Title
Defending Against Free-Riders Attacks in Distributed Generative Adversarial Networks
Author
Zhao, Z. (TU Delft Data-Intensive Systems)
Huang, J. (TU Delft Data-Intensive Systems)
Chen, Lydia Y. (TU Delft Data-Intensive Systems)
Roos, S. (TU Delft Data-Intensive Systems)
Contributor
Baldimtsi, Foteini (editor)
Cachin, Christian (editor)
Date
2024
Abstract
Generative Adversarial Networks (GANs) are increasingly adopted by the industry to synthesize realistic images using competing generator and discriminator neural networks. Due to data not being centrally available, Multi-Discriminator (MD)-GANs training frameworks employ multiple discriminators that have direct access to the real data. Distributedly training a joint GAN model entails the risk of free-riders, i.e., participants that aim to benefit from the common model while only pretending to participate in the training process. In this paper, we first define a free-rider as a participant without training data and then identify three possible actions: not training, training on synthetic data, or using pre-trained models for similar but not identical tasks that are publicly available. We conduct experiments to explore the impact of these three types of free-riders on the ability of MD-GANs to produce images that are indistinguishable from real data. We consequently design a defense against free-riders, termed DFG, which compares the performance of client discriminators to reference discriminators at the server. The defense allows the server to evict clients whose behavior does not match that of a benign client. The result shows that even when 67% of the clients are free-riders, the proposed DFG can improve synthetic image quality by up to 70.96%, compared to the case of no defense.
Subject
Anomaly detection
Defense
Free-rider attack
Multi-Discriminator GANs
To reference this document use:
http://resolver.tudelft.nl/uuid:13a2317d-52f4-403e-b4f8-2dd47d747bb9
DOI
https://doi.org/10.1007/978-3-031-47751-5_12
Publisher
Springer
Embargo date
2024-06-30
ISBN
9783031477508
Source
Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers
Event
27th International Conference on Financial Cryptography and Data Security, FC 2023, 2023-05-01 → 2023-05-05, Bol, Croatia
Series
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 0302-9743, 13951
Bibliographical note
Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Part of collection
Institutional Repository
Document type
conference paper
Rights
© 2024 Z. Zhao, J. Huang, Lydia Y. Chen, S. Roos