TY - GEN
T1 - Federated Synthetic Data Generation with Stronger Security Guarantees
AU - Ghavamipour, Ali Reza
AU - Turkmen, Fatih
AU - Wang, Rui
AU - Liang, Kaitai
PY - 2023
Y1 - 2023
N2 - Synthetic data generation plays a crucial role in many areas where data is scarce and privacy/confidentiality is a significant concern. Generative Adversarial Networks (GANs), arguably one of the most widely used data synthesis techniques, allow for the training of a model (i.e., generator) that can generate real-looking data by playing a min-max game with a discriminator model. When multiple organizations are reluctant to share their sensitive data, GANs models can be trained in a federated manner, commonly with the use of differential privacy (DP). In order to achieve a reasonable level of model utility, DP trades privacy exhibiting vulnerability to various attacks (e.g., membership inference attack). In this paper, we propose a hybrid solution, PP-FedGAN, to the asynchronous federated, privacy-preserving training of GANs models by combining the CKKS homomorphic encryption (HE) scheme with differential privacy. The addition of HE results in around 10 seconds of overhead on the client side per round and 115 seconds on the entire training procedure. We also analyze the security of PP-FedGAN under the honest-but-curious security model. Where stronger security guarantees are required, our proposal presents a better alternative to solutions that only employ DP.
AB - Synthetic data generation plays a crucial role in many areas where data is scarce and privacy/confidentiality is a significant concern. Generative Adversarial Networks (GANs), arguably one of the most widely used data synthesis techniques, allow for the training of a model (i.e., generator) that can generate real-looking data by playing a min-max game with a discriminator model. When multiple organizations are reluctant to share their sensitive data, GANs models can be trained in a federated manner, commonly with the use of differential privacy (DP). In order to achieve a reasonable level of model utility, DP trades privacy exhibiting vulnerability to various attacks (e.g., membership inference attack). In this paper, we propose a hybrid solution, PP-FedGAN, to the asynchronous federated, privacy-preserving training of GANs models by combining the CKKS homomorphic encryption (HE) scheme with differential privacy. The addition of HE results in around 10 seconds of overhead on the client side per round and 115 seconds on the entire training procedure. We also analyze the security of PP-FedGAN under the honest-but-curious security model. Where stronger security guarantees are required, our proposal presents a better alternative to solutions that only employ DP.
KW - differential privacy
KW - federated learning
KW - gan
KW - homomorphic encryption
KW - synthetic data
UR - http://www.scopus.com/inward/record.url?scp=85161239721&partnerID=8YFLogxK
U2 - 10.1145/3589608.3593835
DO - 10.1145/3589608.3593835
M3 - Conference contribution
AN - SCOPUS:85161239721
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 31
EP - 42
BT - SACMAT 2023 - Proceedings of the 28th ACM Symposium on Access Control Models and Technologies
PB - Association for Computing Machinery (ACM)
T2 - 28th ACM Symposium on Access Control Models and Technologies, SACMAT 2023
Y2 - 7 June 2023 through 9 June 2023
ER -