Federated learning for image applications

Abstract

With the development of artificial intelligence and deep learning, data privacy and security have become very important issues. For institutions or individuals to train the model together while ensuring data privacy, the concept of federated learning is proposed. In this project, we studied the aggregation algorithm FedAvg of federated learning and applied it to different models and image data. A FedAvg framework was built for further research. To summarize the emergence of the problem and the optimization direction, we also proposed the hidden dangers of privacy leakage in federated learning. We practice membership inference on federated learning and proposed a new attack algorithm SVDD-MI with higher accuracy compared with the previous attack work on a single model. Besides, we also give up ideas to some of the defense models. Lastly, we found that the gradient of the federated learning model has the problem of leaking the privacy of the original image and successfully reconstructed part of the training image by inverting gradients. Moreover, we propose some of the defense methods which perform a good result.