Secure and Privacy-Preserving Vertical Federated Learning

TL;DR

This paper introduces a comprehensive privacy-preserving framework for vertical federated learning, utilizing multiple protocols, MPC, and differential privacy to enhance security and efficiency.

Contribution

It presents a novel end-to-end framework with optimized protocols for input and output privacy in vertical FL, reducing computation and communication overhead.

Findings

Protocols effectively protect privacy in vertical FL scenarios.

Optimized solution reduces MPC computation and communication.

Experimental results demonstrate protocol effectiveness.

Abstract

We propose a novel end-to-end privacy-preserving framework, instantiated by three efficient protocols for different deployment scenarios, covering both input and output privacy, for the vertically split scenario in federated learning (FL), where features are split across clients and labels are not shared by all parties. We do so by distributing the role of the aggregator in FL into multiple servers and having them run secure multiparty computation (MPC) protocols to perform model and feature aggregation and apply differential privacy (DP) to the final released model. While a naive solution would have the clients delegating the entirety of training to run in MPC between the servers, our optimized solution, which supports purely global and also global-local models updates with privacy-preserving, drastically reduces the amount of computation and communication performed using multiparty computation. The experimental results also show the effectiveness of our protocols.