CN113657614A - Method and device for updating federal learning model - Google Patents

Method and device for updating federal learning model Download PDF

Info

Publication number
CN113657614A
CN113657614A CN202111024641.7A CN202111024641A CN113657614A CN 113657614 A CN113657614 A CN 113657614A CN 202111024641 A CN202111024641 A CN 202111024641A CN 113657614 A CN113657614 A CN 113657614A
Authority
CN
China
Prior art keywords
terminal
terminals
group
data
active
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111024641.7A
Other languages
Chinese (zh)
Other versions
CN113657614B (en
Inventor
张钧皓
孙中伟
曹雨晨
姬艳鑫
刘永平
尹靖雯
张新
宋红花
赵国梁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Information Technology Co Ltd
Priority to CN202111024641.7A priority Critical patent/CN113657614B/en
Publication of CN113657614A publication Critical patent/CN113657614A/en
Application granted granted Critical
Publication of CN113657614B publication Critical patent/CN113657614B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • G06N20/20Ensemble learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Mathematical Physics (AREA)
  • Artificial Intelligence (AREA)
  • Evolutionary Computation (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a method and a device for updating a federated learning model, wherein the method comprises the following steps: grouping all second terminals participating in federal learning to obtain a plurality of groups of terminals; sending role information corresponding to the role of each second terminal in the group of the second terminals to the second terminals corresponding to the role information; and acquiring a public key shared by each active terminal, wherein each second terminal updates required parameters through each public key encryption model so as to update the model parameters. The method of the invention divides the terminals participating in the federal learning into a plurality of groups, and each group is provided with at least one active terminal generating a public key, so that each terminal participating in the federal learning adopts the public keys generated by the multi-party terminals to encrypt data, thereby increasing the difficulty of data decoding and improving the data security of the terminals participating in the federal learning.

Description

Method and device for updating federal learning model
Technical Field
The invention relates to a federal learning technology, in particular to a method and a device for updating a federated learning model.
Background
With the digital technology entering a high-speed development period, technologies such as big data and artificial intelligence are developed explosively, on one hand, a new opportunity of upgrading and changing is brought to the traditional state, on the other hand, a brand new challenge is inevitably brought to data and network security, and the data island problem is one of key challenges. In the longitudinal direction, a big head company with top industry monopolizes a great deal of data information, and small companies are often difficult to obtain the data, so that the level and the difference between enterprises are continuously enlarged; in a horizontal view, companies in different industries at the same level are difficult to realize communication and integration of data information due to the blocking property and the obstructing property of systems and businesses, and the united modeling needs to cross a heavy barrier.
In order to solve the problems of data islanding and data privacy safety, the mainstream method at present is to jointly train different data by applying federal learning to obtain a better model so as to solve the practical problems. The federal learning training mode is that each data holder trains a model locally according to own conditions and rules, then desensitization parameters are collected to a central server for calculation, and then each data holder is sent back to update the local model until the global model is stable. When the federal learning training is carried out in the peer-to-peer network architecture, the participants can directly communicate with each other without the help of a third party, the security is further improved, and more calculation operations are needed for encryption and decryption.
There are two common frameworks for federal learning, one being a client-server architecture and the other being a peer-to-peer network architecture. In the client-server architecture, a server generally generates a homomorphic encrypted public and private key and sends the public key to all participants, and if a hacker pertinently hijacks the client in the process, the hacker possibly cracks the private key and monitors the communication between all the participants and the server, thereby causing great threat to the data security of all the participants. In the peer-to-peer network architecture, most of the models are realized in such a way that a tagged party generates a homomorphic encrypted public and private key and sends the public key to other participants, and the risk of data leakage of all parties caused by hijacking of a key party by a hacker is also possessed. As can be seen, the data security of terminals participating in federal learning is low.
Disclosure of Invention
The invention provides an updating method and device of a federated learning model, which are used for solving the problem of low data security of terminals participating in federated learning.
In one aspect, the invention provides an updating method of a federated learning model, which comprises the following steps:
a first terminal groups second terminals participating in federal learning to obtain a plurality of groups of terminals, wherein the first terminal is one of the second terminals;
the first terminal sends role information corresponding to the role of each second terminal in a group where the second terminal is located to the second terminal corresponding to the role information, wherein the role is an active terminal or a passive terminal, each group of terminals comprises an active terminal and at least one passive terminal, the active terminal is used for generating a public key, and the active terminal shares the generated public key with the second terminal;
and the first terminal acquires the public key shared by each active terminal, wherein each second terminal updates the required parameters through each public key encryption model so as to update the model parameters.
In an embodiment, the step of grouping, by the first terminal, the second terminals participating in the federal learning by the second terminal to obtain a plurality of groups of terminals includes:
the first terminal acquires configuration parameters of each second terminal, wherein the configuration parameters comprise at least one of computing resources and bandwidth of the second terminals;
the first terminal sorts the second terminals according to the sequence of the configuration parameters from good to bad to obtain a sorting sequence number corresponding to each second terminal;
the first terminal determines a second terminal corresponding to each sequencing serial number sequenced before a preset serial number as an active terminal, and determines the rest second terminals as passive terminals;
and the first terminal selects one active terminal and at least one passive terminal to construct a group of terminals to obtain a plurality of groups of terminals.
In an embodiment, the step of grouping, by the first terminal, the second terminals participating in the federal learning by the second terminal to obtain a plurality of groups of terminals includes:
the first terminal acquires configuration parameters of each second terminal, wherein the configuration parameters comprise at least one of computing resources and bandwidth of the second terminals;
the first terminal groups the second terminals to obtain a plurality of groups of terminals, wherein each group of terminals comprises at least two second terminals;
the first terminal divides a plurality of second terminals in each group of terminals into an active terminal and at least one passive terminal according to the configuration parameters of each group of terminals, wherein the configuration parameters of the active terminals in the group are superior to the configuration parameters of the passive terminals in the group.
In an embodiment, after the step of obtaining, by the first terminal, the public key shared by each active terminal, the method further includes:
the first terminal encrypts the data by using a first public key generated by the active terminal in the first group to obtain first encrypted data, and encrypts the data by using a second public key generated by the active terminal in each second group to obtain second encrypted data, wherein the first group is the group where the first terminal is located, and the second group is the group except the first group;
the first terminal sends the first encrypted data to an active terminal, a passive terminal and a third terminal of each second group, wherein the third terminal is a terminal in the first group except the first terminal, and the first group and the second group are both composed of one active terminal and one passive terminal;
the first terminal receives third encrypted data respectively sent by each second group of active terminals, passive terminals and the third terminal, wherein the third encrypted data are not obtained by encrypting with the first public key;
the first terminal determines first ciphertext data corresponding to each second public key according to each third encrypted data obtained by encrypting the same public key, wherein the first ciphertext data comprise a first noise value of the first terminal;
the first terminal sends the first ciphertext data to an active terminal containing a private key for decrypting the first ciphertext data;
and the first terminal receives first decryption data fed back by each active terminal and updates parameters of the internal model of the first terminal according to each first decryption data and the first noise value.
In an embodiment, the first terminal is an active terminal of the first group, and after the step of sending the first ciphertext data to an active terminal having a private key for decrypting the first ciphertext data, the method further includes:
the first terminal receives second ciphertext data sent by each second group of the active terminal, the passive terminal and the third terminal, the second ciphertext data are obtained by adopting a first public key for encryption, and the second ciphertext data comprise a second noise value of the terminal which generates the second ciphertext data;
the first terminal decrypts the second ciphertext data according to a private key corresponding to the first public key to obtain second decrypted data;
and the first terminal sends the second decrypted data to a terminal corresponding to the second decrypted data, wherein the terminal corresponding to the second decrypted data is a terminal sending second ciphertext data corresponding to the second decrypted data.
In an embodiment, after the step of updating the parameters of the model in the first terminal according to the respective first decrypted data, the data and the first noise value, the method further includes:
the first terminal trains the model with the updated parameters according to each training sample;
and when the trained model does not meet the convergence condition, the first terminal acquires data again according to the trained model and returns to execute the step of encrypting the data by using the first public key generated by the active terminal in the first group to obtain first encrypted data.
In one embodiment, each set of terminals consists of one active terminal and one passive terminal.
In another aspect, the present invention further provides a terminal, including:
the system comprises a grouping module, a processing module and a processing module, wherein the grouping module is used for grouping all second terminals participating in federal learning to obtain a plurality of groups of terminals, the first terminal is one of the second terminals, and the first terminal is one of the second terminals;
the sending module is used for sending role information corresponding to the role of each second terminal in a group where the second terminal is located to the second terminal corresponding to the role information, wherein the role is an active terminal or a passive terminal, each group of terminals comprises an active terminal and at least one passive terminal, the active terminal is used for generating a public key, and the active terminal shares the generated public key with the second terminal;
and the obtaining module is used for obtaining the public key shared by each active terminal, wherein each second terminal updates the required parameters through each public key encryption model so as to update the model parameters.
In another aspect, the present invention further provides a terminal, including: a memory and a processor;
the memory stores computer-executable instructions;
the processor executes the memory-stored computer-executable instructions to cause the processor to perform the method for updating a federated learning model as described above.
In another aspect, the present invention further provides a computer-readable storage medium having stored therein computer-executable instructions for implementing the method for updating the federal learning model as described above when executed by a processor.
In another aspect, the present invention also provides a computer program product comprising a computer program which, when executed by a processor, implements the method for updating a federal learning model as described above.
According to the method and the device for updating the federated learning model, the first terminal groups the second terminals participating in federated learning to obtain a plurality of groups of terminals, and sends the role information corresponding to the role of each second terminal in the group where the second terminal is located to the second terminals, wherein the role is an active terminal or a passive terminal, so that each active terminal generates a public key shared by each second terminal, and each second terminal updates the model parameters by adopting the encrypted data of each public key. In the invention, the terminals participating in the federal learning are divided into a plurality of groups, and each group is provided with at least one active terminal generating a public key, so that each terminal participating in the federal learning adopts the public keys generated by the multi-party terminals to encrypt data, the difficulty of data decoding is increased, and the data security of the terminal participating in the federal learning is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a system architecture diagram of the present invention implementing an update method for the federated learning model;
FIG. 2 is a schematic flow chart diagram illustrating a first embodiment of a method for updating a federated learning model in accordance with the present invention;
FIG. 3 is a detailed flowchart of step S10 in the second embodiment of the method for updating the federated learning model according to the present invention;
FIG. 4 is a detailed flowchart of step S10 in the third embodiment of the method for updating the federated learning model in accordance with the present invention;
FIG. 5 is a flowchart illustrating a fourth embodiment of a method for updating a federated learning model in accordance with the present invention;
FIG. 6 is a schematic diagram of a simplified process of the update method of the federated learning model of the present invention;
FIG. 7 is a functional block diagram of the terminal according to the present invention;
fig. 8 is a schematic diagram of a hardware structure of the terminal of the present invention.
With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The invention provides an updating method of a federated learning model, which can be realized by a system architecture diagram shown in figure 1. As shown in fig. 1, the terminals participating in the federal study include the terminals 100, 200, 300, and 400, and the terminals 100 and 200 are divided into a group a and the terminals 300 and 400 are divided into a group b. The terminal 100 in the group a is endowed with the role of an active terminal, the terminal 100 can be defined as active _ a, the terminal 200 in the group a is endowed with the role of a passive terminal, and the terminal 200 can be defined as passive _ a; the terminal 300 in the group b is given the role of active terminal, the terminal 300 may be defined as active _ b, the terminal 400 in the group b is given the role of passive terminal, and the terminal 400 may be defined as passive _ b. The active terminal generates a key pair and shares the public key to other terminals. The terminal 100, the terminal 200, the terminal 300, and the terminal 400 are communicatively connected to each other through a network. It should be noted that, the terminals participating in the federal learning include, but are not limited to, 4 terminals, and there may be more terminals, and each terminal may be divided into a plurality of groups of terminals, and each group of terminals is composed of one active terminal and at least one passive terminal.
The following describes the technical solutions of the present invention and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present invention will be described below with reference to the accompanying drawings.
Referring to fig. 2, fig. 2 is a first embodiment of the updating method of the federal learning model of the present invention, and the updating method of the federal learning model includes the following steps:
and step S10, the first terminal groups each second terminal participating in federal learning to obtain a plurality of groups of terminals, wherein the first terminal is one of the second terminals.
In this embodiment, each terminal participating in federal learning is defined as a second terminal, and the first terminal is one of the second terminals.
And each second terminal is in communication connection through a network, namely the first terminal stores the communication address and the equipment identifier of each second terminal. The first terminal may group the second terminals, and the grouping may be in a random manner. For example, the communication address or device identifier characterizing the second terminal may be randomly grouped, thereby obtaining a plurality of groups of terminals.
Step S20, the first terminal sends role information corresponding to a role of each second terminal in a group in which the second terminal is located to the second terminal corresponding to the role information, where the role is an active terminal or a passive terminal, each group of terminals includes an active terminal and at least one passive terminal, the active terminal is configured to generate a public key, and the active terminal shares the generated public key with the second terminal.
When the first terminal carries out grouping, the first terminal gives roles to the second terminals which are randomly divided into a group, and the roles comprise active terminals or passive terminals. The first terminal generates corresponding role information based on the role of the second terminal in each group of terminals, the role information is description of the role of the second terminal, and the role information comprises the role to be assumed by the role. For example, the role of the second terminal is an active terminal, and the role information of the second terminal includes the role information that the second terminal is an active terminal and marks the role information that the key pair needs to be generated.
Each group of terminals comprises an active terminal and at least one passive terminal. The passive terminal has the responsibility of collecting the parameters encrypted by the same public key to calculate the average value, and sending the average value to the active terminal for decryption. The active terminal in each group of terminals is used for generating a public key, and the active terminal shares the generated public key with each second terminal and stores a private key corresponding to the public key. Each group of terminals preferably has one active terminal and one passive terminal.
Step S30, the first terminal obtains the public key shared by each active terminal, wherein each second terminal updates the required parameters through each public key encryption model, so as to update the model parameters.
The first terminal may be an active terminal or a passive terminal. When the first terminal is an active terminal, the first terminal receives a public key shared by active terminals of other groups except the group where the first terminal is located. And if the first terminal is a passive terminal, the first terminal receives the public key shared by each active terminal. And each second terminal participating in the federal learning contains the public key generated by each active terminal, and each second terminal adopts each public key encryption model to update the required parameters, and obtains the parameters of other second terminals through the encrypted parameters to update the model parameters. After the parameters of the model are updated, the model can be trained based on the training samples to obtain the required model. The model is a federal learning model, and the federal learning model refers to a model obtained by training in a federal learning mode.
The trained models may be used in the financial industry, the medical industry, and the government industry. The following describes the application scenarios of the three industries.
1. Application scenario of financial industry
The financial institutions, the financial institutions and the operators, the Internet, the e-commerce platform and the like can carry out combined accurate portrait on the premise of not revealing original information, effectively control default risks in the scenes of credit assessment, product recommendation and the like, and improve the service efficiency.
Taking the bank personal credit business as an example, first, a three-factor (name, identification number and mobile phone number) verification query and the like are required to be performed on the customer to confirm the identity of the customer. In order to avoid that sensitive information of a client is cached in the process of inquiring and calling towards an external mechanism, a bank can utilize a model to realize track hiding inquiry so as to protect data security. Secondly, the bank needs to introduce the behavior data and the scene data of the customer to carry out combined modeling so as to accurately judge the repayment capacity and the default risk. The financial institution and the external data partner which participate in modeling by utilizing longitudinal federal learning can realize virtual fusion and sample alignment of multi-party data on the premise of not directly interacting original data, algorithm training is carried out locally, and only intermediate factors of tasks are safely interacted in the training process, so that the trained model can finish portrait of a user while sensitive data are not out of the home.
2. Application scenario of medical industry
Medical research, clinical diagnosis, medical services and the like have strong demands on statistical analysis and application mining based on big data, but the data depend on personal health data of a plurality of patients, and the data are large in scale and high in value content, but are difficult to share and circulate.
One aspect is that cross-organization data acquisition and integration is difficult. A large amount of diagnosis and treatment data such as different cases of similar diseases and different medical records of the same patient are often distributed in different medical institutions, the willingness of data opening and sharing of each institution is limited, and in addition, the data standards and coding modes of the medical institutions are different, so that cross-institution combined research and diagnosis are more difficult. Another aspect is that cross-organization data federation is difficult to apply. The personal medical data of the patient is very sensitive, the complex diagnosis and treatment data are difficult to control in the using process, and a plurality of organizations are difficult to avoid in the face of personal privacy protection and data security requirements.
By means of the federal longitudinal learning, on the basis of establishing a standard database of scattered storage, distributed joint statistical analysis can be achieved, and therefore research results of clinical scientific research are obtained. In the process of fighting against the new coronary pneumonia epidemic situation, the private calculation assistance of the federal longitudinal learning realizes the sharing of the epidemic situation data in the global scope, and the technology based on the multi-party safety calculation and the like realizes that the user is allowed to collaboratively carry out the joint analysis of the case sample genome and share the result under the premise of unfair distribution of the data of the user by combining with other scientific researchers, so that the trained model realizes the real-time tracking of the virus epidemiological situation and the prediction of the future strain evolution, and becomes a sword for assisting in resisting the epidemic situation.
3. Application scenario of government affair industry
As an important participating subject of data circulation among the cross-organizations, the government affairs industry is expected to become the next important scene of the privacy computing technology. The government affair data is large in scale, various in types and high in implication value, and relates to public security, traffic, tax, environment and other data of production, life and social operation of various people, and the circulation and application of the government affair data release huge energy.
Governments in various regions actively promote open sharing of government affair data, but data islands among different departments are difficult to eliminate quickly, the government affair data relates to social livelihood, and the requirements of data compliance and safety control are stricter. Therefore, data sharing between government departments and between governments and enterprises is difficult to apply. The privacy calculation of the federal longitudinal learning provides a solution for the purpose, and the trained model can be used for carrying out personal identity confirmation, enterprise operation supervision and intelligent city construction among cross-institutions.
In the technical scheme provided by this embodiment, the first terminal groups each second terminal participating in federal learning to obtain a plurality of groups of terminals, and sends role information corresponding to a role of each second terminal in a group in which the second terminal is located to the second terminal, where the role is an active terminal or a passive terminal, so that each active terminal generates a public key shared by each second terminal, and each second terminal updates the model parameters by using each public key encrypted data. In the invention, the terminals participating in the federal learning are divided into a plurality of groups, and each group is provided with at least one active terminal generating a public key, so that each terminal participating in the federal learning adopts the public keys generated by the multi-party terminals to encrypt data, the difficulty of data decoding is increased, and the data security of the terminal participating in the federal learning is improved.
Referring to fig. 3, fig. 3 is a second embodiment of the updating method of the federal learning model of the present invention, and based on the first embodiment, step S10 includes:
step S11, the first terminal obtains a configuration parameter of each second terminal, where the configuration parameter includes at least one of a computing resource and a bandwidth of the second terminal.
In this embodiment, the configuration parameters of the second terminals are shared, that is, the first terminal may obtain the configuration parameters of each terminal. The configuration parameters include at least one of a computing resource and a bandwidth of the second terminal.
And step S12, the first terminal sorts the second terminals according to the sequence of the configuration parameters from superior to inferior to obtain the sorting serial number corresponding to each second terminal.
The configuration parameters characterize the quality of the data processing capability of the second terminal. The active terminal needs good data processing capability, that is, both the computing resource and the bandwidth of the active terminal need to be large, so that the federal learning time can be shortened. The first terminal scores the configuration parameters to obtain a score for each second terminal. The more the computing resources are, the higher the score is, and the larger the bandwidth is, the larger the score is; and if the configuration parameters comprise computing resources and bandwidth, multiplying the two scores by the corresponding weights to perform weighted computation to obtain the score of each second terminal. The higher the final score, the better the data processing capability of the second terminal, and the better the configuration parameters. And the first terminal sorts the second terminals according to the sequence of the configuration parameters from good to bad so as to obtain a sorting sequence number corresponding to each second terminal.
In step S13, the first terminal determines the second terminal corresponding to each sequence number sequenced before the preset sequence number as an active terminal, and determines the remaining second terminals as passive terminals.
The first terminal sets a preset serial number, and the preset serial number represents the number of the active terminals. For example, if the preset serial number is 10, there are 10 active terminals in each second terminal. The preset sequence number needs to be less than or equal to half the total number of the second terminals. For example, if there are 10 second terminals, the preset serial number is less than or equal to 5. And the first terminal determines the second terminal corresponding to each sequencing serial number sequenced before the preset serial number as an active terminal, and determines the rest second terminals as passive terminals. For example, the preset serial number is 5, the second terminals with the sequence numbers 1, 2, 3 and 4 are all active terminals on duty, and the rest of the second terminals are all passive terminals
Step S14, the first terminal selects an active terminal and at least one passive terminal to construct a group of terminals, and obtains multiple groups of terminals.
The first terminal selects an active terminal and at least one passive terminal to construct a group of terminals, so that a plurality of groups of terminals are obtained.
In the technical scheme provided by this embodiment, the first terminal acquires the configuration parameters of each second terminal, so that the second terminals are grouped based on the configuration parameters, and the second terminals with excellent configuration parameters are used as active terminals, thereby shortening the time length for participating in federal learning of each second terminal.
Referring to fig. 4, fig. 4 is a third embodiment of the updating method of the federal learning model of the present invention, and based on the first embodiment, step S10 includes:
step S15, the first terminal obtains a configuration parameter of each second terminal, where the configuration parameter includes at least one of a computing resource and a bandwidth of the second terminal.
And step S16, the first terminal groups the second terminals to obtain a plurality of groups of terminals, wherein each group of terminals comprises at least two second terminals.
And step S17, the first terminal divides a plurality of second terminals in each group of terminals into an active terminal and at least one passive terminal according to the configuration parameters of each group of terminals, wherein the configuration parameters of the active terminal in the group are superior to the configuration parameters of the passive terminal in the group.
In this embodiment, the configuration parameters of the second terminals are shared, that is, the first terminal may obtain the configuration parameters of each terminal. The configuration parameters include at least one of a computing resource and a bandwidth of the second terminal.
The first terminal firstly groups the second terminals to obtain a plurality of groups of terminals, and each group of terminals comprises at least two second terminals. The grouping may be by random grouping.
Each group of terminals has a plurality of second terminals, each second terminal having a corresponding configuration parameter, whereby each group of terminals corresponds to a plurality of configuration parameters. The first terminal divides a plurality of second terminals in each group of terminals into an active terminal and at least one passive terminal based on the configuration parameters of each group of terminals, and the configuration parameters of the active terminal in the group are superior to the configuration parameters of the passive terminal in the group. The merits of the configuration parameters can be determined according to the scores, and the determination of the scores refers to the above description, which is not repeated herein.
In the technical solution provided in this embodiment, the first terminal obtains the configuration parameters of each second terminal, and then groups the second terminals to obtain a plurality of groups of terminals. Therefore, the second terminals with excellent configuration parameters in the group are used as active terminals based on the configuration of each group of terminals, and the time length of each second terminal participating in federal learning can be further shortened.
Referring to fig. 5, fig. 5 is a fourth embodiment of the updating method of the federal learning model according to the present invention, and based on any one of the first to third embodiments, after step S30, the method further includes:
step S40, the first terminal uses the first public key generated by the active terminal in the first group to encrypt data to obtain first encrypted data, and uses the second public key generated by the active terminal in each second group to encrypt data to obtain second encrypted data, where the first group is the group where the first terminal is located, and the second group is the group other than the first group.
Step S50, the first terminal sends the first encrypted data to each of the active terminals, the passive terminals, and the third terminals of the second group, where the third terminals are terminals in the first group except the first terminal, and the first group and the second group are both composed of one active terminal and one passive terminal.
In this embodiment, the data owned by each second terminal is different, for example, a certain second terminal owns a sample label y (1 or-1), a sample xgWeight ωgIntercept b; while the other second terminals have samples x, respectively1~x3Weight ω1~ω3. And each second terminal participates in federal learning according to data owned by the second terminal. Each second terminal encrypts own data respectively by adopting all owned public keys to obtain encrypted data, then sends the encrypted data encrypted by the public key a (the public key a is generated by the active terminal of the group a) to the passive terminals of the groups other than the group a, and sends the encrypted data encrypted by the public key b (the public key b is generated by the active terminal of the group a) to the passive terminals and the passive terminals of the groups other than the group b. For example, the four second terminals are divided into two groups ab, and each second terminal sends the encrypted data encrypted by the public key a to the passive terminal and the active terminal of the group b, and sends the encrypted data encrypted by the public key b to the passive terminal and the active terminal of the group a, so that each second terminal can obtain each encrypted data generated by the public keys of other groups, for example, the active terminal of the group a can obtain three encrypted data encrypted by the public key b, the passive terminal of the group a can obtain three encrypted data encrypted by the public key b, the active terminal of the group b can obtain three encrypted data encrypted by the public key a, and the passive terminal of the group b can obtain three encrypted data encrypted by the public key a.
It can be understood that the first terminal obtains first encrypted data using data encrypted by a first public key generated by an active terminal in the first group (the first group is a group in which the first terminal is located), obtains second encrypted data using data encrypted by a second public key generated by the active terminal in each second group (the second group is a group other than the first group), and sends the first encrypted data to the active terminal, the passive terminal and a third terminal of each second group, the third terminal is a terminal other than the first terminal in the first group, and the first group and the second group are both composed of one active terminal and one passive terminal.
The following is still exemplified by four second terminals. The first terminal is an active terminal a of a group a, the third terminal is a passive terminal of the group a, the group b comprises an active terminal b and a passive terminal b, all four second terminals have a public key b (generated by the active terminal b) and a public key a (generated by the active terminal a), the active terminal a obtains encrypted data a1 and encrypted data b1 by using ab public key encrypted data 1, the passive terminal a obtains encrypted data a2 and encrypted data b2 by using ab public key encrypted data 2, the active terminal b obtains encrypted data a3 and encrypted data b3 by using a public key ab encrypted data 3, and the passive terminal b obtains encrypted data a4 and encrypted data b4 by using ab public key encrypted data 4.
The active terminal a sends a1 to the passive terminal b and the passive terminal b, and sends b1 to the passive terminal a;
the passive terminal a sends a2 to the passive terminal b and the passive terminal b, and sends b2 to the active terminal a;
the active terminal b sends b3 to the passive terminal a and the passive terminal a, and sends a3 to the passive terminal b;
the passive terminal b sends b4 to the passive terminal a and the passive terminal a, and sends a4 to the active terminal b;
the active terminal a receives b2, b3 and b4 encrypted by a b public key;
the passive terminal a receives b1, b3 and b4 encrypted by a b public key;
the active terminal b receives a1, a2 and a4 encrypted by a public key;
the passive terminal b receives a1, a2 and b3 encrypted by a public key.
If the grouping is three, the third group is group c, according to the above example, it can be determined that:
the active terminal a receives b2, b3, b4, b5 and b6 encrypted by a b public key, and receives c2, c3, c4, c5 and c6 encrypted by a c public key;
the passive terminal a receives b1, b3, b5 and b6 encrypted by a public key b, and receives c1, c3, c4, c5 and c6 encrypted by a public key c;
the active terminal b receives a1, a2, a4, a5 and a6 encrypted by a public key, and receives c1, c2, c4, c5 and c6 encrypted by c public key;
the passive terminal b receives a1, a2, a3, a5 and a6 encrypted by a public key, and receives c1, c2, c3, c5 and c6 encrypted by c public key;
the active terminal c receives a1, a2, a3, a4 and a6 encrypted by a public key, and receives b1, b2, b3, b4 and b6 encrypted by b public key;
the passive terminal c receives a1, a2, a3, a4 and a5 encrypted by a public key, and receives b1, b2, b3, b4 and b5 encrypted by b public key.
If the terminal is four groups or four groups, the encrypted data can be transmitted according to the logic.
Step S60, the first terminal receives third encrypted data respectively sent by the active terminal, the passive terminal, and the third terminal of each second group, where the third encrypted data is not obtained by encrypting with the first public key.
And the first terminal receives third encrypted data respectively sent by the active terminal, the passive terminal and the third terminal of each second group, and each third encrypted data is not obtained by encrypting the data by adopting the first public key. Specifically referring to the above example, the first terminal is the active terminal a, and receives b2, b3 and b4 encrypted by b public key.
Step S70, the first terminal determines, according to each third encrypted data obtained by encrypting the same public key, first ciphertext data corresponding to each second public key, where the first ciphertext data includes a first noise value of the first terminal.
The active terminal determines first ciphertext data corresponding to each second public key according to third encrypted data obtained by encrypting the same public key, wherein the first ciphertext data comprise a first noise value of the first terminal.
Still by way of example, if the parameters required for model update are gradients (the first ciphertext gradient is the first ciphertext data), and the first terminal is the active terminal a, b2, b3, b4, b5 and b6 which are encrypted by the b public key, and c2, c3, c4, c5 and c6 which are encrypted by the c public key are received; b. and c, if the public keys are the second public keys, summing the b2, b3, b4, b5 and b6 encrypted by the b public keys, and obtaining the average gradient corresponding to the b public key based on the obtained sum, and similarly, obtaining the average gradient corresponding to the c public key. That is, the current terminal determines the average gradient corresponding to each second public key according to the third encryption gradient obtained by encrypting the same public key. The first terminal obtains a first noise value of the first terminal, and then the average gradients corresponding to the public keys b and c are respectively operated with the first noise value to obtain a plurality of first ciphertext gradients, namely, a first ciphertext gradient corresponding to the public key b and a first ciphertext gradient corresponding to the public key c. The arithmetic method may be any one of addition, subtraction, multiplication, and division, and for example, the first ciphertext gradient corresponding to the b public key is equal to the average gradient corresponding to the b public key + the first noise value.
The average gradient is obtained by multiplying the sum of the encryption gradients corresponding to the same second public key by the total number of training samples and dividing the sum by the number of training samples. The training samples need to be subjected to queue sorting, so that a training sample set consisting of rows and columns can be obtained, and the number of the training samples refers to the number of the rows formed by the training samples in the training sample set. For example, each training sample constitutes a training sample set of 10 rows, and the number of pieces is 10.
In step S80, the first terminal sends the first ciphertext data to an active terminal that contains a private key for decrypting the first ciphertext data.
After obtaining each first ciphertext data, the first terminal sends the first ciphertext gradient to an active terminal containing a private key for decrypting the first ciphertext data. For example, the first ciphertext data corresponding to the public key b is sent to the active terminal b, and the first ciphertext data corresponding to the public key c is sent to the active terminal c.
In step S90, the first terminal receives the first decrypted data fed back by each active terminal, and updates the parameters of the internal model of the first terminal according to each first decrypted data and the first noise value.
The active terminal decrypts the first ciphertext data to obtain first decrypted data, the first decrypted data are returned to the first terminal, and the first terminal can update parameters of a model of the current terminal based on the first decrypted data and the first noise values. Specifically, when the data is a gradient, the first terminal subtracts the first noise value from each first decryption gradient to obtain a plurality of average gradients, and each average gradient is averaged again, where the average is the true gradient that the true model parameter needs to be updated.
In the technical solution provided in this embodiment, the first terminal uses the first public key generated by the active terminal of the first group where the first terminal is located to encrypt the first encrypted data to obtain the second encrypted data, and then sends the first encrypted data to the active terminal, the passive terminal, and the third terminal of each second group (the first group of the third terminal is a terminal other than the first terminal), and simultaneously receives the third encrypted data encrypted by the first public key at the active terminal, the passive terminal, and the third terminal of the second group, so that the first terminal determines the first ciphertext data containing the noise value of the first terminal based on each third encrypted data encrypted by the same public key, and sends the first ciphertext data to the active terminal capable of decrypting the first ciphertext data, and further receives the decrypted data fed back by each active terminal, finally, the parameters of the model are updated based on the respective decrypted data and the noise values. In the invention, the terminals participating in the longitudinal federal learning are divided into a plurality of groups of terminals, each group comprises an active terminal and a passive terminal, so that each group of terminals calculates the data of other groups of terminals and decrypts the encrypted data, thereby distributing the data calculation in the longitudinal federal learning to each participant, avoiding the terminal of a certain participant from adopting excessive resources to calculate data, and improving the stability of model training; furthermore, the first terminal receives data encrypted by public keys of other terminals, so that the current terminal cannot decrypt the encrypted data by using the own secret key to directly obtain data of other terminal models, and ciphertext data obtained by the plurality of encrypted data contains own noise value, so that the real data of the current terminal cannot be obtained after the other terminals decrypt the ciphertext data.
In one embodiment, when the data of the first terminal includes the intercept b and the gradient, the average gradient and the average intercept are required to update the parameters of the model when updating the parameters of the model.
Specifically, the first terminal may determine a ciphertext intercept corresponding to each second public key according to a third encryption gradient obtained by encrypting the same public key, where the ciphertext intercept includes a first noise value of the first terminal. The first terminal sends each ciphertext intercept to an active terminal that contains a private key to decrypt the ciphertext intercept. The active terminal decrypts the ciphertext intercept to obtain a decryption intercept, the decryption intercept is fed back to the first terminal, and the first terminal updates the parameters of the model according to the decryption intercepts, the first decryption gradients and the first noise value. Specifically, the first terminal subtracts the first noise value from each decryption intercept to obtain each average intercept, then calculates an average value for each average intercept, subtracts the first noise value from each first decryption gradient to obtain each average gradient, and calculates an average value for each average gradient, that is, updates the parameters of the model based on the two average values.
The average intercept is obtained by dividing the sum of encryption gradients corresponding to the same second public key by the number of the encryption gradients. The training samples need to be subjected to queue sorting, so that a training sample set consisting of rows and columns can be obtained, and the number of the training samples refers to the number of the rows formed by the training samples in the training sample set. For example, each training sample constitutes a training sample set of 10 rows, and the number of pieces is 10.
In an embodiment, the first terminal is an active terminal in the first group, that is, the first terminal decrypts the ciphertext data sent by the passive terminal.
The ciphertext data generated by the first terminal is defined as first ciphertext data, and the ciphertext data generated by the other second terminals is defined as second ciphertext data. The generation mode of the second ciphertext data is the same as that of the first ciphertext data, and is not described herein again, that is, the second ciphertext data includes a second noise value of the terminal that generates the second ciphertext data. The noise value possessed by the terminal that generates the second ciphertext data is defined as a second noise value.
And the first terminal receives second ciphertext data sent by each second group of the active terminal, the passive terminal and the third terminal, and each second ciphertext data is encrypted by the first public key generated by the first terminal. The first terminal contains a private key corresponding to the first public key, and the first terminal can decrypt each second ciphertext data to obtain second decrypted data corresponding to each second ciphertext data. Because the second ciphertext data comprises the noise value, the first terminal cannot obtain the real data of other terminals, and the leakage of the data is avoided. And the first terminal feeds back each second decrypted data to the terminal corresponding to the second decrypted data, wherein the terminal corresponding to the second decrypted data is the terminal generating the second ciphertext data corresponding to the second decrypted data.
In the technical scheme provided in this embodiment, the first terminal is an active terminal, and then the first terminal receives the second ciphertext data sent by the active terminal, the passive terminal and the third terminal of the first group for decryption, and then sends the second decrypted data obtained by decryption to a terminal corresponding to the second decrypted data, so that each terminal can update the model parameters based on the decrypted and un-compromised data.
In an embodiment, after the first terminal completes parameter updating of the model, the model after parameter updating needs to be trained by using a training sample, and after the training is completed, the first terminal needs to determine whether the trained model meets a convergence condition, for example, the first terminal may determine whether the model converges by using a training set gradient variation or a test set accuracy, precision, recall, ks, auc, f1, or other indexes. And if the convergence condition is not met, re-acquiring data based on the trained model, returning to execute the step of acquiring first encrypted data by using the first public key encrypted data generated by the active terminal in the first group, namely returning to execute the step S40-step S90, namely initiating the Federal learning to acquire data again to update the model parameters.
Based on the above embodiments, referring to fig. 6, the scheme of the present invention is briefly described by taking four terminals as an example of participating in vertical federal learning.
If the computing resources and the communication bandwidths of the four second terminals are the same, all the parties determine the role of each round according to the same randomization method. If the computing resources and the network bandwidth are different, two parties with the most resources and the most bandwidth are selected as active parties (active parties). As shown in FIG. 6, H is selected in the current round1Active _ a (active terminal a), H2As active _ b (active terminal b), the rest of the parties participate in the gradient calculation as passive _ a (passive terminal a) and passive _ b (passive terminal b) at random. Wherein party G possesses label y (1 or-1) and sample xgWeight ωgIntercept b, H1~H3Respectively possess a sample x1~x3Weight ω1~ω3
Each second terminal simultaneously performs the first step: encrypting and transmitting own plaintext (data) by using a public key of an active party, wherein the transmitted object specifically refers to the first step flow of fig. 6;
after the first step is completed, each second terminal simultaneously performs the second step: and the encrypted data is sent to an encrypted private key owner (active terminal) by adding noise, the decrypted data is returned by the active terminal after the active terminal decrypts the encrypted data, and each second terminal removes the noise updating model from the decrypted data respectively.
The following description will be given by taking the data as a gradient.
1. and active _ a and active _ b generate respective addition homomorphic encryption public private keys and send the public keys of active _ a and active _ b to all the participant terminals.
2. Active _ a (H) is used by all parties1) And active _ b (H)2) The gradient of the self part of the public key encryption is sent to all the b-party members (the active terminal b and the passive terminal b) by using the gradient of the active _ a public key encryption, and the gradient of the active _ b public key encryption is sent to the membersThere are a-party members (passive terminal a and active terminal a).
3. After the member of party b receives all the gradients encrypted by the public key of active _ a, the encrypted gradients are summed to obtain [ [ g ]res]]aThe member of party a receives all gradients encrypted by public key of active _ b and then sums to obtain [ [ g ]res]]b
4. Each party will [ [ g ]res]]Multiplying by the total number χ of training samples and dividing by the number of lines len (x) of the current round to obtain the average gradient, and generating noise
Figure BDA0003242921620000181
Added to the average gradient. Specifically, H1Calculated is that
Figure BDA0003242921620000182
To obtain [ [ G ]1]]b,H2Calculated is that
Figure BDA0003242921620000183
To obtain [ [ G ]2]]a,H3Calculated is that
Figure BDA0003242921620000184
To obtain [ [ G ]3]]bG is calculated by
Figure BDA0003242921620000185
To obtain [ [ G ]g]]a. In addition, since the intercept b is calculated at the G-side, its gradient is also calculated at the G-side, and the formula is
Figure BDA0003242921620000186
To obtain [ [ G ]b]]a
5. After the steps are completed, all the participants send the calculated ciphertext gradient added with the noise to the corresponding private key owner for decryption, and send the ciphertext gradient added with the noise back to each participant to remove the noise and update the weight of the participant (the G participant needs to update the intercept). Specifically, H1Send [ [ G ]1]]bTo active_b(H2) Performs decryption, active _ b (H)2) The decrypted G1Is sent to H1,H1Computing
Figure BDA0003242921620000187
And obtaining the real gradient required by updating the model parameters by self. H2、H3And G, similar operation is carried out, namely if the ciphertext owned by G is encrypted by the public key of active _ a, noise is added and sent to active _ a, and if the ciphertext owned by G is encrypted by the public key of active _ b, noise is added and sent to active _ b, and after decryption information is received, the noise is subtracted to obtain the gradient required by updating the model parameters.
The present invention also provides a terminal 700, and referring to fig. 7, the terminal 700 includes:
a grouping module 701, configured to group each second terminal participating in federal learning to obtain multiple groups of terminals, where a first terminal is one of the second terminals;
a sending module 702, configured to send role information corresponding to a role of each second terminal in a group in which the second terminal is located to the second terminal corresponding to the role information, where the role is an active terminal or a passive terminal, each group of terminals includes an active terminal and at least one passive terminal, the active terminal is configured to generate a public key, and the active terminal shares the generated public key with the second terminal;
an obtaining module 703 is configured to obtain a public key shared by each active terminal, where each second terminal updates a required parameter through each public key encryption model, so as to update a model parameter.
In one embodiment, terminal 700 includes:
an obtaining module 703, configured to obtain a configuration parameter of each second terminal, where the configuration parameter includes at least one of a computing resource and a bandwidth of the second terminal;
the sorting module is used for sorting the second terminals according to the sequence of the configuration parameters from good to bad to obtain a sorting serial number corresponding to each second terminal;
the determining module is used for determining the second terminal corresponding to each sequencing serial number sequenced before the preset serial number as an active terminal and determining the rest second terminals as passive terminals;
and the determining module is used for selecting one active terminal and at least one passive terminal to construct a group of terminals to obtain a plurality of groups of terminals.
In one embodiment, terminal 700 includes:
an obtaining module 703, configured to obtain a configuration parameter of each second terminal, where the configuration parameter includes at least one of a computing resource and a bandwidth of the second terminal;
a grouping module 701, configured to group the second terminals to obtain multiple groups of terminals, where each group of terminals includes at least two second terminals;
the grouping module 701 is configured to divide the plurality of second terminals in each group of terminals into an active terminal and at least one passive terminal according to the configuration parameters of each group of terminals, where the configuration parameters of the active terminal in the group are better than the configuration parameters of the passive terminal in the group.
In one embodiment, terminal 700 includes:
the encryption module is used for encrypting data by using a first public key generated by the active terminal in the first group to obtain first encrypted data and encrypting data by using a second public key generated by the active terminal in each second group to obtain second encrypted data, wherein the first group is the group where the first terminal is located, and the second group is the group except the first group;
a sending module 702, configured to send the first encrypted data to each of the active terminals, the passive terminals, and the third terminals of the second group, where the third terminal is a terminal in the first group except the first terminal, and each of the first group and the second group is composed of one active terminal and one passive terminal;
the receiving module is used for the first terminal to receive third encrypted data respectively sent by the active terminal, the passive terminal and the third terminal of each second group, wherein the third encrypted data are not obtained by encrypting with the first public key;
the encryption module is used for determining first ciphertext data corresponding to each second public key by the first terminal according to each third encrypted data obtained by encrypting the same public key, wherein the first ciphertext data comprise a first noise value of the first terminal;
a sending module 702, configured to send the first ciphertext data to an active terminal that includes a private key for decrypting the first ciphertext data;
and the receiving module is used for receiving the first decryption data fed back by each active terminal and updating the parameters of the internal model of the first terminal according to each first decryption data and the first noise value.
In one embodiment, terminal 700 includes:
the receiving module is used for receiving second ciphertext data sent by each second group of the active terminal, the passive terminal and the third terminal, the second ciphertext data are obtained by adopting the first public key for encryption, and the second ciphertext data comprise a second noise value of the terminal for generating the second ciphertext data;
the decryption module is used for decrypting each second ciphertext data according to the private key corresponding to the first public key to obtain each second decrypted data;
a sending module 702, configured to send the second decrypted data to a terminal corresponding to the second decrypted data, where the terminal corresponding to the second decrypted data is a terminal that sends second ciphertext data corresponding to the second decrypted data.
In one embodiment, terminal 700 includes:
the training module is used for the first terminal to train the model with the updated parameters according to each training sample;
the obtaining module 703 is configured to, when the trained model does not satisfy the convergence condition, obtain data again according to the trained model, and return to the step of obtaining the first encrypted data by using the first public key encrypted data generated by the active terminal in the first group.
Fig. 8 is a diagram illustrating a hardware configuration of a terminal according to an exemplary embodiment.
The terminal 800 may include: a processor 801, such as a CPU, a memory 802, and a transceiver 803. Those skilled in the art will appreciate that the configuration shown in fig. 8 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. The memory 802 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
The processor 801 may invoke a computer program stored in the memory 802 to perform all or a portion of the steps of the above-described update method of the federated learning model.
The transceiver 803 is used for receiving and transmitting information from and to an external device.
A non-transitory computer readable storage medium, wherein instructions, when executed by a processor of a terminal, enable the terminal to perform the above-described method of updating a federal learning model.
A computer program product comprising a computer program which, when executed by a processor of a terminal, enables the terminal to perform the above method of updating a federal learning model.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (11)

1. An updating method of a federated learning model is characterized by comprising the following steps:
a first terminal groups second terminals participating in federal learning to obtain a plurality of groups of terminals, wherein the first terminal is one of the second terminals;
the first terminal sends role information corresponding to the role of each second terminal in a group where the second terminal is located to the second terminal corresponding to the role information, wherein the role is an active terminal or a passive terminal, each group of terminals comprises an active terminal and at least one passive terminal, the active terminal is used for generating a public key, and the active terminal shares the generated public key with the second terminal;
and the first terminal acquires the public key shared by each active terminal, wherein each second terminal updates the required parameters through each public key encryption model so as to update the model parameters.
2. The method for updating a federal learning model according to claim 1, wherein the step of grouping, by the first terminal, each of the second terminals participating in federal learning into a plurality of groups of terminals includes:
the first terminal acquires configuration parameters of each second terminal, wherein the configuration parameters comprise at least one of computing resources and bandwidth of the second terminals;
the first terminal sorts the second terminals according to the sequence of the configuration parameters from good to bad to obtain a sorting sequence number corresponding to each second terminal;
the first terminal determines a second terminal corresponding to each sequencing serial number sequenced before a preset serial number as an active terminal, and determines the rest second terminals as passive terminals;
and the first terminal selects one active terminal and at least one passive terminal to construct a group of terminals to obtain a plurality of groups of terminals.
3. The method for updating a federal learning model according to claim 1, wherein the step of grouping, by the first terminal, each of the second terminals participating in federal learning into a plurality of groups of terminals includes:
the first terminal acquires configuration parameters of each second terminal, wherein the configuration parameters comprise at least one of computing resources and bandwidth of the second terminals;
the first terminal groups the second terminals to obtain a plurality of groups of terminals, wherein each group of terminals comprises at least two second terminals;
the first terminal divides a plurality of second terminals in each group of terminals into an active terminal and at least one passive terminal according to the configuration parameters of each group of terminals, wherein the configuration parameters of the active terminals in the group are superior to the configuration parameters of the passive terminals in the group.
4. The method for updating a federal learning model according to claim 1, wherein the step of obtaining the public key shared by each active terminal by the first terminal is followed by further comprising:
the first terminal encrypts the data by using a first public key generated by the active terminal in the first group to obtain first encrypted data, and encrypts the data by using a second public key generated by the active terminal in each second group to obtain second encrypted data, wherein the first group is the group where the first terminal is located, and the second group is the group except the first group;
the first terminal sends the first encrypted data to an active terminal, a passive terminal and a third terminal of each second group, wherein the third terminal is a terminal in the first group except the first terminal, and the first group and the second group are both composed of one active terminal and one passive terminal;
the first terminal receives third encrypted data respectively sent by each second group of active terminals, passive terminals and the third terminal, wherein the third encrypted data are not obtained by encrypting with the first public key;
the first terminal determines first ciphertext data corresponding to each second public key according to each third encrypted data obtained by encrypting the same public key, wherein the first ciphertext data comprise a first noise value of the first terminal;
the first terminal sends the first ciphertext data to an active terminal containing a private key for decrypting the first ciphertext data;
and the first terminal receives first decryption data fed back by each active terminal and updates parameters of the internal model of the first terminal according to each first decryption data and the first noise value.
5. The method for updating a federated learning model as recited in claim 4, wherein the first terminal is an active terminal of the first group, and wherein the step of sending the first ciphertext data to an active terminal that includes a private key to decrypt the first ciphertext data further comprises:
the first terminal receives second ciphertext data sent by each second group of the active terminal, the passive terminal and the third terminal, the second ciphertext data are obtained by adopting a first public key for encryption, and the second ciphertext data comprise a second noise value of the terminal which generates the second ciphertext data;
the first terminal decrypts the second ciphertext data according to a private key corresponding to the first public key to obtain second decrypted data;
and the first terminal sends the second decrypted data to a terminal corresponding to the second decrypted data, wherein the terminal corresponding to the second decrypted data is a terminal sending second ciphertext data corresponding to the second decrypted data.
6. The method for updating a federal learning model as claimed in claim 4, wherein the step of updating parameters of the first intra-terminal model according to the respective first decrypted data, the data and the first noise value is followed by further comprising:
the first terminal trains the model with the updated parameters according to each training sample;
and when the trained model does not meet the convergence condition, the first terminal acquires data again according to the trained model and returns to execute the step of encrypting the data by using the first public key generated by the active terminal in the first group to obtain first encrypted data.
7. The method for updating a federal learning model as claimed in any one of claims 1-6, wherein each group of terminals comprises an active terminal and a passive terminal.
8. A terminal, comprising:
the system comprises a grouping module, a processing module and a processing module, wherein the grouping module is used for grouping all second terminals participating in federal learning to obtain a plurality of groups of terminals, the first terminal is one of the second terminals, and the first terminal is one of the second terminals;
the sending module is used for sending role information corresponding to the role of each second terminal in a group where the second terminal is located to the second terminal corresponding to the role information, wherein the role is an active terminal or a passive terminal, each group of terminals comprises an active terminal and at least one passive terminal, the active terminal is used for generating a public key, and the active terminal shares the generated public key with the second terminal;
and the obtaining module is used for obtaining the public key shared by each active terminal, wherein each second terminal updates the required parameters through each public key encryption model so as to update the model parameters.
9. A terminal, comprising: a memory and a processor;
the memory stores computer-executable instructions;
the processor executing the memory-stored computer-executable instructions cause the processor to perform the method for updating a federated learning model as recited in any one of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer executable instructions for implementing a method for updating a federal learning model as claimed in any one of claims 1 to 7 when executed by a processor.
11. A computer program product comprising a computer program, wherein the computer program, when executed by a processor, implements a method for updating a federal learning model as claimed in any of claims 1 to 7.
CN202111024641.7A 2021-09-02 2021-09-02 Updating method and device of federal learning model Active CN113657614B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111024641.7A CN113657614B (en) 2021-09-02 2021-09-02 Updating method and device of federal learning model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111024641.7A CN113657614B (en) 2021-09-02 2021-09-02 Updating method and device of federal learning model

Publications (2)

Publication Number Publication Date
CN113657614A true CN113657614A (en) 2021-11-16
CN113657614B CN113657614B (en) 2024-03-01

Family

ID=78493442

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111024641.7A Active CN113657614B (en) 2021-09-02 2021-09-02 Updating method and device of federal learning model

Country Status (1)

Country Link
CN (1) CN113657614B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020244070A1 (en) * 2019-06-06 2020-12-10 平安科技(深圳)有限公司 Digital information encryption method and apparatus, computer device, and storage medium
CN112288101A (en) * 2020-10-29 2021-01-29 平安科技(深圳)有限公司 GBDT and LR fusion method, device, equipment and storage medium based on federal learning
CN112668046A (en) * 2020-12-24 2021-04-16 深圳前海微众银行股份有限公司 Feature interleaving method, apparatus, computer-readable storage medium, and program product
US20210143987A1 (en) * 2019-11-13 2021-05-13 International Business Machines Corporation Privacy-preserving federated learning
US20210174243A1 (en) * 2019-12-06 2021-06-10 International Business Machines Corporation Efficient private vertical federated learning
CN113052334A (en) * 2021-04-14 2021-06-29 中南大学 Method and system for realizing federated learning, terminal equipment and readable storage medium
CN113297396A (en) * 2021-07-21 2021-08-24 支付宝(杭州)信息技术有限公司 Method, device and equipment for updating model parameters based on federal learning

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020244070A1 (en) * 2019-06-06 2020-12-10 平安科技(深圳)有限公司 Digital information encryption method and apparatus, computer device, and storage medium
US20210143987A1 (en) * 2019-11-13 2021-05-13 International Business Machines Corporation Privacy-preserving federated learning
US20210174243A1 (en) * 2019-12-06 2021-06-10 International Business Machines Corporation Efficient private vertical federated learning
CN112288101A (en) * 2020-10-29 2021-01-29 平安科技(深圳)有限公司 GBDT and LR fusion method, device, equipment and storage medium based on federal learning
CN112668046A (en) * 2020-12-24 2021-04-16 深圳前海微众银行股份有限公司 Feature interleaving method, apparatus, computer-readable storage medium, and program product
CN113052334A (en) * 2021-04-14 2021-06-29 中南大学 Method and system for realizing federated learning, terminal equipment and readable storage medium
CN113297396A (en) * 2021-07-21 2021-08-24 支付宝(杭州)信息技术有限公司 Method, device and equipment for updating model parameters based on federal learning

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周俊;沈华杰;林中允;曹珍富;董晓蕾;: "边缘计算隐私保护研究进展", 计算机研究与发展, no. 10 *

Also Published As

Publication number Publication date
CN113657614B (en) 2024-03-01

Similar Documents

Publication Publication Date Title
Archer et al. From keys to databases—real-world applications of secure multi-party computation
WO2021022707A1 (en) Hybrid federated learning method and architecture
Shen et al. From distributed machine learning to federated learning: In the view of data privacy and security
CN113127916B (en) Data set processing method, data processing method, device and storage medium
EP3075098B1 (en) Server-aided private set intersection (psi) with data transfer
CN109413087A (en) Data sharing method, device, digital gateway and computer readable storage medium
CN111986755A (en) Data sharing system based on block chain and attribute-based encryption
CN109617699A (en) A kind of key generation method, block chain network service platform and storage medium
Sotthiwat et al. Partially encrypted multi-party computation for federated learning
CN114595835B (en) Model training method and device based on federal learning, equipment and storage medium
CN114254386A (en) Federated learning privacy protection system and method based on hierarchical aggregation and block chain
CN113922957B (en) Virtual cloud wallet system based on privacy protection calculation
Vladimirov et al. Security and privacy protection obstacles with 3D reconstructed models of people in applications and the metaverse: A survey
CN112597542B (en) Aggregation method and device of target asset data, storage medium and electronic device
WO2018099577A1 (en) System and method for providing a collective decentralized authority for sharing sensitive data
CN115688185B (en) Multiparty privacy summation method, multiparty privacy summation device, electronic equipment and storage medium
Firoozjaei et al. EVChain: A blockchain-based credit sharing in electric vehicles charging
US11615354B2 (en) Blockchain based project evaluation method and system
CN113657616B (en) Updating method and device of federal learning model
Mufiidah et al. The benefits, challenges, and future of blockchain and the internet of things
CN113657614A (en) Method and device for updating federal learning model
Wang et al. FRNet: An MCS framework for efficient and secure data sensing and privacy protection in IoVs
CN114760067A (en) Block chain group intelligent perception system privacy security protection method using zero knowledge certification
CN113656829A (en) Medical data security sharing method based on lattice code and alliance chain
Anceaume et al. Extending signatures of reputation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant