Skip to main content
SpringerLink
Log in

Differentially Private Federated Learning: Algorithm, Analysis and Optimization

  • Chapter
  • First Online:
Federated Learning Systems

Part of the book series: Studies in Computational Intelligence ((SCI,volume 965))

Abstract

Federated learning (FL), a type of collaborative machine learning framework, is capable of helping protect users’ private data while training the data into useful models. Nevertheless, privacy leakage may still happen by analyzing the exchanged parameters, e.g., weights and biases in deep neural networks, between the central server and clients. In this chapter, to effectively prevent information leakage, we investigate a differential privacy mechanism in which, at the clients’ side, artificial noises are added to parameters before uploading. Moreover, we propose a K-client random scheduling policy, in which K clients are randomly selected from a total of N clients to participate in each communication round. Furthermore, a theoretical convergence bound is derived from the loss function of the trained FL model. In detail, considering a fixed privacy level, the theoretical bound reveals that there exists an optimal number of clients K that can achieve the best convergence performance due to the tradeoff between the volume of user data and the variances of aggregated artificial noises. To optimize this tradeoff, we further provide a differentially private FL based client selection (DP-FedCS) algorithm, which can dynamically select the number of training clients. Our experimental results validate our theoretical conclusions and also show that the proposed algorithm can effectively improve both the FL training efficiency and FL model quality for a given privacy protection level.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Here we assume that the adversary cannot know where the parameters come from.

References

  1. M. Abadi, A. Chu, I. Goodfellow, H.B. McMahan, I. Mironov, K. Talwar, L. Zhang, Deep learning with differential privacy, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Vienna, Austria (2016), pp. 308–318

    Google Scholar 

  2. A. Alekh, D.J.C, Distributed delayed stochastic optimization, in Proceedings of the IEEE Conference on Decision and Control (CDC), Maui, HI, USA (2012)

    Google Scholar 

  3. A. Blum, C. Dwork, F. McSherry, K. Nissim, Practical privacy: the SuLQ framework, in Proceedings of the ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), Baltimore, Maryland, USA (2005), pp. 128–138

    Google Scholar 

  4. Y. Deng, F. Bao, Q. Dai, L.F. Wu, S.J. Altschuler, Scalable analysis of cell-type composition from single-cell transcriptomics using deep recurrent learning. Nat. Methods 16, 311–314 (2019)

    Google Scholar 

  5. C. Dwork, A. Roth, The algorithmic foundations of differential privacy. Found. Trends \(^{{R}}\) Theor. Comput. Sci. 9(3–4), 211–407 (2014)

    Google Scholar 

  6. U. Erlingsson, V. Pihur, A. Korolova, RAPPOR: randomized aggregatable privacy-preserving Ordinal Response, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA (2014), pp. 1054–1067

    Google Scholar 

  7. M. Fredrikson, S. Jha, T. Ristenpart, Model inversion attacks that exploit confidence information and basic countermeasures, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, Colorado, USA (2015), pp. 1322–1333

    Google Scholar 

  8. R.C. Geyer, T. Klein, M. Nabi, Differentially private federated learning: a client level perspective (2017). arXiv:1712.07557

  9. M. Hao, H. Li, X. Luo, G. Xu, H. Yang, S. Liu, Efficient and privacy-enhanced federated learning for industrial artificial intelligence. IEEE Trans. Ind. Inf. 16(10), 6532–6542 (2020)

    Article  Google Scholar 

  10. B. Hitaj, G. Ateniese, F. Perez-Cruz, Deep models under the GAN: information leakage from collaborative deep learning, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Dallas, Texas, USA (2017), pp. 603–618

    Google Scholar 

  11. Y. Lecun, L. Bottou, Y. Bengio, P. Haffner, Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)

    Article  Google Scholar 

  12. H. Lee, S.H. Lee, T.Q.S. Quek, Deep learning for distributed optimization: applications to wireless resource management. IEEE J. Sel. Areas Commun. 37(10), 2251–2266 (2019)

    Article  Google Scholar 

  13. J. Li, M. Khodak, S. Caldas, A. Talwalkar, Differentially private meta-learning (2019). arXiv:1909.05830

  14. T. Li, A. Kumar Sahu, M. Zaheer, M. Sanjabi, A. Talwalkar, V. Smith, Federated optimization in heterogeneous networks, in Proceedings of the Third Conference on Machine Learning and Systems (MLSys), Austin, TX, USA (2020)

    Google Scholar 

  15. J. Li, S. Chu, F. Shu, J. Wu, D.N.K. Jayakody, Contract-based small-cell caching for data disseminations in ultra-dense cellular networks. IEEE Trans. Mobile Comput. 18(5), 1042–1053 (2019)

    Article  Google Scholar 

  16. T. Li, A.K. Sahu, A. Talwalkar, V. Smith, Federated learning: Challenges, methods, and future directions. IEEE Signal Proc. Mag. 37(3), 50–60 (2020)

    Article  Google Scholar 

  17. J. Li, Z. Xing, W. Zhang, Y. Lin, F. Shu, Vehicle tracking in wireless sensor networks via deep reinforcement learning. IEEE Sens. Lett. 4(3), 1–4 (2020)

    Article  Google Scholar 

  18. X. Lian, C. Zhang, H. Zhang, C.-J. Hsieh, W. Zhang, J. Liu, Can decentralized algorithms outperform centralized algorithms? A case study for decentralized parallel stochastic gradient descent, in Proceedings of the ACM Neural Information Processing Systems (NIPS), Long Beach, California, USA (2017), pp. 5336–5346

    Google Scholar 

  19. Q. Liu, L. Shi, L. Sun, J. Li, M. Ding, F. Shu, Path planning for UAV-mounted mobile edge computing with deep reinforcement learning. IEEE Trans. Veh. Technol. 69(5), 5723–5728 (2020)

    Article  Google Scholar 

  20. C. Ma, J. Li, M. Ding, H. Hao Yang, F. Shu, T.Q.S. Quek, H.V. Poor, On safeguarding privacy and security in the framework of federated learning. IEEE Netw. 34(4), 242–248 (2020)

    Google Scholar 

  21. Z. Ma, M. Xiao, Y. Xiao, Z. Pang, H.V. Poor, B. Vucetic, High-reliability and low-latency wireless communication for internet of things: challenges, fundamentals, and enabling technologies. IEEE Internet Things J. 6(5), 7946–7970 (2019)

    Article  Google Scholar 

  22. H.B. McMahan, D. Ramage, K. Talwar, L. Zhang, Learning differentially private language models without losing accuracy (2018). arXiv:1710.06963

  23. L. Melis, C. Song, E. De Cristofaro, V. Shmatikov, Exploiting unintended feature leakage in collaborative learning, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2019), pp. 691–706

    Google Scholar 

  24. M. Mohammadi, A. Al-Fuqaha, S. Sorour, M. Guizani, Deep learning for IoT big data and streaming analytics: a survey. IEEE Commun. Surv. Tutor. 20(4), 2923–2960 (2018)

    Article  Google Scholar 

  25. M. Nasr, R. Shokri, A. Houmansadr, Comprehensive privacy analysis of deep learning: passive and active white-box inference attacks against centralized and federated learning, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2019), pp. 739–753

    Google Scholar 

  26. Y. Nesterov, Introductory Lectures on Convex Optimization: A Basic Course, 1st edn. (Springer, Boston, 2014)

    MATH  Google Scholar 

  27. Y. Qiang, L. Yang, C. Tianjian, T. Yongxin, Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. 10(2), 12:1–12:19 (2019)

    Google Scholar 

  28. T. Ryffel, A. Trask, M. Dahl, B. Wagner, J. Mancuso, D. Rueckert, J. Passerat-Palmbach, A generic framework for privacy preserving deep learning (2018). arXiv:1811.04017

  29. R. Shokri, V. Shmatikov, Privacy-preserving deep learning, in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, Colorado, USA (2015), pp. 1310–1321

    Google Scholar 

  30. W. Sun, J. Liu, Y. Yue, AI-enhanced offloading in edge computing: When machine learning meets industrial IoT. IEEE Netw. 33(5), 68–74 (2019)

    Article  Google Scholar 

  31. N.H. Tran, W. Bao, A. Zomaya, N.H.N. Minh, C. S. Hong, Federated learning over wireless networks: Optimization model design and analysis, in Proceedings of the IEEE Conference on Computer Communications (INFOCOM) (2019), pp. 1387–1395

    Google Scholar 

  32. S. Truex, N. Baracaldo, A. Anwar, T. Steinke, H. Ludwig, R. Zhang, Y. Zhou, A hybrid approach to privacy-preserving federated learning, in Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISec), London, UK (2019), pp. 1–11

    Google Scholar 

  33. Z. Wang, M. Song, Z. Zhang, Y. Song, Q. Wang, H. Qi, Beyond inferring class representatives: User-level privacy leakage from federated learning, in Proceedings of the IEEE Conference on Computer Communications (INFOCOM), Paris, France (2019), pp. 2512–2520

    Google Scholar 

  34. N. Wang, X. Xiao, Y. Yang, J. Zhao, S.C. Hui, H. Shin, J. Shin, G. Yu, Collecting and analyzing multidimensional data with local differential privacy, in Proceedings of the IEEE International Conference on Data Engineering (ICDE), Macao, China (2019), pp. 638–649

    Google Scholar 

  35. X. Wang, Y. Han, C. Wang, Q. Zhao, X. Chen, M. Chen, In-edge AI: Intelligentizing mobile edge computing, caching and communication by federated learning. IEEE Netw. 33(5), 156–165 (2019)

    Article  Google Scholar 

  36. S. Wang, T. Tuor, T. Salonidis, K.K. Leung, C. Makaya, T. He, K. Chan, Adaptive federated learning in resource constrained edge computing systems. IEEE J. Sel. Areas Commun. 37(6), 1205–1221 (2019)

    Article  Google Scholar 

  37. S. Wang, L. Huang, Y. Nie, X. Zhang, P. Wang, H. Xu, W. Yang, Local differential private data aggregation for discrete distribution estimation. IEEE Trans. Parallel Distrib. Syst. 30(9), 2046–2059 (2019)

    Article  Google Scholar 

  38. K. Wei, J. Li, M. Ding, C. Ma, H.H. Yang, F. Farokhi, S. Jin, T.Q.S. Quek, H. Vincent Poor, Federated learning with differential privacy: algorithms and performance analysis. IEEE Trans. Inf. Forens. Secur. 15, 3454–3469 (2020)

    Google Scholar 

  39. N. Wu, F. Farokhi, D. Smith, M.A. Kaafar, The value of collaboration in convex machine learning with differential privacy, in Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA (2020), pp. 304–317

    Google Scholar 

  40. P. Wu, J. Li, L. Shi, M. Ding, K. Cai, F. Yang, Dynamic content update for wireless edge caching via deep reinforcement learning. IEEE Commun. Lett. 23(10), 1773–1777 (2019)

    Article  Google Scholar 

  41. L. Xiangru, H. Yijun, L. Yuncheng, L. Ji, Asynchronous parallel stochastic gradient for nonconvex optimization, in Proceedings of the ACM Neural Information Processing Systems (NIPS), Montreal, Canada (2015), pp. 2737–2745

    Google Scholar 

  42. G. Xu, H. Li, S. Liu, K. Yang, X. Lin, VerifyNet: secure and verifiable federated learning. IEEE Trans. Inf. Forens. Secur. 15, 911–926 (2020)

    Google Scholar 

  43. H.H. Yang, A. Arafa, T.Q.S. Quek, H.V. Poor, Age-based scheduling policy for federated learning in mobile edge networks, in Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Barcelona, Spain (2020), pp. 8743–8747

    Google Scholar 

  44. H.H. Yang, Z. Liu, T.Q.S. Quek, H.V. Poor, Scheduling policies for federated learning in wireless networks. IEEE Trans. Commun. 68(1), 317–333 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nanjing University of Science and Technology, Nanjing, China

    Kang Wei, Jun Li & Chuan Ma

  2. Data61, CSIRO, Sydney, Australia

    Ming Ding

  3. Princeton University, Princeton, NJ, USA

    H. Vincent Poor

Authors
  1. Kang Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jun Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chuan Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ming Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. H. Vincent Poor
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jun Li .

Editor information

Editors and Affiliations

  1. Center for Cyber-Physical Systems, Khalifa University of Science and Technology, Abu Dhabi, United Arab Emirates

    Muhammad Habib ur Rehman

  2. School of Computing and Digital Technology, Birmingham City University, Birmingham, UK

    Mohamed Medhat Gaber

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Wei, K., Li, J., Ma, C., Ding, M., Poor, H.V. (2021). Differentially Private Federated Learning: Algorithm, Analysis and Optimization. In: Rehman, M.H.u., Gaber, M.M. (eds) Federated Learning Systems. Studies in Computational Intelligence, vol 965. Springer, Cham. https://doi.org/10.1007/978-3-030-70604-3_3

Download citation

Publish with us

Policies and ethics

Search

Navigation