Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2025.072625
Journal Menu
Special Issues
Table of Content

All issues

Online First

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

Mitigating Attribute Inference in Split Learning via Channel Pruning and Adversarial Training

Afnan Alhindi*, Saad Al-Ahmadi, Mohamed Maher Ben Ismail
Department of Computer Science, College of Computer and Information Sciences, King Saud University, Riyadh, 11362, Saudi Arabia
* Corresponding Author: Afnan Alhindi. Email: email
(This article belongs to the Special Issue: Integrating Split Learning with Tiny Models for Advanced Edge Computing Applications in the Internet of Vehicles)

Computers, Materials & Continua https://doi.org/10.32604/cmc.2025.072625

Received 31 August 2025; Accepted 03 November 2025; Published online 01 December 2025

Abstract

Split Learning (SL) has been promoted as a promising collaborative machine learning technique designed to address data privacy and resource efficiency. Specifically, neural networks are divided into client and server sub-networks in order to mitigate the exposure of sensitive data and reduce the overhead on client devices, thereby making SL particularly suitable for resource-constrained devices. Although SL prevents the direct transmission of raw data, it does not alleviate entirely the risk of privacy breaches. In fact, the data intermediately transmitted to the server sub-model may include patterns or information that could reveal sensitive data. Moreover, achieving a balance between model utility and data privacy has emerged as a challenging problem. In this article, we propose a novel defense approach that combines: (i) Adversarial learning, and (ii) Network channel pruning. In particular, the proposed adversarial learning approach is specifically designed to reduce the risk of private data exposure while maintaining high performance for the utility task. On the other hand, the suggested channel pruning enables the model to adaptively adjust and reactivate pruned channels while conducting adversarial training. The integration of these two techniques reduces the informativeness of the intermediate data transmitted by the client sub-model, thereby enhancing its robustness against attribute inference attacks without adding significant computational overhead, making it well-suited for IoT devices, mobile platforms, and Internet of Vehicles (IoV) scenarios. The proposed defense approach was evaluated using EfficientNet-B0, a widely adopted compact model, along with three benchmark datasets. The obtained results showcased its superior defense capability against attribute inference attacks compared to existing state-of-the-art methods. This research’s findings demonstrated the effectiveness of the proposed channel pruning-based adversarial training approach in achieving the intended compromise between utility and privacy within SL frameworks. In fact, the classification accuracy attained by the attackers witnessed a drastic decrease of 70%.

Keywords

Split learning; privacy-preserving split learning; distributed collaborative machine learning; channel pruning; adversarial learning; resource-constrained devices

  • 92

    View

  • 18

    Download

  • 0

    Like

Related articles
Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link