Skip to Main content Skip to Navigation
Conference papers

Secure Aggregation Against Malicious Users

Abstract : Secure aggregation protocols allow anaggregator to compute the sum of multiple users' data in a privacy-preserving manner. Existing protocols assume that users from whom the data is collected, are fully trusted on the correctness of their individual inputs. We believe that this assumption is too strong, for example when such protocols are used for federated learning whereby the aggregator receives all users' contributions and aggregate them to train and obtain the joint model. A malicious user contributing with incorrect inputs can generate model poisoning or backdoor injection attacks without being detected. In this paper, we propose the first secure aggregation protocol that considers users as potentially malicious. This new protocol enables the correct computation of the aggregate result, in a privacy preserving manner, only if individual inputs belong to a legitimate interval. To this aim, the solution uses a newly designed oblivious programmable pseudo-random function. We validate our solution as a proof of concept under a federated learning scenario whereby potential backdoor injection attacks exist.
Document type :
Conference papers
Complete list of metadata
Contributor : Centre de Documentation Eurecom Connect in order to contact the contributor
Submitted on : Wednesday, September 15, 2021 - 5:12:42 PM
Last modification on : Thursday, September 16, 2021 - 3:40:44 AM




Ferhat Karakoç, Melek Önen, Zeki Bilgin. Secure Aggregation Against Malicious Users. SACMAT '21: The 26th ACM Symposium on Access Control Models and Technologies, Jun 2021, Barcelona, Spain. pp.115-124, ⟨10.1145/3450569.3463572⟩. ⟨hal-03345683⟩



Record views