![[2507.02376] On the Inference (In-)Security of Vertical Federated Learning: Efficient Auditing against Inference Tampering Attack](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2507.02376] On the Inference (In-)Security of Vertical Federated Learning: Efficient Auditing against Inference Tampering Attack
Summary
This paper introduces a novel attack and auditing framework for Vertical Federated Learning (VFL), addressing vulnerabilities in inference security and proposing solutions to enhance data integrity.
Why It Matters
As federated learning becomes more prevalent, ensuring the security of inference processes is crucial. This research highlights significant vulnerabilities in VFL and presents a framework that can effectively audit and mitigate tampering attacks, which is essential for maintaining trust in distributed learning systems.
Key Takeaways
- Introduces the Vertical Federated Inference Tampering (VeFIT) attack, which can significantly reduce inference accuracy.
- Presents the Vertical Federated Inference Auditing (VeFIA) framework to detect and mitigate inference tampering.
- VeFIA ensures privacy protection and scalability while maintaining high detection accuracy.
- The framework can detect malicious behavior with a 99.99% probability if tampering exceeds 5.4%.
- This research is the first to address inference auditing in Vertical Federated Learning.
Computer Science > Software Engineering arXiv:2507.02376 (cs) [Submitted on 3 Jul 2025 (v1), last revised 25 Feb 2026 (this version, v2)] Title:On the Inference (In-)Security of Vertical Federated Learning: Efficient Auditing against Inference Tampering Attack Authors:Chung-ju Huang, Ziqi Zhang, Yinggui Wang, Binghui Wang, Tao Wei, Leye Wang View a PDF of the paper titled On the Inference (In-)Security of Vertical Federated Learning: Efficient Auditing against Inference Tampering Attack, by Chung-ju Huang and 5 other authors View PDF HTML (experimental) Abstract:Vertical Federated Learning (VFL) is an emerging distributed learning paradigm for cross-silo collaboration without accessing participants' data. However, existing VFL work lacks a mechanism to audit the inference correctness of the data party. The malicious data party can modify the local data and model to mislead the joint inference results. To exploit this vulnerability, we design a novel Vertical Federated Inference Tampering (VeFIT) attack, allowing the data party to covertly tamper with the local inference and mislead results on the task party's final prediction. VeFIT can decrease the task party's inference accuracy by an average of 34.49%. Existing defense mechanisms can not effectively detect this attack, and the detection performance is near random guessing. To mitigate the attack, we further design a Vertical Federated Inference Auditing (VeFIA) framework. VeFIA helps the task party to audit whether the ...
