We consider the problem of predicting cellular network performance (signal
maps) from measurements collected by several mobile devices. We formulate the
problem within the online federated learning framework: (i) federated learning
(FL) enables users to collaboratively train a model, while keeping their
training data on their devices; (ii) measurements are collected as users move
around over time and are used for local training in an online fashion. We
consider an honest-but-curious server, who observes the updates from target
users participating in FL and infers their location using a deep leakage from
gradients (DLG) type of attack, originally developed to reconstruct training
data of DNN image classifiers. We make the key observation that a DLG attack,
applied to our setting, infers the average location of a batch of local data,
and can thus be used to reconstruct the target users’ trajectory at a coarse
granularity. We build on this observation to protect location privacy, in our
setting, by revisiting and designing mechanisms within the federated learning
framework including: tuning the FL parameters for averaging, curating local
batches so as to mislead the DLG attacker, and aggregating across multiple
users with different trajectories. We evaluate the performance of our
algorithms through both analysis and simulation based on real-world mobile
datasets, and we show that they achieve a good privacy-utility tradeoff.
Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Bakopoulou_E/0/1/0/all/0/1">Evita Bakopoulou</a>, <a href="http://arxiv.org/find/cs/1/au:+Zhang_J/0/1/0/all/0/1">Jiang Zhang</a>, <a href="http://arxiv.org/find/cs/1/au:+Yang_M/0/1/0/all/0/1">Mengwei Yang</a>, <a href="http://arxiv.org/find/cs/1/au:+Psounis_K/0/1/0/all/0/1">Konstantinos Psounis</a>, <a href="http://arxiv.org/find/cs/1/au:+Markopoulou_A/0/1/0/all/0/1">Athina Markopoulou</a>