On the Security of Distributed Multi-Agent K-Means Clustering With Local Differential Privacy

In a distributed scenario, the process of multiple agents collaborating and interacting with the server to iteratively implement k-means clustering analysis can be easily exploited by attackers, posing a huge privacy threat. Therefore, a local differential privacy k-means method (LDPKmeans) was proposed, which can effectively address the privacy protection problem in multi-agent systems. In this paper, we propose an effective attack method based on multi-agent model, which shows that the basic proposal of LDPKmeans will leak the real information of user agents if the attacker only obtains the cluster information and cluster centroid of each user. Furthermore, we enhance the attack method to crack the improved LDPKmeans method with privacy enhancement, enabling us to infer the cluster information of each user agent in the server. In other words, LDPKmeans seriously leak user agent privacy in distributed multi-agent systems if the server is untrusted. Theoretical analysis and experiments evaluate the effectiveness of our attack scheme. The results show that our method can effectively attack the distributed LDPKmeans scheme compared with the state-of-the-art attack methods. Specifically, our attack method can reduce the average relative error of inferring the true value before k-menas convergence on the 3D Road Network and Shuttle datasets by about 54% and 75% respectively when k=5.