VeFIA: An Efficient Inference Auditing Framework for Vertical Federated Collaborative Software
This addresses a critical gap for cross-silo AI deployments by ensuring trustworthy inference in vertical federated learning, though it is an incremental step in federated learning security.
The paper tackles the problem of auditing execution correctness in vertical federated learning inference software, proposing VeFIA, which enables the task party to detect anomalies with 99.99% probability if abnormal inference exceeds 5.4%, without additional latency.
Vertical Federated Learning (VFL) is a distributed AI software deployment mechanism for cross-silo collaboration without accessing participants' data. However, existing VFL work lacks a mechanism to audit the execution correctness of the inference software of the data party. To address this problem, we design a Vertical Federated Inference Auditing (VeFIA) framework. VeFIA helps the task party to audit whether the data party's inference software is executed as expected during large-scale inference without leaking the data privacy of the data party or introducing additional latency to the inference system. The core of VeFIA is that the task party can use the inference results from a framework with Trusted Execution Environments (TEE) and the coordinator to validate the correctness of the data party's computation results. VeFIA guarantees that, as long as the abnormal inference exceeds 5.4%, the task party can detect execution anomalies in the inference software with a probability of 99.99%, without incurring any additional online inference latency. VeFIA's random sampling validation achieves 100% positive predictive value, negative predictive value, and true positive rate in detecting abnormal inference. To the best of our knowledge, this is the first paper to discuss the correctness of inference software execution in VFL.