Defending Against Free-Riders Attacks in Distributed Generative Adversarial Networks

Zhao, Z.; Huang, J.; Chen, Lydia Y.; Roos, S.

doi:10.1007/978-3-031-47751-5_12

Defending Against Free-Riders Attacks in Distributed Generative Adversarial Networks

Title

Defending Against Free-Riders Attacks in Distributed Generative Adversarial Networks

Author

Zhao, Z. (TU Delft Data-Intensive Systems)
Huang, J. (TU Delft Data-Intensive Systems)
Chen, Lydia Y. (TU Delft Data-Intensive Systems)
Roos, S. (TU Delft Data-Intensive Systems)

Contributor

Baldimtsi, Foteini (editor)
Cachin, Christian (editor)

Date

2024

Abstract

Generative Adversarial Networks (GANs) are increasingly adopted by the industry to synthesize realistic images using competing generator and discriminator neural networks. Due to data not being centrally available, Multi-Discriminator (MD)-GANs training frameworks employ multiple discriminators that have direct access to the real data. Distributedly training a joint GAN model entails the risk of free-riders, i.e., participants that aim to benefit from the common model while only pretending to participate in the training process. In this paper, we first define a free-rider as a participant without training data and then identify three possible actions: not training, training on synthetic data, or using pre-trained models for similar but not identical tasks that are publicly available. We conduct experiments to explore the impact of these three types of free-riders on the ability of MD-GANs to produce images that are indistinguishable from real data. We consequently design a defense against free-riders, termed DFG, which compares the performance of client discriminators to reference discriminators at the server. The defense allows the server to evict clients whose behavior does not match that of a benign client. The result shows that even when 67% of the clients are free-riders, the proposed DFG can improve synthetic image quality by up to 70.96%, compared to the case of no defense.

Subject

Anomaly detection
Defense
Free-rider attack
Multi-Discriminator GANs

To reference this document use:

http://resolver.tudelft.nl/uuid:13a2317d-52f4-403e-b4f8-2dd47d747bb9

DOI

https://doi.org/10.1007/978-3-031-47751-5_12

Publisher

Springer

Embargo date

2024-06-30

ISBN

9783031477508

Source

Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers

Event

27th International Conference on Financial Cryptography and Data Security, FC 2023, 2023-05-01 → 2023-05-05, Bol, Croatia

Series

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 0302-9743, 13951

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Part of collection

Institutional Repository

Document type

conference paper

Rights

Files

file embargo until 2024-06-30