{"ID":2890254,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2507.20060","arxiv_id":"2507.20060","title":"ModShift: Model Privacy via Designed Shifts","abstract":"In this paper, shifts are introduced to preserve model privacy against an eavesdropper in federated learning. Model learning is treated as a parameter estimation problem. This perspective allows us to derive the Fisher Information matrix of the model updates from the shifted updates and drive them to singularity, thus posing a hard estimation problem for Eve. The shifts are securely shared with the central server to maintain model accuracy at the server and participating devices. A convergence test is proposed to detect if model updates have been tampered with and we show that our scheme passes this test. Numerical results show that our scheme achieves a higher model shift when compared to a noise injection scheme while requiring a lesser bandwidth secret channel.","short_abstract":"In this paper, shifts are introduced to preserve model privacy against an eavesdropper in federated learning. Model learning is treated as a parameter estimation problem. This perspective allows us to derive the Fisher Information matrix of the model updates from the shifted updates and drive them to singularity, thus...","url_abs":"https://arxiv.org/abs/2507.20060","url_pdf":"https://arxiv.org/pdf/2507.20060v1","authors":"[\"Nomaan A. Kherani\",\"Urbashi Mitra\"]","published":"2025-07-26T21:00:56Z","proceeding":"cs.LG","tasks":"[\"cs.LG\",\"cs.IT\"]","methods":"[]","has_code":false}