• PDF / 1,201,263 Bytes
• 11 Pages / 595.224 x 790.955 pts Page_size
• 6 Downloads / 351 Views

DOWNLOAD

REPORT

Adaptive privacy-preserving federated learning Xiaoyuan Liu1,2 · Hongwei Li1,2 · Guowen Xu1,3 · Rongxing Lu4 · Miao He5 Received: 28 August 2019 / Accepted: 27 December 2019 © Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract As an emerging training model, federated deep learning has been widely applied in many fields such as speech recognition, image classification and classification of peer-to-peer (P2P) Internet traffics. However, it also entails various security and privacy concerns. In the past years, many researchers have been carried out toward elaborating solutions to alleviate the above challenges via three underlying technologies, i.e., Secure Multi-Party Computation (SMC), Homomorphic Encryption (HE) and Differential Privacy (DP). Compared with SMC and HE, differential privacy is outstanding in terms of efficiency. However, due to the involvement of noise, DP always needs to make a trade-off between security and accuracy. i.e., achieving a strong security requirement has to sacrifice certain accuracy. To seek the optimal balance, we propose APFL, an Adaptive Privacy-preserving Federated Learning framework in this paper. Specifically, in the APFL, we calculate the contribution of each attribute class to the outputs with a layer-wise relevance propagation algorithm. By injecting adaptive noise to data attributes, our APFL significantly reduces the impact of noise on the final results. Moreover, we introduce the Randomized Privacy-preserving Adjustment Technology to further improve the prediction accuracy of the model. We present a formal security analysis to demonstrate the high privacy level of APFL. Besides, extensive experiments show the superior performance of APFL in terms of accuracy, computation and communication overhead. Keywords Privacy protection · Differential privacy · Federated learning · Distributed system

1 Introduction Deep learning has demonstrated superior performance in many fields, such as autonomous driving [12], medical diagnosis [7, 10, 11], and image recognition [21]. However, traditionally centralized deep learning usually trains a network with large amounts of data collected from users, which potentially leads to privacy leakages for users. Recently, federated learning proposed by Google has attracted much attention, as it only requires users to upload the gradients of the local model to the cloud server, instead of users’ original data. Federated learning has been used in many scenarios, such as natural language processing [6], classification of peer-to-peer (P2P) Internet traffics [19] and ransomware classification [29].

 Hongwei Li

[email protected]

Extended author information available on the last page of the article.

Compared with traditionally centralized deep learning, federated learning mitigates privacy leaks to some extent [16, 25, 26]. However, many studies show that attackers can still compromise users’ privacy through gradients [13]. Particularly, Song et al. [20] shown that deep learning technology can “memorize” information abo

Recommend Documents

Threats to Federated Learning

232 16 27MB

Federated Generative Adversarial Learning

207 66 65MB

Federated Learning for Healthcare Informatics

222 114 936KB

Collaborative Fairness in Federated Learning

219 94 27MB

Federated Learning Privacy and Incentive

252 83 27MB

Federated Learning for Open Banking

466 119 449KB

Data Poisoning Attacks Against Federated Learning Systems

216 40 48MB

Iterative Optimization for Edge Federated Learning

189 86 16MB

Budget-Bounded Incentives for Federated Learning

191 60 27MB

Network Anomaly Detection Using Federated Learning and Transfer Learning

408 39 871KB

Task-Agnostic Privacy-Preserving Representation Learning via Federated Learning

196 32 27MB

Low Rank Communication for Federated Learning

207 87 31MB