Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (6A): 230600002-8.doi: 10.11896/jsjkx.230600002

• Information Security • Previous Articles     Next Articles

Differential Privacy Federated Learning Method Based on Knowledge Distillation

TAN Zhiwen, XU Ruzhi, WANG Naiyu, LUO Dan   

  1. School of Control and Computer Engineering,North China Electric Power University,Beijing 102206,China
  • Published:2024-06-06
  • About author:TAN Zhiwen,born in 1999,postgra-duate.Her main research interests include federated learning and differentially privacy.
    XU Ruzhi,born in 1966,Ph.D,professor,master supervisor.Her main research interests include information safety,application of information technology in smart grid,and computer control.
  • Supported by:
    National Natural Science Foundation of China(61972148).

PDF (PC)

304

Abstract: Differential privacy technology,as a privacy protection method,has been widely applied in federated learning.The existing research on the application of differential privacy in federated learning either fails to consider unlabeled public data or the difference in data volume between clients,which limits its application in real-world scenarios.This paper proposes a differential privacy federated learning method based on knowledge distillation,which introduces unlabeled public datasets and considers the differences in data volume between clients.A dedicated differential privacy scheme is designed for this scenario.Firstly,the clients are grouped into “large data clients” and “general clients” based on the size of the data.The teacher model is trained using the data from the large data clients,and the teacher model adds pseudo labels to the public dataset.Then,the public dataset is used as a “special client” to jointly conduct federated training with the “general client”.Adopting differential privacy technology to ensure the data privacy of clients,as the data of special clients only involves privacy with labels,more privacy budgets are allocated to them in federated training compared to general clients.Limit the total amount of privacy budget,set the privacy budget for the federal training stage as a fixed value,and adjust the privacy budget for the pseudo label addition stage based on the client’s privacy needs and the parallel combination property of privacy budget.Experiments on the MNIST and SVHN datasets show that,under the same privacy budget consumption,the trained model has higher accuracy than traditional methods.This scheme has scalability,and its high flexibility of privacy budget allocation enables it to meet complex privacy needs.

Key words: Federated learning, Differential privacy, Knowledge distillation, Privacy protection, Privacy budget

CLC Number: 

  • TP309.2
[1]MCMAHAN H B,MOORE E,RAMAGE D,et al.Communication-efficient learning of deep networks from decentralized data[C]//Proceedings of the 20th International Conference on Artificial Intelligence and Statistics,2017:1273-1282.
[2]DWORK C,MC-SHERRY F,NISSIM K,et al.Calibrating noise to sensitivity in private data analysis[C]//Theory of Cryptography Conference.2006:265-284.
[3]DWORK C,KENTHAPADI K,MCSHERRY F,et al.Our Data,Ourselves:Privacy Via Distributed Noise Generation[C]//International Conference on Advances in Cryptology-eurocrypt.DBLP,2006:486-503.
[4]PHAN N H,WU X,HU H,et al.Adaptive Laplace Mechanism:Differential Privacy Preservation in Deep Learning[C]//IEEE International Conference on Data Mining.2017:385-394.
[5]ABADI M,CHU A,GOODFELLOW I,et al.Deep learning with differential privacy[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security.Vienna,Austria:ACM,2016:308-318.
[6]LU Y,HUANG X,DAI Y,et al.Differentially private asyn-chronous federated learning for mobile edge computing in urban informatics[J].IEEE Transactions on Industrial Informatics,2020,16(3):2134-2143.
[7]WEI K,LI J,DING M,et al.Federated learning with differential privacy:algorithms and performance analysis[J].IEEE Transactions on Information Forensics and Security,2020,15:3454-3469.
[8]MC MAHAN H B,RAMAGE D,TALWAR K,et al.Learning differentially private recurrent language models[J].arXiv:1710.06963,2017.
[9]HINTON G,VINYALS O,DEAN J.Distilling the knowledge in a neural network[J].arXiv:1503.02531,2015.
[10]LIU L,ZHANG J,SONG S H,et al.Communication-EfficientFederated Distillation with Active Data Sampling[J].arXiv:2203.06900,2022.
[11]ITAHARA S,NISHIO T,KODA Y,et al.Distillation-BasedSemi-Supervised Federated Learning for Communication-Efficient Collaborative Training with Non-IID Private Data[J].IEEE Transactions on Mobile Computing,2021(1):191-205.
[12]SUN L,LYU L.Federated Model Distillation with Noise-Free Differential Privacy[C]//International Joint Conference on Artificial Intelligence.International Joint Conferences on Artificial Intelligence Organization,2021:1563-1572.
[13]ZHAO Y,LI M,LAI L,et al.Federated learning with non-iid data[J].arXiv:1806.00582,2018.
[14]YAO X,HUANG T,ZHANG R X,et al.Federated learning with unbiased gradient aggregation and controllable meta updating[J].arXiv:1910.08234,2019.
[15]ZHU L,LIU X,LI Y,et al.A Fine-Grained Differentially Private Federated Learning Against Leakage From Gradients[J].IEEE Internet of Things Journal,2022,9(13):11500-11512.
[16]PAPERNOT N,ABADI M,ERLINGSSON L,et al.Semi-supervised Knowledge Transfer for Deep Learning from Private Training Data[J].arXiv:1610.05755,2016.
[17]KERKOUCHE R,CS G,CASTELLUCCIA C,et al.Constrained Differentially Private Federated Learning for Low-bandwidth Devices[J].arXiv:2103.00342,2021.
[18]PKAIROUZ H,MCMAHAN B,AVENT B,et al.Advances and Open Problems in Federated Learning[J].arXiv:1912.04977,2019.
[19]SHI H,ZHANG Y,SHEN Z,et al.Towards Communication-Efficient and Privacy-Preserving Federated Representation Learning[J].arXiv:2109.14611,2021.
[20]ZHANG T,SONG A,DONG X,et al.Privacy-Preserving Asynchronous Grouped Federated Learning for IoT[J].IEEE Internet of Things Journal,2022,9(7):5511-5523.
[21]HUANG X,DING Y,JIANG Z L,et al.DP-FL:a novel diffe-rentially private federated learning framework for the unbalanced data[J].World Wide Web,2020,23:2529-2545.
[22]LIU J,LOU J,XIONG L,et al.Projected Federated Averaging with Heterogeneous Differential Privacy[J].PVLDB,2022,15(4):828-840.
[23]MCMAHAN H B,MOORE E,RAMAGE D,et al.Communication-efficient learning of deep networks from decentralized data[J].Artificial Intelligence and Statistics,2017:1273-1282.
[24]DWORK C.Differential Privacy[J].Lecture Notes in Computer Science,2006,26(2):1-12.
[25]HAEBERLEN A,PIERCE B C,NARAYAN.Differential privacy under fire[C]//Proceedings of the 20th USENIX Conference on Security.San Francisco,USA,2011:33-33.
[26]MCSHERRY F.Privacy integrated queries:An extensible plat-form for privacy-preserving data analysis[J].Communications of the ACM,2010,53(9):89-97.
[27]LECUN Y.The MNIST Database of Handwritten Digits[OL].http://yann.lecun.com/exdb/mnist/.
[28]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient-basedlearning applied to document recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324.
[29]NETZER Y,WANG T,COATES A,et al.Reading digits in na-tural images with unsupervised feature learning[C]//NIPS Workshop on Deep Learning & Unsupervised Feature Lear-ning.2011.
[1] LAN Yajie, MA Ziqiang, CHEN Jiali, MIAO Li, XU Xin. Survey on Application of Searchable Attribute-based Encryption Technology Based on Blockchain [J]. Computer Science, 2024, 51(6A): 230800016-14.
[2] SUN Jianming, ZHAO Mengxin. Survey of Application of Differential Privacy in Edge Computing [J]. Computer Science, 2024, 51(6A): 230700089-9.
[3] SUN Min, DING Xining, CHENG Qian. Federated Learning Scheme Based on Differential Privacy [J]. Computer Science, 2024, 51(6A): 230600211-6.
[4] LIU Dongqi, ZHANG Qiong, LIANG Haolan, ZHANG Zidong, ZENG Xiangjun. Study on Smart Grid AMI Intrusion Detection Method Based on Federated Learning [J]. Computer Science, 2024, 51(6A): 230700077-8.
[5] SHI Songhao, WANG Xiaodan, YANG Chunxiao, WANG Yifei. SAR Image Target Recognition Based on Cross Domain Few Shot Learning [J]. Computer Science, 2024, 51(6A): 230800136-7.
[6] WANG Chenzhuo, LU Yanrong, SHEN Jian. Study on Fingerprint Recognition Algorithm for Fairness in Federated Learning [J]. Computer Science, 2024, 51(6A): 230800043-9.
[7] ZANG Hongrui, YANG Tingting, LIU Hongbo, MA Kai. Study on Cryptographic Verification of Distributed Federated Learning for Internet of Things [J]. Computer Science, 2024, 51(6A): 230700217-5.
[8] ZHOU Tianyang, YANG Lei. Study on Client Selection Strategy and Dataset Partition in Federated Learning Basedon Edge TB [J]. Computer Science, 2024, 51(6A): 230800046-6.
[9] QIAO Hong, XING Hongjie. Attention-based Multi-scale Distillation Anomaly Detection [J]. Computer Science, 2024, 51(6A): 230300223-11.
[10] LIU Jianxun, ZHANG Xinglin. Federated Learning Client Selection Scheme Based on Time-varying Computing Resources [J]. Computer Science, 2024, 51(6): 354-363.
[11] XU Yicheng, DAI Chaofan, MA Wubin, WU Yahui, ZHOU Haohao, LU Chenyang. Particle Swarm Optimization-based Federated Learning Method for Heterogeneous Data [J]. Computer Science, 2024, 51(6): 391-398.
[12] SUN Jing, WANG Xiaoxia. Convolutional Neural Network Model Compression Method Based on Cloud Edge Collaborative Subclass Distillation [J]. Computer Science, 2024, 51(5): 313-320.
[13] LU Yanfeng, WU Tao, LIU Chunsheng, YAN Kang, QU Yuben. Survey of UAV-assisted Energy-Efficient Edge Federated Learning [J]. Computer Science, 2024, 51(4): 270-279.
[14] WANG Degang, SUN Yi, GAO Qi. Active Membership Inference Attack Method Based on Multiple Redundant Neurons [J]. Computer Science, 2024, 51(4): 373-380.
[15] WANG Xu, LIU Changhong, LI Shengchun, LIU Shuang, ZHAO Kangting, CHEN Liang. Study on Manufacturing Company Automated Chart Analysis Method Based on Natural LanguageGeneration [J]. Computer Science, 2024, 51(4): 174-181.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.