Summary of Mjolnir: Breaking the Shield Of Perturbation-protected Gradients Via Adaptive Diffusion, by Xuan Liu et al.
Mjolnir: Breaking the Shield of Perturbation-Protected Gradients via Adaptive Diffusion
by Xuan Liu, Siqi Cai, Qihua Zhou, Song Guo, Ruibin Li, Kaiwei Lin
First submitted to arxiv on: 7 Jul 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary This paper investigates the effectiveness of perturbation-based mechanisms, such as differential privacy, in mitigating gradient leakage attacks in Federated Learning. The authors propose a novel attack, Mjolnir, which can remove perturbations from gradients without requiring additional access to the original model structure or external data. Mjolnir leverages the inherent diffusion properties of gradient perturbation protection and constructs a surrogate client model to capture the structure of perturbed gradients. The authors demonstrate that Mjolnir effectively recovers protected gradients and exposes Federated Learning processes to the threat of gradient leakage, achieving superior performance in gradient denoising and private data recovery. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper looks at how well certain methods protect private information when sharing data with other computers. The researchers found a way to break through these protections and recover sensitive information that was meant to be kept secret. They created a new method called Mjolnir that can remove the noise added to protect the data, allowing them to access the original information. This shows that even strong protections can be broken, highlighting the need for better security measures. |
Keywords
* Artificial intelligence * Diffusion * Federated learning
