Go to DBLP homepageRe-evaluating the Privacy Benefit of Federated Learning
Abstract: Federated Learning’s (FL) main attractive privacy feature of data localisation only holds if FL participants can trust the coordinating server not to carry out data reconstruction attacks, under both honest-but-curious as well as actively malicious threat models. Motivated by our study of the FL system present in Gboard’s virtual keyboard, we provide a reassessment of FL’s added privacy benefit, and point to three aspects of FL whose affect on privacy requires further research, namely the model architecture, the high levels of trust required to maintain privacy, and vulnerabilities in concrete implementations of the FL protocol.
Loading