云-边融合的可验证隐私保护跨域联邦学习方案

doi:10.19678/j.issn.1000-3428.0067877

摘要/Abstract

摘要：

联邦学习技术的飞速发展促进不同终端用户数据协同训练梯度模型，其显著特征是训练数据集不离开本地设备，只有梯度模型在本地进行更新并共享，使边缘服务器生成全局梯度模型。然而，本地设备间的异构性会影响训练性能，且共享梯度模型更新具有隐私泄密与恶意篡改威胁。提出云-边融合的可验证隐私保护跨域联邦学习方案。在方案中，终端用户利用单掩码盲化技术保护数据隐私，利用基于向量内积的签名算法产生梯度模型的签名，边缘服务器通过盲化技术聚合隐私数据并产生去盲化聚合签名，确保全局梯度模型更新与共享过程的不可篡改性。采用多区域权重转发技术解决异构网络中设备计算资源与通信开销受限的问题。实验结果表明，该方案能够安全高效地部署在异构网络中，并在MNIST、SVHN、CIFAR-10和CIFAR-100 4个基准数据集上进行系统实验仿真，与经典联邦学习方案相比，在精度相当的情况下，本文方案梯度模型收敛速度平均提高了21.6%。

关键词: 联邦学习, 全局梯度模型, 数据隐私, 可验证隐私保护, 跨域训练

Abstract:

The rapid development of Federated Learning(FL) technology promotes collaborative training of gradient models using data from different end users. Its notable feature is that the training dataset does not leave the local device, and only gradient model updates are locally computed and shared, enabling edge servers to generate global gradient models. However, the heterogeneity between local devices can affect training performance, and shared gradient model updates pose privacy breaches and malicious tampering threats. This study proposes a verifiable privacy-preserving cross-domain FL scheme based on cloud-edge fusion. In the scheme, end users use single mask blinding technology to protect data privacy, vector inner product based signature algorithms to generate signatures for gradient models, and edge servers aggregate private data through blinding technology to generate deblinded aggregated signatures. This ensures the global gradient model is updated and the sharing process is tamper proof. It adopts multi-region weight forwarding technology to address the problem of limited computing resources and communication costs of devices in heterogeneous networks. The experimental results demonstrate that the proposed scheme can be safely and efficiently deployed in heterogeneous networks, and system experiments and simulations are performed on four benchmark datasets: MNIST, SVHN, CIFAR-10, and CIFAR-100. Compared with the classical federated learning scheme, the gradient model convergence speed of our scheme is improved by an average of 21.6% with comparable accuracy.

Key words: Federated Learning(FL), global gradient model, data privacy, verifiable privacy-preserving, cross-domain training

张晓均, 李兴鹏, 唐伟, 郝云溥, 薛婧婷. 云-边融合的可验证隐私保护跨域联邦学习方案[J]. 计算机工程, 2024, 50(3): 148-155.

Xiaojun ZHANG, Xingpeng LI, Wei TANG, Yunpu HAO, Jingting XUE. Cloud-Edge Fusion Verifiable Privacy-Preserving Cross-Domain Federated Learning Scheme[J]. Computer Engineering, 2024, 50(3): 148-155.

http://www.ecice06.com/CN/Y2024/V50/I3/148

图/表 7

图1 3层架构的跨域联邦学习系统模型

Fig.1 Cross-domain federated learning system model with three layers architecture

图2 可验证安全聚合算法流程

Fig.2 Procedure of verifiable secure aggregation algorithm

图3 云-边融合的可验证隐私保护跨域联邦学习训练流程

Fig.3 Training procedure of cloud-edge fusion verifiable privacy-preserving cross-domain federated learning

图4 不同方案的终端计算开销

Fig.4 Terminal computional costs among different schemes

图5 不同方案的服务器端计算开销

Fig.5 Server side computational costs among different schemes

图6 基于重新训练次数的精度比较

Fig.6 Accuracy comparison based on retraining times

图7 经典联邦学习与本文方案训练精度对比

Fig.7 Comparison of training accuracy between classical federated learning and the proposed schemes

参考文献 25

1	HARIKA J, BALEESHWAR P, NAVYA K, et al. A review on artificial intelligence with deep human reasoning[C]//Proceedings of International Conference on Applied Artificial Intelligence and Computing. Washington D. C., USA: IEEE Press, 2022: 81-84.
2	KUMAR C N, NITHIN E, KRISHNA C S, et al. Real-time face mask detection using computer vision and machine learning[C]//Proceedings of the 2nd International Conference on Electronics and Renewable Systems. Washington D. C., USA: IEEE Press, 2023: 1532-1537.
3	ABDAR M, FAHAMI M A, RUNDO L, et al. Hercules: deep hierarchical attentive multilevel fusion model with uncertainty quantification for medical image classification. IEEE Transactions on Industrial Informatics, 2023, 19(1): 274- 285. doi: 10.1109/TII.2022.3168887
4	杨越佳, 华蓓, 钟志威, 等. 基于同态加密的隐私保护逻辑回归协同计算. 计算机工程, 2023, 49(4): 23- 31. URL
	YANG Y J, HUA B, ZHONG Z W, et al. Collaborative computing of privacy-preserving logistic regression based on homomorphic encryption. Computer Engineering, 2023, 49(4): 23- 31. URL
5	GU Z P, YANG Y X. Detecting malicious model updates from federated learning on conditional variational autoencoder[C]//Proceedings of International Parallel and Distributed Processing Symposium. Washington D. C., USA: IEEE Press, 2021: 671-680.
6	LI L, ZHANG X Y. PPVerifier: a privacy-preserving and verifiable federated learning method in cloud-edge collaborative computing environment. IEEE Internet of Things Journal, 2023, 10(10): 8878- 8892. doi: 10.1109/JIOT.2022.3233024
7	FALOWO O. Effect of users' equipment capability on utilization of heterogeneous wireless networks[C]//Proceedings of the 18th International Conference on Wireless and Mobile Computing, Networking and Communications. Washington D. C., USA: IEEE Press, 2022: 449-452.
8	叶进, 韦涛, 胡亮青, 等. 一种面向智联网的高效联邦学习算法. 计算机工程, 2023, 49(12): 243-251, 261. URL
	YE J, WEI T, HU L Q, et al. An efficient federated learning algorithm for artificial intelligence of things. Computer Engineering, 2023, 49(12): 243-251, 261. URL
9	PHONG L T, PHUONG T T. Privacy-preserving deep learning via weight transmission. IEEE Transactions on Information Forensics and Security, 2019, 14(11): 3003- 3015. doi: 10.1109/TIFS.2019.2911169
10	GU B, XU A, HUO Z Y, et al. Privacy-preserving asynchronous vertical federated learning algorithms for multiparty collaborative learning[EB/OL]. [2023-05-13]. http://arxiv.org/abs/2008.06233v1.
11	ZHANG J, ZHOU J T, GUO J Y, et al. Visual object detection for privacy-preserving federated learning. IEEE Access, 2023, 11, 33324- 33335. doi: 10.1109/ACCESS.2023.3263533
12	AKTER M, MOUSTAFA N, LYNAR T, et al. Edge intelligence: federated learning-based privacy protection framework for smart healthcare systems. IEEE Journal of Biomedical and Health Informatics, 2022, 26(12): 5805- 5816. doi: 10.1109/JBHI.2022.3192648
13	PAREKH R, PATEL N, GUPTA R, et al. GeFL: gradient encryption-aided privacy preserved federated learning for autonomous vehicles. IEEE Access, 2023, 11, 1825- 1839. doi: 10.1109/ACCESS.2023.3233983
14	LEE Y, PARK S, AHN J, et al. Accelerated federated learning via greedy aggregation. IEEE Communications Letters, 2022, 26(12): 2919- 2923. doi: 10.1109/LCOMM.2022.3203581
15	ELTARAS T, SABRY F, LABDA W, et al. Efficient verifiable protocol for privacy-preserving aggregation in federated learning. IEEE Transactions on Information Forensics and Security, 2023, 18, 2977- 2990. doi: 10.1109/TIFS.2023.3273914
16	ZHANG Z Z, WU L B, HE D B, et al. G-VCFL; grouped verifiable chained privacy-preserving federated learning. IEEE Transactions on Network and Service Management, 2022, 19(4): 4219- 4231. doi: 10.1109/TNSM.2022.3196404
17	ZHOU H, YANG G, HUANG Y X, et al. Privacy-preserving and verifiable federated learning framework for edge computing. IEEE Transactions on Information Forensics and Security, 2023, 18, 565- 580. doi: 10.1109/TIFS.2022.3227435
18	GAO S, LUO J J, ZHU J M, et al. VCD-FL: verifiable, collusion-resistant, and dynamic federated learning. IEEE Transactions on Information Forensics and Security, 2023, 18, 3760- 3773. doi: 10.1109/TIFS.2023.3271268
19	TANG X Y, SHEN M, LI Q, et al. PILE: robust privacy-preserving federated learning via verifiable perturbations. IEEE Transactions on Dependable and Secure Computing, 2023, 20(6): 5005- 5023. doi: 10.1109/TDSC.2023.3239007
20	YANG Z, ZHOU M, YU H Y, et al. Efficient and secure federated learning with verifiable weighted average aggregation. IEEE Transactions on Network Science and Engineering, 2023, 10(1): 205- 222. doi: 10.1109/TNSE.2022.3206243
21	XU G W, LI H W, LIU S, et al. VerifyNet: secure and verifiable federated learning. IEEE Transactions on Information Forensics and Security, 2020, 15, 911- 926. doi: 10.1109/TIFS.2019.2929409
22	HAHN C, KIM H, KIM M, et al. VerSA: verifiable secure aggregation for cross-device federated learning. IEEE Transactions on Dependable and Secure Computing, 2023, 20(1): 36- 52. doi: 10.1109/TDSC.2021.3126323
23	LUO F C, WANG H Y, YAN X F. Comments on "VERSA; verifiable secure aggregation for cross-device federated learning". IEEE Transactions on Dependable and Secure Computing, 2024, 21(1): 499- 500. doi: 10.1109/TDSC.2023.3253082
24	MCMAHAN H B, MOORE E, RAMAGE D, et al. Communication-efficient learning of deep networks from decentralized data[EB/OL]. [2023-05-13]. https://arxiv.org/pdf/1602.05629.pdf.
25	ZHENG Y F, LAI S Q, LIU Y, et al. Aggregation service for federated learning: an efficient, secure, and more resilient realization[EB/OL]. [2023-05-13]. https://arxiv.org/abs/2202.01971v1.

[1]	宋华伟, 李升起, 万方杰, 卫玉萍. 非独立同分布场景下的联邦学习优化方法[J]. 计算机工程, 2024, 50(3): 166-172.
[2]	刘少杰, 文斌, 王泽旭. 基于联邦学习的多技术融合数据交易方法[J]. 计算机工程, 2024, 50(3): 182-190.
[3]	郑晨俊, 曾艳, 袁俊峰, 张纪林, 王鑫, 韩猛. 基于联邦学习的船舶AIS轨迹预测算法[J]. 计算机工程, 2024, 50(2): 298-307.
[4]	张攀峰, 吴丹华, 董明刚. 基于粒子群优化的差分隐私深度学习模型[J]. 计算机工程, 2023, 49(9): 144-157.
[5]	王群, 李馥娟, 倪雪莉, 夏玲玲, 梁广俊. 区块链数据形成与隐私威胁[J]. 计算机工程, 2023, 49(8): 1-12.
[6]	郑美光, 杨泳. 基于互信息软聚类的个性化联邦学习算法[J]. 计算机工程, 2023, 49(8): 20-28.
[7]	温依霖, 赵乃良, 曾艳, 韩猛, 岳鲁鹏, 张纪林. 基于本地模型质量的客户端选择方法[J]. 计算机工程, 2023, 49(6): 131-143.
[8]	陈何雄, 罗宇薇, 韦云凯, 郭威, 杭菲璐, 何映军, 杨宁. 基于联邦学习的SDN异常流量协同检测技术[J]. 计算机工程, 2023, 49(3): 168-176.
[9]	叶进, 韦涛, 胡亮青, 罗森, 李晓欢. 一种面向智联网的高效联邦学习算法[J]. 计算机工程, 2023, 49(12): 243-251, 261.
[10]	刘金硕, 詹岱依, 邓娟, 王丽娜. 基于深度神经网络和联邦学习的网络入侵检测[J]. 计算机工程, 2023, 49(1): 15-21,30.
[11]	李尤慧子, 俞海涛, 殷昱煜, 高洪皓. 基于超级账本的集群联邦优化模型[J]. 计算机工程, 2023, 49(1): 22-30.
[12]	周全兴, 李秋贤, 丁红发, 樊玫玫. 基于博弈论优化的高效联邦学习方案[J]. 计算机工程, 2022, 48(8): 144-151,159.
[13]	王树芬, 张哲, 马士尧, 陈俞强, 伍一. 一种鲁棒的半监督联邦学习系统[J]. 计算机工程, 2022, 48(6): 107-114,123.
[14]	陈乃月, 金一, 李浥东, 蔡露鑫, 魏圆梦. 基于区块链的公平性联邦学习模型[J]. 计算机工程, 2022, 48(6): 33-41.
[15]	温亚兰, 陈美娟. 融合联邦学习与区块链的医疗数据共享方案[J]. 计算机工程, 2022, 48(5): 145-153,161.

选择文件类型/文献管理软件名称

选择包含的内容