📑 arXiv 3d ago
No More Guessing: a Verifiable Gradient Inversion Attack in Federated Learning
VGIA introduces verifiable gradient inversion attacks for federated learning that provide explicit certificates of reconstruction correctness, challenging the perception that tabular data is less vulnerable than vision/language. Uses geometric view of ReLU activation boundaries to disentangle multi-record gradient contributions. Enables automated verification without human inspection.