GRNN Generative Regression Neural Network—A Data Leakage Attack for Federated Learning

发表于 分类于 阅读次数: 本文字数: 734 阅读时长 ≈ 1 分钟
优化模型参数,使得生成的图像和被攻击图像具有相近的梯度

GRNN: Generative Regression Neural Network—A Data Leakage Attack for Federated Learning

1. Shining points:

  • It determines whether the attack is completed by comparing the true label with the label inferred by inputting dummy data into the attacked model

  • WD loss function

  • TV loss function

2. Contributions

  • A novel method of data leakage attack, a resolution of 256*256, a batch size of 256

  • Comprehensive evaluation, superior in terms of success rate of attack, the ådelity of recovered data,
    and the accuracy of label inference. much more stable

  • Face re-identiècation experiment

  • Implementation of the method is publicly available

3. Algorithm

Details of the proposed GRNN where the top branch is for generating the fake image and the bottom branch is for inferring the label. “FC LAYER” is fully-connected layer. “FS CONV LAYER” is fractionally-strided convolutional layer.

没有优化隐空间,而是优化generators

4. Others

  • MSE & WD & TVLoss is best

  • DLG recovers the image pixel-by-pixel greedily , and GRNN ensures the appearance distribution in a coarser scale, and details are then filled at a finer scale.

-------------本文结束感谢您的阅读-------------