Fed-Safe: Securing Federated Learning in Healthcare Against Adversarial Attacks
This addresses security and privacy issues in federated learning for medical image analysis, but it is incremental as it builds on existing methods like adversarial training and noise addition.
The paper tackled the problem of securing federated learning in healthcare against adversarial attacks while maintaining privacy, and found that incorporating distributed noise achieved security levels comparable to conventional adversarial training with fewer retraining samples.
This paper explores the security aspects of federated learning applications in medical image analysis. Current robustness-oriented methods like adversarial training, secure aggregation, and homomorphic encryption often risk privacy compromises. The central aim is to defend the network against potential privacy breaches while maintaining model robustness against adversarial manipulations. We show that incorporating distributed noise, grounded in the privacy guarantees in federated settings, enables the development of a adversarially robust model that also meets federated privacy standards. We conducted comprehensive evaluations across diverse attack scenarios, parameters, and use cases in cancer imaging, concentrating on pathology, meningioma, and glioma. The results reveal that the incorporation of distributed noise allows for the attainment of security levels comparable to those of conventional adversarial training while requiring fewer retraining samples to establish a robust model.