SoK: Gradient Leakage in Federated Learning

arXiv:2404.05403v1 Announce Type: new
Abstract: Federated learning (FL) enables collaborative model training among multiple clients without raw data exposure. However, recent studies have shown that clients' private training data can be reconstructed from the gradients they share in FL, known as gradient inversion attacks (GIAs). While GIAs have demonstrated effectiveness under \emph{ideal settings and auxiliary assumptions}, their actual efficacy against \emph{practical FL systems} remains under-explored. To address this gap, we conduct a comprehensive study on GIAs in this work. We …

arxiv attacks can clients cs.ai cs.cr data data exposure exposure federated federated learning model training private settings share studies training training data under