On the Efficiency of Privacy Attacks in Federated Learning
This work addresses efficiency issues in privacy attacks for federated learning practitioners, but it is incremental as it optimizes existing methods rather than introducing a new paradigm.
The paper tackles the high computational costs of privacy attacks in federated learning, proposing a framework with early-stopping techniques that significantly reduce these costs while maintaining comparable attack success rates on benchmark datasets.
Recent studies have revealed severe privacy risks in federated learning, represented by Gradient Leakage Attacks. However, existing studies mainly aim at increasing the privacy attack success rate and overlook the high computation costs for recovering private data, making the privacy attack impractical in real applications. In this study, we examine privacy attacks from the perspective of efficiency and propose a framework for improving the Efficiency of Privacy Attacks in Federated Learning (EPAFL). We make three novel contributions. First, we systematically evaluate the computational costs for representative privacy attacks in federated learning, which exhibits a high potential to optimize efficiency. Second, we propose three early-stopping techniques to effectively reduce the computational costs of these privacy attacks. Third, we perform experiments on benchmark datasets and show that our proposed method can significantly reduce computational costs and maintain comparable attack success rates for state-of-the-art privacy attacks in federated learning. We provide the codes on GitHub at https://github.com/mlsysx/EPAFL.