PulseAugur
EN
LIVE 07:47:05

New FedCVESA attack steals private training data from federated learning models

Researchers have developed FedCVESA, a novel attack method that can extract private training data from federated learning models. This white-box attack targets specific clients and encodes private data into model parameters, referred to as carrier parameters. To prevent this encoded data from being overwritten during the aggregation process, FedCVESA employs segmented aggregation, preserving the carrier parameters while standard averaging is applied to the rest. Experiments on datasets like MNIST and CIFAR-10 demonstrated that FedCVESA can successfully steal meaningful private training images while maintaining acceptable utility for the main task. AI

IMPACT This research highlights a significant privacy vulnerability in federated learning, potentially impacting the adoption of privacy-preserving AI techniques.

RANK_REASON The cluster contains a research paper detailing a new attack method on federated learning models. [lever_c_demoted from research: ic=1 ai=1.0]

Read on arXiv cs.AI →

AI-generated summary · Google Gemini · from 2 sources. How we write summaries →

New FedCVESA attack steals private training data from federated learning models

COVERAGE [2]

  1. arXiv cs.AI TIER_1 English(EN) · Chongkai Li, Bang Zhang, Wenjian Luo ·

    FedCVESA: Taking Away Training Data in Federated Learning via Correlation Value Encoding and Segmented Aggregation

    arXiv:2607.07314v1 Announce Type: cross Abstract: Federated learning (FL) avoids explicit data exposure by keeping raw data on local clients, yet privacy risks remain in the training process and the learned model itself. Recently, centralized Taking Away Training Data (TATD) atta…

  2. arXiv cs.AI TIER_1 English(EN) · Wenjian Luo ·

    FedCVESA: Taking Away Training Data in Federated Learning via Correlation Value Encoding and Segmented Aggregation

    Federated learning (FL) avoids explicit data exposure by keeping raw data on local clients, yet privacy risks remain in the training process and the learned model itself. Recently, centralized Taking Away Training Data (TATD) attacks have shown that malicious training could abuse…