Deep shadow defense scheme of federated learning based on generative adversarial network

doi:10.11772/j.issn.1001-9081.2023010088

Journal of Computer Applications ›› 2024, Vol. 44 ›› Issue (1): 223-232.DOI: 10.11772/j.issn.1001-9081.2023010088

Special Issue: 网络空间安全

• Cyber security • Previous Articles Next Articles

Deep shadow defense scheme of federated learning based on generative adversarial network

Hui ZHOU¹^,², Yuling CHEN¹^,²(), Xuewei WANG³, Yangwen ZHANG¹^,², Jianjiang HE¹^,²

^1.State Key Laboratory of Public Big Data （Guizhou University），Guiyang Guizhou 550025，China
^2.School of Computer Science and Technology，Guizhou University，Guiyang Guizhou 550025，China
^3.Computer College，Weifang University of Science and Technology，Shouguang Shandong 262700，China

Received:2023-02-06 Revised:2023-05-15 Accepted:2023-05-16 Online:2023-06-06 Published:2024-01-10
Contact: Yuling CHEN
About author:ZHOU Hui， born in 1999， M. S. candidate. His research interests include federated learning， artificial intelligence security.
WANG Xuewei， born in 1973， Ph. D.， professor. His research interests include image processing， object detection.
ZHANG Yangwen， born in 2000， M. S. candidate. His research interests include machine learning， data mining， image steganography， image steganalysis.
HE Jianjiang， born in 1997， M. S. candidate. His research interests include blockchain， smart contracts， elliptic curve ciphers.
Supported by:
National Natural Science Foundation of China(62202118);Science and Technology Top Talent Project for Natural Science Research of Guizhou Provincial Education Department(Qianjiaoji［2022］073)

基于生成对抗网络的联邦学习深度影子防御方案

周辉¹^,², 陈玉玲¹^,²(), 王学伟³, 张洋文¹^,², 何建江¹^,²

^1.省部共建公共大数据国家重点实验室(贵州大学), 贵阳 550025
^2.贵州大学计算机科学与技术学院, 贵阳 550025
^3.潍坊科技学院计算机学院, 山东寿光 262700

通讯作者: 陈玉玲
作者简介:周辉（1999—），男，湖南衡阳人，硕士研究生，CCF会员，主要研究方向：联邦学习、人工智能安全；
王学伟（1973—），男，山东青州人，教授，博士，主要研究方向：图像处理、目标检测；
张洋文（2000—），男，福建龙岩人，硕士研究生，主要研究方向：机器学习、数据挖掘、图像隐写术、图像隐写分析；
何建江（1997—），男（回族），贵州六盘水人，硕士研究生，主要研究方向：区块链、智能合约、椭圆曲线密码。
第一联系人：陈玉玲（1983—），女，山东寿光人，教授，博士，主要研究方向：联邦学习、密码学、区块链；
基金资助:
国家自然科学基金资助项目(62202118);贵州省教育厅自然科学研究科技拔尖人才项目(黔教技［2022］073号)

Abstract

Abstract:

Federated Learning （FL） allows users to share and interact with multiple parties without directly uploading the original data， effectively reducing the risk of privacy leaks. However， existing research suggests that the adversary can still reconstruct raw data through shared gradient information. To further protect the privacy of federated learning， a deep shadow defense scheme of federated learning based on Generative Adversarial Network （GAN） was proposed. The original real data distribution features were learned by GAN and replaceable shadow data was generated. Then， the original model trained on real data was replaced by a shadow model trained on shadow data and was not directly accessible to the adversary. Finally， the real gradient was replaced by the shadow gradient generated by the shadow data in the shadow model and was not accessible to the adversary. Experiments were conducted on CIFAR10 and CIFAR100 datasets for comparison of the proposed scheme with the five defense schemes of adding noise， gradient clipping， gradient compression， representation perturbation and local regularization and sparsification. On CIFAR10 dataset， the Mean Square Error （MSE） and the Feature Mean Square Error （FMSE） of the proposed scheme were 1.18-5.34 and 4.46-1.03×10⁷ times， and the Peak Signal-to-Noise Ratio （PSNR） of the proposed scheme was 49.9%-90.8%. On CIFAR100 dataset， the MSE and the FMSE of the proposed scheme were 1.04-1.06 and 5.93-4.24×10³ times， and the PSNR of the proposed scheme was 96.0%-97.6%. Compared with the deep shadow defense method， the proposed scheme takes into account the actual attack capability of the adversary and the problems in shadow model training， and designs threat models and shadow model generation algorithms. It performs better in theory analysis and experiment result that of the comparsion schemes， and it can effectively reduce the risk of federated learning privacy leaks while ensuring accuracy.

Key words: Federated Learning (FL), Generative Adversarial Network (GAN), gradient inversion, privacy protection, defense scheme

摘要：

联邦学习（FL）可以使用户在不直接上传原始数据的条件下完成多方数据共享和交互，有效降低隐私泄露风险。然而，现有的研究表明敌手仍可以通过共享的梯度信息重构出原始数据。为进一步保护联邦学习隐私，基于生成对抗网络（GAN）提出一种联邦学习深度影子防御方案。首先，通过生成对抗网络学习原始真实数据分布特征，并生成可替代的影子数据；然后，通过影子数据训练影子模型替代原始模型，敌手无法直接获取真实数据训练过的原始模型；最后，利用影子数据在影子模型中产生的影子梯度替代真实梯度，使敌手无法获取真实梯度。在CIFAR10和CIFAR100数据集上进行了实验：与添加噪声、梯度裁剪、梯度压缩、表征扰动和局部正则化稀疏化五种防御方案相比，在CIFAR10数据集上所提方案的均方误差（MSE）是对比方案的1.18~5.34倍，特征均方误差（FMSE）是对比方案的4.46~1.03×10⁷倍，峰值信噪比（PSNR）是对比方案的49.9%~90.8%；在CIFAR100数据集上的MSE是对比方案的1.04~1.06倍，FMSE是对比方案的5.93~4.24×10³倍，PSNR是对比方案的96.0%~97.6%。相较于深度影子防御方法，所提方案考虑了敌手的实际攻击能力和影子模型训练存在的问题，设计了威胁模型和影子模型生成算法，在理论分析和实验方面表现更好，而且能够在保证准确率的前提下有效降低联邦学习隐私泄露风险。

关键词: 联邦学习, 生成对抗网络, 梯度反演, 隐私保护, 防御方案

CLC Number:

TP181

Hui ZHOU, Yuling CHEN, Xuewei WANG, Yangwen ZHANG, Jianjiang HE. Deep shadow defense scheme of federated learning based on generative adversarial network[J]. Journal of Computer Applications, 2024, 44(1): 223-232.

周辉, 陈玉玲, 王学伟, 张洋文, 何建江. 基于生成对抗网络的联邦学习深度影子防御方案[J]. 《计算机应用》唯一官方网站, 2024, 44(1): 223-232.

Figures/Tables 13

Tab. 1 Common symbolic variables

名称	含义	名称	含义
$x i, y i$	真实数据	$F$	联邦学习模型
$G$	生成器	$W$	参数权重
$D$	判别器	$F ˙$	影子模型
$x s i, y s i$	影子数据	$∇ W$	真实梯度
$x r i, y r i$	虚假数据	$∇ W s$	影子梯度
$P d a t a x$	真实数据分布	$∇ W r$	虚假梯度
$P G x$	生成分布

Tab. 1 Common symbolic variables

名称	含义	名称	含义
$x i, y i$	真实数据	$F$	联邦学习模型
$G$	生成器	$W$	参数权重
$D$	判别器	$F ˙$	影子模型
$x s i, y s i$	影子数据	$∇ W$	真实梯度
$x r i, y r i$	虚假数据	$∇ W s$	影子梯度
$P d a t a x$	真实数据分布	$∇ W r$	虚假梯度
$P G x$	生成分布

Fig. 1 Main idea of FedDSD

Tab. 2 Parameter settings

参数	设置
原始模型损失函数	CrossEntropy
影子模型损失函数	CrossEntropy
GAN损失函数	Binary CrossEntropy
生成器优化器	Adam（自适应矩估计）
判别器优化器	Adam（自适应矩估计）
优化器学习率	lr=0.002
动量梯度下降因子	betas=（0.5，0.999）
原始模型、影子模型学习率调节器	StepLR
学习率下降间隔数	step_size=10
学习率调整倍数	Gamma=0.5

Fig. 2 Defense effects of FedDSD on CIFAR10 and CIFAR100 datasets

Tab. 3 Defense metrics of FedDSD

对象比较	CIFAR10			CIFAR100
对象比较	MSE	FMSE	PSNR/dB	MSE	FMSE	PSNR/dB
真实数据与影子数据	0.000 5	8.590 0	33.10	0.000 2	14.10	26.60
影子数据与虚假数据	0.159 0	0.018 1	8.00	0.177 0	0.02	7.53
真实数据与虚假数据	0.159 0	8.280 0	7.99	0.193 0	14.20	7.15

Tab. 4 Accuracies of FedDSD on CIFAR10 and CIFAR100 datasets

数据集	准确率
数据集	真实数据	影子数据
CIFAR10	97.87	97.22
CIFAR100	92.24	91.59

Fig. 3 Convergence of FedDSD on CIFAR10 and CIFAR100 datasets

Tab. 5 Effects of different defense schemes against DLG attacks

防御方案	CIFAR10			CIFAR100
防御方案	MSE	FMSE	PSNR/dB	MSE	FMSE	PSNR/dB
添加噪声	0.156 0	0.028 5	8.07	0.185 0	0.098 3	7.34
梯度裁剪	0.035 4	0.000 0^*	14.50	0.190 0	2.360 0	7.22
梯度压缩	0.154 0	0.001 2	8.12	0.185 0	0.003 3	7.32
表征扰动	0.160 0	1.880 0	7.97	0.190 0	1.370 0	7.23
局部正则化稀疏化	0.140 0	1.720 0	8.54	0.189 0	1.150 0	7.24
FedDSD	0.189 0	8.380 0	7.24	0.197 0	14.000 0	7.05

Tab. 6 Comparison of deep shadow defense method with FedDSD

防御措施	深度影子防御方法	FedDSD
基于生成对抗网络	是	是
设计威胁模型	否	是
考虑敌手攻击范式	否	是
设计影子模型算法	否	是
设计评价指标	否	是
实验论证	否	是

Fig. 4 Effects of different defense schemes on CIFAR10 dataset

Fig. 5 Effects of different defense schemes on CIFAR100 dataset

Fig. 6 Defense effect of FedDSD+additive noise on CIFAR10 and CIFAR100 datasets

Fig. 7 Defense effect of FedDSD+gradient compression on CIFAR10 and CIFAR100 datasets

References 44

1	McMAHAN B， MOORE E， RAMAGE D， et al. Communication-efficient learning of deep networks from decentralized data ［J］. Proceedings of Machine Learning Research， 2017， 54： 1273-1282.
2	温亚兰，陈美娟.融合联邦学习与区块链的医疗数据共享方案［J］.计算机工程， 2022， 48（5）： 145-153， 161. 10.19678/j.issn.1000-3428.0061284
	WEN Y L， CHEN M J. Medical data sharing scheme combined with federated learning and blockchain ［J］. Computer Engineering， 2022， 48（5）： 145-153， 161. 10.19678/j.issn.1000-3428.0061284
3	孙睿，李超，王伟，等.基于区块链的联邦学习研究进展［J］.计算机应用， 2022， 42（11）： 3413-3420. 10.11772/j.issn.1001-9081.2021111934
	SUN R， LI C， WANG W， et al. Research progress of blockchain-based federated learning ［J］. Journal of Computer Applications， 2022， 42（11）： 3413-3420. 10.11772/j.issn.1001-9081.2021111934
4	梁天恺，曾碧，陈光.联邦学习综述：概念、技术、应用与挑战［J］.计算机应用， 2022， 42（12）： 3651-3662. 10.11772/j.issn.1001-9081.2021101821
	LIANG T K， ZENG B， CHEN G. Federated learning survey： concepts， technologies， applications and challenges ［J］. Journal of Computer Applications， 2022， 42（12）： 3651-3662. 10.11772/j.issn.1001-9081.2021101821
5	BONAWITZ K， IVANOV V， KREUTER B， et al. Practical secure aggregation for privacy-preserving machine learning ［C］// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2017： 1175-1191. 10.1145/3133956.3133982
6	ZHU L， LIU Z， HAN S. Deep leakage from gradients ［C］// Proceedings of the 33 rd International Conference on Neural Information Processing System. Red Hook： Curran Associates Inc.， 2019： 14774-14784. 10.1007/978-3-030-63076-8_2
7	ZHAO B， MOPURI K R， BILEN H. iDLG： Improved deep leakage from gradients ［EB/OL］. （2020-01-08）［2023-04-28］. .
8	MELIS L， SONG C， DE CRISTOFARO E， et al. Exploiting unintended feature leakage in collaborative learning ［C］// Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway： IEEE， 2019： 691-706. 10.1109/sp.2019.00029
9	WANG Z， SONG M， ZHANG Z， et al. Beyond inferring class representatives： User-level privacy leakage from federated learning ［C］// Proceedings of the 2019 IEEE Conference on Computer Communications. Piscataway： IEEE， 2019： 2512-2520. 10.1109/infocom.2019.8737416
10	LYU L， YU H， MA X， et al. Privacy and robustness in federated learning： Attacks and defenses ［J/OL］. IEEE Transactions on Neural Networks and Learning Systems， 2022，（2022-11-10）［2023-04-29］. . 10.1109/tnnls.2022.3216981
11	SONG C， RISTENPART T， SHMATIKOV V. Machine learning models that remember too much ［C］// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2017： 587-601. 10.1145/3133956.3134077
12	SUN J， LI A， WANG B， et al. Soteria： Provable defense against privacy leakage in federated learning from representation perspective ［C］// Proceedings of the 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition. Piscataway： IEEE， 2021： 9307-9315. 10.1109/cvpr46437.2021.00919
13	SHOKRI R， SHMATIKOV V. Privacy-preserving deep learning ［C］// Proceedings of the 22 nd ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2015： 1310-1321. 10.1145/2810103.2813687
14	ABADI M， CHU A， GOODFELLOW I， et al. Deep learning with differential privacy ［C］// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2016： 308-318. 10.1145/2976749.2978318
15	GEYER R C， KLEIN T， NABI M. Differentially private federated learning： A client level perspective ［EB/OL］. （2018-03-01）［2023-04-28］. .
16	JORGENSEN Z， YU T， CORMODE G. Conservative or liberal？ Personalized differential privacy ［C］// Proceedings of the 2015 IEEE 31 st International Conference on Data Engineering. Piscataway： IEEE， 2015： 1023-1034. 10.1109/icde.2015.7113353
17	NIU B， CHEN Y， WANG B， et al. AdaPDP： Adaptive personalized differential privacy ［C］// Proceedings of the 2021 IEEE Conference on Computer Communications. Piscataway： IEEE， 2021： 1-10. 10.1109/infocom42981.2021.9488825
18	PHONG L T， AONO Y， HAYASHI T， et al. Privacy-preserving deep learning via additively homomorphic encryption ［J］. IEEE Transactions on Information Forensics and Security， 2017， 13（5）： 1333-1345. 10.1109/tifs.2017.2787987
19	PHONG L T， AONO Y， HAYASHI T， et al. Privacy-preserving deep learning： Revisited and enhanced ［C］// Proceedings of the 2017 International Conference on Applications and Techniques in Information Security. Singapore： Springer， 2017： 100-110. 10.1007/978-981-10-5421-1_9
20	BELL J H， BONAWITZ K A， GASCÓN A， et al. Secure single-server aggregation with （poly） logarithmic overhead ［C］// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2020： 1253-1269. 10.1145/3372297.3417885
21	XU G， LI H， LIU S， et al. VerifyNet： Secure and verifiable federated learning ［J］. IEEE Transactions on Information Forensics and Security， 2019， 15： 911-926. 10.1109/tifs.2019.2929409
22	MOHASSEL P， ZHANG Y. SecureML： A system for scalable privacy-preserving machine learning ［C］// Proceedings of the 2017 IEEE Symposium on Security and Privacy. Piscataway： IEEE， 2017： 19-38. 10.1109/sp.2017.12
23	WAGH S， GUPTA D， CHANDRAN N. SecureNN： 3-party secure computation for neural network training ［J］. Proceedings on Privacy Enhancing Technologies， 2019（3）： 26-49. 10.2478/popets-2019-0035
24	AGRAWAL N， SHAHIN SHAMSABADI A， KUSNER M J， et al. QUOTIENT： two-party secure neural network training and prediction ［C］// Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2019： 1231-1247. 10.1145/3319535.3339819
25	周辉，陈玉玲，李涛，等.一种联邦学习深度影子防御方法： CN202211341978.5 ［P］. 2023-03-21.
	ZHOU H， CHEN Y L， LI T， et al. A federated learning deep shadow defense method： CN202211341978.5 ［P］. 2023-03-21.
26	GEIPING J， BAUERMEISTER H， DRÖGE H， et al. Inverting gradients — how easy is it to break privacy in federated learning？［C］// Proceedings of the 34th International Conference on Neural Information Processing System. Red Hook： Curran Associates Inc.， 2020： 16937-16947.
27	YIN H， MALLYA A， VAHDAT A， et al. See through gradients： Image batch recovery via GradInversion ［C］// Proceedings of the 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition. Piscataway： IEEE， 2021： 16332-16341. 10.1109/cvpr46437.2021.01607
28	JEON J， KIM J， LEE K， et al. Gradient inversion with generative image prior ［C］// Proceedings of the 34th International Conference on Neural Information Processing System. New York： ACM， 2021：29898-29908. 10.48550/arXiv.2110.14962
29	HITAJ B， ATENIESE G， PEREZ-CRUZ F. Deep models under the GAN： information leakage from collaborative deep learning ［C］// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2017： 603-618. 10.1145/3133956.3134012
30	GOODFELLOW I J， POUGET-ABADIE J， MIRZA M， et al. Generative adversarial nets ［C］// Proceedings of the 27th International Conference on Neural Information Processing System. New York： ACM， 2014： 2672-2680.
31	SHOKRI R， STRONATI M， SONG C， et al. Membership inference attacks against machine learning models ［C］// Proceedings of the 2017 IEEE Symposium on Security and Privacy. Piscataway： IEEE， 2017： 3-18. 10.1109/sp.2017.41
32	SALEM A， ZHANG Y， HUMBERT M， et al. ML-Leaks： Model and data independent membership inference attacks and defenses on machine learning models ［C］// Proceedings of the 26th Annual Network and Distributed System Security Symposium. San Diego： Internet Society， 2019： 1-15. 10.14722/ndss.2019.23119
33	NASR M， SHOKRI R， HOUMANSADR A. Comprehensive privacy analysis of deep learning： Passive and active white-box inference attacks against centralized and federated learning ［C］// Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway： IEEE， 2019： 739-753. 10.1109/sp.2019.00065
34	ZHANG J， ZHANG J， CHEN J， et al. GAN enhanced membership inference： A passive local attack in federated learning ［C］// Proceedings of the 2020 IEEE International Conference on Communications. Piscataway： IEEE， 2020： 1-6. 10.1109/icc40277.2020.9148790
35	HAYES J， MELIS L， DANEZIS G， et al. LOGAN： evaluating privacy leakage of generative models using generative adversarial networks ［EB/OL］. （2022-06-09）［2023-04-28］. . 10.2478/popets-2019-0008
36	ATENIESE G， MANCINI L V， SPOGNARDI A， et al. Hacking smart machines with smarter ones： How to extract meaningful data from machine learning classifiers ［J］. International Journal of Security and Networks， 2015， 10（3）： 137-150. 10.1504/ijsn.2015.071829
37	FREDRIKSON M， LANTZ E， JHA S， et al. Privacy in pharmacogenetics： An end-to-end case study of personalized warfarin dosing ［C］// Proceedings of the 23 rd USENIX Security Symposium. Berkeley： USENIX Association， 2014： 17-32.
38	FREDRIKSON M， JHA S， RISTENPART T. Model inversion attacks that exploit confidence information and basic countermeasures ［C］// Proceedings of the 22 nd ACM SIGSAC Conference on Computer and Communications Security. New York： ACM， 2015： 1322-1333. 10.1145/2810103.2813677
39	WANG Z， HUANG Y， SONG M， et al. Poisoning-assisted property inference attack against federated learning ［J］. IEEE Transactions on Dependable and Secure Computing， 2023， 20（4）： 3328-3340. 10.1109/tdsc.2022.3196646
40	陈宛桢，张恩，秦磊勇，等.边缘计算下基于区块链的隐私保护联邦学习算法［J］.计算机应用， 2023， 43（7）： 2209-2216.
	CHEN W Z， ZHANG E， QIN L Y， et al. Privacy-preserving federated learning algorithm based on blockchain in edge computing ［J］. Journal of Computer Applications， 2023， 43（7）： 2209-2216.
41	CHENG A， WANG P， ZHANG X S， et al. Differentially private federated learning with local regularization and sparsification ［C］// Proceedings of the 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition. Piscataway： IEEE， 2022： 10122-10131. 10.1109/cvpr52688.2022.00988
42	RADFORD A， METZ L， CHINTALA S. Unsupervised representation learning with deep convolutional generative adversarial networks ［EB/OL］. （2016-01-07）［2023-04-28］. . 10.1109/aiar.2018.8769811
43	KRIZHEVSKY A， HINTON G. Learning multiple layers of features from tiny images ［R/OL］.［2023-04-29］.. 10.1016/j.tics.2007.09.004
44	ILYAS A， SANTURKAR S， TSIPRAS D， et al. Adversarial examples are not bugs， they are features ［C］// Proceedings of the 33 rd International Conference on Neural Information Processing System. New York： ACM， 2019： 125-136. 10.23915/distill.00019

[1]	Zheyuan SHEN, Keke YANG, Jing LI. Personalized federated learning method based on dual stream neural network [J]. Journal of Computer Applications, 2024, 44(8): 2319-2325.
[2]	Li LIU, Haijin HOU, Anhong WANG, Tao ZHANG. Generative data hiding algorithm based on multi-scale attention [J]. Journal of Computer Applications, 2024, 44(7): 2102-2109.
[3]	Xuebin CHEN, Zhiqiang REN, Hongyang ZHANG. Review on security threats and defense measures in federated learning [J]. Journal of Computer Applications, 2024, 44(6): 1663-1672.
[4]	Peiqian LIU, Shuilian WANG, Zihao SHEN, Hui WANG. Location privacy protection algorithm based on trajectory perturbation and road network matching [J]. Journal of Computer Applications, 2024, 44(5): 1546-1554.
[5]	Haoran WANG, Dan YU, Yuli YANG, Yao MA, Yongle CHEN. Domain transfer intrusion detection method for unknown attacks on industrial control systems [J]. Journal of Computer Applications, 2024, 44(4): 1158-1165.
[6]	Gaimei GAO, Jin ZHANG, Chunxia LIU, Weichao DANG, Shangwang BAI. Privacy protection scheme for crowdsourced testing tasks based on blockchain and CP-ABE policy hiding [J]. Journal of Computer Applications, 2024, 44(3): 811-818.
[7]	Sunjie YU, Hui ZENG, Shiyu XIONG, Hongzhou SHI. Incentive mechanism for federated learning based on generative adversarial network [J]. Journal of Computer Applications, 2024, 44(2): 344-352.
[8]	Haifeng MA, Yuxia LI, Qingshui XUE, Jiahai YANG, Yongfu GAO. Attribute-based encryption scheme for blockchain privacy protection [J]. Journal of Computer Applications, 2024, 44(2): 485-489.
[9]	Yiting WANG, Wunan WAN, Shibin ZHANG, Jinquan ZHANG, Zhi QIN. Linkable ring signature scheme based on SM9 algorithm [J]. Journal of Computer Applications, 2024, 44(12): 3709-3716.
[10]	Jing LIANG, Wunan WAN, Shibin ZHANG, Jinquan ZHANG, Zhi QIN. Traceability storage model of charity system oriented to master-slave chain [J]. Journal of Computer Applications, 2024, 44(12): 3751-3758.
[11]	Peng FANG, Fan ZHAO, Baoquan WANG, Yi WANG, Tonghai JIANG. Development， technologies and applications of blockchain 3.0 [J]. Journal of Computer Applications, 2024, 44(12): 3647-3657.
[12]	Yifan WANG, Shaofu LIN, Yunjiang LI. Highway free-flow tolling method based on blockchain and zero-knowledge proof [J]. Journal of Computer Applications, 2024, 44(12): 3741-3750.
[13]	Rui GAO, Xuebin CHEN, Zucuan ZHANG. Dynamic social network privacy publishing method for partial graph updating [J]. Journal of Computer Applications, 2024, 44(12): 3831-3838.
[14]	Miao JIA, Zhongyuan YAO, Weihua ZHU, Tingting GAO, Xueming SI, Xiang DENG. Progress and prospect of zero-knowledge proof enabling blockchain [J]. Journal of Computer Applications, 2024, 44(12): 3669-3677.
[15]	Jie WU, Xuezhong QIAN, Wei SONG. Personalized federated learning based on similarity clustering and regularization [J]. Journal of Computer Applications, 2024, 44(11): 3345-3353.

Deep shadow defense scheme of federated learning based on generative adversarial network

基于生成对抗网络的联邦学习深度影子防御方案

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 44

Related Articles 15

Recommended Articles

Metrics