Enabling Execution Assurance of Federated Learning at Untrusted Participants

Xiaoli Zhang; Fengting Li; Zeyu Zhang; Qi Li; Cong Wang; Jianping Wu

doi:10.1109/INFOCOM41043.2020.9155414

Enabling Execution Assurance of Federated Learning at Untrusted Participants

Xiaoli Zhang, Fengting Li, Zeyu Zhang, Qi Li, Cong Wang, Jianping Wu

Department of Computer Science

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

80 Citations (Scopus)

Abstract

Federated learning (FL), as a privacy-preserving machine learning framework, draws growing attention in both industry and academia. It obtains a jointly accurate model by distributing training tasks into data owners and aggregating their model updates. However, FL faces new security problems, as it losses direct control to training processes. One fundamental demand is to ensure whether participants execute training tasks as intended. In this paper, we propose TrustFL, a practical scheme that leverages Trusted Execution Environments (TEEs) to build assurance of participants’ training executions with high confidence. Specifically, we use TEE to randomly check a small fraction of all training processes for tunable levels of assurance, while all computations are executed on the co-located faster yet insecure processor (e.g., GPU) for efficiency. To prevent various cheating behaviors like only processing TEE-requested computations or uploading old results, we devise a commitment-based method with specific data selection. We prototype TrustFL using GPU and SGX and evaluate its performance. The results show that TrustFL achieves one/two orders of magnitude speedups compared with naive training with SGX, when assuring correct training with a confidence level of 99%.

Original language	English
Title of host publication	IEEE INFOCOM 2020 - IEEE Conference on Computer Communications
Publisher	IEEE
Pages	1877-1886
Number of pages	10
ISBN (Print)	9781728164120
DOIs	https://doi.org/10.1109/INFOCOM41043.2020.9155414
Publication status	Published - Jul 2020
Event	39th IEEE International Conference on Computer Communications (IEEE INFOCOM 2020) - Virtual, Toronto, Canada Duration: 6 Jul 2020 → 9 Jul 2020 https://infocom2020.ieee-infocom.org/

Publication series

Name	Proceedings - IEEE INFOCOM
Volume	2020-July
ISSN (Print)	0743-166X
ISSN (Electronic)	2641-9874

Conference

Conference	39th IEEE International Conference on Computer Communications (IEEE INFOCOM 2020)
Abbreviated title	INFOCOM 2020
Place	Canada
City	Toronto
Period	6/07/20 → 9/07/20
Internet address	https://infocom2020.ieee-infocom.org/

Access Output

10.1109/INFOCOM41043.2020.9155414

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@inproceedings{98787ac7333a42dea126200568a61701,

title = "Enabling Execution Assurance of Federated Learning at Untrusted Participants",

abstract = "Federated learning (FL), as a privacy-preserving machine learning framework, draws growing attention in both industry and academia. It obtains a jointly accurate model by distributing training tasks into data owners and aggregating their model updates. However, FL faces new security problems, as it losses direct control to training processes. One fundamental demand is to ensure whether participants execute training tasks as intended. In this paper, we propose TrustFL, a practical scheme that leverages Trusted Execution Environments (TEEs) to build assurance of participants{\textquoteright} training executions with high confidence. Specifically, we use TEE to randomly check a small fraction of all training processes for tunable levels of assurance, while all computations are executed on the co-located faster yet insecure processor (e.g., GPU) for efficiency. To prevent various cheating behaviors like only processing TEE-requested computations or uploading old results, we devise a commitment-based method with specific data selection. We prototype TrustFL using GPU and SGX and evaluate its performance. The results show that TrustFL achieves one/two orders of magnitude speedups compared with naive training with SGX, when assuring correct training with a confidence level of 99%.",

author = "Xiaoli Zhang and Fengting Li and Zeyu Zhang and Qi Li and Cong Wang and Jianping Wu",

year = "2020",

month = jul,

doi = "10.1109/INFOCOM41043.2020.9155414",

language = "English",

isbn = "9781728164120",

series = "Proceedings - IEEE INFOCOM",

publisher = "IEEE",

pages = "1877--1886",

booktitle = "IEEE INFOCOM 2020 - IEEE Conference on Computer Communications",

address = "United States",

note = "39th IEEE International Conference on Computer Communications (IEEE INFOCOM 2020), INFOCOM 2020 ; Conference date: 06-07-2020 Through 09-07-2020",

url = "https://infocom2020.ieee-infocom.org/",

}

Zhang, X, Li, F, Zhang, Z, Li, Q, Wang, C & Wu, J 2020, Enabling Execution Assurance of Federated Learning at Untrusted Participants. in IEEE INFOCOM 2020 - IEEE Conference on Computer Communications., 9155414, Proceedings - IEEE INFOCOM, vol. 2020-July, IEEE, pp. 1877-1886, 39th IEEE International Conference on Computer Communications (IEEE INFOCOM 2020), Toronto, Ontario, Canada, 6/07/20. https://doi.org/10.1109/INFOCOM41043.2020.9155414

Enabling Execution Assurance of Federated Learning at Untrusted Participants. / Zhang, Xiaoli; Li, Fengting; Zhang, Zeyu et al.
IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. IEEE, 2020. p. 1877-1886 9155414 (Proceedings - IEEE INFOCOM; Vol. 2020-July).

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - Enabling Execution Assurance of Federated Learning at Untrusted Participants

AU - Zhang, Xiaoli

AU - Li, Fengting

AU - Zhang, Zeyu

AU - Li, Qi

AU - Wang, Cong

AU - Wu, Jianping

PY - 2020/7

Y1 - 2020/7

N2 - Federated learning (FL), as a privacy-preserving machine learning framework, draws growing attention in both industry and academia. It obtains a jointly accurate model by distributing training tasks into data owners and aggregating their model updates. However, FL faces new security problems, as it losses direct control to training processes. One fundamental demand is to ensure whether participants execute training tasks as intended. In this paper, we propose TrustFL, a practical scheme that leverages Trusted Execution Environments (TEEs) to build assurance of participants’ training executions with high confidence. Specifically, we use TEE to randomly check a small fraction of all training processes for tunable levels of assurance, while all computations are executed on the co-located faster yet insecure processor (e.g., GPU) for efficiency. To prevent various cheating behaviors like only processing TEE-requested computations or uploading old results, we devise a commitment-based method with specific data selection. We prototype TrustFL using GPU and SGX and evaluate its performance. The results show that TrustFL achieves one/two orders of magnitude speedups compared with naive training with SGX, when assuring correct training with a confidence level of 99%.

AB - Federated learning (FL), as a privacy-preserving machine learning framework, draws growing attention in both industry and academia. It obtains a jointly accurate model by distributing training tasks into data owners and aggregating their model updates. However, FL faces new security problems, as it losses direct control to training processes. One fundamental demand is to ensure whether participants execute training tasks as intended. In this paper, we propose TrustFL, a practical scheme that leverages Trusted Execution Environments (TEEs) to build assurance of participants’ training executions with high confidence. Specifically, we use TEE to randomly check a small fraction of all training processes for tunable levels of assurance, while all computations are executed on the co-located faster yet insecure processor (e.g., GPU) for efficiency. To prevent various cheating behaviors like only processing TEE-requested computations or uploading old results, we devise a commitment-based method with specific data selection. We prototype TrustFL using GPU and SGX and evaluate its performance. The results show that TrustFL achieves one/two orders of magnitude speedups compared with naive training with SGX, when assuring correct training with a confidence level of 99%.

UR - http://www.scopus.com/inward/record.url?scp=85090276191&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85090276191&origin=recordpage

U2 - 10.1109/INFOCOM41043.2020.9155414

DO - 10.1109/INFOCOM41043.2020.9155414

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 9781728164120

T3 - Proceedings - IEEE INFOCOM

SP - 1877

EP - 1886

BT - IEEE INFOCOM 2020 - IEEE Conference on Computer Communications

PB - IEEE

T2 - 39th IEEE International Conference on Computer Communications (IEEE INFOCOM 2020)

Y2 - 6 July 2020 through 9 July 2020

ER -

Enabling Execution Assurance of Federated Learning at Untrusted Participants

Abstract

Publication series

Conference

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this