Author
Listed:
- Zacharias Anastasakis
(Synelixis Solutions S.A., GR34100 Chalkida, Greece)
- Terpsichori-Helen Velivassaki
(Synelixis Solutions S.A., GR34100 Chalkida, Greece)
- Artemis Voulkidis
(Synelixis Solutions S.A., GR34100 Chalkida, Greece)
- Stavroula Bourou
(Synelixis Solutions S.A., GR34100 Chalkida, Greece)
- Konstantinos Psychogyios
(Synelixis Solutions S.A., GR34100 Chalkida, Greece)
- Dimitrios Skias
(Netcompany-Intrasoft S.A., GR19002 Paiania, Greece)
- Theodore Zahariadis
(Rural Development, Agrifood, and Natural Resources Management, University of Athens, GR15772 Athens, Greece)
Abstract
Federated Learning is identified as a reliable technique for distributed training of ML models. Specifically, a set of dispersed nodes may collaborate through a federation in producing a jointly trained ML model without disclosing their data to each other. Each node performs local model training and then shares its trained model weights with a server node, usually called Aggregator in federated learning, as it aggregates the trained weights and then sends them back to its clients for another round of local training. Despite the data protection and security that FL provides to each client, there are still well-studied attacks such as membership inference attacks that can detect potential vulnerabilities of the FL system and thus expose sensitive data. In this paper, in order to prevent this kind of attack and address private data leakage, we introduce FREDY, a differential private federated learning framework that enables knowledge transfer from private data. Particularly, our approach has a teachers–student scheme. Each teacher model is trained on sensitive, disjoint data in a federated manner, and the student model is trained on the most voted predictions of the teachers on public unlabeled data which are noisy aggregated in order to guarantee the privacy of each teacher’s sensitive data. Only the student model is publicly accessible as the teacher models contain sensitive information. We show that our proposed approach guarantees the privacy of sensitive data against model inference attacks while it combines the federated learning settings for the model training procedures.
Suggested Citation
Zacharias Anastasakis & Terpsichori-Helen Velivassaki & Artemis Voulkidis & Stavroula Bourou & Konstantinos Psychogyios & Dimitrios Skias & Theodore Zahariadis, 2023.
"FREDY: Federated Resilience Enhanced with Differential Privacy,"
Future Internet, MDPI, vol. 15(9), pages 1-16, September.
Handle:
RePEc:gam:jftint:v:15:y:2023:i:9:p:296-:d:1230890
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:15:y:2023:i:9:p:296-:d:1230890. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v15y2023i9p296-d1230890.html
My bibliography
Save this article