| With the rapid development of Artificial Intelligence,there is an increasing demand for big data.But due to legal regulations on privacy data protection,sensitive data cannot be collected at will,such as in medical and financial institutions,where each institution can only keep its own data but cannot pool data from all institutions,forming their own "data islands".Federated learning has been proposed to solve this problem by having a federated server coordinate multiple participants to train a global optimal model and collaborate on learning while protecting data privacy.However,federated learning still faces a series of privacy threats,such as inference attacks that can reverse data information through model gradients.It is difficult to guarantee that the server is trustworthy in real-world applications,and the whole network will stop working when the server is attacked or has a single point of failure.Therefore,the main research of this paper is as follows to address the above security issues in the parameter delivery process and server threats:(1)We propose privacy protection based on differential privacy in decentralized federated learning.The framework removes the federated server,each participant clips the locally trained gradient and then adds Laplace noise to the gradient to satisfy local differential privacy,which protects the gradient security of each participant and prevents privacy leakage.Each participant shares the gradient information with each other and ensures the security of the gradient information by identity verification.We analyze the security,privacy,communication and time overhead of the models through theory.The experiments test the accuracy,the effect of different cropping thresholds and privacy budgets on accuracy,communication cost and time overhead for classical image classification tasks to improve the security of the model communication process by balancing accuracy and the level of privacy protection.(2)We propose privacy protection based on homomorphic encryption in decentralized federated learning.The framework removes federated server and uses homomorphic encryption and differential privacy to protect the security of the model’s parameters.In each round,the participants generate their respective key pairs.First,one participant is randomly selected as the aggregation node,and the public key and ID are sent to other participants.Then each participant first verifies the received information,and then encrypts the noise-added gradient with the public key of the aggregation node,and sends the respective ID,ciphertext,and public key to the aggregation node,which sends the updated gradient to the corresponding participant with the encryption of the public key of the participant.During the whole training process,the gradient is transmitted in the form of ciphertext to guarantee the security of the gradient transmission process.The theoretical analysis and experimental results show that the method can provide secure privacy protection for the model.(3)We propose privacy protection based on multi-chain aggregation in decentralized federated learning,removing the federated server,the participants perform multi-chain parallel communication to update model parameters in a fully distributed manner to achieve more secure privacy protection.Specifically,MChain-SFFL randomly selects multiple participants as chain heads to initiate the model parameter aggregation process.The masked local model parameters are gradually aggregated along the chain nodes,and the model privacy is protected by passing Token to ensure that the nodes on the chain cannot reason out the model parameters of other nodes.The multi-chain parallel transmission of model parameters speeds up the model aggregation process.We show through theoretical analysis and experimental validation that the method can improve the level of privacy protection without reducing the model accuracy,and that multi-chain aggregation can improve the convergence speed of the model on Non-IID data. |
PDF Full Text Request