Analysing the Influence of Attack Configurations on the Reconstruction of Medical Images in Federated Learning
The idea of federated learning is to train deep neural network models collaboratively and share them with multiple participants without exposing their private training data to each other. This is highly attractive in the medical domain due to patients' privacy records. However, a recently propo...
Gespeichert in:
Hauptverfasser: | , , , |
---|---|
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | The idea of federated learning is to train deep neural network models
collaboratively and share them with multiple participants without exposing
their private training data to each other. This is highly attractive in the
medical domain due to patients' privacy records. However, a recently proposed
method called Deep Leakage from Gradients enables attackers to reconstruct data
from shared gradients. This study shows how easy it is to reconstruct images
for different data initialization schemes and distance measures. We show how
data and model architecture influence the optimal choice of initialization
scheme and distance measure configurations when working with single images. We
demonstrate that the choice of initialization scheme and distance measure can
significantly increase convergence speed and quality. Furthermore, we find that
the optimal attack configuration depends largely on the nature of the target
image distribution and the complexity of the model architecture. |
---|---|
DOI: | 10.48550/arxiv.2204.13808 |