计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (6A): 230600211-6.doi: 10.11896/jsjkx.230600211

• 信息安全 • 上一篇    下一篇

基于差分隐私的联邦学习方案

孙敏, 丁希宁, 成倩   

  1. 山西大学计算机与信息技术学院 太原 030000
  • 发布日期:2024-06-06
  • 通讯作者: 孙敏(minsun@sxu.edu.cn)
  • 基金资助:
    山西省基础研究计划(20210302123455,201701D121052)

Federated Learning Scheme Based on Differential Privacy

SUN Min, DING Xining, CHENG Qian   

  1. College of Computer and Information Technology,Shanxi University,Taiyuan 030000,China
  • Published:2024-06-06
  • About author:SUN Min,born in 1966,master,professor.Her main research interests include computer network and information security.
  • Supported by:
    Shanxi Province Basic Research Program,China(20210302123455,201701D121052).

PDF (PC)

396

摘要: 联邦学习的特点之一是进行训练的服务器并不直接接触数据,因此联邦学习本身就具有保护数据安全的特性。但是研究表明,联邦学习在本地数据训练和中心模型聚合等方面均存在隐私泄露的问题。差分隐私是一种加噪技术,通过加入适当噪声达到攻击者区分不出用户信息的目的。文中研究了一种基于本地和中心差分隐私的混合加噪算法(LCDP-FL),该算法能根据各个客户端不同权重、不同隐私需求,为这些客户端提供本地或混合差分隐私保护。而且我们证明该算法能够在尽可能减少计算开支的同时,为用户提供他们所需的隐私保障。在MNIST数据集和CIFAR-10数据集上对该算法进行了测试,并与本地差分隐私(LDP-FL)和中心差分隐私(CDP-FL)等算法进行对比,结果显示该混合算法在精确度、损失率和隐私安全方面均有改进,其算法性能最优。

关键词: 联邦学习, 差分隐私, 隐私保护, 混合加噪, 梯度下降

Abstract: One of the characteristics of federated learning is that the server being trained does not directly contact the data,so federated learning itself has the characteristics of protecting data security.However,research shows that federated learning has privacy leakage problems in local data training and central model aggregation.Differential privacy is a noise augmentation technique that adds appropriate noise to prevent an attacker from distinguishing user information.We study a hybrid noise adding algorithm based on local and central differential privacy(LCDP-FL),which can provide local or hybrid differential privacy protection for each client according to its different weights and privacy requirements.It’s shown that the algorithm can provide users with the privacy they need with minimal computational overhead.The algorithm is tested on the MNIST dataset and CIFAR-10 dataset,and compared with local differential privacy(LDP-FL) and central differential privacy(CDP-FL) algorithms,and the results show that the hybrid algorithm has improved accuracy,loss rate and privacy security,and its algorithm performance is the best.

Key words: Federated learning, Differential privacy, Privacy protection, Hybrid noise, Gradient descent

中图分类号: 

  • TP393
[1]LIU Y X,CHEN H,LIU Y H,et al.Privacy-preserving techniques in federated learning[J].Journal of Software,2022,33(3):1057-1092.
[2]GEYER R C,KLEIN T,NABI M.Differentially private federa-ted learning:a client level perspective[J].arXiv:1712.07557,2017.
[3]TRUEX S,LIU L,CHOW K H,et al.LDP-Fed:federated lear-ning with local differential privacy[C]//Proceedings of the Third ACM International Workshop on Edge Systems,Analytics and Networking.New York:ACM Press,2020:61-66.
[4]LIU X Y,LI H W,XU G W,et al.Privacy-enhanced federated learning against poisoning adversaries[J].IEEE Transactions on Information Forensics and Security,2021,16:4574-4588.
[5]PHONG L T,AONO Y,HAYASHI T,et al.Privacy-preserving deep learning via additively homomorphic encryption[C]//Proceedings of IEEE Transactions on Information Forensics and Security.Piscataway:IEEE Press,2019:1333-1345.
[6]OU W,ZENG J,GUO Z,et al.A homomorphic-encryption-based vertical federated learning scheme for rick management[J].Computer Science and Information Systems,2020,17(3):819-834.
[7]TANG L T,WANG D,ZHANG L F,et al.Federated learning scheme based on secure multi-party computation and differential privacy[J].Computer Science,2022,49(9):297-305.
[8]KAIROUZ P,BONAWITZ K,RAMAGE D.Discrete distribution estimation under local privacy[C]//International Confe-rence on Machine Learning.PMLR,2016:2436-2444.
[9]NASERI M,HAYES J,DE CRISTOFARO E.Toward robustness and privacy in federated learning:Experimenting with local and central differential privacy[C]//Proceedings of the 33rd International Conference on International Conference on Machine Learning(ICML’16).Volume 48.2016:2436-2444.
[10]KAIROUZ P,BONAWITZ K,RAMAGE D.Discrete Distribution Estimation under Local Privacy[C]//Proceedings of the 33rd International Conference on International Conference on Machine Learning(ICML’16).2016:2436-2444.
[11]HUANG J W.Federated learning data privacy security techno-logy based on differential privacy[J].Communication Technology,2022,55(12):1618-1625.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发