A reconstruction attack Re_GAN was proposed to address the issue of participants in split vertical federated learning,where the intermediate results output during the training process are prone to leakage of a large amount of privacy.The genera-tive adversarial network was used to learn the prior knowledge of the images.The input of the generative adversarial networks was optimized to approximate the intermediate result of the reconstructed image and the real image to reconstruct the participant's private image.The intermediate result was measured using the Sliced Wasserstein distance to capture the features of the image.Experimental results indicate that Re_GAN is able to reconstruct participant images on the MNIST dataset,Fashion-MNIST dataset,and CIFAR-10 dataset,indicating the risk of privacy leakage in split vertical federated learning.
vertical federated learningsplit learningreconstruction attackgenerative adversarial networksleakage of priva-cymachine learningdistributed systems
维普
万方数据
