计算机科学
修剪
推论
物联网
计算机安全
人工智能
机器学习
农学
生物
作者
Meng Shen,Jin Meng,Ke Xu,Shui Yu,Liehuang Zhu
出处
期刊:IEEE Transactions on Big Data
[Institute of Electrical and Electronics Engineers]
日期:2024-01-01
卷期号:: 1-13
标识
DOI:10.1109/tbdata.2024.3403388
摘要
Depending on large-scale devices, the Internet of Things (IoT) provides massive data support for resource sharing and intelligent decision, but privacy risks also increase. As a popular distributed learning framework, Federated Learning (FL) is widely used because it does not need to share raw data while only parameters to collaboratively train models. However, Federated Learning is not spared by some emerging attacks, e.g., membership inference attack. Therefore, for IoT devices with limited resources, it is challenging to design a defense scheme against the membership inference attack ensuring high model utility, strong membership privacy and acceptable time efficiency. In this paper, we propose MemDefense, a lightweight defense mechanism to prevent membership inference attack from local models and global models in IoT-based FL, while maintaining high model utility. MemDefense adds crafted pruning perturbations to local models at each round of FL by deploying two key components, i.e., parameter filter and noise generator. Specifically, the parameter filter selects the apposite model parameters which have little impact on the model test accuracy and contribute more to member inference attacks. Then, the noise generator is used to find the pruning noise that can reduce the attack accuracy while keeping high model accuracy, protecting each participant's membership privacy. We comprehensively evaluate MemDefense with different deep learning models and multiple benchmark datasets. The experimental results show that lowcost MemDefense drastically reduces the attack accuracy within limited drop of classification accuracy, meeting the requirements for model utility, membership privacy and time efficiency.
科研通智能强力驱动
Strongly Powered by AbleSci AI