TY - GEN
T1 - Can Collaborative Learning Be Private, Robust and Scalable?
AU - Usynin, Dmitrii
AU - Klause, Helena
AU - Paetzold, Johannes C.
AU - Rueckert, Daniel
AU - Kaissis, Georgios
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022
Y1 - 2022
N2 - In federated learning for medical image analysis, the safety of the learning protocol is paramount. Such settings can often be compromised by adversaries that target either the private data used by the federation or the integrity of the model itself. This requires the medical imaging community to develop mechanisms to train collaborative models that are private and robust against adversarial data. In response to these challenges, we propose a practical open-source framework to study the effectiveness of combining differential privacy, model compression and adversarial training to improve the robustness of models against adversarial samples under train- and inference-time attacks. Using our framework, we achieve competitive model performance, a significant reduction in model’s size and an improved empirical adversarial robustness without a severe performance degradation, critical in medical image analysis.
AB - In federated learning for medical image analysis, the safety of the learning protocol is paramount. Such settings can often be compromised by adversaries that target either the private data used by the federation or the integrity of the model itself. This requires the medical imaging community to develop mechanisms to train collaborative models that are private and robust against adversarial data. In response to these challenges, we propose a practical open-source framework to study the effectiveness of combining differential privacy, model compression and adversarial training to improve the robustness of models against adversarial samples under train- and inference-time attacks. Using our framework, we achieve competitive model performance, a significant reduction in model’s size and an improved empirical adversarial robustness without a severe performance degradation, critical in medical image analysis.
KW - Adversarial training
KW - Collaborative learning
KW - Differential privacy
KW - Federated learning
KW - Medical image analysis
KW - Model compression
UR - http://www.scopus.com/inward/record.url?scp=85141726347&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-18523-6_4
DO - 10.1007/978-3-031-18523-6_4
M3 - Conference contribution
AN - SCOPUS:85141726347
SN - 9783031185229
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 37
EP - 46
BT - Distributed, Collaborative, and Federated Learning, and Affordable AI and Healthcare for Resource Diverse Global Health - 3rd MICCAI Workshop, DeCaF 2022, and 2nd MICCAI Workshop, FAIR 2022, Held in Conjunction with MICCAI 2022, Proceedings
A2 - Albarqouni, Shadi
A2 - Bakas, Spyridon
A2 - Bano, Sophia
A2 - Cardoso, M. Jorge
A2 - Khanal, Bishesh
A2 - Landman, Bennett
A2 - Li, Xiaoxiao
A2 - Qin, Chen
A2 - Rekik, Islem
A2 - Rieke, Nicola
A2 - Roth, Holger
A2 - Xu, Daguang
A2 - Sheet, Debdoot
PB - Springer Science and Business Media Deutschland GmbH
T2 - 3rd MICCAI Workshop on Distributed, Collaborative, and Federated Learning, DeCaF 2022, and the 2nd MICCAI Workshop on Affordable AI and Healthcare, FAIR 2022, held in conjunction with the 25th International Conference on Medical Image Computing and Computer Assisted Intervention, MICCAI 2022
Y2 - 22 September 2022 through 22 September 2022
ER -