Secure Aggregation Against Malicious Users - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2021

Secure Aggregation Against Malicious Users

Melek Önen
Zeki Bilgin
  • Fonction : Auteur

Résumé

Secure aggregation protocols allow anaggregator to compute the sum of multiple users' data in a privacy-preserving manner. Existing protocols assume that users from whom the data is collected, are fully trusted on the correctness of their individual inputs. We believe that this assumption is too strong, for example when such protocols are used for federated learning whereby the aggregator receives all users' contributions and aggregate them to train and obtain the joint model. A malicious user contributing with incorrect inputs can generate model poisoning or backdoor injection attacks without being detected. In this paper, we propose the first secure aggregation protocol that considers users as potentially malicious. This new protocol enables the correct computation of the aggregate result, in a privacy preserving manner, only if individual inputs belong to a legitimate interval. To this aim, the solution uses a newly designed oblivious programmable pseudo-random function. We validate our solution as a proof of concept under a federated learning scenario whereby potential backdoor injection attacks exist.
Fichier principal
Vignette du fichier
publi-6546 (1).pdf (3.17 Mo) Télécharger le fichier

Dates et versions

hal-03345683 , version 1 (28-02-2022)

Identifiants

Citer

Ferhat Karakoç, Melek Önen, Zeki Bilgin. Secure Aggregation Against Malicious Users. SACMAT 2021, 26th ACM Symposium on Access Control Models and Technologies, Jun 2021, Barcelona (virtual), Spain. pp.115-124, ⟨10.1145/3450569.3463572⟩. ⟨hal-03345683⟩
71 Consultations
59 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More