Summary of Urvfl: Undetectable Data Reconstruction Attack on Vertical Federated Learning, by Duanyi Yao et al.
URVFL: Undetectable Data Reconstruction Attack on Vertical Federated Learning
by Duanyi Yao, Songze Li, Xueluan Gong, Sizai Hou, Gaoning Pan
First submitted to arxiv on: 30 Apr 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary In this paper, researchers develop a novel attack strategy called URVFL to launch effective malicious attacks in Vertical Federated Learning (VFL). The existing malicious attacks alter the underlying VFL training task and are easily detected by comparing received gradients with those from honest training. To overcome these challenges, URVFL integrates a discriminator with an auxiliary classifier that utilizes label information to generate malicious gradients that mimic honest training. This allows the attack to evade current detection mechanisms. Experimental results show that URVFL outperforms existing attacks and successfully circumvents state-of-the-art (SOTA) detection methods. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper creates a new way to launch attacks in Vertical Federated Learning (VFL). Right now, it’s hard for attackers to steal data because each client keeps their own information private. Existing attacks can be detected by comparing the fake and real training results. To get around this, researchers came up with URVFL, which uses a special tool to make the attack look like real learning. This makes it much harder to detect. The test results show that URVFL is very effective at attacking VFL systems. |
Keywords
» Artificial intelligence » Federated learning
