Summary of Training on Fake Labels: Mitigating Label Leakage in Split Learning Via Secure Dimension Transformation, by Yukun Jiang et al.
Training on Fake Labels: Mitigating Label Leakage in Split Learning via Secure Dimension Transformation
by Yukun Jiang, Peiran Wang, Chengguo Lin, Ziyue Huang, Yong Cheng
First submitted to arxiv on: 11 Oct 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary In this paper, researchers propose a novel two-party split learning approach to defend against label inference attacks while maintaining the utility of learned models. The method, which combines dimension transformation and gradient normalization, can mitigate label leakage from different perspectives. Additionally, the authors introduce a softmax-normalized Gaussian noise technique to remove privacy leaks. Experimental results on real-world datasets show that the proposed method is effective in reducing attack AUCs by 0.4532+-0.0127 on the Avazu dataset. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper develops a new way for two parties to work together and learn from each other’s data while keeping their information private. The researchers faced a challenge because previous methods had limitations, so they created a more effective approach that uses special transformations and noise to make it harder for attackers to figure out the original labels. They tested this method on several real-world datasets and showed that it can reduce the effectiveness of different types of attacks. |
Keywords
» Artificial intelligence » Inference » Softmax
