基于相似度聚类的可信联邦安全聚合算法

Trusted Federated Secure Aggregation via Similarity Clustering

联邦学习能够有效地规避参与方数据隐私问题,但模型训练中传递的参数或者梯度仍有可能泄露参与方的隐私数据,而恶意参与方的存在则会严重影响聚合过程和模型质量。基于此,该文提出一种基于相似度聚类的可信联邦安全聚合方法(FSA-SC)。首先基于客户端训练数据集规模及其与服务器间的通信距离综合评估选出拟参与模型聚合的候选客户端;然后根据候选客户端间的相似度,利用聚类将候选客户端划分为良性客户端和异常客户端;最后,对异常客户端类中的成员利用类内广播和二次协商进行参数替换和记录,检测识别恶意客户端。为了验证FSA-SC的有效性,以联邦推荐为应用场景,选取MovieLens 1M,Netflix数据集和Amazon抽样数据集为实验数据集,实验结果表明,所提方法能够实现高效的安全聚合,且相较对比方法有更高的鲁棒性。

Federated learning can effectively circumvent the data privacy issues of participants,but the parameters or gradients passed in model training may still leak the privacy of the participants.Also,the existence of malicious participants can seriously affect the aggregation process and model quality.In this paper,a trusted Federated Secure Aggregation method based on Similarity Clustering named FSA-SC is proposed.Firstly,the weight for each client can be measured based on the size of the client training data set and the communication distance between the client and the server,and those participants with higher weight are selected in the server-side model aggregation.Secondly,according to the similarity between the candidate clients,the candidate clients are divided into two groups,i.e.,benign group and abnormal group.Finally,for the abnormal group,an intra-class broadcast and secondary negotiation are designed to replace and record the parameters of the members,so as to detect effectively malicious clients.In order to verify the effectiveness of FSA-SC,taking federated recommendation as the application scenario,experimental results on MovieLens 1M,Netflix and Amazon datasets indicate that FSA-SC can achieve efficient security aggregation and has greater robustness than baselines.