@inproceedings{3ed795a3f4ce4c7a91b122712ea6b26c,
title = "BI-GAN: batch inversion membership inference attack on federated learning",
abstract = "Federated Learning is a growing advanced collaborative machine learning framework that aims to preserve user-privacy data. However, multiple researchers have investigated attack methods from the server side via gradient inversion techniques or Generative Adversarial Networks (GAN) to reconstruct the raw data distributions from users. In this paper, we propose Batch Inversion GAN (BI-GAN), a novel membership inference attack that can recover user-level batch images from local updates, utilizing both gradient inversion techniques and GAN. Our attack is more stealthy since it only requires access to gradients and does not interfere with the global model performance and is more robust in terms of image batch recovery and victim classification. The experiments show that our attack recovers higher quality images of the victim with higher accuracy compared to other attacks.",
keywords = "federated learning, GAN, gradient inversion, membership inference attack",
author = "Hiep Vo and Mingjian Tang and Xi Zheng and Shui Yu",
year = "2022",
month = oct,
doi = "10.1145/3556548.3559636",
language = "English",
series = "Proceedings of the 17th ACM Workshop on Mobility in the Evolving Internet Architecture, MobiArch 2022",
publisher = "Association for Computing Machinery, Inc",
pages = "31--36",
booktitle = "Proceedings of the 17th ACM Workshop on Mobility in the Evolving Internet Architecture, MobiArch 2022",
note = "17th ACM Workshop on Mobility in the Evolving Internet Architecture, MobiArch 2022 ; Conference date: 21-10-2022 Through 21-10-2022",
}