A New Federated Learning Framework Against Gradient Inversion Attacks
Authors: Pengxin Guo, Shuang Zeng, Wenhao Chen, Xiaodan Zhang, Weihong Ren, Yuyin Zhou, Liangqiong Qu
AAAI 2025 | Venue PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Theoretical analyses demonstrate the convergence rate of the proposed Hyper FL, while extensive experimental results show the privacy-preserving capability and comparable performance of Hyper FL. ... 5 Experiments 5.1 Experimental Setup 5.2 Experimental Results Performance Evaluation. As demonstrated in Table 1, the performance of all the compared DP-based FL methods is inferior to Fed Avg and Local-only. This is due to the incorporation of DP mechanisms, which adversely affect model usability and result in decreased performance. In contrast, our proposed Hyper FL consistently surpasses these methods across various datasets, demonstrating its outstanding utility. |
| Researcher Affiliation | Academia | Pengxin Guo1*, Shuang Zeng2*, Wenhao Chen1, Xiaodan Zhang3, Weihong Ren4, Yuyin Zhou5, Liangqiong Qu1 1School of Computing and Data Science, The University of Hong Kong 2 Department of Mathematics, The University of Hong Kong 3 College of Computer Science, Beijing University of Technology 4 School of Mechanical Engineering and Automation, Harbin Institute of Technology, Shenzhen 5 Department of Computer Science and Engineering, UC Santa Cruz |
| Pseudocode | No | The paper describes the 'Local Training Procedure' and 'Global Aggregation' in text with equations (4), (5), and (6), but does not present them in a clearly labeled pseudocode or algorithm block. For instance, 'Local Training Procedure. For local model training at each round, we first replace the local hypernetwork parameters φi by the received aggregated hypernetwork parameter φ. Then, we perform stochastic gradient decent steps to iteratively train the model parameters as follows: Step 1: Fix φi and vi, update ϕi. Train the classifier parameters ϕi by gradient descent for one epoch: ϕi ϕi ηg ϕiℓ(h(vi; φi), ϕi; ξi) , (4) where ξi denotes the mini-batch of data, ηg is the learning rate for updating the classifier parameters. Step 2: Fix new ϕi, update φi and vi. After getting new classifier, we proceed to update the hypernetwork parameters φi and client embedding vi for multiple epochs: φi φi ηh φiℓ(h(vi; φi), ϕi; ξi) vi vi ηv viℓ(h(vi; φi), ϕi; ξi) , (5)' |
| Open Source Code | Yes | Code https://github.com/Pengxin-Guo/Hyper FL |
| Open Datasets | Yes | For the Main Configuration Hyper FL, we evaluate our method on four widely-used image classification datasets: (1) EMNIST (Cohen et al. 2017); (2) Fashion MNIST (Xiao, Rasul, and Vollgraf 2017); (3) CIFAR-10 (Krizhevsky, Hinton et al. 2009); and (4) CINIC-10 (Darlow et al. 2018). For the Hyper FL-LPM, we evaluate our method on the EMNIST (Cohen et al. 2017) and CIFAR-10 (Krizhevsky, Hinton et al. 2009) datasets. ... Res Net (He et al. 2016) pre-trained on the Image Net dataset (Deng et al. 2009) as the feature extractor. |
| Dataset Splits | No | The paper mentions that 'Average test accuracy of all local models is reported for performance evaluation' and refers to 'each client is equipped with its own data distribution P (i) XY on X Y, where X is the input space and Y is the label space with K categories in total.' It does not specify the explicit training, validation, and test splits for the datasets used (EMNIST, Fashion MNIST, CIFAR-10, CINIC-10) in the main text. |
| Hardware Specification | No | The paper does not provide specific hardware details such as GPU or CPU models, processor types, or memory amounts used for running the experiments. It only contains general statements about training and evaluation. |
| Software Dependencies | No | The paper does not provide specific ancillary software details with version numbers. It only mentions using 'mini-batch SGD (Ruder 2016) as a local optimizer'. |
| Experiment Setup | Yes | Training Settings. We employ the mini-batch SGD (Ruder 2016) as a local optimizer for all approaches, and the number of local training epochs is set to 5. The number of global communication rounds is set to 200 for all datasets. Average test accuracy of all local models is reported for performance evaluation. |