面向多域数据场景的安全高效联邦学习

Secure and Efficient Federated Learning for Multi-domain Data Scenarios

下载PDF

导出

摘要针对联邦学习在不同领域数据训练中面临的泛化能力差、灾难性遗忘和隐私攻击等挑战,文中提出面向多域数据场景的安全高效联邦学习方案.在本地训练阶段,结合知识蒸馏技术,防止模型在不同领域数据训练时发生灾难性遗忘,同时加速知识在各领域间的迁移,提高训练效率.在上传阶段,提出高斯差分隐私机制,分别对本地更新的梯度和各领域间的泛化差异添加高斯噪声,实现安全上传,增强训练过程的保密性.在聚合阶段,采用动态泛化权重聚合算法,减少各领域间的泛化差异,提升模型的泛化能力.理论分析证明该方案具有较强的鲁棒性.在PACS、Office-Home数据集上的实验表明此方案具有较高的准确度和较短的训练时间. To tackle the challenges of poor generalization,catastrophic forgetting and privacy attacks that federated learning faces in multi-domain data training,a scheme for secure and efficient federated learning for multi-domain scenarios(SEFL-MDS)is proposed.In the local training phase,knowledge distillation technology is employed to prevent catastrophic forgetting during multi-domain data training,while accelerating knowledge transfer across domains to improve training efficiency.In the uploading phase,Gaussian noise is added to locally updated gradients and generalization differences across domains using the Gaussian differential privacy mechanism to ensure secure data uploads and enhance the confidentiality of the training process.In the aggregation phase,a dynamic generalization-weighted algorithm is utilized to reduce generalization differences across domains,thereby enhancing the generalization capability.Theoretical analysis demonstrates the high robustness of the proposed scheme.Experiments on PACS and office-Home datasets show that the proposed scheme achieves higher accuracy with reduced training time.

作者金春花李路路王佳浩季玲刘欣颖陈礼青张浩翁健 JIN Chunhua;LI Lulu;WANG Jiahao;JI Ling;LIU Xinying;CHEN Liqing;ZHANG Hao;WENG Jian(Faculty of Computer and Software Engineering,Huaiyin Institute of Technology,Huaian 223003;Fujian Provincial Key Laboratory of Network Security and Cryp-tology,Fujian Normal University,Fuzhou 350007;College of Information Science and Technology,Jinan University,Guangzhou 510632)

机构地区淮阴工学院计算机与软件工程学院福建师范大学、福建省网络安全与密码技术重点实验室暨南大学信息科学技术学院

出处《模式识别与人工智能》 EI CSCD 北大核心 2024年第9期824-838,共15页 Pattern Recognition and Artificial Intelligence

基金江苏省高等学校基础科学(自然科学)研究重大项目(No.23KJA520003)、江苏省研究生科研与实践创新计划项目(No.SJCX24_2144)、淮阴工学院研究生科技创新计划项目(No.HGYK202418)资助。

关键词联邦学习域泛化推理攻击知识蒸馏差分隐私 Federated Learning Domain Generalization Inference Attack Knowledge Distillation Differential Privacy

分类号 TP309 [自动化与计算机技术—计算机系统结构] TP181 [自动化与计算机技术—控制理论与控制工程]