Who Owns the Model? Protecting Model Confidentiality in Federated Learning Against Eavesdroppers скачать в хорошем качестве

Who Owns the Model? Protecting Model Confidentiality in Federated Learning Against Eavesdroppers

Rising Star Symposium on Cyber-Physical Systems Security, Resilience, and Privacy https://shorturl.at/C3RZy Kushal Chakrabarti, Tata Consultancy This talk shifts the focus of FL security from data confidentiality to model confidentiality. We develop a theoretical framework to analyze how factors such as client sampling probability, local objective structure, server aggregation, and adversary capabilities influence the extent to which an eavesdropper can reconstruct the global model. Our analysis reveals inherent vulnerabilities in standard FL protocols and highlights limitations of differential privacy when used to protect model parameters rather than data. We then present a lightweight, architecture-agnostic defense based on dynamic uniform quantization, repurposed specifically for model protection. We show that this approach provides provable, persistent protection against passive reconstruction attacks. Overall, this work frames model confidentiality as a core security problem in distributed learning systems.