Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Edge Computing Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Federated Learning
(section)
Page
Discussion
British English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Upload file
Special pages
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== 5.5.3 Inference and Membership Attacks == Inference attacks represent a subtle yet powerful class of threats in FL, where adversaries seek to extract sensitive information from shared model updates rather than raw data. These attacks exploit the iterative nature of FL training. By analyzing updates—especially in over-parameterized models—attackers can infer properties of the data or even reconstruct inputs. A key example is the membership inference attack, where an adversary determines if a specific data point was used in training. This becomes more effective in edge scenarios, where updates often correlate strongly with individual devices.<sup>[2]</sup><sup>[3]</sup> As model complexity increases, so does the risk of gradient-based information leakage. Small datasets on edge devices amplify this vulnerability. Attackers with access to multiple rounds of updates may perform gradient inversion to reconstruct training inputs. These risks are especially serious in sensitive fields like healthcare. Mitigations include Differential Privacy and Secure Aggregation, but both reduce accuracy or add system overhead.<sup>[4]</sup> Designing FL systems that preserve utility while protecting against inference remains a major ongoing challenge.<sup>[1]</sup><sup>[4]</sup>
Summary:
Please note that all contributions to Edge Computing Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Edge Computing Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
