SVFLS: A Secure and Verifiable Federated Learning Training Scheme | SpringerLink
Skip to main content
Springer Nature Link
Log in

SVFLS: A Secure and Verifiable Federated Learning Training Scheme

  • Conference paper
  • First Online:
Frontiers in Cyber Security (FCS 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1726))

Included in the following conference series:

  • 716 Accesses

Abstract

Federated learning has received extensive attention in recent years since the clients only need to share their local gradients with the servers without directly sharing their datasets to train the model. However, the existing research shows that the attackers can still reconstruct private information from shared gradients, resulting in privacy leakage. In addition, the aggregated results could be tampered with by servers or attackers. In this paper, we propose a secure and verifiable federated learning training scheme (SVFLS) to protect the privacy of data owners and verify aggregated results. Specifically, we employ threshold paillier encryption to protect the local gradients of data owners and use the bilinear aggregate signature to verify the correctness (or integrity) of aggregated results. Furthermore, our scheme can tolerate data owners dropping out during the training phase. We conduct extensive experiments on real datasets and demonstrate that our scheme is effective and practical.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 10295
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 12869
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ahiska, K., Ozgoren, M.K., Leblebicioglu, M.K.: Autopilot design for vehicle cornering through Icy roads. IEEE Trans. Veh. Technol. 67(3), 1867–1880 (2017)

    Article  Google Scholar 

  2. Xu, G., Li, H., Lu, R.: Practical and privacy-aware truth discovery in mobile crowd sensing systems. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 2312–2314 (2018)

    Google Scholar 

  3. Zhao, L., et al.: Shielding collaborative learning: mitigating poisoning attacks through client-side detection. IEEE Trans. Depend. Secure Comput. 18(5), 2029–2041 (2020)

    Google Scholar 

  4. Saxena, N., Grijalva, S., Chukwuka, V., Vasilakos, A.V.: Network security and privacy challenges in smart vehicle-to-grid. IEEE Wirel. Commun. 24(4), 88–98 (2017)

    Article  Google Scholar 

  5. Mohassel, P., Zhang, Y.: SecureML: a system for scalable privacy-preserving machine learning. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 19–38. IEEE (2017)

    Google Scholar 

  6. Zhang, Y., Xu, C., Li, H., Yang, K., Zhou, J., Lin, X.: HealthDep: an efficient and secure deduplication scheme for cloud-assisted ehealth systems. IEEE Trans. Industr. Inf. 14(9), 4101–4112 (2018)

    Article  Google Scholar 

  7. McMahan, H.B., Moore, E., Ramage, D., y Arcas, B.A.: Federated learning of deep networks using model averaging. arXiv preprint arXiv:1602.05629 (2016)

  8. Liu, Y., et al.: Trojaning attack on neural networks (2017)

    Google Scholar 

  9. Fu, A., Chen, Z., Mu, Y., Susilo, W., Sun, Y., Wu, J.: Cloud-based outsourcing for enabling privacy-preserving large-scale non-negative matrix factorization. IEEE Trans. Services Comput. 15(1), 266–278 (2022). https://doi.org/10.1109/TSC.2019.2937484

    Article  Google Scholar 

  10. Li, P., Li, J., Huang, Z., Li, T., Gao, C.Z., Yiu, S.M., Chen, K.: Multi-key privacy-preserving deep learning in cloud computing. Futur. Gener. Comput. Syst. 74, 76–85 (2017)

    Article  Google Scholar 

  11. Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1310–1321 (2015)

    Google Scholar 

  12. Bonawitz, K., et al.: Practical secure aggregation for privacy-preserving machine learning. In: proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1175–1191 (2017)

    Google Scholar 

  13. Tramer, F., Boneh, D.: Slalom: Fast, verifiable and private execution of neural networks in trusted hardware. arXiv preprint arXiv:1806.03287 (2018)

  14. Ghodsi, Z., Gu, T., Garg, S.: SafetyNets: verifiable execution of deep neural networks on an untrusted cloud. Adv. Neural Inf. Process. Syst. 30, 4675–4684 (2017)

    Google Scholar 

  15. Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In: International Workshop on Public Key Cryptography, pp. 119–136. Springer (2001). https://doi.org/10.1007/3-540-44586-2_9

  16. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 416–432. Springer (2003). https://doi.org/10.1007/3-540-39200-9_26

  17. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 223–238. Springer (1999). https://doi.org/10.1007/3-540-48910-X_16

  18. Bonawitz, K., et al.: Practical secure aggregation for privacy-preserving machine learning. In: proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1175–1191 (2017)

    Google Scholar 

  19. Aono, Y., Hayashi, T., Wang, L., Moriai, S., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333–1345 (2017)

    Google Scholar 

  20. Hardy, S., et al.: Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. arXiv preprint arXiv:1711.10677 (2017)

  21. Melis, L., Danezis, G., De Cristofaro, E.: Efficient private statistics with succinct sketches. arXiv preprint arXiv:1508.06110 (2015)

  22. Wu, X., Li, F., Kumar, A., Chaudhuri, K., Jha, S., Naughton, J.: Bolt-on differential privacy for scalable stochastic gradient descent-based analytics. In: Proceedings of the 2017 ACM International Conference on Management of Data, pp. 1307–1322 (2017)

    Google Scholar 

  23. Bell, J.H., Bonawitz, K.A., Gascón, A., Lepoint, T., Raykova, M.: Secure single-server aggregation with (poly) logarithmic overhead. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1253–1269 (2020)

    Google Scholar 

  24. Mohassel, P., Zhang, Y.: SecureML: a system for scalable privacy-preserving machine learning. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 19–38. IEEE (2017)

    Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China under grants 62072134 and U2001205, and the Key projects of Guangxi Natural Science Foundation under grant 2019JJD170020, and the Key Research and Development Program of Hubei Province under Grant 2021BEA163.

Author information

Authors and Affiliations

  1. School of Computers, Hubei University of Technology, Wuhan, 430068, China

    Yi Liu, Guoxiong Hu, Yudi Zhang & Mingwu Zhang

  2. Xiangyang Industrial Institute of Hubei University of Technology, Xiangyang, 441100, China

    Mingwu Zhang

Authors
  1. Yi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guoxiong Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yudi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mingwu Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi Liu .

Editor information

Editors and Affiliations

  1. Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

    Emmanuel Ahene

  2. University of Electronic Science and Technology of China, Chengdu, China

    Fagen Li

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liu, Y., Hu, G., Zhang, Y., Zhang, M. (2022). SVFLS: A Secure and Verifiable Federated Learning Training Scheme. In: Ahene, E., Li, F. (eds) Frontiers in Cyber Security. FCS 2022. Communications in Computer and Information Science, vol 1726. Springer, Singapore. https://doi.org/10.1007/978-981-19-8445-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-8445-7_9

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-8444-0

  • Online ISBN: 978-981-19-8445-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics