SecureFL: Privacy Preserving Federated Learning with SGX and TrustZone

Eugene Kuznetsov, Yitao Chen, Ming Zhao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Federated learning allows a large group of edge workers to collaboratively train a shared model without revealing their local data. It has become a powerful tool for deep learning in heterogeneous environments. User privacy is preserved by keeping the training data local to each device. However, federated learning still requires workers to share their weights, which can leak private information during collaboration. This paper introduces SecureFL, a practical framework that provides end-to-end security of federated learning. SecureFL integrates widely available Trusted Execution Environments (TEE) to protect against privacy leaks. SecureFL also uses carefully designed partitioning and aggregation techniques to ensure TEE efficiency on both the cloud and edge workers. SecureFL is both practical and efficient in securing the end-to-end process of federated learning, providing reasonable overhead given the privacy benefits. The paper provides thorough security analysis and performance evaluation of SecureFL, which show that the overhead is reasonable considering the substantial privacy benefits that it provides.

Original languageEnglish (US)
Title of host publication6th ACM/IEEE Symposium on Edge Computing, SEC 2021
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages55-67
Number of pages13
ISBN (Electronic)9781450383905
DOIs
StatePublished - 2021
Externally publishedYes
Event6th ACM/IEEE Symposium on Edge Computing, SEC 2021 - San Jose, United States
Duration: Dec 14 2021Dec 17 2021

Publication series

Name6th ACM/IEEE Symposium on Edge Computing, SEC 2021

Conference

Conference6th ACM/IEEE Symposium on Edge Computing, SEC 2021
Country/TerritoryUnited States
CitySan Jose
Period12/14/2112/17/21

Keywords

  • Edge Computing
  • Federated Learning
  • Privacy
  • Trusted Execution Environment

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'SecureFL: Privacy Preserving Federated Learning with SGX and TrustZone'. Together they form a unique fingerprint.

Cite this