您现在的位置:首页 > 学术研究 > 论文发表 > Fisher-driven Privacy Preservation against Category Inference Attacks in Federated Learning
Fisher-driven Privacy Preservation against Category Inference Attacks in Federated Learning
[发布时间:2026-05-12  阅读次数: 57]

作者:Lei Shi, Cheng Gu, Yuqi Fan, Hailong Tang, Yingfei Zhu发表刊物:High-Confidence Computing

年份:May 2026

摘要:Federated learning (FL) enables collaborative model training without sharing raw data, yet model updates remain vulnerable to inference attacks. In non-IID settings, category inference attacks can reveal the label distribution of individual clients, posing serious privacy risks. User-level differential privacy (DP) offers formal protection, but existing methods rely on uniform clipping and isotropic noise injection, ignoring client heterogeneity and parameter importance, which often degrades model utility. To address these limitations, we propose Fisher-Guided Adaptive Clipping and Privacy Budget Allocation (FACP), a unified framework that integrates Fisher information into the user-level DP pipeline to improve the privacy–utility trade-off in federated learning. FACP leverages Fisher information as a principled measure of parameter importance in two complementary components. First, a Fisher-adaptive clipping mechanism combines historical client update statistics with global Fisher importance to derive parameter-wise sensitivity bounds. Second, a Fisher-guided privacy budget allocation strategy redistributes noise inversely proportional to parameter importance through an anisotropic Gaussian mechanism. Experiments on MNIST, EMNIST, CIFAR-10, and CIFAR-100 show that FACP effectively suppresses category inference attacks while consistently achieving higher model accuracy than existing user-level DP baselines, improving accuracy by 1.0%–2.9% across datasets. These results validate the effectiveness of integrating Fisher-driven structural information into clipping and privacy budget allocation and demonstrate a more favorable privacy–utility trade-off.

参考文献拷贝字段:Lei Shi, Cheng Gu, Yuqi Fan, Hailong Tang, Yingfei Zhu. Fisher-driven Privacy Preservation against Category Inference Attacks in Federated Learning [J]. High-Confidence Computing. 2026. DOI: https://doi.org/10.1016/j.hcc.2026.100399


相关下载:
    Fisher-driven Privacy Preservation against Category Inference Attacks in Federated Learning