CN114742143A - Safe training model construction method, device and system based on federal learning - Google Patents

Safe training model construction method, device and system based on federal learning Download PDF

Info

Publication number
CN114742143A
CN114742143A CN202210340718.XA CN202210340718A CN114742143A CN 114742143 A CN114742143 A CN 114742143A CN 202210340718 A CN202210340718 A CN 202210340718A CN 114742143 A CN114742143 A CN 114742143A
Authority
CN
China
Prior art keywords
node
determining
state
training data
difference value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210340718.XA
Other languages
Chinese (zh)
Inventor
黄秀丽
石聪聪
费稼轩
于鹏飞
高先周
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Big Data Center Of State Grid Corp Of China
Global Energy Internet Research Institute Co ltd Nanjing Branch
State Grid Corp of China SGCC
State Grid Jiangsu Electric Power Co Ltd
Original Assignee
Big Data Center Of State Grid Corp Of China
Global Energy Internet Research Institute Co ltd Nanjing Branch
State Grid Corp of China SGCC
State Grid Jiangsu Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Big Data Center Of State Grid Corp Of China, Global Energy Internet Research Institute Co ltd Nanjing Branch, State Grid Corp of China SGCC, State Grid Jiangsu Electric Power Co Ltd filed Critical Big Data Center Of State Grid Corp Of China
Priority to CN202210340718.XA priority Critical patent/CN114742143A/en
Publication of CN114742143A publication Critical patent/CN114742143A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/044Recurrent networks, e.g. Hopfield networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/049Temporal neural networks, e.g. delay elements, oscillating neurons or pulsed inputs
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Abstract

The embodiment of the invention relates to the technical field of computers, in particular to a method, a device, a system and a storage medium for building a security training model based on federal learning. The method comprises the following steps: the method comprises the steps of obtaining current training data uploaded by each node after differential privacy processing, obtaining at least one historical training data and a historical dimension reduction difference value corresponding to each node, determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node, comparing and judging whether the current node fails or not by using a prediction result and a true result, screening each node according to the state, determining a screening result, training a pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node. Therefore, abnormal points in the federal learning process can be eliminated, and the working efficiency is greatly improved.

Description

Safe training model construction method, device and system based on federal learning
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a method, a device, a system and a storage medium for building a security training model based on federal learning.
Background
Federated Learning (Federal Learning) is a distributed machine Learning framework that supports multiple nodes to collaboratively train models without exchanging local data. Since federal learning is still in the early development stage, many safety issues are still faced in urgent need. In the electric power federal learning system, the quality of data provided by each electric power node may be uneven, and some nodes may upload wrong parameters to the aggregation server or stop sending the parameters to the aggregation server due to external attack or internal failure, so that the performance of the global model is reduced.
Therefore, a method for detecting an abnormal node is needed to solve the above problems.
Disclosure of Invention
In view of this, to solve the above technical problems in the prior art, embodiments of the present invention provide a method, an apparatus, a system, and a storage medium for building a security training model based on federal learning.
In a first aspect, an embodiment of the present invention provides a method for building a security training model based on federal learning, where the method includes:
acquiring current training data which are uploaded by each node and subjected to differential privacy processing, wherein the current training data are obtained after each node trains an initial model pre-configured in each node;
acquiring at least one historical training data and a historical dimension reduction difference value corresponding to each node;
determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node;
screening each node according to the state, and determining a screening result;
and training the pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node.
In one possible embodiment, determining the state of each node based on the current training data, the historical training data and the historical dimensionality reduction difference value of each node comprises:
acquiring historical training data of the ith node in all nodes;
determining a real difference value between the historical training data and the current training data;
sending the real difference value into a preset dimension reduction model, and determining a real dimension reduction difference value after dimension reduction;
sending at least one historical dimension reduction difference value corresponding to the ith node into a preset prediction model, and determining a predicted dimension reduction difference value, wherein i is a positive integer;
sending the predicted dimension reduction difference value into a preset dimension increasing model, and determining a corresponding predicted difference value;
and determining the state of each node based on the real difference, the predicted difference, the real dimensionality reduction difference and the predicted dimensionality reduction difference.
In one possible embodiment, determining the state of each node based on the true difference, the predicted difference, the true dimensionality-reduced difference, and the predicted dimensionality-reduced difference comprises:
judging the relation between a first Euclidean distance between the real difference value and the prediction difference value and a preset first threshold value, and determining a first judgment result;
judging the relation between a second Euclidean distance between the real dimension reduction difference value and the predicted dimension reduction difference value and a preset second threshold value, and determining a second judgment result;
and determining the state of the ith node based on the first judgment result and the second judgment result.
In one possible embodiment, determining the state of the ith node based on the first determination result and the second determination result includes:
when the first Euclidean distance is smaller than a first threshold value and the second Euclidean distance is smaller than a second threshold value, determining that the state of the ith node is a first state;
when the first Euclidean distance is greater than a first threshold value and the second Euclidean distance is smaller than a second threshold value, or the first Euclidean distance is smaller than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the state of the ith node is a second state;
and when the first Euclidean distance is greater than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the ith node state is a third state.
In one possible embodiment, training the pre-configured initial model based on the screening result, determining the target model and distributing the target model to each node includes:
screening out nodes of which the states are first states and nodes of which the states are second states;
training the pre-configured model based on the training data of the nodes with the first node states to determine a target model;
and respectively sending the target model to the nodes of which the node states are the first states and the nodes of which the node states are the second states.
In one possible embodiment, the method further comprises:
screening out nodes with the states of all the nodes as third states;
and sending error data to the node with the node state as the third state.
In one possible embodiment, acquiring the current training data uploaded by each node after the differential privacy processing includes:
respectively sending the initial model to each node so that the nodes train the initial model and determine gradient data generated in the training process;
and receiving the privacy gradient data uploaded by each node and subjected to the differential privacy processing, and taking the privacy gradient data as current training data.
In a second aspect, an embodiment of the present invention provides a security training model building apparatus based on federal learning, including:
the acquisition module is used for acquiring current training data uploaded by each node and subjected to differential privacy processing, wherein the current training data are obtained by each node after training an initial model pre-configured in each node; acquiring at least one historical training data and a historical dimension reduction difference value corresponding to each node;
the processing module is used for determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node; screening each node according to the state, and determining a screening result;
and the determining module is used for training the pre-configured initial model based on the screening result, determining the target model and distributing the target model to each node.
In a third aspect, the present application provides an electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the steps of the method according to any one of the first aspect.
In a fourth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, carries out the steps of the method according to any one of the first aspects.
The invention provides a security training model construction method based on federal learning, which comprises the steps of obtaining current training data which are uploaded by each node and subjected to differential privacy processing, greatly protecting privacy among the nodes through the differential privacy processing, obtaining at least one historical training data and a historical dimension reduction difference value which correspond to each node, determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node, comparing and judging whether the current node fails according to the prediction and true results, screening each node according to the state, determining the screening result, training a pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node. Therefore, abnormal points in the process of federal learning can be eliminated, the points can be attacked, the safety of federal learning can be greatly improved by eliminating the abnormal nodes, and the working efficiency is greatly improved.
Drawings
FIG. 1 is a schematic flow chart of a method for building a security training model based on federated learning according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a method for determining states of nodes according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for determining states of nodes according to an embodiment of the present invention;
fig. 4 is a schematic diagram illustrating node status screening according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus constructed by a security training model based on federal learning according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a system for constructing a security training model based on federal learning according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention.
All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For the convenience of understanding of the embodiments of the present invention, the following description will be further explained with reference to specific embodiments, which are not to be construed as limiting the embodiments of the present invention.
Fig. 1 is a schematic flow chart of a method for building a security training model based on federal learning according to an embodiment of the present invention, and the method includes steps of an execution process, which may be specifically shown in fig. 1, and includes:
and step 110, acquiring the current training data uploaded by each node and subjected to the differential privacy processing.
Specifically, the current training data is obtained after each node trains an initial model pre-configured in each node.
It should be noted that, in practical applications, various data may be used as, for example: model gradients, model loss function results, etc., are not limited herein, subject to practical application.
Optionally, in an example, the initial model is sent to each node, so that the nodes train the initial model, determine gradient data generated in a training process, receive privacy gradient data uploaded by each node after differential privacy processing, and use the privacy gradient data as current training data.
These current training data are the basis for determining whether the node is normal in the next step.
And step 120, acquiring at least one corresponding historical training data and historical dimension reduction difference value of each node.
Specifically, the historical training data and the historical dimensionality reduction difference value can be directly obtained from the database.
Further, it should be noted that, in an embodiment, when each child node uploads its own current training data to the aggregation server for the first time, there is no so-called historical data, and there is no security check using the historical training data and the historical dimensionality reduction difference value from the subsequent step, so in this case, the default initial condition, that is, the data initially uploaded at each child node is correct,
in the initial state, the states of all the child nodes are normal.
When enough of the historical training data and historical dimensionality reduction difference values have been accumulated, the following steps are performed using these data.
And step 130, determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node.
Specifically, because the historical data is definitely correct, the prediction result obtained by predicting according to the historical data should be not much different from the current actual result, and based on this concept, in combination with the data obtained by the above steps, there are the following steps shown in fig. 2 to determine the state of each node:
and step 210, acquiring historical training data of the ith node in all the nodes.
Specifically, the historical training data may be obtained directly from the database.
Further, historical training data is obtained for calculating the true difference in step 220, and the prediction in step 240.
Step 220, determine the true difference between the historical training data and the current training data.
Specifically, in this step, the used historical training data is only the training data one time before the current training data.
In one embodiment, assuming federal learning has proceeded to round 8, then the current training data is recorded as g8The historical training data referenced in step 220 need only be g7And (4) finishing.
Further, after obtaining the historical training data, the true difference D may be calculated according to the following formulaj
Dj=gj-gj-1
Wherein, gjTraining data for the j-th round.
And step 230, sending the real difference value into a preset dimension reduction model, and determining the real dimension reduction difference value after dimension reduction.
In particular, the dimension reduction model includes, but is not limited to, the following models, for example: an autoencoder, a principal component analysis model, etc., without limitation.
In an alternative embodiment, it is assumed that there is a true difference DjAnd assuming that the dimension reduction model is a self-encoder, it will be true that the interpolation D isjSending the data to an autoencoder to generate a real dimension reduction difference d after dimension reductionj. The true dimensionality-reduced difference value will also be used in subsequent calculations.
And 240, sending at least one historical dimension reduction difference value corresponding to the ith node into a preset prediction model, and determining a predicted dimension reduction difference value.
Specifically, in an alternative embodiment, the prediction model may be a Long Short-Term Memory (LSTM) model, and when using LSTM, the historical dimension reduction difference value needs to be input to generate the current predicted dimension reduction difference value.
For example, assume that there is a set of historical dimension-reduced difference values [ d ]j-1,dj-2,dj-3]According to three historical dimension reduction difference values contained in the set, the LSTM model outputs a predicted dimension reduction difference value for predicting j th round of federal learning, and the predicted dimension reduction difference value is recorded as d'j
In the present embodiment, the LSTM model is used as a prediction model, but in practical application, the LSTM model is not limited to this model, and may be any prediction model, and is not limited thereto.
And 250, sending the predicted dimension reduction difference value into a preset dimension increasing model, and determining a corresponding predicted difference value.
Specifically, after obtaining the predicted dimensionality reduction difference value through step 240, the predicted difference value also needs to be obtained through the dimensionality increasing model.
In an alternative example, the decoder may be taken as the dimension-increasing model and the predicted dimension-reduced difference d 'may be taken'jInput to a decoder to obtainObtaining a prediction difference value D 'after dimensionality'j
And step 260, determining the state of each node based on the real difference, the predicted difference, the real dimension-reduction difference and the predicted dimension-reduction difference.
Specifically, through the processing of steps 210 to 250, the true difference D can be obtainedjPredicting the difference D'jTrue dimension reduction difference djAnd predicting a dimension reduction difference d'jThe state of each node can be determined. The specific node state determination process may be determined according to the steps shown in fig. 3.
In step 310, a relationship between a first euclidean distance between the real difference and the predicted difference and a preset first threshold is determined, and a first determination result is determined.
Specifically, the first euclidean distance between the true difference and the predicted difference may be calculated by the following formula:
Figure BDA0003575909360000081
wherein i is the ith node,
Figure BDA0003575909360000082
the true difference of the ith node, the jth round,
Figure BDA0003575909360000083
the ith node, the predicted difference for the jth round.
Further, the magnitude relation between the first euclidean distance and the preset first threshold is recorded as a first judgment result for subsequent state judgment.
And step 320, judging the relation between a second Euclidean distance between the real dimension reduction difference value and the predicted dimension reduction difference value and a preset second threshold value, and determining a second judgment result.
Specifically, the second euclidean distance between the true difference and the predicted difference may be calculated by the following formula:
Figure BDA0003575909360000084
wherein i is the ith node,
Figure BDA0003575909360000085
the ith node, the true dimensionality reduction difference value of the jth round,
Figure BDA0003575909360000086
and the ith node and the jth round of predicted dimensionality reduction difference value.
Further, the magnitude relation between the second euclidean distance and a preset second threshold is recorded as a second judgment result for subsequent state judgment.
Step 330, determining the status of the ith node based on the first and second determination results.
Specifically, after the above steps 310 and 320 are obtained, the following three situations occur:
(1) and when the first Euclidean distance is smaller than a first threshold value and the second Euclidean distance is smaller than a second threshold value, determining that the state of the ith node is the first state.
(2) And when the first Euclidean distance is greater than a first threshold value and the second Euclidean distance is less than a second threshold value, or the first Euclidean distance is less than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the state of the ith node is the second state.
(3) And when the first Euclidean distance is greater than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the ith node state is a third state.
And 140, screening each node according to the state to determine a screening result.
Specifically, the state of each node is determined according to the method described in the above step 130, and the node state is subjected to screening and classification.
In an alternative embodiment, referring to fig. 4, it is assumed that there are 5 nodes, which are A, B, C, D, E respectively, where a is the first state, B is the third state, C is the first state, D is the second state, and E is the third state, after the nodes are filtered and classified, a and C are one class, D is one class, and B, E is one class.
And 150, training the pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node.
Specifically, according to the screening result in step 140, the preconfigured model is trained based on the training data of the node whose node state is the first state, and the target model is determined.
Further, the target model is respectively sent to the nodes of which the node states are the first states and the nodes of which the node states are the second states. Obviously, for a node in the first state, the aggregation server receives data and transmits data to the node, and for a node in the second state, the aggregation server only transmits data to the node and does not receive the data transmitted by the node.
Further, screening out nodes with the node states of the third state, and if the aggregation server determines that the nodes are unsafe, pulling the nodes into a blacklist, refusing to adopt the data sent by the nodes, and sending error data to the nodes with the node states of the third state.
It should be noted that after pulling in the blacklist, the aggregation server may send error data to the node whose node state is the third state, or may close a channel of the node whose node state is the third state, and refuse to interact with the node whose node state is the third state.
The invention provides a security training model construction method based on federal learning, which comprises the steps of obtaining current training data which are uploaded by each node and subjected to differential privacy processing, greatly protecting privacy among the nodes through the differential privacy processing, obtaining at least one historical training data and a historical dimension reduction difference value which correspond to each node, determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node, comparing and judging whether the current node fails according to the prediction and true results, screening each node according to the state, determining the screening result, training a pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node. Therefore, abnormal points in the process of federal learning can be eliminated, the points can be attacked, the safety of federal learning can be greatly improved by eliminating the abnormal nodes, and the working efficiency is greatly improved.
Fig. 5 is a safety training model building device based on federal learning according to an embodiment of the present invention, where the device includes: an obtaining module 501, a processing module 502 and a determining module 503.
An obtaining module 501, configured to obtain current training data uploaded by each node and subjected to differential privacy processing, where the current training data is obtained after each node trains an initial model preconfigured in each node; acquiring at least one historical training data and a historical dimension reduction difference value corresponding to each node;
a processing module 502, configured to determine a state of each node based on current training data, historical training data, and a historical dimension reduction difference of each node; screening each node according to the state, and determining a screening result;
and a determining module 503, configured to train the preconfigured initial model based on the screening result, determine a target model, and distribute the target model to each node.
A processing module 502, configured to obtain historical training data of an ith node in all nodes;
determining a real difference value between the historical training data and the current training data;
sending the real difference value into a preset dimension reduction model, and determining a real dimension reduction difference value after dimension reduction;
sending at least one historical dimension reduction difference value corresponding to the ith node into a preset prediction model, and determining a predicted dimension reduction difference value, wherein i is a positive integer;
sending the predicted dimension reduction difference value into a preset dimension increasing model, and determining a corresponding predicted difference value;
and determining the state of each node based on the real difference, the predicted difference, the real dimensionality reduction difference and the predicted dimensionality reduction difference.
A processing module 502, configured to determine a relationship between a first euclidean distance between the true difference and the predicted difference and a preset first threshold, and determine a first determination result;
judging the relation between a second Euclidean distance between the real dimension reduction difference value and the predicted dimension reduction difference value and a preset second threshold value, and determining a second judgment result;
and determining the state of the ith node based on the first judgment result and the second judgment result.
A processing module 502, configured to determine that the ith node state is the first state when the first euclidean distance is smaller than the first threshold and the second euclidean distance is smaller than the second threshold;
when the first Euclidean distance is greater than a first threshold value and the second Euclidean distance is smaller than a second threshold value, or the first Euclidean distance is smaller than the first threshold value and the second Euclidean distance is greater than the second threshold value, the state of the ith node is determined to be a second state;
and when the first Euclidean distance is greater than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the ith node state is a third state.
A determining module 503, configured to screen out nodes of which the states of the nodes are the first states and nodes of which the states of the nodes are the second states;
training the pre-configured model based on the training data of the nodes of which the states are the first states, and determining a target model;
and respectively sending the target model to the nodes of which the node states are the first states and the nodes of which the node states are the second states.
A determining module 503, configured to screen out nodes whose node states are the third states;
and sending error data to the node with the node state as the third state.
An obtaining module 501, configured to send the initial model to each node, so that the node trains the initial model, and determines gradient data generated in a training process;
and receiving the privacy gradient data uploaded by each node and subjected to the differential privacy processing, and taking the privacy gradient data as current training data.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an electronic device according to an alternative embodiment of the present invention, and as shown in fig. 6, the electronic device may include: at least one processor 61, e.g. CPU
(Central Processing Unit), at least one communication interface 63, memory 64, at least one communication bus 62. Wherein a communication bus 62 is used to enable the connection communication between these components. The communication interface 63 may include a Display (Display) and a Keyboard (Keyboard), and the optional communication interface 63 may also include a standard wired interface and a standard wireless interface. The Memory 64 may be a high-speed RAM Memory (volatile Random Access Memory) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The memory 64 may optionally be at least one memory device located remotely from the processor 61. Wherein the processor 61 may be in connection with the apparatus described in fig. 6, an application program is stored in the memory 64, and the processor 61 calls the program code stored in the memory 64 for performing any of the above-mentioned method steps.
The communication bus 62 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The communication bus 62 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.
The memory 64 may include a volatile memory (RAM), such as a random-access memory (RAM); the memory may also include a non-volatile memory (such as a flash memory), a hard disk (HDD) or a solid-state drive (SSD); the memory 64 may also comprise a combination of the above kinds of memories.
The processor 61 may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of a CPU and an NP.
The processor 61 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof. The PLD may be a Complex Programmable Logic Device (CPLD), a field-programmable gate array (FPGA), a General Array Logic (GAL), or any combination thereof.
Optionally, the memory 64 is also used to store program instructions. The processor 61 may call program instructions to implement a method as shown in any of the embodiments of the present application.
Embodiments of the present invention further provide a non-transitory computer storage medium, where computer executable instructions are stored, and the computer executable instructions may execute the method in any of the above method embodiments. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD) or a Solid State Drive (SSD), etc.; the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.

Claims (10)

1. A safe training model construction method based on federal learning is characterized by comprising the following steps:
acquiring current training data which are uploaded by each node and subjected to differential privacy processing, wherein the current training data are obtained by training initial models pre-configured in each node by each node;
obtaining at least one historical training data and a historical dimension reduction difference value corresponding to each node;
determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node;
screening each node according to the state to determine a screening result;
and training the pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node.
2. The method of claim 1, wherein determining the state of each of the nodes based on the current training data, the historical training data, and the historical dimension reduction difference value of each of the nodes comprises:
acquiring historical training data of the ith node in all the nodes;
determining a true difference between the historical training data and the current training data;
sending the real difference value into a preset dimension reduction model, and determining a real dimension reduction difference value after dimension reduction;
sending at least one historical dimension reduction difference value corresponding to the ith node into a preset prediction model, and determining a predicted dimension reduction difference value, wherein i is a positive integer;
sending the predicted dimension reduction difference value into a preset dimension increasing model, and determining a corresponding predicted difference value;
and determining the state of each node based on the real difference value, the predicted difference value, the real dimensionality reduction difference value and the predicted dimensionality reduction difference value.
3. The method of claim 2, wherein determining the state of each of the nodes based on the true difference, the predicted difference, the true reduced-dimension difference, and the predicted reduced-dimension difference comprises:
judging the relation between a first Euclidean distance between the real difference value and the prediction difference value and a preset first threshold value, and determining a first judgment result;
judging the relation between a second Euclidean distance between the real dimension reduction difference value and the predicted dimension reduction difference value and a preset second threshold value, and determining a second judgment result;
and determining the state of the ith node based on the first judgment result and the second judgment result.
4. The method of claim 3, wherein the determining the state of the ith node based on the first determination result and the second determination result comprises:
when the first Euclidean distance is smaller than the first threshold value and the second Euclidean distance is smaller than the second threshold value, determining that the ith node state is a first state;
when the first Euclidean distance is greater than the first threshold value and the second Euclidean distance is smaller than the second threshold value, or the first Euclidean distance is smaller than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the ith node state is a second state;
and when the first Euclidean distance is greater than the first threshold value and the second Euclidean distance is greater than the second threshold value, determining that the ith node state is a third state.
5. The method of claim 1, wherein training the preconfigured initial model based on the screening results, determining a target model and distributing to each of the nodes comprises:
screening out nodes of which the node states are first states and nodes of which the node states are second states;
training the pre-configured model based on the training data of the nodes with the node states being the first states to determine a target model;
and respectively sending the target model to each node with the node state as a first state and each node with the node state as a second state.
6. The method of claim 5, further comprising:
screening out nodes of which the node states are third states;
and sending error data to the node with the node state being the third state.
7. The method according to claim 1, wherein the obtaining of the current training data uploaded by each node after the differential privacy processing comprises:
respectively sending the initial model to each node so that the nodes train the initial model and determine gradient data generated in the training process;
and receiving the privacy gradient data uploaded by each node and subjected to differential privacy processing, and taking the privacy gradient data as current training data.
8. A safety training model building device based on federal learning is characterized by comprising:
the acquisition module is used for acquiring current training data uploaded by each node and subjected to differential privacy processing, wherein the current training data are obtained by each node after training an initial model pre-configured in each node; acquiring at least one historical training data and a historical dimension reduction difference value corresponding to each node;
the processing module is used for determining the state of each node based on the current training data, the historical training data and the historical dimension reduction difference value of each node; screening each node according to the state to determine a screening result;
and the determining module is used for training the pre-configured initial model based on the screening result, determining a target model and distributing the target model to each node.
9. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the steps of the method of any one of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1-7.
CN202210340718.XA 2022-03-31 2022-03-31 Safe training model construction method, device and system based on federal learning Pending CN114742143A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210340718.XA CN114742143A (en) 2022-03-31 2022-03-31 Safe training model construction method, device and system based on federal learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210340718.XA CN114742143A (en) 2022-03-31 2022-03-31 Safe training model construction method, device and system based on federal learning

Publications (1)

Publication Number Publication Date
CN114742143A true CN114742143A (en) 2022-07-12

Family

ID=82278947

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210340718.XA Pending CN114742143A (en) 2022-03-31 2022-03-31 Safe training model construction method, device and system based on federal learning

Country Status (1)

Country Link
CN (1) CN114742143A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116257972A (en) * 2022-11-29 2023-06-13 元始智能科技(南通)有限公司 Equipment state evaluation method and system based on field self-adaption and federal learning

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116257972A (en) * 2022-11-29 2023-06-13 元始智能科技(南通)有限公司 Equipment state evaluation method and system based on field self-adaption and federal learning
CN116257972B (en) * 2022-11-29 2024-02-20 元始智能科技(南通)有限公司 Equipment state evaluation method and system based on field self-adaption and federal learning

Similar Documents

Publication Publication Date Title
CN110880984B (en) Model-based flow anomaly monitoring method, device, equipment and storage medium
EP3373543B1 (en) Service processing method and apparatus
CN112200493A (en) Digital twin model construction method and device
EP3549050B1 (en) Method and computer product and methods for generation and selection of access rules
CN110381310B (en) Method and device for detecting health state of visual system
CN111510339B (en) Industrial Internet data monitoring method and device
CN112883929B (en) On-line video abnormal behavior detection model training and abnormal detection method and system
CN111679968A (en) Interface calling abnormity detection method and device, computer equipment and storage medium
CN114742143A (en) Safe training model construction method, device and system based on federal learning
CN115545058A (en) Water meter data analysis method and system and readable storage medium
CN111740865A (en) Flow fluctuation trend prediction method and device and electronic equipment
CN108362957B (en) Equipment fault diagnosis method and device, storage medium and electronic equipment
CN116011677A (en) Time sequence data prediction method and device, electronic equipment and storage medium
CN111159009A (en) Pressure testing method and device for log service system
US11665165B2 (en) Whitelist generator, whitelist evaluator, whitelist generator/evaluator, whitelist generation method, whitelist evaluation method, and whitelist generation/evaluation method
CN111049877A (en) Big data external output method and device and data open platform
CN117132177B (en) Runoff forecasting model construction and runoff forecasting method based on multiple hypothesis test
CN115001997B (en) Extreme value theory-based smart city network equipment performance abnormal threshold evaluation method
CN114338147B (en) Password blasting attack detection method and device
TWI778634B (en) Method for classifying faults, electronic equipment and storage medium
CN117785625A (en) Method, device, equipment and storage medium for predicting server performance
TWI823657B (en) Monitoring system and monitoring method for abnormal behavior of user equipment
EP3772834B1 (en) A method of predicting the time course of a plurality of data relative to a telephony infrastructure for network function virtualization
CN116221033A (en) Fan fault management method and device
CN117454350A (en) Service response method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination