Federated Learning (FL) is an emerging machine learning paradigm that enables multiple clients to jointly train a model to take benefits from diverse datasets from the clients without sharing their local training datasets. FL helps reduce data privacy risks. Unfortunately, FL still exist several issues regarding privacy and security. First, it is possible to leak sensitive information from the shared training parameters. Second, malicious clients can collude with each other to steal data, models from regular clients or corrupt the global training model. To tackle these challenges, we propose SecFL - a confidential federated learning framework that leverages Trusted Execution Environments (TEEs). SecFL performs the global and local training inside TEE enclaves to ensure the confidentiality and integrity of the computations against powerful adversaries with privileged access. SecFL provides a transparent remote attestation mechanism, relying on the remote attestation provided by TEEs, to allow clients to attest the global training computation as well as the local training computation of each other. Thus, all malicious clients can be detected using the remote attestation mechanisms.
翻译:联邦学习组织(FL)是一个新兴的机器学习模式,它使多个客户能够联合培训一个模型,从客户的不同数据集中获益,而不必分享其本地培训数据集。FL帮助降低数据隐私风险。不幸的是,FL仍然存在一些隐私和安全方面的问题。首先,有可能泄露共享培训参数的敏感信息。第二,恶意客户可以相互勾结,以窃取数据、来自正常客户的模型或腐蚀全球培训模式。为了应对这些挑战,我们提议SecFL(SecFL)——一个利用信任的执行环境(TEEs)的保密联合学习框架。SecFL在TE飞地内进行全球和地方培训,以确保计算对享有特权准入的强权对手的保密性和完整性。SecFL提供透明的远程认证机制,依靠TEE提供的远程认证,让客户证明全球培训计算以及当地培训的计算。因此,所有恶意客户都可以通过远程认证机制被检测。
相关内容
微信扫码咨询专知VIP会员