Privacy-enhanced federated learning scheme based on generative adversarial networks
Federated learning, a distributed machine learning paradigm, has gained a lot of attention due to its inherent privacy protection capability and heterogeneous collaboration.However, recent studies have revealed a potential privacy risk known as “gradient leakage”, where the gradients can be used to...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2023-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023043 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850092162583101440 |
|---|---|
| author | Feng YU Qingxin LIN Hui LIN Xiaoding WANG |
| author_facet | Feng YU Qingxin LIN Hui LIN Xiaoding WANG |
| author_sort | Feng YU |
| collection | DOAJ |
| description | Federated learning, a distributed machine learning paradigm, has gained a lot of attention due to its inherent privacy protection capability and heterogeneous collaboration.However, recent studies have revealed a potential privacy risk known as “gradient leakage”, where the gradients can be used to determine whether a data record with a specific property is included in another participant’s batch, thereby exposing the participant’s training data.Current privacy-enhanced federated learning methods may have drawbacks such as reduced accuracy, computational overhead, or new insecurity factors.To address this issue, a differential privacy-enhanced generative adversarial network model was proposed, which introduced an identifier into vanilla GAN, thus enabling the input data to be approached while satisfying differential privacy constraints.Then this model was applied to the federated learning framework, to improve the privacy protection capability without compromising model accuracy.The proposed method was verified through simulations under the client/server (C/S) federated learning architecture and was found to balance data privacy and practicality effectively compared with the DP-SGD method.Besides, the usability of the proposed model was theoretically analyzed under a peer-to-peer (P2P) architecture, and future research work was discussed. |
| format | Article |
| id | doaj-art-bded461d375a479aa03cc9d379a9db3c |
| institution | DOAJ |
| issn | 2096-109X |
| language | English |
| publishDate | 2023-06-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-bded461d375a479aa03cc9d379a9db3c2025-08-20T02:42:11ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2023-06-01911312259578484Privacy-enhanced federated learning scheme based on generative adversarial networksFeng YUQingxin LINHui LINXiaoding WANGFederated learning, a distributed machine learning paradigm, has gained a lot of attention due to its inherent privacy protection capability and heterogeneous collaboration.However, recent studies have revealed a potential privacy risk known as “gradient leakage”, where the gradients can be used to determine whether a data record with a specific property is included in another participant’s batch, thereby exposing the participant’s training data.Current privacy-enhanced federated learning methods may have drawbacks such as reduced accuracy, computational overhead, or new insecurity factors.To address this issue, a differential privacy-enhanced generative adversarial network model was proposed, which introduced an identifier into vanilla GAN, thus enabling the input data to be approached while satisfying differential privacy constraints.Then this model was applied to the federated learning framework, to improve the privacy protection capability without compromising model accuracy.The proposed method was verified through simulations under the client/server (C/S) federated learning architecture and was found to balance data privacy and practicality effectively compared with the DP-SGD method.Besides, the usability of the proposed model was theoretically analyzed under a peer-to-peer (P2P) architecture, and future research work was discussed.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023043federated learninggradient leakageprivacy enhancementgenerative adversarial networkdifferential privacy |
| spellingShingle | Feng YU Qingxin LIN Hui LIN Xiaoding WANG Privacy-enhanced federated learning scheme based on generative adversarial networks 网络与信息安全学报 federated learning gradient leakage privacy enhancement generative adversarial network differential privacy |
| title | Privacy-enhanced federated learning scheme based on generative adversarial networks |
| title_full | Privacy-enhanced federated learning scheme based on generative adversarial networks |
| title_fullStr | Privacy-enhanced federated learning scheme based on generative adversarial networks |
| title_full_unstemmed | Privacy-enhanced federated learning scheme based on generative adversarial networks |
| title_short | Privacy-enhanced federated learning scheme based on generative adversarial networks |
| title_sort | privacy enhanced federated learning scheme based on generative adversarial networks |
| topic | federated learning gradient leakage privacy enhancement generative adversarial network differential privacy |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023043 |
| work_keys_str_mv | AT fengyu privacyenhancedfederatedlearningschemebasedongenerativeadversarialnetworks AT qingxinlin privacyenhancedfederatedlearningschemebasedongenerativeadversarialnetworks AT huilin privacyenhancedfederatedlearningschemebasedongenerativeadversarialnetworks AT xiaodingwang privacyenhancedfederatedlearningschemebasedongenerativeadversarialnetworks |