Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Feng, Chao, Gao, Yuanzhe, Celdran, Alberto Huertas, Bovet, Gerome, Stiller, Burkhard
Format: Preprint
Veröffentlicht: 2025
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2501.03119
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866908501374140416
author Feng, Chao
Gao, Yuanzhe
Celdran, Alberto Huertas
Bovet, Gerome
Stiller, Burkhard
author_facet Feng, Chao
Gao, Yuanzhe
Celdran, Alberto Huertas
Bovet, Gerome
Stiller, Burkhard
contents Federated Learning (FL) is widely recognized as a privacy-preserving Machine Learning paradigm due to its model-sharing mechanism that avoids direct data exchange. Nevertheless, model training leaves exploitable traces that can be used to infer sensitive information. In Decentralized FL (DFL), the topology, defining how participants are connected, plays a crucial role in shaping the model's privacy, robustness, and convergence. However, the topology introduces an unexplored vulnerability: attackers can exploit it to infer participant relationships and launch targeted attacks. This work uncovers the hidden risks of DFL topologies by proposing a novel Topology Inference Attack that infers the topology solely from model behavior. A taxonomy of topology inference attacks is introduced, categorizing them by the attacker's capabilities and knowledge. Practical attack strategies are designed for various scenarios, and experiments are conducted to identify key factors influencing attack success. The results demonstrate that analyzing only the model of each node can accurately infer the DFL topology, highlighting a critical privacy risk in DFL systems. These findings offer insights for improving privacy preservation in DFL environments.
format Preprint
id arxiv_https___arxiv_org_abs_2501_03119
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle From Models to Network Topologies: A Topology Inference Attack in Decentralized Federated Learning
Feng, Chao
Gao, Yuanzhe
Celdran, Alberto Huertas
Bovet, Gerome
Stiller, Burkhard
Machine Learning
Artificial Intelligence
Federated Learning (FL) is widely recognized as a privacy-preserving Machine Learning paradigm due to its model-sharing mechanism that avoids direct data exchange. Nevertheless, model training leaves exploitable traces that can be used to infer sensitive information. In Decentralized FL (DFL), the topology, defining how participants are connected, plays a crucial role in shaping the model's privacy, robustness, and convergence. However, the topology introduces an unexplored vulnerability: attackers can exploit it to infer participant relationships and launch targeted attacks. This work uncovers the hidden risks of DFL topologies by proposing a novel Topology Inference Attack that infers the topology solely from model behavior. A taxonomy of topology inference attacks is introduced, categorizing them by the attacker's capabilities and knowledge. Practical attack strategies are designed for various scenarios, and experiments are conducted to identify key factors influencing attack success. The results demonstrate that analyzing only the model of each node can accurately infer the DFL topology, highlighting a critical privacy risk in DFL systems. These findings offer insights for improving privacy preservation in DFL environments.
title From Models to Network Topologies: A Topology Inference Attack in Decentralized Federated Learning
topic Machine Learning
Artificial Intelligence
url https://arxiv.org/abs/2501.03119