MingledPie: A Cluster Mingling Approach for Mitigating Preference Profiling in CFL
Cheng Zhang
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Federated Learning 2
Federated Learning (FL) offers a privacy-preserving framework for collaborative machine learning, allowing multiple clients to train a shared model without centralizing their sensitive data. However, the inherent heterogeneity of client data often leads to convergence challenges in standard FL. To address this, **Clustered Federated Learning (CFL)** groups clients into clusters based on their data distributions, enabling the training of personalized cluster models. While CFL improves model accuracy and convergence, it introduces a novel privacy vulnerability: **preference profiling attacks**, particularly those based on cluster identity. This talk, presented by Cheng Zhang (who introduced himself as Pjang), delves into this specific threat and proposes **MingledPie**, a robust defense mechanism.
AI review
Legitimate academic security research tackling a real and underappreciated privacy vulnerability in Clustered Federated Learning — the cluster identity leakage problem is a genuine gap that existing secure aggregation doesn't close. The cryptographic machinery (HE + linear system rebuilding) is technically coherent, but this is a conference paper talk, not a practitioner-facing presentation, and the gap between the theoretical construction and anything a defender deploys tomorrow is wide.