Analyzing and Enhancing LDP Perturbation Mechanisms in Federated Learning

IF 10.4 2区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

IEEE Transactions on Knowledge and Data Engineering Pub Date : 2025-06-18 DOI:10.1109/TKDE.2025.3580796

Jiawei Duan;Qingqing Ye;Haibo Hu;Xinyue Sun

{"title":"Analyzing and Enhancing LDP Perturbation Mechanisms in Federated Learning","authors":"Jiawei Duan;Qingqing Ye;Haibo Hu;Xinyue Sun","doi":"10.1109/TKDE.2025.3580796","DOIUrl":null,"url":null,"abstract":"Recently, federated learning (FL) has become a prevalent algorithm to harvest data while preserving privacy. However, private information can still be compromised by local parameters during transmissions between local parties and the central server. To address this problem, local differential privacy (LDP) has been adopted. Known as federated LDP-SGD, each local device only sends perturbed parameters to the central server. However, due to the low model efficiency caused by overwhelming LDP noise, only a relaxed LDP privacy scheme, namely Gaussian mechanism, is explored in the federated LDP-SGD literature. The objective of this paper is to enable other LDP mechanisms (e.g., Laplace, Piecewise, Square Wave and Gaussian) in federated learning by enhancing their model efficiency. We first propose an analytical framework that generalizes federated LDP-SGD and derives its model efficiency. Serving as a benchmark, this framework can compare performances of different LDP mechanisms in federated learning. Based on this framework, we identify a new perspective to generally optimize federated LDP-SGD, namely, the vectorized perturbation strategy <italic>LDPVec</i>. By only perturbing the direction of a gradient, <italic>LDPVec</i> better preserves the descending direction of the gradient, which consequently leads to comprehensive efficiency improvements in terms of various LDP mechanisms.","PeriodicalId":13496,"journal":{"name":"IEEE Transactions on Knowledge and Data Engineering","volume":"37 10","pages":"5767-5780"},"PeriodicalIF":10.4000,"publicationDate":"2025-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Knowledge and Data Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11039646/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Recently, federated learning (FL) has become a prevalent algorithm to harvest data while preserving privacy. However, private information can still be compromised by local parameters during transmissions between local parties and the central server. To address this problem, local differential privacy (LDP) has been adopted. Known as federated LDP-SGD, each local device only sends perturbed parameters to the central server. However, due to the low model efficiency caused by overwhelming LDP noise, only a relaxed LDP privacy scheme, namely Gaussian mechanism, is explored in the federated LDP-SGD literature. The objective of this paper is to enable other LDP mechanisms (e.g., Laplace, Piecewise, Square Wave and Gaussian) in federated learning by enhancing their model efficiency. We first propose an analytical framework that generalizes federated LDP-SGD and derives its model efficiency. Serving as a benchmark, this framework can compare performances of different LDP mechanisms in federated learning. Based on this framework, we identify a new perspective to generally optimize federated LDP-SGD, namely, the vectorized perturbation strategy LDPVec. By only perturbing the direction of a gradient, LDPVec better preserves the descending direction of the gradient, which consequently leads to comprehensive efficiency improvements in terms of various LDP mechanisms.

查看原文本刊更多论文

联邦学习中LDP摄动机制的分析与改进

最近，联邦学习（FL）已成为一种流行的获取数据同时保护隐私的算法。但是，在本地各方和中央服务器之间传输期间，私有信息仍然可能被本地参数泄露。为了解决这个问题，采用了本地差分隐私（LDP）。称为federated LDP-SGD，每个本地设备只向中心服务器发送扰动参数。然而，由于压倒性LDP噪声导致的模型效率较低，在联合LDP- sgd文献中只探索了一种宽松的LDP隐私方案，即高斯机制。本文的目标是通过提高模型效率，使其他LDP机制（例如拉普拉斯、分段、方波和高斯）能够进行联邦学习。我们首先提出了一个概括联邦LDP-SGD的分析框架，并推导了其模型效率。作为基准，该框架可以比较联邦学习中不同LDP机制的性能。在此框架下，我们提出了一种新的视角来对联邦LDP-SGD进行总体优化，即向量化扰动策略LDPVec。LDPVec仅通过扰动梯度的方向，就能更好地保持梯度的下降方向，从而使各种LDP机制的综合效率得到提高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Knowledge and Data Engineering 工程技术-工程：电子与电气

CiteScore

11.70

自引率

3.40%

发文量

515

审稿时长

6 months

期刊介绍： The IEEE Transactions on Knowledge and Data Engineering encompasses knowledge and data engineering aspects within computer science, artificial intelligence, electrical engineering, computer engineering, and related fields. It provides an interdisciplinary platform for disseminating new developments in knowledge and data engineering and explores the practicality of these concepts in both hardware and software. Specific areas covered include knowledge-based and expert systems, AI techniques for knowledge and data management, tools, and methodologies, distributed processing, real-time systems, architectures, data management practices, database design, query languages, security, fault tolerance, statistical databases, algorithms, performance evaluation, and applications.