压缩私有聚合用于大规模网络上可扩展和鲁棒的联邦学习

IF 9.2 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2025-04-28 DOI:10.1109/TMC.2025.3564390

Natalie Lang;Nir Shlezinger;Rafael G. L. D’Oliveira;Salim El Rouayheb

{"title":"压缩私有聚合用于大规模网络上可扩展和鲁棒的联邦学习","authors":"Natalie Lang;Nir Shlezinger;Rafael G. L. D’Oliveira;Salim El Rouayheb","doi":"10.1109/TMC.2025.3564390","DOIUrl":null,"url":null,"abstract":"Federated learning (FL) is an emerging paradigm that allows a central server to train machine learning models using remote users’ data. Despite its growing popularity, Federated learning (FL) faces challenges in preserving the privacy of local datasets, its sensitivity to poisoning attacks by malicious users, and its communication overhead, especially in large-scale networks. These limitations are often individually mitigated by local differential privacy (LDP) mechanisms, robust aggregation, compression, and user selection techniques, which typically come at the cost of accuracy. In this work, we present <italic>compressed private aggregation (CPA)</i>, allowing massive deployments to simultaneously communicate at extremely low bit rates while achieving privacy, anonymity, and resilience to malicious users. CPA randomizes a codebook for compressing the data into a few bits using nested lattice quantizers, while ensuring anonymity and robustness, with a subsequent perturbation to hold LDP. CPA-aided FL is proven to converge in the same asymptotic rate as FL without privacy, compression, and robustness considerations, while satisfying both anonymity and LDP requirements. These analytical properties are empirically confirmed in a numerical study, where we demonstrate the performance gains of CPA compared with separate mechanisms for compression and privacy, as well as its robustness in mitigating the harmful effects of malicious users.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 10","pages":"9934-9950"},"PeriodicalIF":9.2000,"publicationDate":"2025-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Compressed Private Aggregation for Scalable and Robust Federated Learning Over Massive Networks\",\"authors\":\"Natalie Lang;Nir Shlezinger;Rafael G. L. D’Oliveira;Salim El Rouayheb\",\"doi\":\"10.1109/TMC.2025.3564390\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Federated learning (FL) is an emerging paradigm that allows a central server to train machine learning models using remote users’ data. Despite its growing popularity, Federated learning (FL) faces challenges in preserving the privacy of local datasets, its sensitivity to poisoning attacks by malicious users, and its communication overhead, especially in large-scale networks. These limitations are often individually mitigated by local differential privacy (LDP) mechanisms, robust aggregation, compression, and user selection techniques, which typically come at the cost of accuracy. In this work, we present <italic>compressed private aggregation (CPA)</i>, allowing massive deployments to simultaneously communicate at extremely low bit rates while achieving privacy, anonymity, and resilience to malicious users. CPA randomizes a codebook for compressing the data into a few bits using nested lattice quantizers, while ensuring anonymity and robustness, with a subsequent perturbation to hold LDP. CPA-aided FL is proven to converge in the same asymptotic rate as FL without privacy, compression, and robustness considerations, while satisfying both anonymity and LDP requirements. These analytical properties are empirically confirmed in a numerical study, where we demonstrate the performance gains of CPA compared with separate mechanisms for compression and privacy, as well as its robustness in mitigating the harmful effects of malicious users.\",\"PeriodicalId\":50389,\"journal\":{\"name\":\"IEEE Transactions on Mobile Computing\",\"volume\":\"24 10\",\"pages\":\"9934-9950\"},\"PeriodicalIF\":9.2000,\"publicationDate\":\"2025-04-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Mobile Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10979227/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10979227/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

联邦学习（FL）是一种新兴的范例，它允许中央服务器使用远程用户的数据训练机器学习模型。尽管联邦学习（FL）越来越受欢迎，但它在保护本地数据集的隐私、对恶意用户中毒攻击的敏感性以及通信开销（特别是在大规模网络中）方面面临着挑战。这些限制通常可以通过本地差分隐私（LDP）机制、健壮的聚合、压缩和用户选择技术单独减轻，而这些技术通常以准确性为代价。在这项工作中，我们提出了压缩私有聚合（CPA），允许大规模部署以极低的比特率同时通信，同时实现隐私、匿名和对恶意用户的弹性。CPA随机化一个码本，使用嵌套的点阵量化器将数据压缩成几个比特，同时确保匿名性和鲁棒性，并使用随后的扰动来保持LDP。证明了cpa辅助FL在不考虑隐私、压缩和鲁棒性的情况下，以与FL相同的渐近速率收敛，同时满足匿名性和LDP要求。这些分析性质在一项数值研究中得到了实证证实，在该研究中，我们展示了与单独的压缩和隐私机制相比，CPA的性能提升，以及它在减轻恶意用户有害影响方面的鲁棒性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Compressed Private Aggregation for Scalable and Robust Federated Learning Over Massive Networks

Federated learning (FL) is an emerging paradigm that allows a central server to train machine learning models using remote users’ data. Despite its growing popularity, Federated learning (FL) faces challenges in preserving the privacy of local datasets, its sensitivity to poisoning attacks by malicious users, and its communication overhead, especially in large-scale networks. These limitations are often individually mitigated by local differential privacy (LDP) mechanisms, robust aggregation, compression, and user selection techniques, which typically come at the cost of accuracy. In this work, we present compressed private aggregation (CPA), allowing massive deployments to simultaneously communicate at extremely low bit rates while achieving privacy, anonymity, and resilience to malicious users. CPA randomizes a codebook for compressing the data into a few bits using nested lattice quantizers, while ensuring anonymity and robustness, with a subsequent perturbation to hold LDP. CPA-aided FL is proven to converge in the same asymptotic rate as FL without privacy, compression, and robustness considerations, while satisfying both anonymity and LDP requirements. These analytical properties are empirically confirmed in a numerical study, where we demonstrate the performance gains of CPA compared with separate mechanisms for compression and privacy, as well as its robustness in mitigating the harmful effects of malicious users.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.