SelectiveShield: Lightweight Hybrid Defense Against Gradient Leakage in Federated Learning
Borui Li, Li Yan, Jianmin Liu
TL;DR
Selectively combining homomorphic encryption and differential privacy based on parameter sensitivity, SelectiveShield provides a lightweight, adaptive defense against gradient leakage in federated learning, balancing privacy, utility, and system efficiency.
Contribution
Introduces SelectiveShield, a hybrid defense framework that adaptively protects critical parameters using encryption and privacy noise, improving security without sacrificing model performance.
Findings
Effective mitigation of gradient leakage attacks.
Maintains high model utility with reduced overhead.
Scalable and adaptable to heterogeneous FL environments.
Abstract
Federated Learning (FL) enables collaborative model training on decentralized data but remains vulnerable to gradient leakage attacks that can reconstruct sensitive user information. Existing defense mechanisms, such as differential privacy (DP) and homomorphic encryption (HE), often introduce a trade-off between privacy, model utility, and system overhead, a challenge that is exacerbated in heterogeneous environments with non-IID data and varying client capabilities. To address these limitations, we propose SelectiveShield, a lightweight hybrid defense framework that adaptively integrates selective homomorphic encryption and differential privacy. SelectiveShield leverages Fisher information to quantify parameter sensitivity, allowing clients to identify critical parameters locally. Through a collaborative negotiation protocol, clients agree on a shared set of the most sensitive…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.