Hiding in Plain Sight: Disguising Data Stealing Attacks in Federated Learning

arXiv:2306.03013v5 Announce Type: replace-cross
Abstract: Malicious server (MS) attacks have enabled the scaling of data stealing in federated learning to large batch sizes and secure aggregation, settings previously considered private. However, many concerns regarding the client-side detectability of MS attacks were raised, questioning their practicality. In this work, for the first time, we thoroughly study client-side detectability. We first demonstrate that all prior MS attacks are detectable by principled checks, and formulate a necessary set of requirements that a practical …

abstract aggregation arxiv attacks client concerns cs.cr cs.lg data federated learning however scaling server stealing type work