Search Results for author:
Found 12 papers, 8 papers with code
GRAIN: Exact Graph Reconstruction from Gradients
Federated learning claims to enable collaborative model training among multiple clients with data privacy by transmitting gradient updates instead of the actual client data.
BgGPT 1.0: Extending English-centric LLMs to other languages
We present BgGPT-Gemma-2-27B-Instruct and BgGPT-Gemma-2-9B-Instruct: continually pretrained and fine-tuned versions of Google's Gemma-2 models, specifically optimized for Bulgarian language understanding and generation.
DAGER: Exact Gradient Inversion for Large Language Models
Federated learning works by aggregating locally computed gradients from multiple clients, thus enabling collaborative training without sharing private client data.
SPEAR:Exact Gradient Inversion of Batches in Federated Learning
In this work, we propose SPEAR, the first algorithm reconstructing whole batches with $b >1$ exactly.
Hiding in Plain Sight: Disguising Data Stealing Attacks in Federated Learning
Malicious server (MS) attacks have enabled the scaling of data stealing in federated learning to large batch sizes and secure aggregation, settings previously considered private.
FARE: Provably Fair Representation Learning with Practical Certificates
To produce a practical certificate, we develop and apply a statistical procedure that computes a finite sample high-confidence upper bound on the unfairness of any downstream classifier trained on FARE embeddings.
TabLeak: Tabular Data Leakage in Federated Learning
A successful attack for tabular data must address two key challenges unique to the domain: (i) obtaining a solution to a high-variance mixed discrete-continuous optimization problem, and (ii) enabling human assessment of the reconstruction as unlike for image and text data, direct human inspection is not possible.
Data Leakage in Federated Averaging
On the popular FEMNIST dataset, we demonstrate that on average we successfully recover >45% of the client's images from realistic FedAvg updates computed on 10 local epochs of 10 batches each with 5 images, compared to only <10% using the baseline.
LAMP: Extracting Text from Gradients with Language Model Priors
Recent work shows that sensitive user data can be reconstructed from gradient updates, breaking the key privacy promise of federated learning.
Bayesian Framework for Gradient Leakage
We demonstrate that existing leakage attacks can be seen as approximations of this optimal adversary with different assumptions on the probability distributions of the input data and gradients.
Shared Certificates for Neural Network Verification
We perform an extensive experimental evaluation to demonstrate the effectiveness of shared certificates in reducing the verification cost on a range of datasets and attack specifications on image classifiers including the popular patch and geometric perturbations.
Provably Robust Adversarial Examples
We introduce the concept of provably robust adversarial examples for deep neural networks - connected input regions constructed from standard adversarial examples which are guaranteed to be robust to a set of real-world perturbations (such as changes in pixel intensity and geometric transformations).
