Go to OpenReview Archive homepageJust a Simple Transformation is Enough for Data Protection in Vertical Federated Learning
Abstract: Vertical Federated Learning (VFL) enables collaborative training of deep learning models while maintaining privacy protection. However, VFL procedure still has components that are vulnerable to attacks of the malicious party. In our work, we consider feature reconstruction attacks – a common risk targeting input data compromise. We observe that most of the recently proposed attacks rely on assumptions that may not hold in real-world applications. Consequently, we demonstrate that even simple model architecture transformations can significantly impact protection against the feature reconstruction attacks. We approve these findings with theoretical motivation and experimental results.
Loading