Applied Sciences (Apr 2024)

A TEE-Based Federated Privacy Protection Method: Proposal and Implementation

  • Libo Zhang,
  • Bing Duan,
  • Jinlong Li,
  • Zhan’gang Ma,
  • Xixin Cao

DOI
https://doi.org/10.3390/app14083533
Journal volume & issue
Vol. 14, no. 8
p. 3533

Abstract

Read online

With the continuous enhancement of privacy protection globally, there is a problem for the traditional machine learning paradigm, which is that training data cannot be obtained from a single place. Federated learning is considered a viable technique for preserving privacy that can train deep models with decentralized data. Aiming at two-party vertical federated learning, and at common attack problems such as model inversion, gradient leakage, and data theft, we provide a formal definition of Intel SGX’s trusted computing base, remote attestation, integrity verification, and encrypted storage, and propose a general federated learning privacy enhancement algorithm in the scenario of a malicious adversary model, and we extend this method to support horizontal federated learning, secure outsourced computation, etc. Furthermore, the method is developed in a Fedlearner framework of open-sourced machine learning to achieve privacy protection of the training data and model without any modification to the existing neural network and algorithm running on the framework. The experimental results show that this scheme substantially improves on the existing schemes in terms of training efficiency, without losing model accuracy.

Keywords