Differential private federated learning with per-sample adaptive clipping and layer-wise gradient perturbation

Abstract

In Federated Learning (FL), Differential Privacy Stochastic Gradient Descent (DPSGD) is typically applied on the client side to ensure sample-level privacy during local model training. Before updating the local model, this method clips gradients to a predefined value, limiting each sample's contribution. Therefore, carefully adjusting the gradient clipping threshold is crucial for achieving high accuracy of local models under DP constraints. However, there is no predetermined optimal clipping norm setting for different tasks and learning environments, necessitating further investigation to optimize it. Meanwhile, the tradeoff between privacy and accuracy remains a critical challenge. In this paper, we propose a differentially private federated learning framework, DP-PSAC-FL, that utilizes a per-sample adaptive clipping technique, employing an adaptive clipping threshold method instead of a fixed clipping threshold. This framework guarantees sample-level differential privacy, enhances global performance, and eliminates the need for hyperparameter adjustment of the clipping threshold. To further reduce the accuracy degradation caused by noise, we design a layer-wise gradient perturbation strategy. This approach selectively applies noise perturbation to random gradient layers, while keeping the remaining layers unaffected, thereby minimizing the impact of noise on overall performance and maintaining a better balance between privacy and accuracy. Extensive experiments on five real-life datasets demonstrate that our framework effectively balances privacy, model accuracy, and time efficiency.