Home > News & Events > Events Content
Speaker: Yin Hongzhi, ARC Future Fellow, The University of Queensland
Date: September 22, 2023
Time: 15:00-16:00
Location: Tencent Meeting
Sponsor: School of Software, Shandong University
Abstract:
With the growing concerns of data privacy in recommender systems, Federated Recommender Systems(FedRecs) are raising more and more researchers' attention, since they can learn an effective recommendation model without accessing clients' private data. Intuitively, based on the federated learning paradigm, FedRecs were considered a fairly secure and privacy-preserving solution to train a recommender model meeting privacy protection regulations (e.g., GDPR and CCPA). As a result, few works explore the potential threats of FedRecs. In this presentation, we attempt to validate the threats of FedRecs from two aspects: (1) Privacy attacks. Although the server cannot directly access clients' private data in FedRecs, the public parameters learned based on these sensitive data will be uploaded to the server to collaboratively build recommender systems. Therefore, these public parameters may leave a security hole for adversaries to infer clients' private data. (2) Poisoning Attacks. Since all participants in FedRecs can directly influence the systems by uploading parameters/gradients, FedRecs may be more vulnerable than traditional centralized recommender systems when malicious clients attempt to manipulate the systems. Some existing works already point out the vulnerability of FedRecs for model poisoning attacks, but all these works' attacks are either based on certain unrealistic assumptions or with less effectiveness, which cannot thoroughly reveal the vulnerability of FedRecs.
For more information, please visit:
https://www.view.sdu.edu.cn/info/1020/183774.htm