Privacy Threats Against Federated Matrix Factorization
This addresses privacy risks for companies using federated learning in recommendation systems, but it is incremental as it builds on prior work in federated learning and privacy issues in collaborative filtering.
The paper tackles the problem of privacy threats in federated matrix factorization for recommender systems, categorizing them into three types based on feature space partitions and analyzing threats for each, while also discussing privacy-preserving approaches.
Matrix Factorization has been very successful in practical recommendation applications and e-commerce. Due to data shortage and stringent regulations, it can be hard to collect sufficient data to build performant recommender systems for a single company. Federated learning provides the possibility to bridge the data silos and build machine learning models without compromising privacy and security. Participants sharing common users or items collaboratively build a model over data from all the participants. There have been some works exploring the application of federated learning to recommender systems and the privacy issues in collaborative filtering systems. However, the privacy threats in federated matrix factorization are not studied. In this paper, we categorize federated matrix factorization into three types based on the partition of feature space and analyze privacy threats against each type of federated matrix factorization model. We also discuss privacy-preserving approaches. As far as we are aware, this is the first study of privacy threats of the matrix factorization method in the federated learning framework.