Gradient Inversion Attack

Gradient inversion attacks exploit the gradients shared during federated learning (FL) to reconstruct sensitive training data held by individual clients, undermining the privacy benefits of FL. Current research focuses on improving attack efficacy through techniques like neural architecture search and incorporating strong image priors, while also exploring defenses such as gradient pruning, variational modeling, and secure aggregation methods. The ongoing investigation into these attacks and defenses is crucial for establishing the practical security and privacy guarantees of FL systems, particularly in sensitive applications like healthcare and finance.

Papers

October 28, 2024

Inverting Gradient Attacks Naturally Makes Data Poisons: An Availability Attack on Neural Networks
Wassim Bouaziz, El-Mahdi El-Mhamdi, Nicolas Usunier
Neural Network Data Poisoning Gradient Inversion Attack Gradient Based Attack Resource Utilization Gradient Attack Availability Attack

October 21, 2024

Extracting Spatiotemporal Data from Gradients with Large Language Models
Lele Zheng, Yang Cao, Renhe Jiang, Kenjiro Taura, Yulong Shen, Sheng Li, Masatoshi Yoshikawa
Spatio tempOral Gradient Inversion Attack SpatioTemporal Data Gradient Attack

September 26, 2024

Federated Learning under Attack: Improving Gradient Inversion for Batch of Images
Luiz Leite, Yuri Santo, Bruno L. Dalmazo, André Riker
Attack Success Rate Gradient Inversion Attack Gradient Inversion Gradient Attack Batch Greenkhorn

September 12, 2024

FedHide: Federated Learning by Hiding in the Neighbors
Hyunsin Park, Sungrack Yun
Thy Neighbor Gradient Inversion Attack Leakage Attack Class Prototype Weapon of Mass Destruction Proxy

September 11, 2024

Exploring User-level Gradient Inversion with a Diffusion Prior
Zhuohang Li, Andrew Lowy, Jing Liu, Toshiaki Koike-Akino, Bradley Malin, Kieran Parsons, Ye Wang
Diffusion Model Diffusion Prior Gradient Inversion Attack Realistic Face Gradient Inversion Data Reconstruction

June 22, 2024

Breaking Secure Aggregation: Label Leakage from Aggregated Gradients in Federated Learning
Zhibo Wang, Zhiwei Chang, Jiahui Hu, Xiaoyi Pang, Jiacheng Du, Yongle Chen, Kui Ren
Secure Aggregation Gradient Inversion Attack Aggregated Gradient Label Inference Attack Private Label Label Leakage

June 3, 2024

Seeing the Forest through the Trees: Data Leakage from Partial Transformer Gradients
Weijun Li, Qiongkai Xu, Mark Dras
Differential Privacy Tree Specie Data Leakage Forest Environment Gradient Inversion Attack Private Training Part Aware Transformer Training Data Leakage

May 31, 2024

GI-NAS: Boosting Gradient Inversion Attacks through Adaptive Neural Architecture Search
Wenbo Yu, Hao Fang, Bin Chen, Xiaohang Sui, Chuan Chen, Hao Wu, Shu-Tao Xia, Ke Xu
Neural Architecture Search Prior Knowledge Gradient Inversion Attack Gradient Inversion

May 30, 2024

Gradient Inversion of Federated Diffusion Models
Jiyue Huang, Chi Hong, Lydia Y. Chen, Stefanie Roos
Diffusion Model Gradient Inversion Attack Gradient Inversion Inversion Attack Privacy Preserving Training

May 24, 2024

DAGER: Exact Gradient Inversion for Large Language Models
Ivo Petrov, Dimitar I. Dimitrov, Maximilian Baader, Mark Niklas Müller, Martin Vechev
Self Attention Layer Token Embeddings Gradient Inversion Attack Gradient Inversion Decoder Architecture

May 16, 2024

Dealing Doubt: Unveiling Threat Models in Gradient Inversion Attacks under Federated Learning, A Survey and Taxonomy
Yichuan Shi, Olivera Kotevska, Viktor Reshniak, Abhishek Singh, Ramesh Raskar
Comprehensive Taxonomy Threat Model Gradient Inversion Attack

May 6, 2024

GI-SMN: Gradient Inversion Attack against Federated Learning without Prior Knowledge
Jin Qian, Kaimin Wei, Yongdong Wu, Jilian Zhang, Jipeng Chen, Huan Bao
Prior Knowledge Gradient Inversion Attack Privacy Model

April 8, 2024

SoK: Gradient Leakage in Federated Learning
Jiacheng Du, Jiahui Hu, Zhibo Wang, Peng Sun, Neil Zhenqiang Gong, Kui Ren
Gradient Inversion Attack Defense Method Private Training Gradient Leakage

March 24, 2024

Heterogeneous Federated Learning with Splited Language Model
Yifan Shi, Yuhui Zhang, Ziyue Huang, Xiaofeng Yang, Li Shen, Wei Chen, Xueqian Wang
Language Model Vision Transformer Split Learning Heterogeneous Federated Learning Gradient Inversion Attack Federated Split Learning

March 13, 2024

March 6, 2024

SPEAR:Exact Gradient Inversion of Batches in Federated Learning
Dimitar I. Dimitrov, Maximilian Baader, Mark Niklas Müller, Martin Vechev
Gradient Inversion Attack Large Batch Low Rank Structure Gradient Inversion Gradient Sparsification Computational Reconstruction

February 13, 2024

Data Reconstruction Attacks and Defenses: A Systematic Evaluation
Sheng Liu, Zihan Wang, Yuxiao Chen, Qi Lei
Gradient Inversion Attack Reconstruction Attack Data Reconstruction Attack Utility Privacy Trade Data Reconstruction

February 5, 2024

Towards Eliminating Hard Label Constraints in Gradient Inversion Attacks
Yanbo Wang, Jian Liang, Ran He
Image Reconstruction Gradient Inversion Attack Input Gradient Label Constraint Label Recovery

January 30, 2024

Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks
Lulu Xue, Shengshan Hu, Ruizhi Zhao, Leo Yu Zhang, Shengqing Hu, Lichao Sun, Dezhong Yao
Differential Privacy Gradient Inversion Attack Defense Method Gradient Attack Perturbation Defense Gradient Pruning

Gradient Inversion Attack

Papers

Inverting Gradient Attacks Naturally Makes Data Poisons: An Availability Attack on Neural Networks

Extracting Spatiotemporal Data from Gradients with Large Language Models

Federated Learning under Attack: Improving Gradient Inversion for Batch of Images

FedHide: Federated Learning by Hiding in the Neighbors

Exploring User-level Gradient Inversion with a Diffusion Prior

Breaking Secure Aggregation: Label Leakage from Aggregated Gradients in Federated Learning

Seeing the Forest through the Trees: Data Leakage from Partial Transformer Gradients

GI-NAS: Boosting Gradient Inversion Attacks through Adaptive Neural Architecture Search

Gradient Inversion of Federated Diffusion Models

DAGER: Exact Gradient Inversion for Large Language Models

Dealing Doubt: Unveiling Threat Models in Gradient Inversion Attacks under Federated Learning, A Survey and Taxonomy

GI-SMN: Gradient Inversion Attack against Federated Learning without Prior Knowledge

SoK: Gradient Leakage in Federated Learning

Heterogeneous Federated Learning with Splited Language Model

RAF-GI: Towards Robust, Accurate and Fast-Convergent Gradient Inversion Attack in Federated Learning

MGIC: A Multi-Label Gradient Inversion Attack based on Canny Edge Detection on Federated Learning

SPEAR:Exact Gradient Inversion of Batches in Federated Learning

Data Reconstruction Attacks and Defenses: A Systematic Evaluation

Towards Eliminating Hard Label Constraints in Gradient Inversion Attacks

Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks