| 摘要: |
| 传统的联邦学习(Federated Learning,FL)差分隐私(Differential Privacy,DP)保护机制在一定程度上抵御了差分攻击,防止用户数据的泄露问题,但是引入的噪声扰动在一定程度上又影响了原本数据,导致在服务器聚合时与原本数据产生影响较大的偏差,严重影响了全局模型的准确率和收敛性。为了解决这一问题,提出了一种基于扩散式联邦学习差分隐私保护(Diffusive Differential Privacy Federated Learning,DDPFL)方法,通过在服务器端聚合之前更加精确地对噪声进行拟合,还原精度更高的数据样本,降低了对原模型的影响。在数据分布为IID和Non-IID联邦学习实际场景下验证了该方法的有效性。在数据分布为Non-IID场景下,所提方法与联邦学习原始差分隐私保护方法相比,准确率在其基础上提高了1.7%~4.6%。 |
| 关键词: 差分隐私保护 数据泄露 联邦学习 扩散式传播 |
| DOI:10.20079/j.issn.1001-893x.240119001 |
|
| 基金项目: |
|
| Federated Learning Data Protection Based on Diffusive Differential Privacy |
| LEI Jingpeng,REN Cheng |
| (1.College of Electrical Engineering and Information,Southwest Petroleum University,Chengdu 610500,China;2.School of Information and Communication Engineering,University of Electronic Science and Technology of China,Chengdu 611731,China) |
| Abstract: |
| The traditional federated learning differential privacy protection mechanism resists differential attacks to a certain extent and prevents the problem of user data leakage,but the introduced noise perturbation affects the original data again to a certain extent,leading to the server aggregation with the original data having a large deviation,which seriously affects the accuracy and convergence of the global model.In order to solve this problem,the authors propose a diffusive differential privacy federated learning(DDPFL) based method to reduce the impact on the original model by more accurately fitting the noise before server-side aggregation and restoring data samples with higher accuracy.The effectiveness of the method is verified in real-world scenarios where the data distributions are IID and Non-IID federated learning.And under the data distribution of Non-IID scenarios,comparion between the proposed method and the original differential privacy preserving method of federated learning shows that the accuracy is improved by 1.7% to 4.6% on its basis. |
| Key words: differential privacy protection data breach federated learning diffuse propagation |
