协作学习可以是私有的、健壮的和可扩展的吗?

Dmitrii Usynin, Helena Klause, D. Rueckert, Georgios Kaissis
{"title":"协作学习可以是私有的、健壮的和可扩展的吗?","authors":"Dmitrii Usynin, Helena Klause, D. Rueckert, Georgios Kaissis","doi":"10.48550/arXiv.2205.02652","DOIUrl":null,"url":null,"abstract":"In federated learning for medical image analysis, the safety of the learning protocol is paramount. Such settings can often be compromised by adversaries that target either the private data used by the federation or the integrity of the model itself. This requires the medical imaging community to develop mechanisms to train collaborative models that are private and robust against adversarial data. In response to these challenges, we propose a practical open-source framework to study the effectiveness of combining differential privacy, model compression and adversarial training to improve the robustness of models against adversarial samples under train- and inference-time attacks. Using our framework, we achieve competitive model performance, a significant reduction in model's size and an improved empirical adversarial robustness without a severe performance degradation, critical in medical image analysis.","PeriodicalId":347091,"journal":{"name":"DeCaF/FAIR@MICCAI","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Can collaborative learning be private, robust and scalable?\",\"authors\":\"Dmitrii Usynin, Helena Klause, D. Rueckert, Georgios Kaissis\",\"doi\":\"10.48550/arXiv.2205.02652\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In federated learning for medical image analysis, the safety of the learning protocol is paramount. Such settings can often be compromised by adversaries that target either the private data used by the federation or the integrity of the model itself. This requires the medical imaging community to develop mechanisms to train collaborative models that are private and robust against adversarial data. In response to these challenges, we propose a practical open-source framework to study the effectiveness of combining differential privacy, model compression and adversarial training to improve the robustness of models against adversarial samples under train- and inference-time attacks. Using our framework, we achieve competitive model performance, a significant reduction in model's size and an improved empirical adversarial robustness without a severe performance degradation, critical in medical image analysis.\",\"PeriodicalId\":347091,\"journal\":{\"name\":\"DeCaF/FAIR@MICCAI\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-05-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"DeCaF/FAIR@MICCAI\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.48550/arXiv.2205.02652\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"DeCaF/FAIR@MICCAI","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2205.02652","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

在医学图像分析的联邦学习中,学习协议的安全性是至关重要的。这样的设置通常会被攻击者破坏,攻击者的目标要么是联邦使用的私有数据,要么是模型本身的完整性。这就要求医学成像社区开发机制来训练协作模型,这些模型是私有的,并且对对抗性数据具有强大的抵抗力。为了应对这些挑战,我们提出了一个实用的开源框架来研究结合差分隐私、模型压缩和对抗训练的有效性,以提高模型在训练时间和推理时间攻击下对对抗样本的鲁棒性。使用我们的框架,我们实现了具有竞争力的模型性能,模型尺寸显着减小,并且在没有严重性能下降的情况下改进了经验对抗性鲁棒性,这在医学图像分析中至关重要。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Can collaborative learning be private, robust and scalable?
In federated learning for medical image analysis, the safety of the learning protocol is paramount. Such settings can often be compromised by adversaries that target either the private data used by the federation or the integrity of the model itself. This requires the medical imaging community to develop mechanisms to train collaborative models that are private and robust against adversarial data. In response to these challenges, we propose a practical open-source framework to study the effectiveness of combining differential privacy, model compression and adversarial training to improve the robustness of models against adversarial samples under train- and inference-time attacks. Using our framework, we achieve competitive model performance, a significant reduction in model's size and an improved empirical adversarial robustness without a severe performance degradation, critical in medical image analysis.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信