Patent attributes
One or more computer processors transmit a machine learning model and an associated loss function to a worker, wherein the worker isolates private data. The one or more computer processors receive a plurality of encrypted gradients computed utilizing the transmitted machine learning model, the associated loss function, and the isolated private data. The one or more computer processors generate a plurality of adversarial perturbations, wherein the plurality of adversarial perturbations includes true perturbations and false perturbations. The one or more computer processors obfuscate the generated plurality of adversarial perturbations. The one or more computer processors transmit the obfuscated adversarial perturbations to the worker. The one or more computer processors harden the machine learning model utilizing the transmitted obfuscated adversarial perturbations and the private data.
