Federated learning (FL) has emerged as an efficient approach for large-scale distributed machine learning, ensuring data privacy by keeping training data on client devices. However, recent research has highlighted vulnerabilities in FL, including the potential disclosure of sensitive information through individual model updates and even the aggregated global model. While much attention has been given to clients' data privacy, limited research has addressed the issue of global model privacy. Furthermore, local training at the client's side has opened avenues for malicious clients to launch powerful model poisoning attacks. Unfortunately, no existing work has provided a comprehensive solution that tackles all these issues. Therefore, we introduce HyFL, a hybrid framework that enables data and global model privacy while facilitating large-scale deployments. The foundation of HyFL is a unique combination of secure multi-party computation (MPC) techniques with hierarchical federated learning. One notable feature of HyFL is its capability to prevent malicious clients from executing model poisoning attacks, confining them to less destructive data poisoning alone. We evaluate HyFL's effectiveness using an open-source PyTorch-based FL implementation integrated with Meta's CrypTen PPML framework. Our performance evaluation demonstrates that HyFL is a promising solution for trustworthy large-scale FL deployment.

翻译：联邦学习（FL）已成为大规模分布式机器学习的高效方法，通过将训练数据保留在客户端设备上确保数据隐私。然而，近期研究揭示了FL的脆弱性，包括通过个体模型更新甚至聚合后的全局模型泄露敏感信息的潜在风险。尽管客户端数据隐私备受关注，但针对全局模型隐私问题的研究仍十分有限。此外，客户端侧的本地训练为恶意客户端发动强大的模型投毒攻击提供了途径。遗憾的是，现有工作尚未提供能同时解决上述所有问题的综合性方案。为此，我们提出HyFL——一种能够实现数据与全局模型隐私保护并支持大规模部署的混合框架。HyFL的核心创新在于将安全多方计算（MPC）技术与分层联邦学习独特结合。其显著特性在于能阻止恶意客户端执行模型投毒攻击，将其活动限制在破坏性较小的数据投毒范围内。我们基于集成Meta公司CrypTen PPML框架的开源PyTorch FL实现评估了HyFL的有效性。性能评估表明，HyFL是值得信赖的大规模FL部署的有前景解决方案。