A new publication has been accepted in the 23rd ACM/IFIP International Middleware Conference, titled Shielding Federated Learning Systems against Inference Attacks with ARM TrustZone. This conference is located in Québec City, Québec, Canada, from November 7 to 11, 2022.
Authors: Aghiles Ait Messaoud, Vlad Nitu, Sonia Ben Mokhtar, Valerio Schiavoni
This paper shows how, in the context of federated learning, it is possible protect deep-learning inference workflows running on IoT devices from malicious users launching so-called inference attacks. GradSec, the proposed solution, shields specific deep-learning layers into TrustZone enclaves, i.e. secure hardware areas available in off-the-shelf commodity edge devices.