{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,23]],"date-time":"2025-06-23T10:45:18Z","timestamp":1750675518127,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":40,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819722617"},{"type":"electronic","value":"9789819722594"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-981-97-2259-4_19","type":"book-chapter","created":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T09:02:31Z","timestamp":1713949351000},"page":"250-261","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Construct a\u00a0Secure CNN Against Gradient Inversion Attack"],"prefix":"10.1007","author":[{"given":"Yu-Hsin","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yu-Chun","family":"Shen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hsi-Wen","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ming-Syan","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,4,25]]},"reference":[{"issue":"5","key":"19_CR1","first-page":"1333","volume":"13","author":"Y Aono","year":"2017","unstructured":"Aono, Y., Hayashi, T., Wang, L., Moriai, S., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333\u20131345 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"19_CR2","unstructured":"Berahas, A.S., Nocedal, J., Tak\u00e1c, M.: A multi-batch l-bfgs method for machine learning. In: Advances in Neural Information Processing Systems, vol. 29 (2016)"},{"key":"19_CR3","first-page":"374","volume":"1","author":"K Bonawitz","year":"2019","unstructured":"Bonawitz, K., et al.: Towards federated learning at scale: system design. Proc. Mach. Learn. Syst. 1, 374\u2013388 (2019)","journal-title":"Proc. Mach. Learn. Syst."},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Bonawitz, K., et al.: Practical secure aggregation for privacy-preserving machine learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1175\u20131191 (2017)","DOI":"10.1145\/3133956.3133982"},{"key":"19_CR5","unstructured":"Chilimbi, T., Suzue, Y., Apacible, J., Kalyanaraman, K.: Project Adam: building an efficient and scalable deep learning training system. In: 11th $$\\{$$USENIX$$\\}$$ Symposium on Operating Systems Design and Implementation ($$\\{$$OSDI$$\\}$$ 14), pp. 571\u2013582 (2014)"},{"key":"19_CR6","doi-asserted-by":"crossref","unstructured":"Fan, L., et al.: Rethinking privacy preserving deep learning: how to evaluate and thwart privacy attacks. In: Federated Learning: Privacy and Incentive, pp. 32\u201350 (2020)","DOI":"10.1007\/978-3-030-63076-8_3"},{"key":"19_CR7","unstructured":"Geiping, J., Bauermeister, H., Dr\u00f6ge, H., Moeller, M.: Inverting gradients - how easy is it to break privacy in federated learning? In: Larochelle, H., Ranzato, M., Hadsell, R., Balcan, M., Lin, H. (eds.) Advances in Neural Information Processing Systems, vol.\u00a033, pp. 16937\u201316947. Curran Associates, Inc. (2020)"},{"issue":"3","key":"19_CR8","doi-asserted-by":"crossref","first-page":"234","DOI":"10.69554\/TCFN5165","volume":"2","author":"EL Harding","year":"2019","unstructured":"Harding, E.L., Vanto, J.J., Clark, R., Hannah Ji, L., Ainsworth, S.C.: Understanding the scope and impact of the California consumer privacy act of 2018. J. Data Protect. Privacy 2(3), 234\u2013253 (2019)","journal-title":"J. Data Protect. Privacy"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Hatamizadeh, A., et al.: Gradvit: gradient inversion of vision transformers. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, pp. 10021\u201310030 (2022)","DOI":"10.1109\/CVPR52688.2022.00978"},{"key":"19_CR10","unstructured":"He, F., Wang, B., Tao, D.: Tighter generalization bounds for iterative differentially private learning algorithms. In: Uncertainty in Artificial Intelligence, pp. 802\u2013812. PMLR (2021)"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770\u2013778 (2016)","DOI":"10.1109\/CVPR.2016.90"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Howard, A., et al.: Searching for mobilenetv3. In: Proceedings of the IEEE\/CVF International Conference on Computer Vision, pp. 1314\u20131324 (2019)","DOI":"10.1109\/ICCV.2019.00140"},{"key":"19_CR13","unstructured":"Huang, Y., Gupta, S., Song, Z., Li, K., Arora, S.: Evaluating gradient inversion attacks and defenses in federated learning. In: Advances in Neural Information Processing Systems, vol. 34, pp. 7232\u20137241 (2021)"},{"key":"19_CR14","unstructured":"Huang, Y., Song, Z., Li, K., Arora, S.: Instahide: instance-hiding schemes for private distributed learning. In: International Conference on Machine Learning, pp. 4507\u20134518. PMLR (2020)"},{"key":"19_CR15","doi-asserted-by":"crossref","unstructured":"Huang, Z., Wang, Y., Mitra, S., Dullerud, G.E.: On the cost of differential privacy in distributed control systems. In: Proceedings of the 3rd International Conference on High Confidence Networked Systems, pp. 105\u2013114 (2014)","DOI":"10.1145\/2566468.2566474"},{"issue":"4","key":"19_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3212509","volume":"21","author":"J Kim","year":"2018","unstructured":"Kim, J., Koo, D., Kim, Y., Yoon, H., Shin, J., Kim, S.: Efficient privacy-preserving matrix factorization for recommendation via fully homomorphic encryption. ACM Trans. Privacy Secur. (TOPS) 21(4), 1\u201330 (2018)","journal-title":"ACM Trans. Privacy Secur. (TOPS)"},{"key":"19_CR17","unstructured":"Kone\u010dn\u1ef3, J., McMahan, H.B., Yu, F.X., Richt\u00e1rik, P., Suresh, A.T., Bacon, D.: Federated learning: strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492 (2016)"},{"key":"19_CR18","unstructured":"Krizhevsky, A., Hinton, G., et\u00a0al.: Learning multiple layers of features from tiny images (2009)"},{"issue":"11","key":"19_CR19","doi-asserted-by":"publisher","first-page":"2278","DOI":"10.1109\/5.726791","volume":"86","author":"Y LeCun","year":"1998","unstructured":"LeCun, Y., Bottou, L., Bengio, Y., Haffner, P.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278\u20132324 (1998)","journal-title":"Proc. IEEE"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Lia, D., Togan, M.: Privacy-preserving machine learning using federated learning and secure aggregation. In: 2020 12th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), pp.\u00a01\u20136. IEEE (2020)","DOI":"10.1109\/ECAI50035.2020.9223127"},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"Liang, H., Li, Y., Zhang, C., Liu, X., Zhu, L.: Egia: an external gradient inversion attack in federated learning. IEEE Trans. Inf. Forensics Secur. (2023)","DOI":"10.1109\/TIFS.2023.3302161"},{"key":"19_CR22","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-030-63076-8_17","volume-title":"Federated Learning","author":"G Long","year":"2020","unstructured":"Long, G., Tan, Y., Jiang, J., Zhang, C.: Federated learning for open banking. In: Yang, Q., Fan, L., Yu, H. (eds.) Federated Learning. LNCS (LNAI), vol. 12500, pp. 240\u2013254. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-63076-8_17"},{"key":"19_CR23","unstructured":"Mangold, P., Perrot, M., Bellet, A., Tommasi, M.: Differential privacy has bounded impact on fairness in classification. In: International Conference on Machine Learning, pp. 23681\u201323705. PMLR (2023)"},{"key":"19_CR24","unstructured":"McMahan, B., Moore, E., Ramage, D., Hampson, S., Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Artificial Intelligence and Statistics, pp. 1273\u20131282. PMLR (2017)"},{"key":"19_CR25","unstructured":"McMahan, H.B., Moore, E., Ramage, D., Arcas, B.A.: Federated learning of deep networks using model averaging, 2, 2. arXiv preprint arXiv:1602.05629 (2016)"},{"issue":"2","key":"19_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3412357","volume":"21","author":"B Pfitzner","year":"2021","unstructured":"Pfitzner, B., Steckhan, N., Arnrich, B.: Federated learning in a medical context: a systematic literature review. ACM Trans. Internet Technology (TOIT) 21(2), 1\u201331 (2021)","journal-title":"ACM Trans. Internet Technology (TOIT)"},{"key":"19_CR27","doi-asserted-by":"crossref","unstructured":"Regulation, G.D.P.: General data protection regulation (GDPR). Intersoft Consulting, Accessed in October 24(1) (2018)","DOI":"10.1016\/j.maturitas.2018.01.017"},{"key":"19_CR28","doi-asserted-by":"crossref","unstructured":"Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1310\u20131321 (2015)","DOI":"10.1145\/2810103.2813687"},{"key":"19_CR29","doi-asserted-by":"crossref","unstructured":"Sun, J., Li, A., Wang, B., Yang, H., Li, H., Chen, Y.: Provable defense against privacy leakage in federated learning from representation perspective. arXiv preprint arXiv:2012.06043 (2020)","DOI":"10.1109\/CVPR46437.2021.00919"},{"key":"19_CR30","unstructured":"Tan, M., Le, Q.: Efficientnet: rethinking model scaling for convolutional neural networks. In: International Conference on Machine Learning, pp. 6105\u20136114. PMLR (2019)"},{"key":"19_CR31","doi-asserted-by":"crossref","unstructured":"Truex, S., Liu, L., Chow, K.H., Gursoy, M.E., Wei, W.: LDP-FED: federated learning with local differential privacy. In: Proceedings of the Third ACM International Workshop on Edge Systems, Analytics and Networking, pp. 61\u201366 (2020)","DOI":"10.1145\/3378679.3394533"},{"key":"19_CR32","doi-asserted-by":"crossref","unstructured":"Wei, W., Liu, L., Wu, Y., Su, G., Iyengar, A.: Gradient-leakage resilient federated learning. In: 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS), pp. 797\u2013807. IEEE (2021)","DOI":"10.1109\/ICDCS51616.2021.00081"},{"key":"19_CR33","doi-asserted-by":"publisher","first-page":"1466","DOI":"10.1109\/TIFS.2022.3163591","volume":"17","author":"D Ye","year":"2022","unstructured":"Ye, D., Shen, S., Zhu, T., Liu, B., Zhou, W.: One parameter defense-defending against data inference attacks via differential privacy. IEEE Trans. Inf. Forensics Secur. 17, 1466\u20131480 (2022)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"19_CR34","unstructured":"Zhang, C., Li, S., Xia, J., Wang, W., Yan, F., Liu, Y.: $$\\{$$BatchCrypt$$\\}$$: efficient homomorphic encryption for $$\\{$$Cross-Silo$$\\}$$ federated learning. In: 2020 USENIX Annual Technical Conference (USENIX ATC 20), pp. 493\u2013506 (2020)"},{"key":"19_CR35","doi-asserted-by":"crossref","unstructured":"Zhang, Q., Ma, J., Xiao, Y., Lou, J., Xiong, L.: Broadening differential privacy for deep learning against model inversion attacks. In: 2020 IEEE International Conference on Big Data (Big Data), pp. 1061\u20131070. IEEE (2020)","DOI":"10.1109\/BigData50022.2020.9378274"},{"key":"19_CR36","doi-asserted-by":"crossref","unstructured":"Zhang, R., Guo, S., Wang, J., Xie, X., Tao, D.: A survey on gradient inversion: attacks, defenses and future directions. arXiv preprint arXiv:2206.07284 (2022)","DOI":"10.24963\/ijcai.2022\/791"},{"key":"19_CR37","unstructured":"Zhao, B., Mopuri, K.R., Bilen, H.: IDLG: improved deep leakage from gradients. arXiv preprint arXiv:2001.02610 (2020)"},{"key":"19_CR38","unstructured":"Zhao, Y., Li, M., Lai, L., Suda, N., Civin, D., Chandra, V.: Federated learning with non-IID data. arXiv preprint arXiv:1806.00582 (2018)"},{"key":"19_CR39","unstructured":"Zhu, J., Blaschko, M.B.: R-$$\\{$$gap$$\\}$$: Recursive gradient attack on privacy. In: International Conference on Learning Representations (2021). https:\/\/openreview.net\/forum?id=RSU17UoKfJF"},{"key":"19_CR40","unstructured":"Zhu, L., Liu, Z., Han, S.: Deep leakage from gradients. In: Advances in Neural Information Processing Systems, vol. 32 (2019)"}],"container-title":["Lecture Notes in Computer Science","Advances in Knowledge Discovery and Data Mining"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-97-2259-4_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,16]],"date-time":"2024-11-16T23:03:26Z","timestamp":1731798206000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-97-2259-4_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9789819722617","9789819722594"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-981-97-2259-4_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"25 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PAKDD","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Pacific-Asia Conference on Knowledge Discovery and Data Mining","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 May 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 May 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pakdd2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/pakdd2024.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}