Reliable and Privacy-Preserving Federated Learning with Anomalous Users

doi:10.12142/ZTECOM.202301003

ZTE Communications ›› 2023, Vol. 21 ›› Issue (1): 15-24.DOI: 10.12142/ZTECOM.202301003

• Special Topic • Previous Articles Next Articles

Reliable and Privacy-Preserving Federated Learning with Anomalous Users

ZHANG Weiting¹, LIANG Haotian², XU Yuhua², ZHANG Chuan²()

^1.Beijing Jiaotong University, Beijing 100091, China
^2.Beijing Institute of Technology, Beijing 100081, China

Received:2022-11-01 Online:2023-03-25 Published:2023-03-22
Contact: ZHANG Chuan
About author:ZHANG Weiting received his PhD degree in communication and information systems from Beijing Jiaotong University, China in 2021. From Nov. 2019 to Nov. 2020, he was a visiting PhD student with the BBCR Group, Department of Electrical and Computer Engineering, University of Waterloo, Canada. He is currently an associate professor with the School of Electronic and Information Engineering, Beijing Jiaotong University. His research interests include industrial Internet of Things, edge intelligence, and machine learning for wireless networks.|LIANG Haotian received his BS degree from Lanzhou University, China in 2022. He is currently working towards his master’s degree in the School of Cyberspace Science and Technology, Beijing Institute of Technology, China. His research interests include machine learning security, Internet of Things security, and cloud security.|XU Yuhua is currently an undergraduate student in School of Computer Science and Technology, Beijing Institute of Technology, China. She is currently working at the research laboratory of advanced network and data security at the School of Cyberspace Science and Technology, Beijing Institute of Technology. Her research interests include applied cryptography and blockchain.|ZHANG Chuan(chuanz@bit.edu.cn) received his PhD degree in computer science from Beijing Institute of Technology, China in 2021. From Sept. 2019 to Sept. 2020, he worked as a visiting PhD student with the BBCR Group, Department of Electrical and Computer Engineering, University of Waterloo, Canada. He is currently an assistant professor at the School of Cyberspace Science and Technology, Beijing Institute of Technology, China. His research interests include secure data services in cloud computing, applied cryptography, machine learning, and blockchain.
Supported by:
the Fundamental Research Funds for Central Universities(2022RC006);the National Natural Science Foundation of China(62201029);the BIT Research and Innovation Promoting Project(2022YCXZ031);the Shandong Provincial Key Research and Development Program(2021CXGC010106);the China Postdoctoral Science Foundation(2021M700435)

Abstract

Abstract:

Recently, various privacy-preserving schemes have been proposed to resolve privacy issues in federated learning (FL). However, most of them ignore the fact that anomalous users holding low-quality data may reduce the accuracy of trained models. Although some existing works manage to solve this problem, they either lack privacy protection for users’ sensitive information or introduce a two-cloud model that is difficult to find in reality. A reliable and privacy-preserving FL scheme named reliable and privacy-preserving federated learning (RPPFL) based on a single-cloud model is proposed. Specifically, inspired by the truth discovery technique, we design an approach to identify the user’s reliability and thereby decrease the impact of anomalous users. In addition, an additively homomorphic cryptosystem is utilized to provide comprehensive privacy preservation (user’s local gradient privacy and reliability privacy). We give rigorous theoretical analysis to show the security of RPPFL. Based on open datasets, we conduct extensive experiments to demonstrate that RPPEL compares favorably with existing works in terms of efficiency and accuracy.

Key words: federated learning, anomalous user, privacy preservation, reliability, homomorphic cryptosystem

ZHANG Weiting, LIANG Haotian, XU Yuhua, ZHANG Chuan. Reliable and Privacy-Preserving Federated Learning with Anomalous Users[J]. ZTE Communications, 2023, 21(1): 15-24.

Figures/Tables 7

Table 1 Comparison of RPPFL and other existing works

	User Privacy Preservation	Robust to User Instability	Support for Anomalous Users	Collusion Resistance	Server Setting
PPDL^[16]	√	$×$	$×$	$×$	Single-cloud
PPML^[19]	√	√	$×$	√	Single-cloud
SecProbe^[17]	√	$×$	√	√	Single-cloud
PPFDL^[18]	√	√	√	$×$	Two non-colluding clouds
RPPFL	√	√	√	√	Single-cloud

Table 1 Comparison of RPPFL and other existing works

	User Privacy Preservation	Robust to User Instability	Support for Anomalous Users	Collusion Resistance	Server Setting
PPDL^[16]	√	$×$	$×$	$×$	Single-cloud
PPML^[19]	√	√	$×$	√	Single-cloud
SecProbe^[17]	√	$×$	√	√	Single-cloud
PPFDL^[18]	√	√	√	$×$	Two non-colluding clouds
RPPFL	√	√	√	√	Single-cloud

Table 2 Frequently used notations

Notation	Meaning
$n$	A large positive integer
$Z n$	The set of integers modulo $n$
$Z n *$	The multiplicative group of reversible elements of $Z n$
$N$	The number of users
$K$	The number of the selected users
$M$	The number of gradient types
$M f$	A big integer of the magnitude of 10
$x m k$	The $m$ -th gradient of the $k$ -th user
$x m k ?$	The integer corresponding to the enlargement of $x m k$
$x m *$	The aggregated result of the $m$ -th gradient
$R k$	The reliability (indicates the data quality) of the user $k$
$C$	The coefficient used to amplify users’ reliability
$s k k$	The secret key of the selected user $k$
$s k N + 1$	The secret key of the aggregation server
$E n c p k (?)$	The ciphertext encrypted by a public key
$r k$	The random value selected by the user $k$

Table 2 Frequently used notations

Notation	Meaning
$n$	A large positive integer
$Z n$	The set of integers modulo $n$
$Z n *$	The multiplicative group of reversible elements of $Z n$
$N$	The number of users
$K$	The number of the selected users
$M$	The number of gradient types
$M f$	A big integer of the magnitude of 10
$x m k$	The $m$ -th gradient of the $k$ -th user
$x m k ?$	The integer corresponding to the enlargement of $x m k$
$x m *$	The aggregated result of the $m$ -th gradient
$R k$	The reliability (indicates the data quality) of the user $k$
$C$	The coefficient used to amplify users’ reliability
$s k k$	The secret key of the selected user $k$
$s k N + 1$	The secret key of the aggregation server
$E n c p k (?)$	The ciphertext encrypted by a public key
$r k$	The random value selected by the user $k$

Figure 1 System model of reliable and privacy-preserving federated learning (RPPFL)

Figure 2 Workflow of reliable and privacy-preserving federated learning (RPPFL)

Figure 3 Accuracy performance with different user numbers for MNIST and CIFAR-10 datasets

Figure 4 Accuracy performance with different gradient numbers for MNIST and CIFAR-10 datasets

Figure 5 Computational costs for different schemes

References 34

1	WANG J S, LIU Y, ZHANG W T, et al. ReLFA: resist link flooding attacks via renyi entropy and deep reinforcement learning in SDN-IoT [J]. China communications, 2022, 19(7): 157–171. DOI: 10.23919/JCC.2022.07.013 DOI
2	KANG J W, LI X D, NIE J T, et al. Communication-efficient and cross-chain empowered federated learning for artificial intelligence of things [J]. IEEE transactions on network science and engineering, 2022, 9(5): 2966–2977. DOI: 10.1109/TNSE.2022.3178970 DOI
3	ZHANG W T, YANG D, WU W, et al. Spectrum and computing resource management for federated learning in distributed industrial IoT [C]//Proceedings of 2021 IEEE International Conference on Communications Workshops (ICC Workshops). IEEE, 2021: 1–6. DOI: 10.1109/ICCWorkshops50388.2021.9473515 DOI
4	ZHANG W T, YANG D, WU W, et al. Optimizing federated learning in distributed industrial IoT: A multi-agent approach [J]. IEEE journal on selected areas in communications, 2021, 39(12): 3688–3703. DOI: 10.1109/JSAC.2021.3118352 DOI
5	PENG H X, SHEN X M. Multi-agent reinforcement learning based resource management in MEC- and UAV-assisted vehicular networks [J]. IEEE journal on selected areas in communications, 2021, 39(1): 131–141. DOI: 10.1109/JSAC.2020.3036962 DOI
6	PENG H X, WU H Q, SHEN X S. Edge intelligence for multi-dimensional resource management in aerial-assisted vehicular networks [J]. IEEE wireless communications, 2021, 28(5): 59–65. DOI: 10.1109/MWC.101.2100056 DOI
7	Union European. General data protection regulation [EB/OL]. [2022-10-28].
8	State of California Department of Justice. California consumer privacy act [EB/OL]. [2022-10-28].
9	SONG C Z, RISTENPART T, SHMATIKOV V. Machine learning models that remember too much [C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017: 587–601. DOI: 10.1145/3133956.3134077 DOI
10	ZHU L G, LIU Z J, HAN S. Deep leakage from gradients Advances [EB/OL]. [2022-10-28].
11	ZHAO B, MOPURI K R, BILEN H. iDLG: improved deep leakage from gradients [EB/OL]. [2022-10-28].
12	YIN H X, MALLYA A, VAHDAT A, et al. See through gradients: image batch recovery via gradinversion [C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. IEEE, 2021: 16332–16341
13	ZHANG C, ZHAO M Y, ZHU L H, et al. FRUIT: a blockchain-based efficient and privacy-preserving quality-aware incentive scheme [J]. IEEE journal on selected areas in communications, 2022, 40(12): 3343–3357. DOI: 10.1109/JSAC.2022.3213341 DOI
14	OUADRHIRI A E, ABDELHADI A. Differential privacy for deep and federated learning: a survey [J]. IEEE access, 2022, 10: 22359–22380. DOI: 10.1109/ACCESS.2022.3151670 DOI
15	PEYVANDI A, MAJIDI B, PEYVANDI S, et al. Privacy-preserving federated learning for scalable and high data quality computational-intelligence-as-a-service in Society 5.0 [J]. Multimedia tools and applications, 2022, 81(18): 25029–25050. DOI: 10.1007/s11042-022-12900-5 DOI
16	PHONG L T, AONO Y, HAYASHI T, et al. Privacy-preserving deep learning via additively homomorphic encryption [J]. IEEE transactions on information forensics and security, 2018, 13(5): 1333–1345. DOI: 10.1109/TIFS.2017.2787987 DOI
17	ZHAO L C, WANG Q, ZOU Q, et al. Privacy-preserving collaborative deep learning with unreliable participants [J]. IEEE transactions on information forensics and security, 2020, 15: 1486–1500. DOI: 10.1109/TIFS.2019.2939713 DOI
18	XU G W, LI H W, ZHANG Y, et al. Privacy-preserving federated deep learning with irregular users [J]. IEEE transactions on dependable and secure computing, 2022, 19(2): 1364–1381. DOI: 10.1109/TDSC.2020.3005909 DOI
19	BONAWITZ K, IVANOV V, KREUTER B, et al. Practical secure aggregation for privacy-preserving machine learning [C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017: 1175–1191. DOI: 10.1145/3133956.3133982 DOI
20	MOHASSEL P, ZHANG Y P. SecureML: a system for scalable privacy-preserving machine learning [C]//Proceedings of 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017: 19–38. DOI: 10.1109/SP.2017.12 DOI
21	ZHENG Y F, DUAN H Y, WANG C. Learning the truth privately and confidently: encrypted confidence-aware truth discovery in mobile crowdsensing [J]. IEEE transactions on information forensics and security, 2018, 13(10): 2475–2489. DOI: 10.1109/TIFS.2018.2819134 DOI
22	MIAO C L, JIANG W J, SU L, et al. Cloud-enabled privacy-preserving truth discovery in crowd sensing systems [C]//Proceedings of the 13th ACM Conference on Embedded Networked Sensor Systems. ACM, 2015: 183–196. DOI: 10.1145/2809695.2809719 DOI
23	DAMGARD I, JURIK M. A generalisation, a simplification and some applications of paillier’s probabilistic public-key system [M]. Public Key Cryptography. Berlin, Heidelberg: Springer Berlin, 2001: 119–136. DOI: 10.1007/3-540-44586-2_9 DOI
24	LI Y L, GAO J, MENG C S, et al. A survey on truth discovery [J]. ACM SIGKDD explorations newsletter, 2016, 17(2): 1–16. DOI: 10.1145/2897350.2897352 DOI
25	SMITH V, CHIANG C K, SANJABI M, et al. Federated multi-task learning [EB/OL]. [2022-10-28].
26	WANG L P, WANG W, LI B. CMFL: mitigating communication overhead for federated learning [C]//Proceedings of 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). IEEE, 2019: 954–964. DOI: 10.1109/ICDCS.2019.00099 DOI
27	XU G W, LI H W, TAN C, et al. Achieving efficient and privacy-preserving truth discovery in crowd sensing systems [J]. Computers & security, 2017, 69: 114–126. DOI: 10.1016/j.cose.2016.11.014 DOI
28	MADI A, STAN O, MAYOUE A, et al. A Secure Federated Learning framework using Homomorphic Encryption and Verifiable Computing [C]//Proceedings of 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge (RDAAPS). IEEE, 2021: 1–8. DOI: 10.1109/RDAAPS48126.2021.9452005 DOI
29	SHOKRI R, SHMATIKOV V. Privacy-preserving deep learning [C]//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015: 1310–1321. DOI: 10.1145/2810103.2813687 DOI
30	ABADI M, CHU A, GOODFELLOW I, et al. Deep learning with differential privacy [C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016: 308–318. DOI: 10.1145/2976749.2978318 DOI
31	JAYARAMAN B, WANG L X, EVANS D, et al. Distributed learning without distress: privacy-preserving empirical risk minimization [C]//Proceedings of the 32nd International Conference on Neural Information Processing Systems. ACM, 2018: 6346–6357. DOI: 10.5555/3327345.3327531 DOI
32	XU G W, LI H W, LIU S, et al. VerifyNet: secure and verifiable federated learning [J]. IEEE transactions on information forensics and security, 2020, 15: 911–926. DOI: 10.1109/TIFS.2019.2929409 DOI
33	JAYARAMAN B, EVANS D. Evaluating differentially private machine learning in practice [EB/OL]. [2022-10-28].
34	HITAJ B, ATENIESE G, PEREZ-CRUZ F. Deep models under the GAN: information leakage from collaborative deep learning [C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2017: 603–618. DOI: 10.1145/3133956.3134012 DOI

[1]	YAN Yuna, LIU Ying, NI Tao, LIN Wensheng, LI Lixin. Content Popularity Prediction via Federated Learning in Cache-Enabled Wireless Networks [J]. ZTE Communications, 2023, 21(2): 18-24.
[2]	ZHAO Moke, HUANG Yansong, LI Xuan. Federated Learning for 6G: A Survey From Perspective of Integrated Sensing, Communication and Computation [J]. ZTE Communications, 2023, 21(2): 25-33.
[3]	WANG Yiji, WEN Dingzhu, MAO Yijie, SHI Yuanming. RIS-Assisted Federated Learning in Multi-Cell Wireless Networks [J]. ZTE Communications, 2023, 21(1): 25-37.
[4]	WANG Pengfei, SONG Wei, SUN Geng, WEI Zongzheng, ZHANG Qiang. Air-Ground Integrated Low-Energy Federated Learning for Secure 6G Communications [J]. ZTE Communications, 2022, 20(4): 32-40.
[5]	NAN Yucen, FANG Minghao, ZOU Xiaojing, DOU Yutao, Albert Y. ZOMAYA. A Collaborative Medical Diagnosis System Without Sharing Patient Data [J]. ZTE Communications, 2022, 20(3): 3-16.
[6]	HAN Xuming, GAO Minghan, WANG Limin, HE Zaobo, WANG Yanze. A Survey of Federated Learning on Non-IID Data [J]. ZTE Communications, 2022, 20(3): 17-26.
[7]	LIU Qinbo, JIN Zhihao, WANG Jiabo, LIU Yang, LUO Wenjian. MSRA-Fed: A Communication-Efficient Federated Learning Method Based on Model Split and Representation Aggregate [J]. ZTE Communications, 2022, 20(3): 35-42.
[8]	TANG Bo, ZHANG Chengming, WANG Kewen, GAO Zhengguang, HAN Bingtao. Neursafe-FL: A Reliable, Efficient, Easy-to- Use Federated Learning Framework [J]. ZTE Communications, 2022, 20(3): 43-53.
[9]	SHI Wenqi, SUN Yuxuan, HUANG Xiufeng, ZHOU Sheng, NIU Zhisheng. Scheduling Policies for Federated Learning in Wireless Networks: An Overview [J]. ZTE Communications, 2020, 18(2): 11-19.
[10]	YANG Howard H., ZHAO Zhongyuan, QUEK Tony Q. S.. Enabling Intelligence at Network Edge:An Overview of Federated Learning [J]. ZTE Communications, 2020, 18(2): 2-10.
[11]	Li Mo. Reliability of NFV Using COTS Hardware [J]. ZTE Communications, 2014, 12(3): 53-61.

Reliable and Privacy-Preserving Federated Learning with Anomalous Users

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 34

Related Articles 11

Recommended Articles

Metrics