{"id":"https://openalex.org/W2970606380","doi":"https://doi.org/10.1145/3338501.3357370","title":"A Hybrid Approach to Privacy-Preserving Federated Learning","display_name":"A Hybrid Approach to Privacy-Preserving Federated Learning","publication_year":2019,"publication_date":"2019-11-08","ids":{"openalex":"https://openalex.org/W2970606380","doi":"https://doi.org/10.1145/3338501.3357370","mag":"2970606380"},"language":"en","primary_location":{"id":"doi:10.1145/3338501.3357370","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338501.3357370","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066370292","display_name":"Stacey Truex","orcid":"https://orcid.org/0000-0002-8274-645X"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Stacey Truex","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010677582","display_name":"Nathalie Baracaldo","orcid":"https://orcid.org/0000-0001-9469-045X"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nathalie Baracaldo","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054645319","display_name":"Ali Anwar","orcid":"https://orcid.org/0000-0003-4487-2436"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ali Anwar","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090438638","display_name":"Thomas Steinke","orcid":"https://orcid.org/0000-0002-0338-8042"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Thomas Steinke","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048671912","display_name":"Heiko Ludwig","orcid":null},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Heiko Ludwig","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100421929","display_name":"Rui Zhang","orcid":"https://orcid.org/0000-0001-5230-5998"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rui Zhang","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101784389","display_name":"Yi Zhou","orcid":"https://orcid.org/0000-0003-3932-6422"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yi Zhou","raw_affiliation_strings":["IBM Research Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5066370292"],"corresponding_institution_ids":["https://openalex.org/I130701444"],"apc_list":null,"apc_paid":null,"fwci":53.612,"has_fulltext":false,"cited_by_count":892,"citation_normalized_percentile":{"value":0.99878923,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9786999821662903,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.8783488273620605},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8709132671356201},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.7283709049224854},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6840333938598633},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6276958584785461},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.5989097952842712},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5721046924591064},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.557216465473175},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.5341628789901733},{"id":"https://openalex.org/keywords/computation","display_name":"Computation","score":0.4893006980419159},{"id":"https://openalex.org/keywords/secure-multi-party-computation","display_name":"Secure multi-party computation","score":0.4891526997089386},{"id":"https://openalex.org/keywords/raw-data","display_name":"Raw data","score":0.4509607255458832},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3379804491996765},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.29696935415267944},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2755129933357239},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.16272136569023132},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1398869752883911}],"concepts":[{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.8783488273620605},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8709132671356201},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.7283709049224854},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6840333938598633},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6276958584785461},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.5989097952842712},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5721046924591064},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.557216465473175},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.5341628789901733},{"id":"https://openalex.org/C45374587","wikidata":"https://www.wikidata.org/wiki/Q12525525","display_name":"Computation","level":2,"score":0.4893006980419159},{"id":"https://openalex.org/C18396474","wikidata":"https://www.wikidata.org/wiki/Q2465888","display_name":"Secure multi-party computation","level":3,"score":0.4891526997089386},{"id":"https://openalex.org/C132964779","wikidata":"https://www.wikidata.org/wiki/Q2110223","display_name":"Raw data","level":2,"score":0.4509607255458832},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3379804491996765},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.29696935415267944},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2755129933357239},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.16272136569023132},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1398869752883911},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3338501.3357370","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338501.3357370","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5099999904632568,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W655626130","https://openalex.org/W1528076390","https://openalex.org/W1544327602","https://openalex.org/W1557833142","https://openalex.org/W1584560347","https://openalex.org/W1872473787","https://openalex.org/W1952161176","https://openalex.org/W1991669689","https://openalex.org/W2010523825","https://openalex.org/W2027595342","https://openalex.org/W2053637704","https://openalex.org/W2083842231","https://openalex.org/W2098784025","https://openalex.org/W2104803737","https://openalex.org/W2109135024","https://openalex.org/W2109426455","https://openalex.org/W2112796928","https://openalex.org/W2132172731","https://openalex.org/W2138865266","https://openalex.org/W2146673169","https://openalex.org/W2149706766","https://openalex.org/W2153635508","https://openalex.org/W2165223967","https://openalex.org/W2167372639","https://openalex.org/W2232997092","https://openalex.org/W2293339990","https://openalex.org/W2346407621","https://openalex.org/W2473418344","https://openalex.org/W2478180979","https://openalex.org/W2525846285","https://openalex.org/W2535690855","https://openalex.org/W2752272666","https://openalex.org/W2767079719","https://openalex.org/W2809607392","https://openalex.org/W2903389359","https://openalex.org/W2930926105","https://openalex.org/W2949848087","https://openalex.org/W2963062476","https://openalex.org/W2963288913","https://openalex.org/W2963699739","https://openalex.org/W3103245149","https://openalex.org/W3121299688","https://openalex.org/W6744388112"],"related_works":["https://openalex.org/W4286971788","https://openalex.org/W3199340467","https://openalex.org/W3157608626","https://openalex.org/W3132132958","https://openalex.org/W4321612632","https://openalex.org/W4322580403","https://openalex.org/W4399147128","https://openalex.org/W3193217249","https://openalex.org/W3021849752","https://openalex.org/W4280591108"],"abstract_inverted_index":{"Federated":[0],"learning":[1,37,67,183,195],"facilitates":[2],"the":[3,9,45,51,57,132,138,206],"collaborative":[4],"training":[5,24,49],"of":[6,11,40,93,99,134,140,151,181,205],"models":[7,167],"without":[8,143],"sharing":[10],"raw":[12],"data.":[13],"However,":[14],"recent":[15],"attacks":[16],"demonstrate":[17,199],"that":[18,110,160,200],"simply":[19],"maintaining":[20,147],"data":[21,100],"locality":[22],"during":[23,48],"processes":[25],"does":[26],"not":[27],"provide":[28],"sufficient":[29],"privacy":[30,82,114,123,145],"guarantees.":[31],"Rather,":[32],"we":[33,105,186],"need":[34],"a":[35,90,148,157,179],"federated":[36,66],"system":[38,154,173],"capable":[39],"preventing":[41],"inference":[42,79,163],"over":[43],"both":[44,112],"messages":[46],"exchanged":[47],"and":[50,115,165],"final":[52],"trained":[53],"model":[54,59],"while":[55,146],"ensuring":[56],"resulting":[58],"also":[60],"has":[61],"acceptable":[62],"predictive":[63],"accuracy.":[64,170],"Existing":[65],"approaches":[68],"either":[69],"use":[70],"secure":[71,125],"multiparty":[72,126],"computation":[73,127],"(SMC)":[74],"which":[75,83,185],"is":[76,155],"vulnerable":[77],"to":[78,86,117,130,177],"or":[80],"differential":[81,113,122],"can":[84,174],"lead":[85],"low":[87],"accuracy":[88],"given":[89],"large":[91],"number":[92,139],"parties":[94,141],"with":[95,124,168,188],"relatively":[96],"small":[97],"amounts":[98],"each.":[101],"In":[102],"this":[103],"paper,":[104],"present":[106],"an":[107],"alternative":[108],"approach":[109,159,202],"utilizes":[111],"SMC":[116],"balance":[118],"these":[119],"trade-offs.":[120],"Combining":[121],"enables":[128],"us":[129],"reduce":[131],"growth":[133],"noise":[135],"injection":[136],"as":[137],"increases":[142],"sacrificing":[144],"pre-defined":[149],"rate":[150],"trust.":[152],"Our":[153,197],"therefore":[156],"scalable":[158],"protects":[161],"against":[162],"threats":[164],"produces":[166],"high":[169],"Additionally,":[171],"our":[172,201],"be":[175],"used":[176],"train":[178],"variety":[180],"machine":[182,194],"models,":[184],"validate":[187],"experimental":[189],"results":[190],"on":[191],"3":[192],"different":[193],"algorithms.":[196],"experiments":[198],"out-performs":[203],"state":[204],"art":[207],"solutions.":[208]},"counts_by_year":[{"year":2026,"cited_by_count":16},{"year":2025,"cited_by_count":155},{"year":2024,"cited_by_count":188},{"year":2023,"cited_by_count":162},{"year":2022,"cited_by_count":139},{"year":2021,"cited_by_count":137},{"year":2020,"cited_by_count":84},{"year":2019,"cited_by_count":11}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}