Iranian Society of Cryptology The ISC International Journal of Information Security 2008-2045 15 3 2023 10 01 Private Federated Learning: An Adversarial Sanitizing Perspective 67 76 182211 10.22042/isecure.2023.182211 EN Mojtaba Shirinjani Information Systems and Security Lab, EE Department, Sharif University of Technology, Tehran, Iran Siavash Ahmadi Electronics Research Institute, Sharif University of Technology, Tehran, Iran 0000-0002-8801-337X Taraneh Eghlidos Electronics Research Institute, Sharif University of Technology, Tehran, Iran 0000-0002-3182-0277 Mohammad Reza Aref Information Systems and Security Lab, EE Department, Sharif University of Technology, Tehran, Iran Journal Article 2023 11 01 Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. However, recent attacks, namely Membership Inference Attacks (MIA) or Poisoning Attacks (PA), can threaten the privacy and performance in FL systems. This paper develops an innovative Adversarial-Resilient Privacy-preserving Scheme (ARPS) for FL to cope with preceding threats using differential privacy and<br />cryptography. Our experiments display that ARPS can establish a private model with high accuracy out‌performing state-of-the-art approaches. To the best of our knowledge, this work is the only scheme providing privacy protection beyond any output models in conjunction with Byzantine resiliency without sacrificing accuracy and efficiency. https://www.isecure-journal.com/article_182211_20181fba0d3e681ff1cb1b2591d73a37.pdf