Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Chen, Kongyang, Wang, Wenfeng, Wang, Zixin, Zhang, Wangjun, Li, Zhipeng, Huang, Yao
Format: Preprint
Veröffentlicht: 2024
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2404.16850
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866917651189596160
author Chen, Kongyang
Wang, Wenfeng
Wang, Zixin
Zhang, Wangjun
Li, Zhipeng
Huang, Yao
author_facet Chen, Kongyang
Wang, Wenfeng
Wang, Zixin
Zhang, Wangjun
Li, Zhipeng
Huang, Yao
contents Federated Contrastive Learning (FCL) represents a burgeoning approach for learning from decentralized unlabeled data while upholding data privacy. In FCL, participant clients collaborate in learning a global encoder using unlabeled data, which can serve as a versatile feature extractor for diverse downstream tasks. Nonetheless, FCL is susceptible to privacy risks, such as membership information leakage, stemming from its distributed nature, an aspect often overlooked in current solutions. This study delves into the feasibility of executing a membership inference attack on FCL and proposes a robust attack methodology. The attacker's objective is to determine if the data signifies training member data by accessing the model's inference output. Specifically, we concentrate on attackers situated within a client framework, lacking the capability to manipulate server-side aggregation methods or discern the training status of other clients. We introduce two membership inference attacks tailored for FCL: the \textit{passive membership inference attack} and the \textit{active membership inference attack}, contingent on the attacker's involvement in local model training. Experimental findings across diverse datasets validate the effectiveness of our attacks and underscore the inherent privacy risks associated with the federated contrastive learning paradigm.
format Preprint
id arxiv_https___arxiv_org_abs_2404_16850
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Membership Information Leakage in Federated Contrastive Learning
Chen, Kongyang
Wang, Wenfeng
Wang, Zixin
Zhang, Wangjun
Li, Zhipeng
Huang, Yao
Cryptography and Security
Federated Contrastive Learning (FCL) represents a burgeoning approach for learning from decentralized unlabeled data while upholding data privacy. In FCL, participant clients collaborate in learning a global encoder using unlabeled data, which can serve as a versatile feature extractor for diverse downstream tasks. Nonetheless, FCL is susceptible to privacy risks, such as membership information leakage, stemming from its distributed nature, an aspect often overlooked in current solutions. This study delves into the feasibility of executing a membership inference attack on FCL and proposes a robust attack methodology. The attacker's objective is to determine if the data signifies training member data by accessing the model's inference output. Specifically, we concentrate on attackers situated within a client framework, lacking the capability to manipulate server-side aggregation methods or discern the training status of other clients. We introduce two membership inference attacks tailored for FCL: the \textit{passive membership inference attack} and the \textit{active membership inference attack}, contingent on the attacker's involvement in local model training. Experimental findings across diverse datasets validate the effectiveness of our attacks and underscore the inherent privacy risks associated with the federated contrastive learning paradigm.
title Membership Information Leakage in Federated Contrastive Learning
topic Cryptography and Security
url https://arxiv.org/abs/2404.16850