OL]. (2016-11-07) [2021-11-15].. 10.4236/blr.2016.73024 | |
3 | 中华人民共和国数据安全法[EB/OL]. (2021-06-10) [2021-11-15].. 10.1093/oso/9780199663163.003.0028 |
Data security law of the People’s Republic of China[EB/OL]. (2021-06-11) [2021-11-15].. 10.1093/oso/9780199663163.003.0028 | |
4 | 中华人民共和国个人信息保护法[EB/OL]. (2021-08-20) [2021-11-15].. 10.1093/oso/9780199663163.003.0028 |
Law of the People’s Republic of China on the protection of personal information[EB/OL]. (2021-08-20) [2021-11-15].. 10.1093/oso/9780199663163.003.0028 | |
5 | YANG Q, LIU Y, CHEN T J, et al. Federated machine learning: concept and applications[J]. ACM Transactions on Intelligent Systems and Technology, 2019, 10(2): No.12. 10.1145/3298981 |
6 | KONEČNÝ J, McMAHAN H B, YU F X, et, al. Federated learning: strategies for improving communication efficiency[EB/OL]. (2017-10-30) [2021-11-15].. |
7 | LIU B Y, WANG L J, LIU M, et al. Federated imitation learning: a privacy considered imitation learning framework for cloud robotic systems with heterogeneous sensor data[EB/OL]. (2019-09-15) [2021-11-15].. 10.1109/lra.2020.2976321 |
8 | SHAO R L, HE H Y, LIU H, et al. Stochastic channel-based federated learning for medical data privacy preserving[EB/OL]. (2019-11-15) [2021-11-15].. 10.2196/preprints.17111 |
9 | HAHN S J, LEE J. Privacy-preserving federated Bayesian learning of a generative model for imbalanced lassification of clinical data[EB/OL]. (2020-08-29) [2021-11-15]. . 10.13140/RG.2.2.18970.80328 |
10 | CHOUDHURY O, GKOULALAS-DIVANIS A, SALONIDIS T, et al. Differential privacy-enabled federated learning for sensitive health data[EB/OL]. (2020-02-27) [2021-11-15].. |
11 | ZHENG W T, POPA R A, GONZALEZ J E, et al. Helen: maliciously secure coopetitive learning for linear models[C]// Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 724-738. 10.1109/sp.2019.00045 |
12 | LI Q B, WEN Z Y, WU Z M, et al. A survey on federated learning systems: vision, hype and reality for data privacy and protection[J]. (2019-07-23) [2022-01-19].. 10.1109/tkde.2021.3124599 |
13 | LI Z P, SHARMA V, MOHANTY S P. Preserving data privacy via federated learning: challenges and solutions[J]. IEEE Consumer Electronics Magazine, 2020, 9(3):8-16. 10.1109/mce.2019.2959108 |
14 | SHAO R L, LIU H, LIU D B. Privacy preserving stochastic channel-based federated learning with neural network pruning[EB/OL]. (2019-10-04) [2021-11-15].. 10.2196/preprints.17111 |
15 | SATTLER F, MÜLLER K R, SAMEK W. Clustered federated learning: model-agnostic distributed multi-task optimization under privacy constraints[J]. IEEE Transactions on Neural Networks and Learning Systems, 2021, 32(8): 3710-3722. 10.1109/tnnls.2020.3015958 |
16 | ZHAO L C, NI L H, HU S S, et al. InPrivate digging: enabling tree-based distributed data mining with differential privacy[C]// Proceedings of the 2018 IEEE Conference on Computer Communications. Piscataway: IEEE, 2018: 2087-2095. 10.1109/infocom.2018.8486352 |
17 | CHENG K W, FAN T, JIN Y L, et al. SecureBoost: a lossless federated learning framework[J]. IEEE Intelligent Systems, 2021, 36(6): 87-98. 10.1109/mis.2021.3082561 |
18 | McMAHAN H B, MOORE E, RAMAGE D, et al. Federated learning of deep networks using model averaging[EB/OL]. (2017-02-28) [2021-11-15]. . |
19 | HAO M, LI H W, XU G W, et al. Towards efficient and privacy-preserving federated deep learning[C]// Proceedings of the 2019 IEEE International Conference on Communications. Piscataway: IEEE, 2019: 1-6. 10.1109/icc.2019.8761267 |
20 | 刘俊旭,孟小峰. 机器学习的隐私保护研究综述[J]. 计算机研究与发展, 2020, 57(2):346-362. 10.7544/issn1000-1239.2020.20190455 |
LIU J X, MENG X F. Survey on privacy-preserving machine learning[J]. Journal of Computer Research and Development, 2020, 57(2):346-362. 10.7544/issn1000-1239.2020.20190455 | |
21 | DWORK C. Differential privacy[C]// Proceedings of the 2006 International Colloquium on Automata, Languages, and Programming, LNCS 4052. Berlin: Springer, 2006: 1-12. |
22 | SWEENEY L. k-anonymity: a model for protecting privacy[J]. International Journal on Uncertainty, Fuzziness and Knowledge-Based Systems, 2002, 10(5): 557-570. 10.1142/s0218488502001648 |
23 | BOGETOFT P, CHRISTENSEN L D, DAMGÅRD I, et al. Secure multiparty computation goes live[C]// Proceedings of the 2009 International Conference on Financial Cryptography and Data Security, LNCS 5628. Berlin: Springer, 2009: 325-343. |
24 | 周纯毅,陈大卫,王尚,等. 分布式深度学习隐私与安全攻击研究进展与挑战[J]. 计算机研究与发展, 2021, 58(5): 927-943. 10.7544/issn1000-1239.2021.20200966 |
ZHOU C Y, CHEN D W, WANG S, et al. Research and challenge of distributed deep learning privacy and security attack[J]. Journal of Computer Research and Development, 2021, 58(5):927-943. 10.7544/issn1000-1239.2021.20200966 | |
25 | 陈兵,成翔,张佳乐,等. 联邦学习安全与隐私保护综述[J]. 南京航空航天大学学报, 2020, 52(5): 675-684. 10.16356/j.1005 |
CHEN B, CHENG X, ZHANG J L, et al. Survey of security and privacy in federated learning[J]. Journal of Nanjing University of Aeronautics and Astronautics, 2020, 52(5): 675-684. 10.16356/j.1005 | |
26 | 周俊,方国英,吴楠. 联邦学习安全与隐私保护研究综述[J]. 西华大学学报(自然科学版), 2020, 39(4): 9-17. 10.12198/j.issn.1673?159X.3607 |
ZHOU J, FANG G Y, WU N. Survey on security and privacy-preserving in federated learning[J]. Journal of Xihua University (Natural Science Edition), 2020, 39(4): 9-17. 10.12198/j.issn.1673?159X.3607 | |
27 | 王健宗,孔令炜,黄章成,等. 联邦学习隐私保护研究进展[J]. 大数据, 2021, 7(3): 130-149. 10.11959/j.issn.2096-0271.2021030 |
WANG J Z, KONG L W, HUANG Z C, et al. Research advances on privacy protection of federated learning[J]. Big Data Research, 2021, 7(3): 130-149. 10.11959/j.issn.2096-0271.2021030 | |
28 | 纪守领,杜天宇,李进锋,等. 机器学习模型安全与隐私研究综述[J].软件学报, 2021, 32(1):41-67. 10.13328/j.cnki.jos.006131 |
JI S L, DU T Y, LI J F, et al. Security and privacy of machine learning models: a survey[J]. Journal of Software, 2021, 32(1):41-67. 10.13328/j.cnki.jos.006131 | |
29 | YIN X F, ZHU Y M, HU J K. A comprehensive survey of privacy-preserving federated learning: a taxonomy, review, and future directions[J]. ACM Computing Surveys, 2022, 54(6): No.131. 10.1145/3460427 |
30 | BRIGGERS C, FAN Z, ANDRAS P. A review of privacy-preserving federated learning for the Internet-of-Things[M]// REHMAN M H U, GABER M M. Federated Learning Systems: Towards Next-Generation AI. Cham: Springer, 2021: 21-50. 10.1007/978-3-030-70604-3_2 |
31 | WARREN S D, BRANDEIS L D. The right to privacy[J]. Harvard Law Review, 1890, 4(5): 193-220. 10.2307/1321160 |
32 | General Data Protection Regulation. Regulation(EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)[J]. Official Journal of the European Union, 2016, 59: 1-88. |
33 | ZHANG X L, FU A M, WANG H Q, et al. A privacy-preserving and verifiable federated learning scheme[C]// Proceedings of the 2020 IEEE International Conference on Communications. Piscataway: IEEE, 2020: 1-6. 10.1109/icc40277.2020.9148628 |
34 | KAIROUZ P, McMAHAN H B, AVENT B, et al. Advances and open problems in federated learning[J]. Foundations and Trends in Machine Learning, 2021, 14(1/2): 1-210. 10.1561/2200000083 |
35 | LI T, SANJABI M, BEIRAMI A, et al. Fair resource allocation in federated learning[EB/OL]. (2020-02-14) [2022-01-19].. |
36 | LI Q B, WEN Z Y, WU Z M, et al. A survey on federated learning systems: vision, hype and reality for data privacy and protection[EB/OL]. (2021-12-05) [2022-01-19].. 10.1109/tkde.2021.3124599 |
37 | McMAHAN H B, MOORE E, RAMAGE D, et al. Communication-efficient learning of deep networks from decentralized data[C]// Proceedings of the 20th International Conference on Artificial Intelligence and Statistics. New York: JMLR.org, 2017: 1273-1282. |
38 | KONEČNÝ J, McMAHAN H B, RAMAGE D, et al. Federated optimization: distributed machine learning for on-device intelligence[EB/OL]. (2016-10-08) [2022-01-19].. |
39 | LI T, SAHU A K, ZAHEER M, et al. Federated optimization in heterogeneous networks[C/OL]// Proceedings of the 3rd Machine Learning and Systems Conference. [2022-01-19].. 10.1109/ieeeconf44664.2019.9049023 |
40 | WANG J Y, LIU Q H, LIANG H, et al. Tackling the objective inconsistency problem in heterogeneous federated optimization[C/OL]// Proceedings of the 34th Conference on Neural Information Processing System. [2022-01-09]. . |
41 | LIU Y, LIU Y T, LIU Z J, et al. Federated forest[J]. IEEE Transactions on Big Data, 2022, 8(3): 843-854. 10.1109/tbdata.2020.2992755 |
42 | NIKOLAENKO V, WEINSBERG U, IOANNIDIS S, et al. Privacy-preserving ridge regression on hundreds of millions of records[C]// Proceedings of the 2013 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2013: 334-348. 10.1109/sp.2013.30 |
43 | LI Q B, WEN Z Y, HE B S. Practical federated gradient boosting decision trees[C]// Proceedings of the 34th AAAI Conference on Artificial Intelligence. Palo Alto, CA: AAAI Press, 2020: 4642-4649. 10.1609/aaai.v34i04.5895 |
44 | PAPERNOT N, McDANIEL P, SINHA A, et al. SoK: towards the science of security and privacy in machine learning[EB/OL]. (2016-11-11) [2022-01-19].. 10.1109/eurosp.2018.00035 |
45 | MA C, LI J, DING M, et al. On safeguarding privacy and security in the framework of federated learning[J]. IEEE Network, 2020, 34(4): 242-248. 10.1109/mnet.001.1900506 |
46 | SHOKRI R, STRONATI M, SONG C Z, et al. Membership inference attacks against machine learning models[C]// Proceedings of the 2017 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2017: 3-18. 10.1109/sp.2017.41 |
47 | TRAMÈR F, ZHANG F, JUELS A, et al. Stealing machine learning models via prediction APIs[C]// Proceedings of the 25th USENIX Security Symposium. Berkeley: USENIX Association, 2016: 601-618. |
48 | CARLINI N, LIU C, Ú ERLINGSSON, et al. The secret sharer: evaluating and testing unintended memorization in neural networks[C]// Proceedings of the 28th USENIX Security Symposium. Berkeley: USENIX Association, 2019: 267-284. |
49 | GOODFELLOW I J, POUGET-ABADIE J, MIRZA M, et al. Generative adversarial nets[C]// Proceedings of the 27th International Conference on Neural Information Processing Systems - Volume 2. Cambridge: MIT Press, 2014: 2672-2680. |
50 | WANG Z B, SONG M K, ZHANG Z F, et al. Beyond inferring class representatives: user-level privacy leakage from federated learning[C]// Proceedings of the 2019 IEEE Conference on Computer Communications. Piscataway: IEEE, 2019: 2512-2520. 10.1109/infocom.2019.8737416 |
51 | LIU Z X, LI T, SMITH V, et al. Enhancing the privacy of federated learning with sketching[EB/OL]. (2019-11-05) [2022-01-19].. |
52 | MELIS L, SONG C Z, DE CRISTOFARO E, et al. Exploiting unintended feature leakage in collaborative learning[C]// Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 691-706. 10.1109/sp.2019.00029 |
53 | HITAJ B, ATENIESE G, PEREZ-CRUZ F. Deep models under the GAN: information leakage from collaborative deep learning[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2017: 603-618. 10.1145/3133956.3134012 |
54 | HAYES J, MELIS L, DANEZIS G, et al. LOGAN: membership inference attacks against generative models[J]. Proceedings on Privacy Enhancing Technologies, 2019, 2019(1): 133-152. 10.2478/popets-2019-0008 |
55 | NASR M, SHOKRI R, HOUMANSADR A. Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning[C]// Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 739-753. 10.1109/sp.2019.00065 |
56 | WANG N, XIAO X K, YANG Y, et al. Collecting and analyzing multidimensional data with local differential privacy[C]// Proceedings of the IEEE 35th International Conference on Data Engineering. Piscataway: IEEE, 2019: 638-649. 10.1109/icde.2019.00063 |
57 | BITTAU A, ERLINGSSON Ú, MANIATIS P, et al. Prochlo: strong privacy for analytics in the crowd[C]// Proceedings of the 26th Symposium on Operating Systems Principles. New York: ACM, 2017: 441-459. 10.1145/3132747.3132769 |
58 | McSHERRY F, TALWAR K. Mechanism design via differential privacy[C]// Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science. Piscataway: IEEE, 2007: 94-103. 10.1109/focs.2007.66 |
59 | DWORK C, ROTH A. The algorithmic foundations of differential privacy[J]. Foundations and Trends in Theoretical Computer Science, 2014, 9(3/4): 211-407. 10.1561/0400000042 |
60 | WEI K, LI J, DING M, et al. Federated learning with differential privacy: algorithms and performance analysis[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 3454-3469. 10.1109/tifs.2020.2988575 |
61 | GEYER R C, KLEIN T, NABI M. Differentially private federated learning: a client level perspective[EB/OL]. (2018-03-01) [2022-01-19].. |
62 | LIU X Y, LI H W, XU G W, et al. Adaptive privacy-preserving federated learning[J]. Peer-to-Peer Networking and Applications, 2020, 13(6): 2356-2366. 10.1007/s12083-019-00869-2 |
63 | HU R, GUO Y X, LI H N, et al. Personalized federated learning with differential privacy[J]. IEEE Internet of Things Journal, 2020, 7(10): 9530-9539. 10.1109/jiot.2020.2991416 |
64 | MELIS L, DANEZIS G, DE CRISTOFARO E. Efficient private statistics with succinct sketches[C]// Proceedings of the 2016 Annual Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2016: 1-15. 10.14722/ndss.2016.23175 |
65 | TRUEX S, BARACALDO N, ANWAR A, et al. A hybrid approach to privacy-preserving federated learning[C]// Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security. New York: ACM, 2019: 1-11. 10.1145/3338501.3357370 |
66 | GHAZI B, PAGH R, VELINGKER A. Scalable and differentially private distributed aggregation in the shuffled model[EB/OL]. (2019-12-02) [2022-01-19].. 10.1007/978-3-030-45724-2_27 |
67 | BALLE B, BELL J, GASCÓN A, et al. The privacy blanket of the shuffle model[C]// Proceedings of the 2019 Annual International Cryptology Conference, LNCS 11693. Cham: Springer, 2019: 638-667. |
68 | HAMM J, CAO P, BELKIN M. Learning privately from multiparty data[C]// Proceedings of the 33rd International Conference on Machine Learning. New York: JMLR.org, 2016: 555-563. |
69 | JAYARAMAN B, WANG L X, EVANS D, et al. Distributed learning without distress: privacy-preserving empirical risk minimization[C]// Proceedings of the 32nd International Conference on Neural Information Processing Systems. Red Hook, NY: Curran Associates Inc., 2018: 6346-6357. |
70 | TRIASTCYN A, FALTINGS B. Federated learning with Bayesian differential privacy[C]// Proceedings of the 2019 IEEE International Conference on Big Data. Piscataway: IEEE, 2019: 2587-2596. 10.1109/bigdata47090.2019.9005465 |
71 | GENTRY C. Fully homomorphic encryption using ideal lattices[C]// Proceedings of the 41st Annual ACM Symposium on Theory of Computing. New York: ACM, 2009: 169-178. 10.1145/1536414.1536440 |
72 | ACAR A, AKSU H, ULUAGAC A S, et al. A survey on homomorphic encryption schemes: theory and implementation[J]. ACM Computing Surveys, 2019, 51(4): No.79. 10.1145/3214303 |
73 | PAILLIER P. Public-key cryptosystems based on composite degree residuosity classes[C]// Proceedings of the 1999 International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 1592. Berlin: Springer, 1999: 223-238. |
74 | RIVEST R L, ADLEMAN L, DERTOUZOS M L. On data banks and privacy homomorphisms[M]// DEMILLO R A, DOBKIN D P, JONES A K, et al. Foundations of Secure Computation. New York: Academic Press, 1978: 169-179. |
75 | PHONG T L, AONO Y, HAYASHI T, et al. Privacy-preserving deep learning via additively homomorphic encryption[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(5): 1333-1345. 10.1109/tifs.2017.2787987 |
76 | BARNI M, ORLANDI C, PIVA A. A privacy-preserving protocol for neural-network-based computation[C]// Proceedings of the 8th Workshop on Multimedia and Security. New York: ACM, 2006: 146-151. 10.1145/1161366.1161393 |
77 | RAHULAMATHAVAN Y, PHAN R C W, VELURU S, et al. Privacy-preserving multi-class support vector machine for outsourcing the data classification in cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(5): 467-479. 10.1109/tdsc.2013.51 |
78 | XIE P T, BILENKO M, FINLEY T, et al. Crypto-nets: neural networks over encrypted data[EB/OL]. (2014-12-24) [2022-01-19].. |
79 | SHAMIR A. How to share a secret[J]. Communications of the ACM, 1979, 22(11): 612-613. 10.1145/359168.359176 |
80 | YAO A C. Protocols for secure computations[C]// Proceedings of the 23rd Annual Symposium on Foundations of Computer Science. Piscataway: IEEE, 1982: 160-164. 10.1109/sfcs.1982.38 |
81 | BLAKLEY G R. Safeguarding cryptographic keys[C]// Proceedings of the 1979 International Workshop on Managing Requirements Knowledge. Piscataway: IEEE, 1979: 313-318. 10.1109/mark.1979.8817296 |
82 | KANAGAVELU R, LI Z X, SAMSUDIN J, et al. Two-phase multi-party computation enabled privacy-preserving federated learning[C]// Proceedings of the 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing. Piscataway: IEEE, 2020: 410-419. 10.1109/ccgrid49817.2020.00-52 |
83 | BONAWITZ K, IVANOV V, KREUTER B, et al. Practical secure aggregation for privacy-preserving machine learning[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2017: 1175-1191. 10.1145/3133956.3133982 |
84 | WU Y C, CAI S F, XIAO X K, et al. Privacy preserving vertical federated learning for tree-based models[J]. Proceedings of the VLDB Endowment, 2020, 13(12): 2090-2103. 10.14778/3407790.3407811 |
85 | AWAN S, LI F J, LUO B, et al. Poster: a reliable and accountable privacy-preserving federated learning framework using the blockchain[C]// Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2019: 2561-2563. 10.1145/3319535.3363256 |
86 | WENG J S, WENG J, ZHANG J L, et al. DeepChain: auditable and privacy-preserving deep learning with blockchain-based incentive[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(5): 2438-2455. |
87 | ORLANDI C, PIVA A, BARNI M. Oblivious neural network computing via homomorphic encryption[J]. EURASIP Journal on Information Security, 2007, 2007: No.037343. 10.1186/1687-417x-2007-037343 |
88 | PAPERNOT N, SONG S, MIRONOV I, et al. Scalable private learning with PATE[EB/OL]. (2018-02-24) [2022-01-19].. |
89 | XIE L Y, LIN K X, WANG S, et al. Differentially private generative adversarial network[EB/OL]. (2018-02-19) [2022-01-19].. |
90 | ACS G, MELIS L, CASTELLUCCIA C, et al. Differentially private mixture of generative neural networks[J]. IEEE Transactions on Knowledge and Data Engineering, 2019, 31(6): 1109-1121. 10.1109/tkde.2018.2855136 |
91 | MOU W, FU C, LEI Y, et al. A verifiable federated learning scheme based on secure multi-party computation [C]// Proceedings of the 16th International Conference on Wireless Algorithms, Systems, and Applications, LNCS 12938. Cham: Springer, 2021: 198-209. |
92 | XU R H, BARACALDO N, ZHOU Y, et al. HybridAlpha: an efficient approach for privacy-preserving federated learning[C]// Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security. New York: ACM, 2019: 13-23. 10.1145/3338501.3357371 |
93 | SHOKRI R, SHMATIKOV V. Privacy-preserving deep learning[C]// Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2015: 1310-1321. 10.1145/2810103.2813687 |
94 | LI X, HUANG K X, YANG W H, et al. On the convergence of FedAvg on non-iid data[EB/OL]. (2020-06-25) [2022-01-19].. |
95 | AÏVODJI U M, GAMBS S, MARTIN A. IOTFLA: a secured and privacy-preserving smart home architecture implementing federated learning[C]// Proceedings of the 2019 IEEE Symposium on Security and Privacy Workshops. Piscataway: IEEE, 2019: 175-180. 10.1109/spw.2019.00041 |
96 | Ethics guidelines for trustworthy AI[EB/OL]. (2019-04-08) [2022-01-03].. 10.1017/9781108936040.022 |
[1] | Zhizheng ZHANG, Xiaojian ZHANG, Junqing WANG, Guanghui FENG. Federated spatial data publication method with differential privacy and secure aggregation [J]. Journal of Computer Applications, 2024, 44(9): 2777-2784. |
[2] | Tingwei CHEN, Jiacheng ZHANG, Junlu WANG. Random validation blockchain construction for federated learning [J]. Journal of Computer Applications, 2024, 44(9): 2770-2776. |
[3] | Zheyuan SHEN, Keke YANG, Jing LI. Personalized federated learning method based on dual stream neural network [J]. Journal of Computer Applications, 2024, 44(8): 2319-2325. |
[4] | Wei LUO, Jinquan LIU, Zheng ZHANG. Dual vertical federated learning framework incorporating secret sharing technology [J]. Journal of Computer Applications, 2024, 44(6): 1872-1879. |
[5] | Xuebin CHEN, Zhiqiang REN, Hongyang ZHANG. Review on security threats and defense measures in federated learning [J]. Journal of Computer Applications, 2024, 44(6): 1663-1672. |
[6] | Sunjie YU, Hui ZENG, Shiyu XIONG, Hongzhou SHI. Incentive mechanism for federated learning based on generative adversarial network [J]. Journal of Computer Applications, 2024, 44(2): 344-352. |
[7] | Peng PENG, Zhiwei NI, Xuhui ZHU, Qian CHEN. Interference trajectory publication based on improved glowworm swarm algorithm and differential privacy [J]. Journal of Computer Applications, 2024, 44(2): 496-503. |
[8] | Rui GAO, Xuebin CHEN, Zucuan ZHANG. Dynamic social network privacy publishing method for partial graph updating [J]. Journal of Computer Applications, 2024, 44(12): 3831-3838. |
[9] | Zucuan ZHANG, Xuebin CHEN, Rui GAO, Yuanhuai ZOU. Federated learning client selection method based on label classification [J]. Journal of Computer Applications, 2024, 44(12): 3759-3765. |
[10] | Jie WU, Xuezhong QIAN, Wei SONG. Personalized federated learning based on similarity clustering and regularization [J]. Journal of Computer Applications, 2024, 44(11): 3345-3353. |
[11] | Xuebin CHEN, Changsheng QU. Overview of backdoor attacks and defense in federated learning [J]. Journal of Computer Applications, 2024, 44(11): 3459-3469. |
[12] | Shuaihua ZHANG, Shufen ZHANG, Mingchuan ZHOU, Chao XU, Xuebin CHEN. Malicious traffic detection model based on semi-supervised federated learning [J]. Journal of Computer Applications, 2024, 44(11): 3487-3494. |
[13] | Xuebin CHEN, Liyang SHAN, Rumin GUO. Review of histogram publication methods based on differential privacy [J]. Journal of Computer Applications, 2024, 44(10): 3114-3121. |
[14] | Chunyong YIN, Yongcheng ZHOU. Automatically adjusted clustered federated learning for double-ended clustering [J]. Journal of Computer Applications, 2024, 44(10): 3011-3020. |
[15] | Xueran XU, Geng YANG, Yuxian HUANG. Differential privacy clustering algorithm in horizontal federated learning [J]. Journal of Computer Applications, 2024, 44(1): 217-222. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||