GBMIA: Gradient-based Membership Inference Attack in Federated Learning

Xiaodong Wang, Naiyu Wang, Longfei Wu, Zhitao Guan, Xiaojiang Du, Mohsen Guizani

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Membership inference attack (MIA) has been proved to pose a serious threat to federated learning (FL). However, most of the existing membership inference attacks against FL rely on the specific attack models built from the target model behaviors, which make the attacks costly and complicated. In addition, directly adopting the inference attacks that are originally designed for machine learning models into the federated scenarios can lead to poor performance. We propose GBMIA, an attack model-free membership inference method based on gradient. We take full advantage of the federated learning process by observing the target model's behaviors after gradient ascent tuning. And we combine prediction correctness and the gradient norm-based metric for membership inference. The proposed GBMIA can be conducted by both global and local attackers. We conduct experimental evaluations on three real-world datasets to demonstrate that GBMIA can achieve a high attack accuracy. We further apply the arbitration mechanism to increase the effectiveness of GBMIA which can lead to an attack accuracy close to 1 on all three datasets. We also conduct experiments to substantiate that clients going offline and the overlap of clients' training sets have great effect on the membership leakage in FL.

Original languageEnglish
Title of host publicationICC 2023 - IEEE International Conference on Communications
Subtitle of host publicationSustainable Communications for Renaissance
EditorsMichele Zorzi, Meixia Tao, Walid Saad
Pages5066-5071
Number of pages6
ISBN (Electronic)9781538674628
DOIs
StatePublished - 2023
Event2023 IEEE International Conference on Communications, ICC 2023 - Rome, Italy
Duration: 28 May 20231 Jun 2023

Publication series

NameIEEE International Conference on Communications
Volume2023-May
ISSN (Print)1550-3607

Conference

Conference2023 IEEE International Conference on Communications, ICC 2023
Country/TerritoryItaly
CityRome
Period28/05/231/06/23

Keywords

  • Federated Learning
  • Membership Inference Attack
  • Membership Privacy
  • Privacy Leakage

Fingerprint

Dive into the research topics of 'GBMIA: Gradient-based Membership Inference Attack in Federated Learning'. Together they form a unique fingerprint.

Cite this