Tazza: Shuffling Neural Network Parameters for Secure and Private Federated Learning
Kichang Lee, Jaeho Jin, JaeYeon Park, Songkuk Kim, JeongGil Ko
TL;DR
Tazza is a federated learning framework that enhances security against poisoning attacks and preserves data privacy by shuffling neural network parameters, achieving high accuracy and efficiency.
Contribution
It introduces a novel weight shuffling method leveraging neural network properties to improve robustness and privacy in federated learning.
Findings
Up to 6.7x improved computational efficiency
Robust defense against poisoning attacks
Maintains high model accuracy
Abstract
Federated learning enables decentralized model training without sharing raw data, preserving data privacy. However, its vulnerability towards critical security threats, such as gradient inversion and model poisoning by malicious clients, remain unresolved. Existing solutions often address these issues separately, sacrificing either system robustness or model accuracy. This work introduces Tazza, a secure and efficient federated learning framework that simultaneously addresses both challenges. By leveraging the permutation equivariance and invariance properties of neural networks via weight shuffling and shuffled model validation, Tazza enhances resilience against diverse poisoning attacks, while ensuring data confidentiality and high model accuracy. Comprehensive evaluations on various datasets and embedded platforms show that Tazza achieves robust defense with up to 6.7x improved…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Stochastic Gradient Optimization Techniques