Abstract
Federated learning has recently emerged as a paradigm promising the benefits of harnessing rich data from diverse sources to train high quality models, with the salient features that training datasets never leave local devices. Only model updates are locally computed and shared for aggregation to produce a global model. While federated learning greatly alleviates the privacy concerns as opposed to learning with centralized data, sharing model updates still poses privacy risks. In this paper, we present a system design which offers efficient protection of individual model updates throughout the learning procedure, allowing clients to only provide obscured model updates while a cloud server can still perform the aggregation. Our federated learning system first departs from prior works by supporting lightweight encryption and aggregation, and resilience against drop-out clients with no impact on their participation in future rounds. Meanwhile, prior work largely overlooks bandwidth efficiency optimization in the ciphertext domain and the support of security against an actively adversarial cloud server, which we also fully explore in this paper and provide effective and efficient mechanisms. Extensive experiments over several benchmark datasets (MNIST, CIFAR-10, and CelebA) show our system achieves accuracy comparable to the plaintext baseline, with practical performance.
| Original language | English |
|---|---|
| Pages (from-to) | 988-1001 |
| Number of pages | 14 |
| Journal | IEEE Transactions on Dependable and Secure Computing |
| Volume | 20 |
| Issue number | 2 |
| DOIs | |
| Publication status | Published - Jan 2022 |
Keywords
- computation integrity
- Federated learning
- privacy
- quantization
- secure aggregation
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering