BibTex format
@inproceedings{Mo:2021:10.1145/3458864.3466628,
author = {Mo, F and Haddadi, H and Katevas, K and Marin, E and Perino, D and Kourtellis, N},
doi = {10.1145/3458864.3466628},
pages = {94--108},
publisher = {ACM},
title = {PPFL: privacy-preserving federated learning with trusted execution environments},
url = {http://dx.doi.org/10.1145/3458864.3466628},
year = {2021}
}
RIS format (EndNote, RefMan)
TY - CPAPER
AB - We propose and implement a Privacy-preserving Federated Learning (PPFL)framework for mobile systems to limit privacy leakages in federated learning.Leveraging the widespread presence of Trusted Execution Environments (TEEs) inhigh-end and mobile devices, we utilize TEEs on clients for local training, andon servers for secure aggregation, so that model/gradient updates are hiddenfrom adversaries. Challenged by the limited memory size of current TEEs, weleverage greedy layer-wise training to train each model's layer inside thetrusted area until its convergence. The performance evaluation of ourimplementation shows that PPFL can significantly improve privacy whileincurring small system overheads at the client-side. In particular, PPFL cansuccessfully defend the trained model against data reconstruction, propertyinference, and membership inference attacks. Furthermore, it can achievecomparable model utility with fewer communication rounds (0.54x) and a similaramount of network traffic (1.002x) compared to the standard federated learningof a complete model. This is achieved while only introducing up to ~15% CPUtime, ~18% memory usage, and ~21% energy consumption overhead in PPFL'sclient-side.
AU - Mo,F
AU - Haddadi,H
AU - Katevas,K
AU - Marin,E
AU - Perino,D
AU - Kourtellis,N
DO - 10.1145/3458864.3466628
EP - 108
PB - ACM
PY - 2021///
SP - 94
TI - PPFL: privacy-preserving federated learning with trusted execution environments
UR - http://dx.doi.org/10.1145/3458864.3466628
UR - http://arxiv.org/abs/2104.14380v1
UR - https://dl.acm.org/doi/10.1145/3458864.3466628
UR - http://hdl.handle.net/10044/1/90228
ER -
