Secure Vertical Federated Learning Based on Feature Disentanglement

Fangjiao Zhang,Guoqiang Li,Zhufeng Suo,Li Wang,Chang Cui,Qingshu Meng
DOI: https://doi.org/10.1016/j.sigpro.2023.109077
IF: 4.729
2023-05-11
Signal Processing
Abstract:Federated learning (FL) faces many security threats. Although multiple robust FL frameworks have been proposed to defend against these malicious attacks in horizontal federated learning (HFL), security issues in vertical federated learning (VFL) have not been adequately studied. Recent studies show that VFL is vulnerable to inference attacks (e.g., label inference attacks), which puts VFL at risk. To solve this problem, we propose a new VFL framework SVFL (Secure Vertical Federated Learning) to defend against privacy breaches inspired by feature disentanglement. Specifically, in SVFL , the bottom models are feature extractors to extract samples' features in the high-dimensional space, and the top model sews samples' features of the same sample ID. Then, disentangling the samples' features into the class-relevant feature and class-irrelevant one via two classifiers: one is to recognize the class-relevant feature by regular training, and another is to recognize the class-irrelevant feature by adversarial training. Our experiments show that SVFL not only defends against label inference attacks, no matter how many samples features a malicious participant occupies, but also improves the global model's accuracy. Therefore, SVFL provides a privacy security guarantee for the vertical federated learning system.
engineering, electrical & electronic
What problem does this paper attempt to address?