{"title":"协调联合学习中的隐私和拜占庭稳健性","authors":"Lun Wang","doi":"10.1609/aaaiss.v3i1.31229","DOIUrl":null,"url":null,"abstract":"In this talk, we will discuss how to make federated learning\nsecure for the server and private for the clients simultaneously.\nMost prior efforts fall into either of the two categories.\nAt one end of the spectrum, some work uses techniques\nlike secure aggregation to hide the individual client’s\nupdates and only reveal the aggregated global update to a\nmalicious server that strives to infer the clients’ privacy from\ntheir updates. At the other end of the spectrum, some work\nuses Byzantine-robust FL protocols to suppress the influence\nof malicious clients’ updates. We present a protocol that offers\nbidirectional defense to simultaneously combat against\nthe malicious centralized server and Byzantine malicious\nclients. Our protocol also improves the dimension dependence\nand achieve a near-optimal statistical rate for strongly\nconvex cases.","PeriodicalId":516827,"journal":{"name":"Proceedings of the AAAI Symposium Series","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Reconciling Privacy and Byzantine-robustness in Federated Learning\",\"authors\":\"Lun Wang\",\"doi\":\"10.1609/aaaiss.v3i1.31229\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this talk, we will discuss how to make federated learning\\nsecure for the server and private for the clients simultaneously.\\nMost prior efforts fall into either of the two categories.\\nAt one end of the spectrum, some work uses techniques\\nlike secure aggregation to hide the individual client’s\\nupdates and only reveal the aggregated global update to a\\nmalicious server that strives to infer the clients’ privacy from\\ntheir updates. At the other end of the spectrum, some work\\nuses Byzantine-robust FL protocols to suppress the influence\\nof malicious clients’ updates. We present a protocol that offers\\nbidirectional defense to simultaneously combat against\\nthe malicious centralized server and Byzantine malicious\\nclients. Our protocol also improves the dimension dependence\\nand achieve a near-optimal statistical rate for strongly\\nconvex cases.\",\"PeriodicalId\":516827,\"journal\":{\"name\":\"Proceedings of the AAAI Symposium Series\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the AAAI Symposium Series\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1609/aaaiss.v3i1.31229\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the AAAI Symposium Series","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1609/aaaiss.v3i1.31229","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Reconciling Privacy and Byzantine-robustness in Federated Learning
In this talk, we will discuss how to make federated learning
secure for the server and private for the clients simultaneously.
Most prior efforts fall into either of the two categories.
At one end of the spectrum, some work uses techniques
like secure aggregation to hide the individual client’s
updates and only reveal the aggregated global update to a
malicious server that strives to infer the clients’ privacy from
their updates. At the other end of the spectrum, some work
uses Byzantine-robust FL protocols to suppress the influence
of malicious clients’ updates. We present a protocol that offers
bidirectional defense to simultaneously combat against
the malicious centralized server and Byzantine malicious
clients. Our protocol also improves the dimension dependence
and achieve a near-optimal statistical rate for strongly
convex cases.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
