A reconstruction attack Re_GAN was proposed to address the issue of participants in split vertical federated learning,where the intermediate results output during the training process are prone to leakage of a large amount of privacy.The genera-tive adversarial network was used to learn the prior knowledge of the images.The input of the generative adversarial networks was optimized to approximate the intermediate result of the reconstructed image and the real image to reconstruct the participant's private image.The intermediate result was measured using the Sliced Wasserstein distance to capture the features of the image.Experimental results indicate that Re_GAN is able to reconstruct participant images on the MNIST dataset,Fashion-MNIST dataset,and CIFAR-10 dataset,indicating the risk of privacy leakage in split vertical federated learning.
关键词
纵向联邦学习/拆分学习/重建攻击/生成式对抗网络/隐私泄露/机器学习/分布式系统
Key words
vertical federated learning/split learning/reconstruction attack/generative adversarial networks/leakage of priva-cy/machine learning/distributed systems
维普
万方数据