College - Author 1

College of Engineering

Department - Author 1

Computer Science Department

College - Author 2

College of Engineering

Department - Author 2

Computer Engineering Department

Advisor

Donfeng Fang, College of Engineering, Computer Science Department

Funding Source

Noyce School of Applied Computing and the College of Engineering

Date

10-2024

Abstract/Summary

This study investigates the vulnerabilities of federated learning models in the healthcare domain, specifically focusing on membership inference attacks (MIA). Federated learning allows local models to train on sensitive healthcare data without sharing the data itself, making it an attractive method for protecting privacy. However, even in this decentralized framework, models remain vulnerable to MIAs, where attackers can infer whether certain data points were used to train a model by analyzing model updates. Using the Texas100 dataset, this study demonstrates that as the number of local models increases, the attack accuracy of MIAs also increases due to higher bias variations and model specialization. The proposed MIA model operates in a white-box setting, comparing global model updates with local model biases to identify the origin of sensitive data contributions from local participants. The findings underscore the need for stronger privacy protections in federated learning, particularly when applied to sensitive healthcare data.

Download

Share

COinS
 

URL: https://digitalcommons.calpoly.edu/ceng_surp/82

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.