Tazza: Shuffling Neural Network Parameters for Secure and Private Federated Learning

  • 2025-02-03 17:23:32
  • Kichang Lee, Jaeho Jin, JaeYeon Park, Songkuk Kim, JeongGil Ko
  • 0

Abstract

Federated learning enables decentralized model training without sharing rawdata, preserving data privacy. However, its vulnerability towards criticalsecurity threats, such as gradient inversion and model poisoning by maliciousclients, remain unresolved. Existing solutions often address these issuesseparately, sacrificing either system robustness or model accuracy. This workintroduces Tazza, a secure and efficient federated learning framework thatsimultaneously addresses both challenges. By leveraging the permutationequivariance and invariance properties of neural networks via weight shufflingand shuffled model validation, Tazza enhances resilience against diversepoisoning attacks, while ensuring data confidentiality and high model accuracy.Comprehensive evaluations on various datasets and embedded platforms show thatTazza achieves robust defense with up to 6.7x improved computational efficiencycompared to alternative schemes, without compromising performance.

 

Quick Read (beta)

loading the full paper ...