Litcius/Paper detail

EIFFeL

Amrita Roy Chowdhury, Chuan Guo, Somesh Jha, Laurens van der Maaten

2022Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security72 citationsDOI

Abstract

Federated learning (FL) enables clients to collaborate with a server to train a machine learning model. To ensure privacy, the server performs secure aggregation of updates from the clients. Unfortunately, this prevents verification of the well-formedness (integrity) of the updates as the updates are masked. Consequently, malformed updates designed to poison the model can be injected without detection. In this paper, we formalize the problem of ensuring both update privacy and integrity in FL and present a new system, EIFFeL, that enables secure aggregation of verified updates. EIFFeL is a general framework that can enforce arbitrary integrity checks and remove malformed updates from the aggregate, without violating privacy. Our empirical evaluation demonstrates the practicality of EIFFeL. For instance, with 100 clients and 10% poisoning, EIFFeL can train an MNIST classification model to the same accuracy as that of a non-poisoned federated learner in just 2.4s per iteration.

Topics & Concepts

EiffelComputer scienceFederated learningMNIST databaseComputer securityAggregate (composite)Programming languageArtificial intelligenceDeep learningObject-oriented programmingComposite materialMaterials sciencePrivacy-Preserving Technologies in DataAdversarial Robustness in Machine LearningCryptography and Data Security
EIFFeL | Litcius