纵向联邦线性模型在线推理过程中成员推断攻击的隐私保护研究

尹虹舒; 周旭华; 周文君

doi:10.11959/j.issn.2096-0271.2022056

您当前的位置：

首页 >

文章列表页 >

纵向联邦线性模型在线推理过程中成员推断攻击的隐私保护研究

专题：数据流通与隐私计算 | 更新时间：2024-06-03

- 纵向联邦线性模型在线推理过程中成员推断攻击的隐私保护研究
- Research on privacy preservation of member inference attacks in online inference process for vertical federated learning linear model
- 大数据 2022年8卷第5期页码：45-54
- 作者机构：
- 作者简介：
  
  [ "尹虹舒（1993- ），女，中国电信股份有限公司研究院安全技术研究所中级工程师、安全技术研究员，主要研究方向为数据安全、信息安全等" ]
  [ "周旭华（1983- ），男，博士，中国电信股份有限公司研究院安全技术研究所研究员，主要研究方向为隐私保护计算、密码学、数据安全等" ]
  [ "周文君（1980- ），女，中国电信股份有限公司研究院安全技术研究所研究员，主要研究方向为数据安全、系统与应用安全等" ]
- 基金信息：
  
  国家重点研发计划资助项目;The National Key Research and Development Program of China(2021YFB3101300)
- DOI：10.11959/j.issn.2096-0271.2022056
  中图分类号： TP309.2
- 网络首发：2022-09，
  
  纸质出版：2022-09-15
- 稿件说明：
移动端阅览
尹虹舒, 周旭华, 周文君. 纵向联邦线性模型在线推理过程中成员推断攻击的隐私保护研究[J]. 大数据, 2022,8(5):45-54.

Hongshu YIN, Xuhua ZHOU, Wenjun ZHOU. Research on privacy preservation of member inference attacks in online inference process for vertical federated learning linear model[J]. Big data research, 2022, 8(5): 45-54.
尹虹舒, 周旭华, 周文君. 纵向联邦线性模型在线推理过程中成员推断攻击的隐私保护研究[J]. 大数据, 2022,8(5):45-54. DOI： 10.11959/j.issn.2096-0271.2022056.

Hongshu YIN, Xuhua ZHOU, Wenjun ZHOU. Research on privacy preservation of member inference attacks in online inference process for vertical federated learning linear model[J]. Big data research, 2022, 8(5): 45-54. DOI： 10.11959/j.issn.2096-0271.2022056.

摘要

随着大数据的发展以及数据安全相关法规的出台，人们的隐私保护意识逐渐加强，“数据孤岛”现象愈发严重。联邦学习技术作为解决该问题的有效方法之一，已成为当下备受关注的热点。在纵向联邦学习在线推理过程中，当前的主流方法并未考虑对数据标识的保护。针对此问题，提出一种适用于纵向联邦线性模型在线推理过程中的成员推断攻击的隐私保护方法，通过构造具有假阳率的过滤器来避免对数据标识的精确定位，从而保证数据的安全性；使用同态加密实现在线推理过程的全密态，保护中间计算结果；根据同态加密的密文倍乘性质，使用随机数乘法盲化操作，保证最终推理结果的安全性。该方案进一步提高了纵向联邦学习在线推理过程中用户隐私的安全性，且具有更低的计算开销和通信开销。

Abstract

With the development of big data and the introduction of data security regulations

the awareness of privacy protection has gradually increased

and the phenomenon of data isolation has become more and more serious.Federated learning technology as one of the effective methods to solve this problem has become a hot spot of concern.In the online inference process of vertical federated learning

the current mainstream methods do not consider the protection of data identity

which is easy to leak user privacy.A privacy protection method for member inference attacks was proposed in the online inference process of the vertical federated linear model.A filter with a false positive rate was constructed to avoid the accurate positioning of data identity to ensure the security of data.Homomorphic encryption was used to realize the full encrypted state of the online inference process and protect the intermediate calculation results.According to the ciphertext multiplication property of homomorphic encryption

the random number multiplication method was used to mask data

which ensured the security of the final inference result.This scheme further improved the security of user privacy in the online inference process of vertical federated learning and had lower computation overhead and communication costs.

关键词

Keywords

references

杨强 . AI与数据隐私保护:联邦学习的破解之道 [J ] . 信息安全研究 , 2019 , 5 ( 11 ): 961 - 965 .

YANG Q . AI and data privacy protection:the way to federated learning [J ] . Journal of Information Security Research , 2019 , 5 ( 11 ): 961 - 965 .

YANG Q , LIU Y , CHEN T J , et al . Federated machine learning:concept and applications [J ] . ACM Transactions on Intelligent Systems and Technology , 2019 , 10 ( 2 ): 1 - 19 .

杨强 , 童咏昕 , 王晏晟 , 等 . 群体智能中的联邦学习算法综述 [J ] . 智能科学与技术学报 , 2022 , 4 ( 1 ): 29 - 44 .

YANG Q , TONG Y X , WANG Y S , et al . A survey on federated learning in crowd intelligence [J ] . Chinese Journal of Intelligent Science and Technology , 2022 , 4 ( 1 ): 29 - 44 .

NASR M , SHOKRI R , HOUM ANSADR A . Comprehensive privacy analysis of deep learning:passive and active white-box inference attacks against centralized and federated learning [C ] // Proceedings of 2019 IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2019 : 739 - 753 .

罗丹 , 徐茹枝 , 关志涛 . 物联网环境中基于深度学习的差分隐私预算优化方法 [J ] . 物联网学报 , 2022 , 6 ( 2 ): 65 - 76 .

LUO D , XU R Z , GUAN Z T . Differential privacy budget optimization based on deep learning in IoT [J ] . Chinese Journal on Internet of Things , 2022 , 6 ( 2 ): 65 - 76 .

BARRENO M , NELSON B , SE ARS R , et al . Can machine learning be secure? [C ] // Proceedings of 2006 ACM Symposium on Information,Computer and Communications Security . New York:ACM Press , 2006 : 16 - 25 .

BOUACIDA N , MOHAPATRA P . Vulnerabilities in federated learning [J ] . IEEE Access , 2021 , 9 : 63229 - 63249 .

LUO X J , WU Y C , XIAO X K , et al . Feature inference attack on model predictions in vertical federated learning [C ] // Proceedings of IEEE 37th International Conference on Data Engineering . Piscataway:IEEE Press , 2021 : 181 - 192 .

LYU L J , YU H , YANG Q . Threats to federated learning:a survey [J ] . arXiv preprint,2020,arXiv:02133 .

李宗育 , 桂小林 , 顾迎捷 , 等 . 同态加密技术及其在云计算隐私保护中的应用 [J ] . 软件学报 , 2018 , 29 ( 7 ): 1830 - 1851 .

LI Z Y , GUI X L , GU Y J , et al . Survey on homomorphic encryption algorithm and its application in the privacy-preserving for cloud computing [J ] . Journal of Software , 2018 , 29 ( 7 ): 1830 - 1851 .

李顺东 , 窦家维 , 王道顺 . 同态加密算法及其在云安全中的应用 [J ] . 计算机研究与发展 , 2015 , 52 ( 6 ): 1378 - 1388 .

LI S D , DOU J W , WANG D S . Survey on homomorphic encryption and its applications to cloud security [J ] . Journal of Computer Research and Development , 2015 , 52 ( 6 ): 1378 - 1388 .

陈前昕 , 毕仁万 , 林劼 , 等 . 支持多数不规则用户的隐私保护联邦学习框架 [J ] . 网络与信息安全学报 , 2022 , 8 ( 1 ): 139 - 150 .

CHEN Q X , BI R W , LIN J , et al . Privacypreserving federated learning framework with irregular-majority users [J ] . Chinese Journal of Network and Information Security , 2022 , 8 ( 1 ): 139 - 150 .

PATGIRI R , NAYAK S , MU PPALANENI N B . Is Bloom filter a bad choice for security and privacy? [C ] // Proceedings of 2021 International Conference on Information Networking . Piscataway:IEEE Press , 2021 : 648 - 653 .

BRODER A , MITZENMACHER M . Network applications of Bloom filters:a survey [J ] . Internet Mathematics , 2004 , 1 ( 4 ): 485 - 509 .

SELVARAJ S , SADASIVAM G S , GOUTHAM D T , et al . Privacy preserving Bloom recommender system [C ] // Proceedings of 2021 International Conference on Computer Communication and Informatics . Piscataway:IEEE Press , 2021 : 1 - 6 .

浏览量

366

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

融合区块链和联邦学习技术的数据资产流通交易方案研究

基于联邦学习的政务大数据平台应用研究

联邦学习的公平性研究综述

支持互联互通的隐私计算网关设计与实现

联邦元学习综述