Abstract
We introduce the problem of private participation in federated learning (FL) systems. In this problem, different data owners can participate in different FL training tasks without revealing exactly which task they are involved in. It is extremely important in some metadata-sensitive scenarios (e.g., a patient does not want to disclose the fact that he/she is diseased but wants to contribute to the disease study). Despite the inherent privacy assurance of conventional FL techniques and recent advances in secure aggregations, such private participation remains an open issue. This work introduces VizardFL, an FL framework that efficiently enables private participation. At a high level, VizardFL is built out of distributed trust across two servers that keep client participation private as long as there is no collusion.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bagdasaryan, E., Veit, A., Hua, Y., Estrin, D., Shmatikov, V.: How to backdoor federated learning. In: Proceedings of IEEE S &P (2020)
Cai, C., Zang, Y., Wang, C., Jia, X., Wang, Q.: Vizard: a metadata-hiding data analytic system with end-to-end policy controls. In: Proceedings of ACM CCS (2022)
Corrigan-Gibbs, H., Boneh, D.: Prio: private, robust, and scalable computation of aggregate statistics. In: Proceedings of USENIX NSDI (2017)
Deng, L.: The MNIST database of handwritten digit images for machine learning research. IEEE Signal Process. Mag. 29, 141–142 (2012)
Faraone, J., Fraser, N., Blott, M., Leong, P.H.W.: SYQ: learning symmetric quantization for efficient deep neural networks. In: Proceedings of IEEE CVPR (2018)
Fukushima, K.: Neocognitron: a self-organizing neural network model for a mechanism of pattern recognition unaffected by shift in position. Biol. Cybern. 36, 193–202 (1980)
Geiping, J., Bauermeister, H., Dröge, H., Moeller, M.: Inverting gradients-how easy is it to break privacy in federated learning? In: Proceedings of NeurIPS, vol. 33 (2020)
Hao, M., Li, H., Xu, G., Chen, H., Zhang, T.: Efficient, private and robust federated learning. In: Proceedings of ACSAC (2021)
Harris, C.R., et al.: Array programming with numpy. Nature 585(7825), 357–362 (2020)
He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (2016)
Huang, Y., Gupta, S., Song, Z., Li, K., Arora, S.: Evaluating gradient inversion attacks and defenses in federated learning. In: Proceedings of NeurIPS, vol. 34 (2021)
Jacob, B., et al.: Quantization and training of neural networks for efficient integer-arithmetic-only inference. In: Proceedings of IEEE CVPR (2018)
Kairouz, P., et al.: Advances and open problems in federated learning. arXiv preprint arXiv:1912.04977 (2019)
Kales, D., Omolola, O., Ramacher, S.: Revisiting user privacy for certificate transparency. In: Proceedings of EuroS &P (2019)
Krizhevsky, A., Hinton, G., et al.: Learning multiple layers of features from tiny images. Master’s thesis, University of Tront (2009)
Li, P., Jiang, L., Liu, L., Liu, S., Zhang, H.: Federated learning systems: Vision, hype and reality for data privacy and protection. arXiv preprint arXiv:2007.07223 (2020)
Lycklama, H., Burkhalter, L., Viand, A., Küchler, N., Hithnawi, A.: RoFL: robustness of secure federated learning. arXiv preprint arXiv:2107.03311 (2021)
McMahan, H.B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Proceedings of AISTATS (2017)
Paszke, A., et al.: Automatic differentiation in pytorch. In: NIPS-W (2017)
Rathee, M., Shen, C., Wagh, S., Popa, R.A.: ELSA: secure aggregation for federated learning with malicious actors. In: Proceedings of IEEE S &P (2023)
Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv preprint arXiv:1409.1556 (2014)
Triastcyn, A., Faltings, B.: Federated learning with bayesian differential privacy. In: Proceedings of IEEE BigData (2019)
Voigt, P., Von dem Bussche, A.: The EU General Data Protection Regulation (GDPR): A Commentary. Springer (2017)
Yin, H., Mallya, A., Vahdat, A., Alvarez, J.M., Kautz, J., Molchanov, P.: See through gradients: image batch recovery via gradinversion. In: Proceedings of IEEE CVPR, pp. 16337–16346 (2021)
Zhu, L., Liu, Z., Han, S.: Deep leakage from gradients. In: Proceedings of NeurIPS, vol. 32 (2019)
Acknowledgment
This work was fully supported by the Research Grants Council of Hong Kong (RGC) under Grants CityU 11218521, 11218322, R6021-20F, R1012-21, RFS2122-1S04, C2004-21G, C1029-22G, N_CityU139/21, and in part by the Innovation and Technology Commission of Hong Kong (ITC) under Mainland-Hong Kong Joint Funding Scheme (MHKJFS) MHP/135/23. This work was also substantially supported by the InnoHK initiative, The Government of the HKSAR, and the Laboratory for AI-Powered Financial Technologies (AIFT).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zang, Y., Cai, C., Dong, W., Wang, C. (2025). VizardFL: Enabling Private Participation in Federated Learning Systems. In: Barhamgi, M., Wang, H., Wang, X. (eds) Web Information Systems Engineering – WISE 2024. WISE 2024. Lecture Notes in Computer Science, vol 15437. Springer, Singapore. https://doi.org/10.1007/978-981-96-0567-5_18
Download citation
DOI: https://doi.org/10.1007/978-981-96-0567-5_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-96-0566-8
Online ISBN: 978-981-96-0567-5
eBook Packages: Computer ScienceComputer Science (R0)