| CPC G06F 21/55 (2013.01) | 20 Claims |
|
1. An information processing apparatus, comprising:
one or more memories storing instructions; and
one or more processors configured to execute the instructions to control the information processing apparatus to carry out:
a detection process of detecting, as an outlier, an output value which falls outside a normal range in terms of magnitude of a value among output values of a decision tree which has undergone federated learning by a plurality of apparatuses or which is undergoing the federated learning;
a determination process of determining, in a case where the outlier has been detected, that the decision tree has vulnerability to an attack to infer an attribute value included in training data which has been used to train the decision tree; and
a range decision process of deciding the normal range based on a result of simulation for inferring the attribute value from a trained decision tree that has been generated by training based on a decision tree in which a preliminarily-manipulated virtual decision tree has been added to a decision tree which is undergoing the federated learning, the preliminarily-manipulated virtual decision tree having been preliminarily manipulated such that an output value corresponding to an attribute value of a virtual target attribute included in virtual target data is an outlier when the virtual target data is input into the trained decision tree.
|