Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (9): 62-67.doi: 10.11896/jsjkx.220700174

• Data Security • Previous Articles     Next Articles

Privacy-enhanced Federated Learning Algorithm Against Inference Attack

ZHAO Yuhao1, CHEN Siguang1, SU Jian2   

  1. 1 School of Internet of Things,Nanjing University of Posts and Telecommunications,Nanjing 210003,China
    2 School of Computer Science,Nanjing University of Information Science and Technology,Nanjing 210044,China
  • Received:2022-07-18 Revised:2023-01-06 Online:2023-09-15 Published:2023-09-01
  • About author:ZHAO Yuhao,born in 1998,postgra-duate.His main research interest is fe-derated learning.
    CHEN Siguang,born in 1984,Ph.D,professor.His main research interests include edge intelligence and AIoT.
  • Supported by:
    National Natural Science Foundation of China(61971235),333 High-level Talents Training Project of Jiangsu Province,China Postdoctoral Science Foundation(2018M630590),Jiangsu Planned Projects for Postdoctoral Research Funds(2021K501C) and 1311 Talents Plan of NJUPT.

PDF (PC)

1901

Abstract: In federated learning,each distributed client does not need to transmit local training data,the central server jointly trains the global model by gradient collection,it has good performance and privacy protection advantages.However,it has been demonstrated that gradient transmission may lead to the privacy leakage problem in federated learning.Aiming at the existing problems of current secure federated learning algorithms,such as poor model learning effect,high computational cost,and single attack defense,this paper proposes a privacy-enhanced federated learning algorithm against inference attack.First,an optimization problem of maximizing the distance between the training data obtained by inversion and the training data is formulated.The optimization problem is solved based on the quasi-Newton method to obtain new features with anti-inference attack ability.Second,the gradient reconstruction is achieved by using new features to generate gradients.The model parameters are updated based on the reconstructed gradients,which can improve the privacy protection capability of the model.Finally,simulation results show that the proposed algorithm can resist two types of inference attacks simultaneously,and it has significant advantages in protection effect and convergence speed compared with other secure schemes.

Key words: Federated learning, Inference attack, Privacy preservation, Gradient perturbation

CLC Number: 

  • TP393
[1]MCMAHAN B,MOORE E,RAMAGE D,et al.Communication-efficient learning of deep networks from decentralized data [C]//Proceedings of the 20th International Conference on Artificial Intelligence and Statistics(AISTATS).2016:1273-1282.
[2]YANG Q,LIU Y,CHEN T,et al.Federated machine learning:Conceptand applications [J].ACM Transactions on Intelligent Systems and Technology,2019,10(2):1-19.
[3]BONAWITZ K,EICHNER H,GRIESKAMP W,et al.Towards federated learning at scale:System design [C]//Proceedings of Machine Learning and Systems(MLSys).2019:374-388.
[4]LI T,SAHU A K,TALWALKAR A,et al.Federated learning:Challenges,methods,and future directions [J].IEEE Signal Processing Magazine,2020,37(3):50-60.
[5]ZHU L,LIU Z,HAN S.Deep leakage from gradients [C]//Pro-ceedings of Advances in Neural Information Processing Systems(NIPS).2019:17-31.
[6]GEIPING J,BAUERMEISTER H,DRÖGE H,et al.Inverting gradients-how easy is it to break privacy in federated learning? [C]//Proceedings of Advances in Neural Information Proces-sing Systems(NIPS).2020:16937-16947.
[7]WANG Z,SONG M,ZHANG Z,et al.Beyond inferring class representatives:User-level privacy leakage from federated lear-ning[C]//Proceedings of IEEE International Conference on Computer Communications(INFOCOM).2019:2512-2520.
[8]LIU J,MENG X.Survey on Privacy-Preserving Machine Lear-ning[J].Journal of Computer Research and Development,2020,57(2):346-362.
[9]WEI K,LI J,DING M,et al.Federated learning with differentialprivacy:Algorithms and performance analysis [J].IEEE Tran-sactions on Information Forensics and Security,2020,15:3454-3469.
[10]MCMAHAN H B,RAMAGE D,TALWAR K,et al.Learning differentially private recurrent language models [C]//Procee-dings of International Conference on Learning Representations(ICLR).2018:171-182.
[11]TRUEX S,LIU L,CHOW K H,et al.LDP-Fed:Federatedlearning with local differential privacy [C]//Proceedings of the Third ACM International Workshop on Edge Systems(EdgeSys).2020:61-66.
[12]BONAWITZ K,IVANOV V,KREUTER B,et al.Practical secure aggregation for privacy-preserving machine learning [C]//Proceedings of ACM SIGSAC Conference on Computer and Communications Security(CCS).2017:1175-1191.
[13]LIU Y,KANG Y,XING C,et al.A secure federated transfer learning framework[J].IEEE Intelligent Systems,2020,35(4):70-82.
[14]WEI W,LIU L,WUT Y,et al.Gradient-leakage resilient federa-ted learning [C]//Proceedings of the 41st IEEE International Conference on Distributed Computing Systems(ICDCS).2021:797-807.
[15]WU N,FAROKHI F,SMITH D,et al.The value of collaboration in convex machine learning with differential privacy [C]//Proceedings of IEEE Symposium on Security and Privacy(SP).2020:304-317.
[16]LIN Y,HAN S,MAO H,et al.Deep gradient compression:Reducing the communication bandwidth for distributed training[C]//Proceedings of International Conference on Learning Representations(ICLR).2017:1-12.
[17]MARTINS P,SOUSA L,MARIANO A.A survey on fully homomorphic encryption:An engineering perspective [J].ACM Computing Surveys,2017,50(6):1-33.
[18]ACAR A,AKSU H,ULUAGAC A S,et al.A survey on homomorphic encryption schemes:Theory and implementation [J].ACM Computing Surveys,2018,51(4):1-35.
[19]ZHANG Z,FU Y,HE N,GAO T.Research on Federated Deep Neural Network Model for Data Privacy Preserving[J].Acta Automatica Sinica,2022,48(5):1273-1284.
[20]SUN J,LI A,WANG B,et al.Soteria:Provable defense against privacy leakage in federated learning from representation perspective [C]//Proceedings of IEEE/CVF Conference on Computer Vision and Pattern Recognition(CVPR).2021:9311-9319.
[21]JIANG B,LI J,WANG H,et al.Privacy-Preserving federatedlearning for industrial edge computing via hybrid differential privacy and adaptive compression [J].IEEE Transactions on Industrial Informatics,2023,19(2):1136-1144.
[1] LIN Xinyu, YAO Zewei, HU Shengxi, CHEN Zheyi, CHEN Xing. Task Offloading Algorithm Based on Federated Deep Reinforcement Learning for Internet of Vehicles [J]. Computer Science, 2023, 50(9): 347-356.
[2] LI Rongchang, ZHENG Haibin, ZHAO Wenhong, CHEN Jinyin. Data Reconstruction Attack for Vertical Graph Federated Learning [J]. Computer Science, 2023, 50(7): 332-338.
[3] ZHANG Lianfu, TAN Zuowen. Robust Federated Learning Algorithm Based on Adaptive Weighting [J]. Computer Science, 2023, 50(6A): 230200188-9.
[4] ZHONG Jialin, WU Yahui, DENG Su, ZHOU Haohao, MA Wubin. Multi-objective Federated Learning Evolutionary Algorithm Based on Improved NSGA-III [J]. Computer Science, 2023, 50(4): 333-342.
[5] CHEN Depeng, LIU Xiao, CUI Jie, HE Daojing. Survey of Membership Inference Attacks for Machine Learning [J]. Computer Science, 2023, 50(1): 302-317.
[6] LU Chen-yang, DENG Su, MA Wu-bin, WU Ya-hui, ZHOU Hao-hao. Federated Learning Based on Stratified Sampling Optimization for Heterogeneous Clients [J]. Computer Science, 2022, 49(9): 183-193.
[7] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[8] CHEN Ming-xin, ZHANG Jun-bo, LI Tian-rui. Survey on Attacks and Defenses in Federated Learning [J]. Computer Science, 2022, 49(7): 310-323.
[9] LU Chen-yang, DENG Su, MA Wu-bin, WU Ya-hui, ZHOU Hao-hao. Clustered Federated Learning Methods Based on DBSCAN Clustering [J]. Computer Science, 2022, 49(6A): 232-237.
[10] YAN Meng, LIN Ying, NIE Zhi-shen, CAO Yi-fan, PI Huan, ZHANG Lan. Training Method to Improve Robustness of Federated Learning [J]. Computer Science, 2022, 49(6A): 496-501.
[11] DU Hui, LI Zhuo, CHEN Xin. Incentive Mechanism for Hierarchical Federated Learning Based on Online Double Auction [J]. Computer Science, 2022, 49(3): 23-30.
[12] WANG Xin, ZHOU Ze-bao, YU Yun, CHEN Yu-xu, REN Hao-wen, JIANG Yi-bo, SUN Ling-yun. Reliable Incentive Mechanism for Federated Learning of Electric Metering Data [J]. Computer Science, 2022, 49(3): 31-38.
[13] ZHAO Luo-cheng, QU Zhi-hao, XIE Zai-peng. Study on Communication Optimization of Federated Learning in Multi-layer Wireless Edge Environment [J]. Computer Science, 2022, 49(3): 39-45.
[14] KONG Yu-ting, TAN Fu-xiang, ZHAO Xin, ZHANG Zheng-hang, BAI Lu, QIAN Yu-rong. Review of K-means Algorithm Optimization Based on Differential Privacy [J]. Computer Science, 2022, 49(2): 162-173.
[15] ZOU Sai-lan, LI Zhuo, CHEN Xin. Study on Transmission Optimization for Hierarchical Federated Learning [J]. Computer Science, 2022, 49(12): 5-16.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.