基于本地化差分隐私的联邦学习方法研究

康海燕; 冀源蕊

doi:10.11959/j.issn.1000-436x.2022189

您当前的位置：

首页 >

文章列表页 >

基于本地化差分隐私的联邦学习方法研究

学术论文 | 更新时间：2024-06-05

- 基于本地化差分隐私的联邦学习方法研究
- Research on federated learning approach based on local differential privacy
- 通信学报 2022年43卷第10期页码：94-105
- 作者机构：
  
  北京信息科技大学信息管理学院，北京 100192
- 作者简介：
  
  [ "康海燕（1971− ），男，河北灵寿人，博士，北京信息科技大学教授，主要研究方向为网络安全与隐私保护等" ]
  [ "冀源蕊（1997− ），女，宁夏银川人，北京信息科技大学硕士生，主要研究方向为网络安全与隐私保护" ]
- 基金信息：
  
  国家社会科学基金资助项目(21BTQ079);国家自然科学基金资助项目(61370139);教育部人文社科基金资助项目(20YJAZH046);北京未来区块链与隐私计算高精尖创新中心基金资助项目
- DOI：10.11959/j.issn.1000-436x.2022189
  中图分类号： TP309.2
- 网络首发：2022-10，
  
  纸质出版：2022-10-25
- 稿件说明：
移动端阅览
康海燕, 冀源蕊. 基于本地化差分隐私的联邦学习方法研究[J]. 通信学报, 2022,43(10):94-105.

Haiyan KANG, Yuanrui JI. Research on federated learning approach based on local differential privacy[J]. Journal on Communications, 2022, 43(10): 94-105.
康海燕, 冀源蕊. 基于本地化差分隐私的联邦学习方法研究[J]. 通信学报, 2022,43(10):94-105. DOI： 10.11959/j.issn.1000-436x.2022189.

Haiyan KANG, Yuanrui JI. Research on federated learning approach based on local differential privacy[J]. Journal on Communications, 2022, 43(10): 94-105. DOI： 10.11959/j.issn.1000-436x.2022189.

摘要

摘要：联邦学习作为一种协作式机器学习方法，允许用户通过共享模型而不是原始数据进行多方模型训练，在实现隐私保护的同时充分利用用户数据，然而攻击者仍有可能通过窃听联邦学习参与方共享模型来窃取用户信息。为了解决联邦学习训练过程中存在的推理攻击问题，提出一种基于本地化差分隐私的联邦学习（LDP-FL）方法。首先，设计一种本地化差分隐私机制，作用在联邦学习参数的传递过程中，保证联邦模型训练过程免受推理攻击的影响。其次，提出并设计一种适用于联邦学习的性能损失约束机制，通过优化损失函数的约束范围来降低本地化差分隐私联邦模型的性能损失。最后，在MNIST和Fashion MNIST数据集上通过对比实验验证了所提方法的有效性。

Abstract

As a type of collaborative machine learning framework

federated learning is capable of preserving private data from participants while training the data into useful models.Nevertheless

from a viewpoint of information theory

it is still vulnerable for a curious server to infer private information from the shared models uploaded by participants.To solve the inference attack problem in federated learning training

a local differential privacy federated learning (LDP-FL) approach was proposed.Firstly

to ensure the federated model training process was protected from inference attacks

a local differential privacy mechanism was designed for transmission of parameters in federated learning.Secondly

a performance loss constraint mechanism for federated learning was proposed and designed to reduce the performance loss of local differential privacy federated model by optimizing the constraint range of the loss function.Finally

the effectiveness of proposed LDP-FL approach was verified by comparative experiments on MNIST and Fashion MNIST datasets.

关键词

Keywords

references

YANG Q , LIU Y , CHEN T J , et al . Federated machine learning:concept and applications [J ] . ACM Transactions on Intelligent Systems and Technology , 2019 , 10 ( 2 ): 1 - 19 .

KAIROUZ P , MCMAHAN H B , AVENT B , et al . Advances and open problems in federated learning [J ] . Foundations and Trends in Machine Learning , 2021 , 14 ( 1-2 ): 1 - 210 .

方晨 , 郭渊博 , 王一丰 , 等 . 基于区块链和联邦学习的边缘计算隐私保护方法 [J ] . 通信学报 , 2021 , 42 ( 11 ): 28 - 40 .

FANG C , GUO Y B , WANG Y F , et al . Edge computing privacy protection method based on blockchain and federated learning [J ] . Journal on Communications , 2021 , 42 ( 11 ): 28 - 40 .

莫梓嘉 , 高志鹏 , 杨杨 , 等 . 面向车联网数据隐私保护的高效分布式模型共享策略 [J ] . 通信学报 , 2022 , 43 ( 4 ): 83 - 94 .

MO Z J , GAO Z P , YANG Y , et al . Efficient distributed model sharing strategy for data privacy protection in Internet of vehicles [J ] . Journal on Communications , 2022 , 43 ( 4 ): 83 - 94 .

刘艺璇 , 陈红 , 刘宇涵 , 等 . 联邦学习中的隐私保护技术 [J ] . 软件学报 , 2022 , 33 ( 3 ): 1057 - 1092 .

LIU Y X , CHEN H , LIU Y H , et al . Privacy-preserving techniques in federated learning [J ] . Journal of Software , 2022 , 33 ( 3 ): 1057 - 1092 .

SONG M K , WANG Z B , ZHANG Z F , et al . Analyzing user-level privacy attack against federated learning [J ] . IEEE Journal on Selected Areas in Communications , 2020 , 38 ( 10 ): 2430 - 2444 .

LIU X Y , LI H W , XU G W , et al . Privacy-enhanced federated learning against poisoning adversaries [J ] . IEEE Transactions on Information Forensics and Security , 2021 , 16 : 4574 - 4588 .

PHONG L T , AONO Y , HAYASHI T , et al . Privacy-preserving deep learning via additively homomorphic encryption [C ] // Proceedings of IEEE Transactions on Information Forensics and Security . Piscataway:IEEE Press , 2019 : 1333 - 1345 .

OU W , ZENG J , GUO Z , et al . A homomor-phic-encryption-based vertical federated learning scheme for rick management [J ] . Computer Science and Information Systems , 2020 , 17 ( 3 ): 819 - 834 .

ZHU H F , MONG G R S , NG W K . Privacy-preserving weighted federated learning within the secret sharing framework [J ] . IEEE Access , 2020 , 8 : 198275 - 198284 .

DWORK C , . Differential privacy [C ] // Proceedings of 2006 International Colloquium on Automata,Languages and Programming (ICALP) . Berlin:Springer , 2006 : 1 - 12 .

GEYER R C , KLEIN T , NABI M . Differentially private federated learning:a client level perspective [J ] . arXiv Preprint,arXiv:1712.07557 , 2017 .

ABADI M , CHU A , GOODFELLOW I , et al . Deep learning with differential privacy [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York:ACM Press , 2016 : 308 - 318 .

ZHAO C X , SVN Y , WANG D G . Federated learning with Gaussian differential privacy [C ] // Proceedings of the 2020 2nd International Conference on Robotics,Intelligent Control and Artificial Intelligence . Piscataway:IEEE Press , 2020 : 296 - 301 .

WEI K , LI J , DING M , et al . Federated learning with differential privacy:algorithms and performance analysis [J ] . IEEE Transactions on Information Forensics and Security , 2020 , 15 : 3454 - 3469 .

TRUEX S , LIU L , CHOW K H , et al . LDP-Fed:federated learning with local differential privacy [C ] // Proceedings of the Third ACM International Workshop on Edge Systems,Analytics and Networking . New York:ACM Press , 2020 : 61 - 66 .

LIU R X , CAO Y , YOSHIKAWA M , et al . FedSel:federated SGD under local differential privacy with top-k dimension selection [C ] // International Conference on Database Systems for Advanced Applications . Berlin:Springer , 2020 : 485 - 501 .

ZHAO Y , ZHAO J , YANG M M , et al . Local differential privacy-based federated learning for Internet of things [J ] . IEEE Internet of Things Journal , 2021 , 8 ( 11 ): 8836 - 8853 .

MCMAHAN H B , MOORE E , RAMAGE D , et al . Communication-efficient learning of deep networks from decentralized data [J ] . arXiv Preprint,arXiv:1602.05629 , 2016 .

浏览量

1742

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向动态算力节点的联邦学习差分隐私重校准方法

DAGUARD：联邦学习下的分布式后门攻击防御方案

面向非独立同分布数据的联邦学习数据增强方案

基于深度学习的位置大数据统计发布与隐私保护方法

面向视频监控基于联邦学习的智能边缘计算技术