Privacy Preserving Machine Learning Techniques
Title: Privacy Preserving Machine Learning Techniques
DNr: Berzelius-2024-87
Project Type: LiU Berzelius
Principal Investigator: Saloni Kwatra <>
Affiliation: Umeå universitet
Duration: 2024-02-27 – 2024-09-01
Classification: 10201


Our research focuses on enhancing privacy in Federated Learning (FL), particularly in the context of collaborative learning where distributed clients share model parameters with an aggregator. One significant vulnerability in FL is data reconstruction attacks, where adversaries exploit aggregated statistics, such as model parameters, to deduce sensitive training data. Specifically, we investigate the application of Principal Component Analysis (PCA), a common dimensionality reduction technique, within a federated setting. In this setup, clients share local eigenvectors computed from their data with the aggregator, which then combines them to produce global eigenvectors. Previous studies have demonstrated that exposing eigenvectors can lead to privacy breaches, such as membership inference and data reconstruction attacks, especially when combined with knowledge of data distribution. To address this issue, we propose enhancing privacy in eigenvectors using techniques such as k-anonymity and synthetic datasets. We assess the utility of protected eigenvectors through various methods, including employing Random Forest Regressor and examining dendrograms obtained from hierarchical clustering. Additionally, we evaluate the effectiveness of our privacy measures by conducting data reconstruction attacks to gauge the level of privacy preserved.