Beyond Gradient and Priors in Privacy Attacks: Leveraging Pooler Layer Inputs of Language Models in Federated Learning

arXiv:2312.05720v3 Announce Type: replace-cross
Abstract: Language models trained via federated learning (FL) demonstrate impressive capabilities in handling complex tasks while protecting user privacy. Recent studies indicate that leveraging gradient information and prior knowledge can potentially reveal training samples within FL setting. However, these investigations have overlooked the potential privacy risks tied to the intrinsic architecture of the models. This paper presents a two-stage privacy attack strategy that targets the vulnerabilities in the architecture of contemporary language models, significantly enhancing attack …

arxiv attacks beyond can capabilities cs.ai cs.cl cs.cr cs.lg federated federated learning handling information inputs knowledge language language models privacy protecting reveal studies training user privacy