CN115795535A - Differential private federal learning method and device for providing adaptive gradient - Google Patents

Differential private federal learning method and device for providing adaptive gradient Download PDF

Info

Publication number
CN115795535A
CN115795535A CN202211441070.1A CN202211441070A CN115795535A CN 115795535 A CN115795535 A CN 115795535A CN 202211441070 A CN202211441070 A CN 202211441070A CN 115795535 A CN115795535 A CN 115795535A
Authority
CN
China
Prior art keywords
terminal equipment
training
local
function value
aggregation server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211441070.1A
Other languages
Chinese (zh)
Inventor
孙溢
赵子润
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN202211441070.1A priority Critical patent/CN115795535A/en
Publication of CN115795535A publication Critical patent/CN115795535A/en
Pending legal-status Critical Current

Links

Images

Abstract

The embodiment of the invention provides a differential private federal learning method and a device of a self-adaptive gradient, wherein the method is applied to a federal learning framework and comprises the following steps: the aggregation server initializes the training model and the training parameters and then sends the training models and the training parameters to all terminal equipment, and a quantization value list is obtained through initial training feedback of the terminal equipment; determining the number of iterations, each iteration comprising: the terminal equipment updates a local training set, adaptively acquires training data, determines a differential budget required by local training, generates an updating parameter, calculates a local cost function value, and uploads the local cost function value, the number of training data samples and the updating parameter to the aggregation server; the aggregation server executes terminal equipment filtering, determines a terminal equipment set meeting the quantity, executes weighting aggregation, updates a quantization value list and issues the quantization value list to all the terminal equipment; and obtaining an output model after the preset iteration times are completed. Based on the processing, the convergence rate of the training of the federal learning in the differential privacy application can be improved.

Description

Differential private federal learning method and device for providing adaptive gradient
Technical Field
The invention relates to the technical field of privacy protection, in particular to a differential private federal learning method and device for providing a self-adaptive gradient.
Background
Federated learning is a machine learning technique that can effectively avoid privacy disclosure caused by data centralization by using local sample data on multiple distributed edge devices to train algorithms together. However, potential risks of model reversal attacks and membership inference attacks may greatly increase the probability of sensitive personal information leakage. Therefore, how to ensure the security of the data stored in the distributed clients is becoming a difficult point and a hotspot of joint training. Currently, there have been some studies that apply Differential Privacy (Differential Privacy) to optimizers and sample perturbation to protect data Privacy. However, this behavior tends to result in a reduced convergence rate, especially in a Non-independent and explicit distributed (Non-id) environment.
The model inversion attack aims to acquire information on training data or test data of a model through a prediction output of the model. Membership inference attacks aim at giving the black box access rights of the model to train a two-classifier to determine whether the data comes from training data or test data of the target model. In order to resist the attack in the federal learning, some researches have been made to improve the difficulty of guessing by an adversary by applying differential privacy to the superimposed disturbance of the federal learning model of aggregation and issue, but the direct application of the differential privacy may cause the total number of rounds of federal aggregation to increase and the convergence rate to decrease.
Non-independent co-distributions refer to a set of random variables that each have a different probability distribution and are independent of each other. Corresponding to the federal learning architecture, this environment means that there will be different tag distributions and data distributions for data of different clients. Compared with the federated learning architecture under the independent and same-distribution environment, the federated learning architecture under the non-independent and same-distribution environment has a remarkable convergence problem. A lower update frequency will result in a large degradation, or even no convergence, of the performance of the learning model. The higher updating frequency can greatly increase the communication cost and the calculation cost of training. This situation continues to be exacerbated after differential privacy is applied.
Differential privacy defines a strict attack model to provide a quantitative description of privacy leakage. It focuses on protecting the statistical characteristics of data distribution and protecting personal privacy while ensuring the utility of the statistical data. The key technology for realizing the differential privacy is disturbance of superimposed noise. The level of privacy protection is directly related to the sensitivity of the function and the privacy budget. Performing the query function on contiguous data sets (one by adding or deleting a row of the other) applying differential privacy, the effect of obtaining nearly the same probability of obtaining the same output can be achieved. On the other hand, the differential privacy is not affected by the background knowledge of the attacker, and the magnitude of the background knowledge will not affect the performance of the differential privacy. This means that even if an attacker has mastered the sensitive information of all records except a certain one, the record will not be revealed.
Disclosure of Invention
The embodiment of the invention aims to provide a self-adaptive gradient differential private federal learning method and a self-adaptive gradient differential private federal learning device, so as to improve the convergence rate of the federal learning training when differential privacy is applied. The specific technical scheme is as follows:
in a first aspect, to achieve the above object, an embodiment of the present invention provides a data processing method, where the method is applied to a differential private parameter perturbation for performing adaptive local training on any federally learned terminal device. The method includes a plurality of iterative processes, which are divided into a first execution round and a subsequent iteration round.
The first execution wheel includes:
the aggregation server initializes a training model, draws up model details of each layer of the model, corresponding units and the like, and randomly generates initial model weights; the aggregation server draws up a local loss function, an initial local learning rate, an initial local training batch, an initial local training round number and an initial local cutting threshold value, and sends the local loss function, the initial local learning rate, the initial local training batch, the initial local training round number and the initial local cutting threshold value to all terminal equipment together with the model information and the test data; all terminal equipment selects training data from a local training set, and executes random Gradient Descent (SGD) of the initial training round number and generates a first round of local model weight; all terminal equipment generates updating parameters based on the initial model weight and the first round model weight; all terminal equipment calculates a local cost function value of the test data based on the first round of local model weight; all terminal equipment uploads the training data sample number, the updating parameters and the local cost function value to an aggregation server; the aggregation server performs weighted aggregation on the received update parameters of all the terminal devices of the first execution wheel according to the training data sample number, and calculates a global cost function value of the test data; and the aggregation server generates quantized values for all the terminal devices based on the local cost function values and the global cost function values, determines the initial non-independent same distribution degree of the quantized values, and sends the quantized values and the aggregation model weight to all the terminal devices.
The subsequent iteration round includes:
the aggregation server initializes the number of global training rounds, draws up the number of terminal devices to be aggregated in each round, an aggregation optimizer, a global learning rate, a local learning rate in the round, a local training batch, the number of local training rounds and a local cutting threshold, and sends the number and the test data to all the terminal devices; updating a local training set and adaptively selecting training data by all terminal equipment; all the terminal equipment determines the differential budget required by local training according to the quantization value of the previous round, the learning rate of the current round and the local training data; all terminal equipment executes differential Private random Gradient Descent (DP-SGD) of the training round number and generates a new round of local model weight; all terminal equipment generates updating parameters based on the weight of the aggregation model and the weight of the new round of model; all terminal equipment calculates a local cost function value of the test data based on the new round of local model weight; and all terminal devices upload the training data sample number, the updating parameters and the local cost function values to an aggregation server.
The aggregation server performs a terminal equipment filtering algorithm on the received terminal equipment feedback, screens a terminal equipment set meeting the quantity based on the quantity of the terminal equipment required by each round, performs weighted aggregation on the updating parameters in the terminal equipment set according to the training data sample number after the screening is finished, and calculates a global cost function value of the test data; and the aggregation server generates a quantization value for the terminal equipment in the set based on the local cost function value and the global cost function value, updates the initial non-independent same distribution degree of the quantization value, and sends the updated quantization value list to all the terminal equipment.
And repeating the global training rounds to finish the training.
Optionally, the determining the differential budget required for local training includes: and the aggregator in the previous round sends the updated local learning rate and the terminal equipment quantization value to determine the target terminal learning rate. The larger the quantization value of one terminal device is after updating, the smaller the local training data sample size is, the larger the difference between the terminal device and the global optimal model is, the more serious the client drift degree and the phenomenon of non-independent and same distribution are, the larger the required target terminal learning rate is, the higher the required disturbance grade is, and the less the required differential budget is.
In a second aspect, to achieve the above object, an embodiment of the present invention provides a data processing method, where the method is applied to the terminal device filtering in the first aspect, and the method includes: the first determining module is used for generating a quantization value for the terminal equipment based on the local cost function value and the global cost function value and updating and storing the quantization value of the current round number to a preset storage module when the local cost function value of the terminal equipment is received; when the training data sample number of the terminal equipment is received, recording the feedback time of the terminal equipment, and generating the ratio of the training data sample number to the feedback time; updating the ratio of the number of training data samples to the feedback time based on the quantized value of the current round number, determining a preset proportional coefficient, calculating the quality of the terminal equipment, and mapping the terminal equipment to a specified interval; and the second determining module is used for presetting a storage module with the upper limit size of the number based on the number of the terminal equipment required to be aggregated in each round, and is used for storing the terminal equipment set meeting the requirements of the aggregation server after screening.
Further, the quality of the terminal equipment can pass through the quality function in the current round
Figure BDA0003948746690000031
Evaluation of where d i A quantized update representing said current number of rounds, o i Representing the rank of the current round number fed back to the aggregation server by the terminal equipment, c representing a preset proportionality coefficient, 1+ o i To ensure that denominator is not zero, 1+ c/(1 + o) i ) To ensure that the quality function is mapped to a specified interval.
Optionally, the feedback time is a specific time counting moduleThe method comprises the following steps: determining theoretical time delay from the aggregation server to each terminal device; determining an average computation time for the number of training samples at the local number of training rounds; based on theoretical time delay from the aggregation server to each terminal device and average calculation time of the training sample number under the local training round number, respectively multiplying the theoretical time delay by a preset proportionality coefficient to determine o i
Optionally, the storage module is specifically divided into two storage stages: in the first storage stage, the storage module sequentially stores the indexes of the former K terminal devices and the quality function values Q thereof according to the preset upper limit size K i And according to said quality function value Q i Sorting is carried out; in the second storage stage, a quality threshold Q of the required terminal equipment is preset, and when a new terminal equipment feedback is received, the quality function value obtained by feedback calculation of the terminal equipment and the quality function value Q of the last ordered pair group in the storage module are used i Comparing, if the quality function value obtained by the feedback calculation of the new terminal equipment is larger than the quality function value Q of the last ordered pair group in the storage module i And inserting the quality function value and the terminal equipment index into a storage module to form a pair group, and reordering, otherwise, discarding the terminal equipment feedback. Quality function value Q of the last pair in the memory module i And when the quality is not less than the preset required terminal equipment quality threshold Q, the aggregation server stops continuously receiving the feedback of the new terminal equipment and finishes the collection screening of the terminal equipment.
In a third aspect, to achieve the above object, an embodiment of the present invention provides a data sampling apparatus, where the apparatus is applied to the adaptively selecting training data in the first aspect, and the method includes: and when the number of training data samples and the number of local training rounds of each terminal device are received, determining the size of an initial sample collection window of each terminal device. Based on the local training round number, the size change of the acquisition window is divided into two stages: in the first acquisition stage, the size of an acquisition window is kept unchanged according to the number of preset delay rounds; in a second acquisition phase, each terminal device determines the size of the generated acquisition window based on the indexes of a start pointer and an end pointer, wherein the start pointer is to be increased by itself at the same preset interval, and the end pointer is to be increased by itself at a given proportionality coefficient w by the lower bound of the product of the current round number training data sample amount and the previous round training data sample amount.
Optionally, determining the number of preset delay rounds includes: determining respective training data sample size from each terminal device; determining an expected sampling number of each training sample; determining the sampling rate of the training samples; and determining the preset delay round number based on the training data sample amount, the expected sampling times of each training sample and the sampling rate of the training samples.
The embodiment of the invention also provides electronic equipment which comprises a processor, an internal bus, a network interface and a memory, and certainly can also comprise hardware required by other services, wherein the processor, the network interface and the memory complete mutual communication through the internal bus; a memory for storing a computer program; a processor configured to implement the steps of the data processing method according to any one of the first, second, or third aspects when executing the program stored in the memory.
An embodiment of the present invention further provides a computer-readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the data processing method according to any one of the first aspect, the second aspect, or the third aspect.
Embodiments of the present invention also provide a computer program product containing instructions, which when run on a computer, cause the computer to execute any of the above data processing methods.
In the data processing method provided by the embodiment of the invention, when the aggregation server receives the training data sample number, the updating parameter and the local cost function value fed back by the terminal equipment in each round, the aggregation server updates and issues the quantization value for all the terminal equipment based on the local cost function value and the global cost function value; the global cost function value is to screen a terminal equipment set meeting the quantity based on the quantity of the terminal equipment required by each round, and after the screening is finished, weighting and aggregating the updating parameters in the terminal equipment set according to the training data sample number, and calculating the global cost function value of the test data; determining a differential budget of local training of the terminal equipment based on a quantization value issued by each round of the aggregation server, executing adaptive data sampling and finishing training, and uploading the number of samples, update parameters and a local cost function value of a new round of training data after the training is finished; the self-adaptive data sampling is to determine a sample acquisition window of each terminal device based on the training data sample number and the local training round number of each terminal device; and when the aggregation server finishes the preset number of training rounds, obtaining a target model.
Based on the processing, the quantization value of the target terminal device can be determined based on the label distribution and the quantity distribution of different terminal devices for the training data, the privacy budget is allocated to the target terminal device according to the quantization value of the target terminal device, and noise is added to the model weight output by the target terminal device. Compared with the prior art that each target terminal adds noise to the respective output model weight according to the same differential budget, the technical scheme provided by the embodiment of the invention can determine the differential budget of the terminal equipment aiming at target terminal equipment with different label distributions and quantity distributions, and adds noise to the model weight output by the terminal equipment according to the differential budget of the attribute. On the whole, after model aggregation of a preset global training round number is completed, compared with the prior art, the technical scheme provided by the embodiment of the invention can improve the effectiveness of the aggregated model and the convergence rate of training under the condition of ensuring the safety level of the aggregated model.
Drawings
Fig. 1 is a flowchart of a data processing method according to an embodiment of the present invention;
FIG. 2 is a flow chart of a data processing method according to an embodiment of the present invention;
FIG. 3 is a flow chart of a data processing method according to an embodiment of the present invention;
fig. 4 is a structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of methods and apparatus consistent with certain aspects of the specification, as detailed in the appended claims. All other embodiments, which can be derived from the embodiments given herein by one of ordinary skill in the art, are within the scope of the invention.
The terminology used in the description is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at \8230;" or "when 8230; \8230;" or "in response to a determination", depending on the context.
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
An object of an embodiment of the present invention is to provide a method for differential private federal learning with adaptive gradient, which may include the following steps, as shown in fig. 1:
s101: the aggregation server initializes the training model and randomly generates initial model weight w init Drawing up the global training round number T and the global learning rate eta G Local loss function F i Local learning rate η L ={η 1 ,η 2 ,...,η K }, local training batch B L ={B 1 ,B 2 ,...,B K And local training round number E L ={E 1 ,E 2 ,...,E K And sends it down to all terminal equipment C L ={C 1 ,C 2 ,...,C K }。
S102: judging whether the wheel is an initialization wheel:
s103: if the initial round is adopted, all the terminal equipment selects training data from the local training set, executes the random gradient descent of the appointed training round number and generates model updating parameters
Figure BDA0003948746690000071
Computing local cost values
Figure BDA0003948746690000072
And uploading to a server. Thereafter, the process goes to S109.
S104: if the aggregation server is not in the initialization round, the aggregation server plans the number K of the terminal devices required to be aggregated in each round n And an aggregation optimizer.
S105: terminal equipment updates local training set n i And adaptively acquiring training data.
S106: the terminal equipment obtains the quantized value according to the previous round
Figure BDA0003948746690000073
Learning rate eta of the current round i And local training data, determining the differential budget epsilon required by the local training i And adding noise to the training model to generate disturbance.
S107: terminal device executing differential privacyWith random gradient descent, generating updated parameters
Figure BDA0003948746690000074
[K]Calculating a local cost function value
Figure BDA0003948746690000075
And uploading the training data sample number and the updated parameters to the aggregation server.
S108: and the aggregation server executes the filtering of the terminal equipment and screens the terminal equipment sets meeting the quantity.
S109: aggregation server performs weighted aggregation
Figure BDA0003948746690000076
Updating a list of quantization values
Figure BDA0003948746690000081
And is issued to the terminal device, wherein
Figure BDA0003948746690000082
Figure BDA0003948746690000083
Wherein the current round quantized value of a terminal device
Figure BDA0003948746690000084
The larger the difference budget epsilon required for determining local training is, the more serious the client drift phenomenon of the terminal equipment is, and the more serious the non-independent and same-distribution phenomenon of data is, and the larger the difference budget epsilon required for determining local training is i The lower. The terminal equipment quantizes the value in turn
Figure BDA0003948746690000085
Determining a differential budget e required for local training i And presents negative correlation.
S1010: and judging whether the global training round number T is reached, and if the global training round number T is not reached, iterating the steps S104-S109.
S1011: and if the global training round number T is reached, finishing the training.
In a preferred embodiment, the selected initialization training model is a CNN model, where the CNN model has two convolutional layers (the first convolutional layer is 8 × 8 core, the second convolutional layer is 4 × 4 core, each convolutional layer is followed by a 2 × 1 max pool, activated by ReLu), and two fully-connected layers (the first fully-connected layer is 32 units, the second fully-connected layer is 10 units, and the first fully-connected layer is activated by ReLu).
In step S108, the aggregation server performs terminal device filtering to filter a set of terminal devices with a number meeting requirements, and the specific steps thereof are as shown in fig. 2:
s201: aggregation server presets storage modules K of current round of quasi aggregation terminal equipment quantity n And a terminal device quality threshold Q.
S202: judging whether the current receiving feedback quantity is larger than the upper limit K of the storage module or not n
S203: the aggregation server sequentially enables the index i of the terminal equipment to be E [ K ]]And value of mass function thereof
Figure BDA0003948746690000086
Figure BDA0003948746690000087
In pair form (i, Q) i ) And storing the data into a storage module. Wherein d is i A quantized update representing said current number of rounds, o i Representing the rank of the current round number fed back to the aggregation server by the terminal equipment, c representing a preset proportionality coefficient, 1+ o i To ensure that denominator is not zero, 1+ c/(1 + o) i ) To ensure that the quality function is mapped to a specified interval.
S204: the aggregation server will pair the groups (i, Q) i ) According to the value of quality function Q i Sorting is performed, and step S209 is performed.
S205: when receiving the feedback of new terminal equipment, the quality function value Q obtained by calculation new Quality function value Q of the last ordered pair in the storage module Last A comparison is made.
S206: judging the quality function value Q obtained by calculation new Whether greater than the last ordered pairQuality function value Q of group Last
S207: if the calculated quality function value Q is obtained new Quality function value Q of not more than the last ordered pair Last And discarding the terminal device feedback and waiting for new terminal device feedback.
S208: if the calculated quality function value Q is obtained new Quality function value Q greater than the last ordered pair Last Then insert a new pair of groups (i) into the memory module new ,Q new ) And reordered.
S209: judging the quality function value Q at the last sequencing in the storage module Last If the value is larger than the threshold Q, if the value of the quality function Q at the end of the sequence in the storage module Last Less than the threshold Q, steps S205-S209 are iterated.
S2010: if the quality function value Q of the last sequence in the storage module Last And z is greater than the threshold value Q, finishing screening the terminal equipment set.
In step S105, the aggregation server performs terminal device filtering to filter a set of terminal devices meeting the quantity, and the specific steps thereof are as shown in fig. 3:
s301: determining initial sample acquisition window size for each terminal device
Figure BDA0003948746690000091
S302: and judging whether the current round number is a preset delay round number or not.
For each terminal device, the increase in accumulated training data will result in sample pile-up, wasted effort, and a low new feature sampling rate. The preset number of delay rounds ensures adequate learning of the cumulative sample features.
S303: if the current round number is less than the preset delay round number, the size of the acquisition window remains unchanged, and step S305 is performed.
S304: and if the current round number reaches the preset delay round number, the terminal equipment determines the size of the generated acquisition window based on the indexes of the starting point pointer and the end point pointer.
The starting point pointer is self-increased at the same preset interval, and the ending point pointer is self-increased at a given proportionality coefficient w and the lower bound of the product of the current round training data sample size and the previous round training data sample size.
S305: the terminal equipment executes the sample collection of the current round.
As shown in fig. 4, in a hardware level, the electronic device includes a processor S401, an internal bus S402, a network interface S403, and a memory S404. The processor S401, the network interface S403, and the memory S404 complete communication with each other through the internal bus S402;
a memory S404 for storing a computer program;
the processor S401 is configured to implement any of the data processing methods described above when executing the program stored in the memory S404.
The network interface S403 is used for communication between the electronic device and other devices.
In yet another embodiment of the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of any of the above-mentioned data processing method.
In a further embodiment provided by the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the data processing methods of the above embodiments.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When implemented in software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to be performed in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Various modifications and alterations to this invention will become apparent to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (11)

1. A differential private federal learning method providing adaptive gradients, comprising the steps of:
the aggregation server initializes the training model, randomly generates initial model weights, determines the number of global training rounds, the global learning rate, the local loss function, the local learning rate, the local training batches and the local training rounds, and sends the numbers to all terminal equipment;
determining whether the wheel is an initialization wheel;
and when the initial round is determined, all the terminal equipment selects training data from a local training set, executes the random gradient descent of the local training round number, calculates model updating parameters and local cost values, and uploads the parameters to the aggregation server. And the aggregation server executes aggregation, establishes a terminal equipment quantization value list and issues the terminal equipment quantization value list to the terminal equipment.
When the aggregation is determined to be a non-initialization round, the aggregation server plans the number of the terminal devices required to be aggregated in each round and an aggregation optimizer;
the terminal equipment updates a local training set and adaptively acquires the training data;
determining a differential budget required by local training according to the quantization value, the local learning rate and the local training data in the previous round;
the terminal equipment executes differential private random gradient descent, generates an updating parameter, calculates a local cost function value, and uploads the local cost function value, the training data sample number and the updating parameter to the aggregation server;
the aggregation server executes terminal equipment filtering and determines a terminal equipment set meeting the quantity;
the aggregation server executes weighted aggregation, updates the quantization value list and issues the quantization value list to all the terminal devices;
and after the global training round number is determined to be reached, the aggregation server completes training and outputs the training model.
2. The method of claim 1, wherein determining the differential budget required for local training comprises:
determining a quantization value of the target terminal equipment according to the updated quantization value list issued by the aggregation server in the previous round; and determining the learning rate of the target terminal according to the updated local learning rate of the current round and the quantization value of the terminal equipment issued by the aggregator of the current round.
The larger the quantization value of one terminal device is after updating, the smaller the local training data sample size is, the larger the difference between the terminal device and the global optimal model is, the more serious the client drift degree is and the phenomenon of independent and same distribution is, the larger the required target terminal learning rate is, the higher the required disturbance level is, and the less the required differential budget is.
3. The method of claim 1, wherein the aggregation server performs end-device filtering, comprising:
the aggregation server presets a storage module and a terminal equipment quality threshold value of the number of the current round of quasi-aggregation terminal equipment;
determining whether the current round receives the feedback quantity greater than the upper limit of the storage module;
when the receiving feedback quantity of the current round is smaller than the upper limit of the storage module, the aggregation server sequentially stores the indexes of the terminal equipment and the quality function values of the indexes in a pair form into the storage module;
the aggregation server sorts the pair groups from high to low according to the quality function values;
when the receiving feedback quantity of the current round is determined to be larger than the upper limit of the storage module, calculating the quality function value according to the received new terminal equipment feedback, and comparing the quality function value with the quality function value of the last ordered group in the storage module;
determining whether the quality function value is greater than the quality function value of the last ordered pair group in the storage module;
when the quality function value is determined to be smaller than the quality function value of the last ordered pair group in the storage module, discarding the current feedback of the terminal equipment;
when the quality function value is larger than the quality function value of the last ordered pair group in the storage module, inserting a new pair group into the storage module and reordering the new pair group;
judging whether the quality function value sequenced last in the storage module is larger than the quality threshold value of the terminal equipment or not; when the quality function value is smaller than the quality threshold value of the terminal equipment, the aggregation server continues to accept the feedback of the new terminal equipment; and when the quality function value is larger than the quality threshold value of the terminal equipment, finishing the screening of the terminal equipment set.
4. The method of claim 3, wherein the quality function value fed back by the terminal device comprises:
the value of the mass function is determined by the mass function
Figure FDA0003948746680000031
Evaluation of where d i A quantized update representing said current number of rounds o i Representing the rank of the current round number fed back to the aggregation server by the terminal equipment, c representing a preset proportionality coefficient, 1+ o i To ensure that denominator is not zero, 1+ c/(1 + o) i ) To ensure that the quality function is mapped to a specified interval.
5. The method of claim 3, wherein the feeding back the time comprises:
determining theoretical time delay from the aggregation server to each terminal device; determining an average computation time for the number of training samples at the local number of training rounds; based on the theoretical time delay from the aggregation server to each terminal device and the average calculation time of the training sample number under the local training round number, respectively multiplying the theoretical time delay by a preset proportionality coefficient to determine o i
6. The method of claim 3, wherein the storage module comprises:
in the first storage stage, the storage module sequentially stores the first K terminal equipment indexes and the indexes thereof according to the preset number K of the aggregated terminal equipmentThe mass function value Q i And according to said quality function value Q i Sorting from high to low;
a second storage stage, in which the quality threshold Q of the terminal equipment is preset, and when a new feedback of the terminal equipment is received, the quality function value obtained by calculating the feedback of the terminal equipment and the quality function value Q of the last ordered pair group in the storage module are calculated i Comparing, if the quality function value obtained by the feedback calculation of the new terminal equipment is larger than the quality function value Q of the last ordered pair group in the storage module i And the quality function value and the terminal equipment index form a group talkback which is inserted into the storage module and reordered, otherwise, the terminal equipment feedback is discarded. When the quality function value Q of the last pair in the storage module is sorted i And when the quality is not less than the preset required terminal equipment quality threshold Q, the aggregation server stops continuously receiving the feedback of the new terminal equipment and finishes terminal equipment set screening.
7. The method of claim 1, wherein the adaptively acquiring the training data comprises:
determining the size of an initial sample acquisition window of each terminal device;
determining whether the current aggregation round number reaches a preset delay round number;
when the number of the aggregation rounds does not reach the preset number of the delay rounds, the size of a sample acquisition window is kept unchanged;
and when the aggregation round number reaches the preset delay round number, the terminal equipment determines the size of a generated sample collection window based on the indexes of the starting point pointer and the end point pointer, and finishes the current round of sample collection executed by the terminal equipment.
8. The method of claim 7, wherein the preset number of delay rounds comprises: determining respective training data sample size from each terminal device; determining an expected sampling number of each training sample; determining the sampling rate of the training samples; and determining the preset delay round number based on the training data sample size, the expected sampling times of each training sample and the sampling rate of the training samples.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements a data processing method as described in any of the above when executing the program.
10. A computer-readable storage medium, in which a computer program is stored, which computer program, when being executed by a processor, carries out the data processing method of any one of the above.
11. A computer program product comprising instructions which, when run on a computer, cause the computer to perform any of the data processing methods described above.
CN202211441070.1A 2022-11-17 2022-11-17 Differential private federal learning method and device for providing adaptive gradient Pending CN115795535A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211441070.1A CN115795535A (en) 2022-11-17 2022-11-17 Differential private federal learning method and device for providing adaptive gradient

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211441070.1A CN115795535A (en) 2022-11-17 2022-11-17 Differential private federal learning method and device for providing adaptive gradient

Publications (1)

Publication Number Publication Date
CN115795535A true CN115795535A (en) 2023-03-14

Family

ID=85438540

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211441070.1A Pending CN115795535A (en) 2022-11-17 2022-11-17 Differential private federal learning method and device for providing adaptive gradient

Country Status (1)

Country Link
CN (1) CN115795535A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116756536A (en) * 2023-08-17 2023-09-15 浪潮电子信息产业股份有限公司 Data identification method, model training method, device, equipment and storage medium
CN117436515A (en) * 2023-12-07 2024-01-23 四川警察学院 Federal learning method, system, device and storage medium

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116756536A (en) * 2023-08-17 2023-09-15 浪潮电子信息产业股份有限公司 Data identification method, model training method, device, equipment and storage medium
CN116756536B (en) * 2023-08-17 2024-04-26 浪潮电子信息产业股份有限公司 Data identification method, model training method, device, equipment and storage medium
CN117436515A (en) * 2023-12-07 2024-01-23 四川警察学院 Federal learning method, system, device and storage medium
CN117436515B (en) * 2023-12-07 2024-03-12 四川警察学院 Federal learning method, system, device and storage medium

Similar Documents

Publication Publication Date Title
TWI769754B (en) Method and device for determining target business model based on privacy protection
CN109460793B (en) Node classification method, model training method and device
CN115795535A (en) Differential private federal learning method and device for providing adaptive gradient
Cohen All-distances sketches, revisited: HIP estimators for massive graphs analysis
CN110083699B (en) News popularity prediction model training method based on deep neural network
CN111526119B (en) Abnormal flow detection method and device, electronic equipment and computer readable medium
CN110471957B (en) Localized differential privacy protection frequent item set mining method based on frequent pattern tree
CN110135681A (en) Risk subscribers recognition methods, device, readable storage medium storing program for executing and terminal device
CN110689368B (en) Method for designing advertisement click rate prediction system in mobile application
CN113268641B (en) User data processing method based on big data and big data server
CN111177473A (en) Personnel relationship analysis method and device and readable storage medium
CN113259325A (en) Network security situation prediction method for optimizing Bi-LSTM based on sparrow search algorithm
CN109636212B (en) Method for predicting actual running time of job
CN112162860A (en) CPU load trend prediction method based on IF-EMD-LSTM
CN112669078A (en) Behavior prediction model training method, device, equipment and storage medium
CN110968802B (en) Analysis method and analysis device for user characteristics and readable storage medium
CN110059251B (en) Collaborative filtering recommendation method based on multi-relation implicit feedback confidence
CN109740621B (en) Video classification method, device and equipment
CN111177644A (en) Model parameter optimization method, device, equipment and storage medium
CN115310709A (en) Power engineering project information optimization method based on particle swarm optimization
CN115952426A (en) Distributed noise data clustering method based on random sampling and user classification method
CN113516163B (en) Vehicle classification model compression method, device and storage medium based on network pruning
CN115392582A (en) Crop yield prediction method based on incremental fuzzy rough set attribute reduction
JP6203313B2 (en) Feature selection device, feature selection method, and program
CN112100441A (en) Video recommendation method, electronic device and computer-readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination