{"id":"https://openalex.org/W4365211426","doi":"https://doi.org/10.1145/3579856.3582819","title":"RecUP-FL: Reconciling Utility and Privacy in Federated learning via User-configurable Privacy Defense","display_name":"RecUP-FL: Reconciling Utility and Privacy in Federated learning via User-configurable Privacy Defense","publication_year":2023,"publication_date":"2023-07-05","ids":{"openalex":"https://openalex.org/W4365211426","doi":"https://doi.org/10.1145/3579856.3582819"},"language":"en","primary_location":{"id":"doi:10.1145/3579856.3582819","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3582819","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2304.05135","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100711132","display_name":"Yue Cui","orcid":null},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yue Cui","raw_affiliation_strings":["University of Tennessee, United States of America"],"raw_orcid":"https://orcid.org/0000-0003-0362-7231","affiliations":[{"raw_affiliation_string":"University of Tennessee, United States of America","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090677465","display_name":"Syed Irfan Ali Meerza","orcid":"https://orcid.org/0000-0002-3239-1080"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Syed Irfan Ali Meerza","raw_affiliation_strings":["University of Tennessee, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-3239-1080","affiliations":[{"raw_affiliation_string":"University of Tennessee, United States of America","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063107365","display_name":"Zhuohang Li","orcid":"https://orcid.org/0000-0001-5559-4094"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhuohang Li","raw_affiliation_strings":["University of Tennessee, United States of America"],"raw_orcid":"https://orcid.org/0000-0001-5559-4094","affiliations":[{"raw_affiliation_string":"University of Tennessee, United States of America","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101649194","display_name":"Luyang Liu","orcid":"https://orcid.org/0000-0003-2704-4030"},"institutions":[{"id":"https://openalex.org/I102322142","display_name":"Rutgers, The State University of New Jersey","ror":"https://ror.org/05vt9qd57","country_code":"US","type":"education","lineage":["https://openalex.org/I102322142"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Luyang Liu","raw_affiliation_strings":["Rutgers University, United States of America"],"raw_orcid":"https://orcid.org/0000-0003-2704-4030","affiliations":[{"raw_affiliation_string":"Rutgers University, United States of America","institution_ids":["https://openalex.org/I102322142"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100414872","display_name":"Jiaxin Zhang","orcid":"https://orcid.org/0000-0002-7576-6110"},"institutions":[{"id":"https://openalex.org/I88773910","display_name":"Intuit (United States)","ror":"https://ror.org/049mrbr98","country_code":"US","type":"company","lineage":["https://openalex.org/I88773910"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiaxin Zhang","raw_affiliation_strings":["Intuit AI Research, USA"],"raw_orcid":"https://orcid.org/0000-0002-7576-6110","affiliations":[{"raw_affiliation_string":"Intuit AI Research, USA","institution_ids":["https://openalex.org/I88773910"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100414706","display_name":"Jian Liu","orcid":"https://orcid.org/0000-0002-8331-0834"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jian Liu","raw_affiliation_strings":["University of Tennessee, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-8331-0834","affiliations":[{"raw_affiliation_string":"University of Tennessee, United States of America","institution_ids":["https://openalex.org/I75027704"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5100711132"],"corresponding_institution_ids":["https://openalex.org/I75027704"],"apc_list":null,"apc_paid":null,"fwci":0.5112,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.69793519,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"80","last_page":"94"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8348097205162048},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8093069791793823},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.7595022916793823},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.755519688129425},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.6021822094917297},{"id":"https://openalex.org/keywords/private-information-retrieval","display_name":"Private information retrieval","score":0.5934247374534607},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5708000659942627},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5312886834144592},{"id":"https://openalex.org/keywords/transferability","display_name":"Transferability","score":0.5128912925720215},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.482282429933548},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.47145017981529236},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.4666481018066406},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.4498627483844757},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.38208943605422974},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.341001033782959},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.27757585048675537}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8348097205162048},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8093069791793823},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.7595022916793823},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.755519688129425},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.6021822094917297},{"id":"https://openalex.org/C99221444","wikidata":"https://www.wikidata.org/wiki/Q1532069","display_name":"Private information retrieval","level":2,"score":0.5934247374534607},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5708000659942627},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5312886834144592},{"id":"https://openalex.org/C61272859","wikidata":"https://www.wikidata.org/wiki/Q7834031","display_name":"Transferability","level":3,"score":0.5128912925720215},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.482282429933548},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.47145017981529236},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.4666481018066406},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.4498627483844757},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.38208943605422974},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.341001033782959},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.27757585048675537},{"id":"https://openalex.org/C140331021","wikidata":"https://www.wikidata.org/wiki/Q1868104","display_name":"Logit","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3579856.3582819","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3582819","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2304.05135","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2304.05135","pdf_url":"https://arxiv.org/pdf/2304.05135","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2304.05135","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2304.05135","pdf_url":"https://arxiv.org/pdf/2304.05135","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"score":0.5899999737739563,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3004326832","display_name":"Collaborative Research: SaTC: CORE: Small: Securing IoT and Edge Devices under Audio Adversarial Attacks","funder_award_id":"2114161","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4291250020","display_name":null,"funder_award_id":"CBET-2130643","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4431370682","display_name":null,"funder_award_id":"NSF CNS-2114161, ECCS-2132106, CBET-2130643","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5116531939","display_name":null,"funder_award_id":"ECCS-2132106","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6480995552","display_name":"Collaborative Research: CCSS: Continuous Facial Sensing and 3D Reconstruction via Single-ear Wearable Biosensors","funder_award_id":"2132106","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G881833152","display_name":"Collaborative Research: High-precision monitoring of foodborne pathogens in food manufacturing facilities","funder_award_id":"2130643","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320337390","display_name":"Division of Chemical, Bioengineering, Environmental, and Transport Systems","ror":"https://ror.org/0471zv972"},{"id":"https://openalex.org/F4320337392","display_name":"Division of Electrical, Communications and Cyber Systems","ror":"https://ror.org/01krpsy48"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4365211426.pdf"},"referenced_works_count":21,"referenced_works":["https://openalex.org/W955924517","https://openalex.org/W1834627138","https://openalex.org/W2194775991","https://openalex.org/W2535690855","https://openalex.org/W2591882872","https://openalex.org/W2701059868","https://openalex.org/W2765886485","https://openalex.org/W2767079719","https://openalex.org/W2897830718","https://openalex.org/W2962835266","https://openalex.org/W2963456518","https://openalex.org/W2964162474","https://openalex.org/W3029957998","https://openalex.org/W3097714942","https://openalex.org/W3099111404","https://openalex.org/W3172312230","https://openalex.org/W3175192640","https://openalex.org/W3203780767","https://openalex.org/W3207137622","https://openalex.org/W4214502238","https://openalex.org/W4287815740"],"related_works":["https://openalex.org/W4286971788","https://openalex.org/W3199340467","https://openalex.org/W3157608626","https://openalex.org/W3132132958","https://openalex.org/W4321612632","https://openalex.org/W4322580403","https://openalex.org/W3193217249","https://openalex.org/W4280591108","https://openalex.org/W3021849752","https://openalex.org/W4286891119"],"abstract_inverted_index":{"Federated":[0],"learning":[1,142,161],"(FL)":[2],"provides":[3],"a":[4,15,78,87,107,140,155,198,202],"variety":[5],"of":[6,42,194,204,212],"privacy":[7,43,102,109,156,247,262],"advantages":[8],"by":[9,105,191],"allowing":[10],"clients":[11,49],"to":[12,50,59,81,98,144,172,177,185,221],"collaboratively":[13],"train":[14],"model":[16,91,143,199,257],"without":[17],"sharing":[18,60,176],"their":[19,53],"private":[20,28,147],"data.":[21],"However,":[22],"recent":[23],"studies":[24],"have":[25],"shown":[26],"that":[27,112,133,168,242],"information":[29,148],"can":[30,113,169,244],"still":[31],"be":[32,170],"leaked":[33],"through":[34],"shared":[35],"gradients.":[36],"To":[37,181],"further":[38],"minimize":[39],"the":[40,62,74,117,146,173,183,192,213,216,250,256],"risk":[41],"leakage,":[44],"existing":[45,134],"defenses":[46],"usually":[47,84],"require":[48],"locally":[51],"modify":[52],"gradients":[54,174],"(e.g.,":[55,149],"differential":[56],"privacy)":[57],"prior":[58],"with":[61,260],"server.":[63],"While":[64],"these":[65],"approaches":[66],"are":[67],"effective":[68],"in":[69,90,103,125],"certain":[70],"cases,":[71],"they":[72],"regard":[73],"entire":[75],"data":[76,238],"as":[77,158],"single":[79],"entity":[80],"protect,":[82],"which":[83],"comes":[85],"at":[86],"large":[88],"cost":[89],"utility.":[92],"In":[93],"this":[94],"paper,":[95],"we":[96,131],"seek":[97],"reconcile":[99],"utility":[100,126,258],"and":[101,207,215,237],"FL":[104],"proposing":[106],"user-configurable":[108],"defense,":[110],"RecUP-FL,":[111],"better":[114],"focus":[115],"on":[116,139,226],"user-specified":[118,246],"sensitive":[119,251],"attributes":[120,252],"while":[121,253],"obtaining":[122],"significant":[123],"improvements":[124],"over":[127,249],"traditional":[128],"defenses.":[129,263],"Moreover,":[130],"observe":[132],"inference":[135,235],"attacks":[136],"often":[137],"rely":[138],"machine":[141],"extract":[145],"attributes).":[150],"We":[151],"thus":[152],"formulate":[153],"such":[154],"defense":[157],"an":[159],"adversarial":[160,218,231],"problem,":[162],"where":[163],"RecUP-FL":[164,196,243],"generates":[165],"slight":[166],"perturbations":[167],"added":[171],"before":[175],"fool":[178],"adversary":[179,188],"models.":[180],"improve":[182],"transferability":[184],"un-queryable":[186],"black-box":[187,217],"models,":[189],"inspired":[190],"idea":[193],"meta-learning,":[195],"forms":[197],"zoo":[200],"containing":[201],"set":[203],"substitute":[205],"models":[206],"iteratively":[208],"alternates":[209],"between":[210],"simulations":[211],"white-box":[214],"attack":[219,236],"scenarios":[220],"generate":[222],"perturbations.":[223],"Extensive":[224],"experiments":[225],"four":[227],"datasets":[228],"under":[229],"various":[230],"settings":[232],"(both":[233],"attribute":[234],"reconstruction":[239],"attack)":[240],"show":[241],"meet":[245],"constraints":[248],"significantly":[254],"improving":[255],"compared":[259],"state-of-the-art":[261]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}