{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T20:01:46Z","timestamp":1778788906626,"version":"3.51.4"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030630751","type":"print"},{"value":"9783030630768","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-63076-8_3","type":"book-chapter","created":{"date-parts":[[2020,11,25]],"date-time":"2020-11-25T20:03:24Z","timestamp":1606334604000},"page":"32-50","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":41,"title":["Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks"],"prefix":"10.1007","author":[{"given":"Lixin","family":"Fan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kam Woh","family":"Ng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ce","family":"Ju","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tianyu","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chang","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chee Seng","family":"Chan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qiang","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,11,26]]},"reference":[{"key":"3_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 308\u2013318 (2016)","DOI":"10.1145\/2976749.2978318"},{"issue":"5","key":"3_CR2","first-page":"1333","volume":"13","author":"Y Aono","year":"2017","unstructured":"Aono, Y., Hayashi, T., Wang, L., Moriai, S., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333\u20131345 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"3_CR3","unstructured":"Badawi, A.A., et al.: The AlexNet moment for homomorphic encryption: HCNN, the first homomorphic CNN on encrypted data with GPUs. CoRR abs\/1811.00778 (2018). http:\/\/arxiv.org\/abs\/1811.00778"},{"key":"3_CR4","doi-asserted-by":"crossref","unstructured":"Dwork, C.: Differential privacy. Automata, languages and programming, pp. 1\u201312 (2006)","DOI":"10.1007\/11787006_1"},{"key":"3_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/11681878_14","volume-title":"Theory of Cryptography","author":"C Dwork","year":"2006","unstructured":"Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265\u2013284. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11681878_14"},{"key":"3_CR6","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1146\/annurev-statistics-060116-054123","volume":"4","author":"C Dwork","year":"2017","unstructured":"Dwork, C., Smith, A., Steinke, T., Ullman, J.: Exposed! A survey of attacks on private data. Annu. Rev. Stat. Appl. 4, 61\u201384 (2017)","journal-title":"Annu. Rev. Stat. Appl."},{"key":"3_CR7","doi-asserted-by":"publisher","unstructured":"Fan, L., Ng, K.W., Ju, C., Zhang, T., Chan, C.S.: Deep polarized network for supervised learning of accurate binary hashing codes. In: Bessiere, C. (ed.) Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence, IJCAI-20, pp. 825\u2013831. International Joint Conferences on Artificial Intelligence Organization, July 2020. https:\/\/doi.org\/10.24963\/ijcai.2020\/115. https:\/\/doi.org\/10.24963\/ijcai.2020\/115. Main track","DOI":"10.24963\/ijcai.2020\/115"},{"key":"3_CR8","unstructured":"Fan, L., Ng, K.W., Ju, C., Zhang, T., Liu, C., Chan, C.S., Yang, Q.: Rethinking privacy preserving deep learning: how to evaluate and thwart privacy attacks (2020). http:\/\/arxiv.org\/abs\/2006.11601"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Fredrikson, M., Jha, S., Ristenpart, T.: Model inversion attacks that exploit confidence information and basic countermeasures. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1322\u20131333 (2015)","DOI":"10.1145\/2810103.2813677"},{"key":"3_CR10","unstructured":"Geiping, J., Bauermeister, H., Dr\u00f6ge, H., Moeller, M.: Inverting gradients-how easy is it to break privacy in federated learning? arXiv preprint arXiv:2003.14053 (2020)"},{"key":"3_CR11","unstructured":"Gilad-Bachrach, R., Dowlin, N., Laine, K., Lauter, K., Naehrig, M., Wernsing, J.: CryptoNets: applying neural networks to encrypted data with high throughput and accuracy. In: International Conference on Machine Learning, pp. 201\u2013210 (2016)"},{"key":"3_CR12","unstructured":"Hardy, S., et al.: Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. arXiv preprint arXiv:1711.10677 (2017)"},{"key":"3_CR13","unstructured":"Ma, W., Lu, J.: An equivalence of fully connected layer and convolutional layer (2017)"},{"key":"3_CR14","unstructured":"McMahan, H.B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Proceedings of the 20th International Conference on Artificial Intelligence and Statistics (AISTATS) (2017). http:\/\/arxiv.org\/abs\/1602.05629"},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Melis, L., Song, C., De Cristofaro, E., Shmatikov, V.: Exploiting unintended feature leakage in collaborative learning. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 691\u2013706. IEEE (2019)","DOI":"10.1109\/SP.2019.00029"},{"key":"3_CR16","unstructured":"Mohassel, P., Rindal, P.: ABY3: a mixed protocol framework for machine learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 35\u201352 (2018)"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Rouhani, B.D., Riazi, M.S., Koushanfar, F.: DeepSecure: scalable provably-secure deep learning. In: Proceedings of the 55th Annual Design Automation Conference, pp. 1\u20136 (2018)","DOI":"10.1145\/3195970.3196023"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1310\u20131321 (2015)","DOI":"10.1145\/2810103.2813687"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 3\u201318 (2017)","DOI":"10.1109\/SP.2017.41"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Tanuwidjaja, H.C., Choi, R., Kim, K.: A survey on deep learning techniques for privacy-preserving. In: International Conference on Machine Learning for Cyber Security, pp. 29\u201346 (2019)","DOI":"10.1007\/978-3-030-30619-9_4"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Wang, Z., Song, M., Zhang, Z., Song, Y., Wang, Q., Qi, H.: Beyond inferring class representatives: user-level privacy leakage from federated learning. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 2512\u20132520 (2019)","DOI":"10.1109\/INFOCOM.2019.8737416"},{"key":"3_CR22","unstructured":"Wei, W., et al.: A framework for evaluating gradient leakage attacks in federated learning. arXiv preprint arXiv:2004.10397 (2020)"},{"issue":"2","key":"3_CR23","first-page":"12","volume":"10","author":"Q Yang","year":"2019","unstructured":"Yang, Q., Liu, Y., Chen, T., Tong, Y.: Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10(2), 12 (2019)","journal-title":"ACM Trans. Intell. Syst. Technol. (TIST)"},{"key":"3_CR24","unstructured":"Zhu, L., Liu, Z., Han, S.: Deep leakage from gradients. In: Wallach, H.M., Larochelle, H., Beygelzimer, A., d\u2019Alch\u00e9-Buc, F., Fox, E.B., Garnett, R. (eds.) NeurIPS, pp. 14747\u201314756 (2019). http:\/\/papers.nips.cc\/paper\/9617-deep-leakage-from-gradients"}],"container-title":["Lecture Notes in Computer Science","Federated Learning"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-63076-8_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,25]],"date-time":"2020-11-25T20:08:42Z","timestamp":1606334922000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-63076-8_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030630751","9783030630768"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-63076-8_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"26 November 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}