Abstract
Federated learning (FL), a type of collaborative machine learning framework, is capable of helping protect users’ private data while training the data into useful models. Nevertheless, privacy leakage may still happen by analyzing the exchanged parameters, e.g., weights and biases in deep neural networks, between the central server and clients. In this chapter, to effectively prevent information leakage, we investigate a differential privacy mechanism in which, at the clients’ side, artificial noises are added to parameters before uploading. Moreover, we propose a K-client random scheduling policy, in which K clients are randomly selected from a total of N clients to participate in each communication round. Furthermore, a theoretical convergence bound is derived from the loss function of the trained FL model. In detail, considering a fixed privacy level, the theoretical bound reveals that there exists an optimal number of clients K that can achieve the best convergence performance due to the tradeoff between the volume of user data and the variances of aggregated artificial noises. To optimize this tradeoff, we further provide a differentially private FL based client selection (DP-FedCS) algorithm, which can dynamically select the number of training clients. Our experimental results validate our theoretical conclusions and also show that the proposed algorithm can effectively improve both the FL training efficiency and FL model quality for a given privacy protection level.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Here we assume that the adversary cannot know where the parameters come from.
References
M. Abadi, A. Chu, I. Goodfellow, H.B. McMahan, I. Mironov, K. Talwar, L. Zhang, Deep learning with differential privacy, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Vienna, Austria (2016), pp. 308–318
A. Alekh, D.J.C, Distributed delayed stochastic optimization, in Proceedings of the IEEE Conference on Decision and Control (CDC), Maui, HI, USA (2012)
A. Blum, C. Dwork, F. McSherry, K. Nissim, Practical privacy: the SuLQ framework, in Proceedings of the ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), Baltimore, Maryland, USA (2005), pp. 128–138
Y. Deng, F. Bao, Q. Dai, L.F. Wu, S.J. Altschuler, Scalable analysis of cell-type composition from single-cell transcriptomics using deep recurrent learning. Nat. Methods 16, 311–314 (2019)
C. Dwork, A. Roth, The algorithmic foundations of differential privacy. Found. Trends \(^{{R}}\) Theor. Comput. Sci. 9(3–4), 211–407 (2014)
U. Erlingsson, V. Pihur, A. Korolova, RAPPOR: randomized aggregatable privacy-preserving Ordinal Response, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA (2014), pp. 1054–1067
M. Fredrikson, S. Jha, T. Ristenpart, Model inversion attacks that exploit confidence information and basic countermeasures, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, Colorado, USA (2015), pp. 1322–1333
R.C. Geyer, T. Klein, M. Nabi, Differentially private federated learning: a client level perspective (2017). arXiv:1712.07557
M. Hao, H. Li, X. Luo, G. Xu, H. Yang, S. Liu, Efficient and privacy-enhanced federated learning for industrial artificial intelligence. IEEE Trans. Ind. Inf. 16(10), 6532–6542 (2020)
B. Hitaj, G. Ateniese, F. Perez-Cruz, Deep models under the GAN: information leakage from collaborative deep learning, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Dallas, Texas, USA (2017), pp. 603–618
Y. Lecun, L. Bottou, Y. Bengio, P. Haffner, Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)
H. Lee, S.H. Lee, T.Q.S. Quek, Deep learning for distributed optimization: applications to wireless resource management. IEEE J. Sel. Areas Commun. 37(10), 2251–2266 (2019)
J. Li, M. Khodak, S. Caldas, A. Talwalkar, Differentially private meta-learning (2019). arXiv:1909.05830
T. Li, A. Kumar Sahu, M. Zaheer, M. Sanjabi, A. Talwalkar, V. Smith, Federated optimization in heterogeneous networks, in Proceedings of the Third Conference on Machine Learning and Systems (MLSys), Austin, TX, USA (2020)
J. Li, S. Chu, F. Shu, J. Wu, D.N.K. Jayakody, Contract-based small-cell caching for data disseminations in ultra-dense cellular networks. IEEE Trans. Mobile Comput. 18(5), 1042–1053 (2019)
T. Li, A.K. Sahu, A. Talwalkar, V. Smith, Federated learning: Challenges, methods, and future directions. IEEE Signal Proc. Mag. 37(3), 50–60 (2020)
J. Li, Z. Xing, W. Zhang, Y. Lin, F. Shu, Vehicle tracking in wireless sensor networks via deep reinforcement learning. IEEE Sens. Lett. 4(3), 1–4 (2020)
X. Lian, C. Zhang, H. Zhang, C.-J. Hsieh, W. Zhang, J. Liu, Can decentralized algorithms outperform centralized algorithms? A case study for decentralized parallel stochastic gradient descent, in Proceedings of the ACM Neural Information Processing Systems (NIPS), Long Beach, California, USA (2017), pp. 5336–5346
Q. Liu, L. Shi, L. Sun, J. Li, M. Ding, F. Shu, Path planning for UAV-mounted mobile edge computing with deep reinforcement learning. IEEE Trans. Veh. Technol. 69(5), 5723–5728 (2020)
C. Ma, J. Li, M. Ding, H. Hao Yang, F. Shu, T.Q.S. Quek, H.V. Poor, On safeguarding privacy and security in the framework of federated learning. IEEE Netw. 34(4), 242–248 (2020)
Z. Ma, M. Xiao, Y. Xiao, Z. Pang, H.V. Poor, B. Vucetic, High-reliability and low-latency wireless communication for internet of things: challenges, fundamentals, and enabling technologies. IEEE Internet Things J. 6(5), 7946–7970 (2019)
H.B. McMahan, D. Ramage, K. Talwar, L. Zhang, Learning differentially private language models without losing accuracy (2018). arXiv:1710.06963
L. Melis, C. Song, E. De Cristofaro, V. Shmatikov, Exploiting unintended feature leakage in collaborative learning, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2019), pp. 691–706
M. Mohammadi, A. Al-Fuqaha, S. Sorour, M. Guizani, Deep learning for IoT big data and streaming analytics: a survey. IEEE Commun. Surv. Tutor. 20(4), 2923–2960 (2018)
M. Nasr, R. Shokri, A. Houmansadr, Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2019), pp. 739–753
Y. Nesterov, Introductory Lectures on Convex Optimization: A Basic Course, 1st edn. (Springer, Boston, 2014)
Y. Qiang, L. Yang, C. Tianjian, T. Yongxin, Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. 10(2), 12:1–12:19 (2019)
T. Ryffel, A. Trask, M. Dahl, B. Wagner, J. Mancuso, D. Rueckert, J. Passerat-Palmbach, A generic framework for privacy preserving deep learning (2018). arXiv:1811.04017
R. Shokri, V. Shmatikov, Privacy-preserving deep learning, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, Colorado, USA (2015), pp. 1310–1321
W. Sun, J. Liu, Y. Yue, AI-enhanced offloading in edge computing: When machine learning meets industrial IoT. IEEE Netw. 33(5), 68–74 (2019)
N.H. Tran, W. Bao, A. Zomaya, N.H.N. Minh, C. S. Hong, Federated learning over wireless networks: Optimization model design and analysis, in Proceedings of the IEEE Conference on Computer Communications (INFOCOM) (2019), pp. 1387–1395
S. Truex, N. Baracaldo, A. Anwar, T. Steinke, H. Ludwig, R. Zhang, Y. Zhou, A hybrid approach to privacy-preserving federated learning, in Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISec), London, UK (2019), pp. 1–11
Z. Wang, M. Song, Z. Zhang, Y. Song, Q. Wang, H. Qi, Beyond inferring class representatives: User-level privacy leakage from federated learning, in Proceedings of the IEEE Conference on Computer Communications (INFOCOM), Paris, France (2019), pp. 2512–2520
N. Wang, X. Xiao, Y. Yang, J. Zhao, S.C. Hui, H. Shin, J. Shin, G. Yu, Collecting and analyzing multidimensional data with local differential privacy, in Proceedings of the IEEE International Conference on Data Engineering (ICDE), Macao, China (2019), pp. 638–649
X. Wang, Y. Han, C. Wang, Q. Zhao, X. Chen, M. Chen, In-edge AI: Intelligentizing mobile edge computing, caching and communication by federated learning. IEEE Netw. 33(5), 156–165 (2019)
S. Wang, T. Tuor, T. Salonidis, K.K. Leung, C. Makaya, T. He, K. Chan, Adaptive federated learning in resource constrained edge computing systems. IEEE J. Sel. Areas Commun. 37(6), 1205–1221 (2019)
S. Wang, L. Huang, Y. Nie, X. Zhang, P. Wang, H. Xu, W. Yang, Local differential private data aggregation for discrete distribution estimation. IEEE Trans. Parallel Distrib. Syst. 30(9), 2046–2059 (2019)
K. Wei, J. Li, M. Ding, C. Ma, H.H. Yang, F. Farokhi, S. Jin, T.Q.S. Quek, H. Vincent Poor, Federated learning with differential privacy: algorithms and performance analysis. IEEE Trans. Inf. Forens. Secur. 15, 3454–3469 (2020)
N. Wu, F. Farokhi, D. Smith, M.A. Kaafar, The value of collaboration in convex machine learning with differential privacy, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2020), pp. 304–317
P. Wu, J. Li, L. Shi, M. Ding, K. Cai, F. Yang, Dynamic content update for wireless edge caching via deep reinforcement learning. IEEE Commun. Lett. 23(10), 1773–1777 (2019)
L. Xiangru, H. Yijun, L. Yuncheng, L. Ji, Asynchronous parallel stochastic gradient for nonconvex optimization, in Proceedings of the ACM Neural Information Processing Systems (NIPS), Montreal, Canada (2015), pp. 2737–2745
G. Xu, H. Li, S. Liu, K. Yang, X. Lin, VerifyNet: secure and verifiable federated learning. IEEE Trans. Inf. Forens. Secur. 15, 911–926 (2020)
H.H. Yang, A. Arafa, T.Q.S. Quek, H.V. Poor, Age-based scheduling policy for federated learning in mobile edge networks, in Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Barcelona, Spain (2020), pp. 8743–8747
H.H. Yang, Z. Liu, T.Q.S. Quek, H.V. Poor, Scheduling policies for federated learning in wireless networks. IEEE Trans. Commun. 68(1), 317–333 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Wei, K., Li, J., Ma, C., Ding, M., Poor, H.V. (2021). Differentially Private Federated Learning: Algorithm, Analysis and Optimization. In: Rehman, M.H.u., Gaber, M.M. (eds) Federated Learning Systems. Studies in Computational Intelligence, vol 965. Springer, Cham. https://doi.org/10.1007/978-3-030-70604-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-70604-3_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-70603-6
Online ISBN: 978-3-030-70604-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)