CN115936112A - Client portrait model training method and system based on federal learning - Google Patents

Client portrait model training method and system based on federal learning Download PDF

Info

Publication number
CN115936112A
CN115936112A CN202310018596.7A CN202310018596A CN115936112A CN 115936112 A CN115936112 A CN 115936112A CN 202310018596 A CN202310018596 A CN 202310018596A CN 115936112 A CN115936112 A CN 115936112A
Authority
CN
China
Prior art keywords
sample set
customer
privacy
module
parameter information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310018596.7A
Other languages
Chinese (zh)
Other versions
CN115936112B (en
Inventor
王海洋
郭振江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing International Big Data Trading Co ltd
Original Assignee
Beijing International Big Data Trading Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing International Big Data Trading Co ltd filed Critical Beijing International Big Data Trading Co ltd
Priority to CN202310018596.7A priority Critical patent/CN115936112B/en
Publication of CN115936112A publication Critical patent/CN115936112A/en
Application granted granted Critical
Publication of CN115936112B publication Critical patent/CN115936112B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The application provides a client portrait model training method and system based on federal learning, in the method, a first object and a second object respectively determine training data from local data of the first object and the second object, the local model is jointly trained by using different training data, more characteristics are learned, accuracy of model training is guaranteed, the same sample is determined after privacy processing is carried out on the respective data of the first object and the second object, and data of all parties are guaranteed not to be leaked. And the second object processes the third type of characteristics (such as characteristics needing authorization) into a client type label, so that indirect utilization of the third type of characteristics is realized on the premise of no client authorization, and further, the client type label and the second type of characteristics (such as public characteristics) are utilized to perform model training together with the first object, so that the prediction requirement of high-quality client portrait is met, the aim of meeting the large-range prediction requirement without client authorization and obtaining the high-quality client portrait is fulfilled during prediction.

Description

Client portrait model training method and system based on federal learning
Technical Field
The application relates to the technical field of federal learning, in particular to a client portrait model training method and a client portrait model training system based on federal learning.
Background
Currently, some organizations often utilize their own customer data to image (e.g., classify, grade, score, etc.) customers by modeling, and provide services to customers based on the image results. However, since the model is mostly built based on business data of the client in the organization, it is difficult to introduce data outside the organization, and the accuracy of the built model is not high.
And due to the adoption of the federal learning technology, multi-party data fusion can be realized, and the problems are solved to a certain extent. However, currently, both the training phase and the prediction phase of the federal learning model generally adopt low-value data without authorization, and although the low-value data can be applied to a large range of new customer figures, the model quality is not high; or the training stage and the prediction stage adopt high-value data requiring client authorization, but the client range is limited to a small number of new authorized clients and cannot meet the requirement of a large range.
Disclosure of Invention
The application provides the following technical scheme:
one aspect of the application provides a client portrait model training method based on federal learning, which includes:
the first object determines the first type of characteristics of each sample in a first client sample set owned by the first object, and sends risk preference information to the second object;
the second object determines a second class of characteristics and a third class of characteristics of a second customer sample in a second customer sample set owned by the second object, and determines a customer category label corresponding to the second customer sample based on the risk preference information and the third class of characteristics, wherein the second class of characteristics and the third class of characteristics are different from the first class of characteristics;
the first object carries out privacy processing on the first client sample set by adopting a target privacy processing mode to obtain a first privacy sample set, the second object carries out privacy processing on the second client sample set by adopting the target privacy processing mode to obtain a second privacy sample set, the same sample part between the first privacy sample set and the second privacy sample set is determined, and the same sample part is sent to the first object;
the first object and the second object respectively obtain the features to be used corresponding to the same sample part from the features owned by the first object and the second object, and determine training data, wherein the training data of the first object comprises a first class of features to be used, and the training data of the second object comprises a second class of features to be used and a client class label;
the first object and the second object respectively train local models thereof based on training data thereof, acquire parameter information of the local models, encrypt the parameter information of the local models to acquire parameter information ciphertexts, and send the parameter information ciphertexts to the opposite side;
the first object and the second object update the parameters of the local model of the first object and the second object respectively based on the parameter information ciphertext from the opposite side;
and returning to execute the step that the first object and the second object respectively train the local models of the first object and the second object based on the training data under the condition that the local models of the first object and the second object do not reach the training end condition.
Optionally, the performing, by the first object, privacy processing on the first client sample set by using a target privacy processing manner to obtain a first privacy sample set, performing, by the second object, privacy processing on a second client sample set owned by the second object by using the target privacy processing manner to obtain a second privacy sample set, and determining a same sample portion between the first privacy sample set and the second privacy sample set includes:
the second object acquires an encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set;
the second object sends the second compressed sample set to the first object, so that the first object decrypts the second compressed sample set based on a decryption key corresponding to the encryption key to obtain a second decrypted sample set;
the first object decrypts the first client sample set after compressing the first client sample set through a hash function, performs secondary hash to obtain a first privacy sample set, and sends the second decryption sample set and the first privacy sample set to the second object;
the second object deletes the noise data in the second decrypted sample set, and performs secondary hash calculation on the second decrypted sample set after the noise data is deleted to obtain a second privacy sample set;
the second object determines the same portion of the first and second sets of privacy samples.
Optionally, the local model of the first object and the local model of the second object are federal XGBoost models with the same structure, and the first object and the second object respectively train their local models based on their training data, obtain parameter information of the local models, encrypt the parameter information of the local models to obtain parameter information ciphertexts, and send the parameter information ciphertexts to the other party, including:
the second object determines a root node based on training data of the second object, splits the root node based on the training data, and initially determines a local model of the second object;
the second object calculates a first derivative and a second derivative of training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object;
the first object determines all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point based on the first parameter information ciphertext, performs homomorphic encryption by taking all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and sends the second parameter information ciphertext to the second object;
the second object determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is in the first object, the information of the global optimal segmentation point is sent to the first object, the first object divides training data of the first object based on the information of the global optimal segmentation point, and sends a division result to the second object; if the global optimal segmentation point is on a second object, the second object divides training data of the second object without sending a segmentation result;
the second object updates the local model thereof based on the result of the partitioning;
under the condition that the local models of the first object and the second object do not reach the training end condition, returning to execute the steps that the first object and the second object respectively train the local models based on the training data, wherein the steps comprise:
and in the case that the local models of the first object and the second object do not reach the training end condition, returning to execute the second object to calculate the first derivative and the second derivative of the data in the local model of the second object.
Optionally, the training end condition includes:
a convergence of loss function values of local models of the first object and the second object;
or the maximum tree depth of the local models of the first object and the second object reaches a set depth.
Optionally, the first object performs privacy processing on the first client sample set by using a target privacy processing manner, including:
randomly selecting M groups of customer samples from a first customer sample set by the first object, wherein the total number of the M groups of customer samples is more than N;
the first object sends the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution reasonableness of the M customer samples based on the customer category labels, wherein M is not less than N;
if the distribution rationality of the M customer samples meets the rationality requirement, determining the M groups of customer samples as a first customer sample set to be used;
and the first object carries out privacy processing on the first client sample set to be used in a target privacy processing mode.
Another aspect of the application provides a client portrait model training system based on federal learning, including:
the first object module is used for determining the first class characteristics of each first customer sample in the owned first customer sample set and sending the risk preference information to the second object module;
the second object module is used for determining a second class of characteristics and a third class of characteristics of a second customer sample in a second customer sample set owned by the second object module, and determining a customer category label corresponding to the second customer sample based on the risk preference information and the third class of characteristics, wherein the second class of characteristics and the third class of characteristics are different from the first class of characteristics;
the first object module is further configured to perform privacy processing on the first client sample set in a target privacy processing manner to obtain a first privacy sample set;
the second object module is further configured to perform privacy processing on the second client sample set in the target privacy processing manner to obtain a second privacy sample set, determine a same sample portion between the first privacy sample set and the second privacy sample set, and send the same sample portion to the first object;
the first object module and the second object module are further respectively used for obtaining the features to be used corresponding to the same sample part from the features owned by the first object module and the second object module, and determining training data, wherein the training data of the first object comprises a first class of features to be used, and the training data of the second object comprises a second class of features to be used and a customer class label;
the first object module and the second object module are respectively used for training local models of the first object module and the second object module based on training data of the first object module and the second object module, acquiring parameter information of the local models, encrypting the parameter information of the local models to obtain parameter information ciphertexts, and sending the parameter information ciphertexts to the opposite side;
the first object module and the second object module are respectively used for updating the parameters of the local model based on the parameter information ciphertext from the other party;
and under the condition that the local models of the first object module and the second object module do not reach the training end condition, the first object module and the second object module respectively return to execute the step of training the local models based on the training data.
Optionally, the process that the first object module performs privacy processing on the first client sample set by using a target privacy processing manner to obtain a first privacy sample set, the second object module performs privacy processing on a second client sample set owned by the second object module by using the target privacy processing manner to obtain a second privacy sample set, and the same sample part between the first privacy sample set and the second privacy sample set is determined includes:
the second object module obtains an encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set;
the second object module sends the second compressed sample set to the first object module, so that the first object module decrypts the second compressed sample set based on a decryption key corresponding to the encryption key to obtain a second decrypted sample set;
the first object module decrypts the first client sample set after compressing the first client sample set through a hash function, performs secondary hash to obtain a first privacy sample set, and sends the second decryption sample set and the first privacy sample set to the second object module;
the second object module deletes the noise data in the second decryption sample set, and performs secondary hash calculation on the second decryption sample set after the noise data is deleted to obtain a second privacy sample set;
the second object module determines a same portion of the first and second sets of privacy samples.
Optionally, the local model of the first object module and the local model of the second object module are federal XGBoost models with the same structure, and the first object module and the second object module respectively train their local models based on their training data, obtain parameter information of the local models, encrypt the parameter information of the local models to obtain parameter information ciphertexts, and send the parameter information ciphertexts to the other party, including:
the second object module determines a root node based on training data of the second object module, splits the root node based on the training data, and initially determines a local model of the second object;
the second object module calculates a first derivative and a second derivative of training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object;
the first object module determines all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point based on the first parameter information ciphertext, performs homomorphic encryption by taking all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and sends the second parameter information ciphertext to the second object module;
the second object module determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is in the first object module, the information of the global optimal segmentation point is sent to the first object module, so that the first object module divides the training data of the first object module based on the information of the global optimal segmentation point, and sends a division result to the second object module;
the second object module updates the local model thereof based on the result of the division;
and under the condition that the local models of the first object module and the second object module do not reach the training end condition, returning to execute the second object module to calculate the first derivative and the second derivative of the data in the local models.
Optionally, the training end condition includes:
a loss function value convergence of local models of the first object module and the second object module;
or the maximum tree depth of the local models of the first object module and the second object module reaches a set depth.
Optionally, the first object module performs a privacy processing process on the first client sample set in a target privacy processing manner, and the privacy processing process specifically includes:
randomly selecting M groups of customer samples from a first customer sample set, wherein the total amount of the M groups of customer samples is more than N;
sending the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution rationality of the M customer samples based on the customer category labels, wherein M is not less than N;
if the distribution reasonability of the M customer samples meets the reasonability requirement, determining the M groups of customer samples as a first customer sample set to be used;
and carrying out privacy processing on the first client sample set to be used by adopting a target privacy processing mode.
In the application, the first object and the second object respectively determine training data of the first object and the second object from local data of the first object and the second object, and jointly train the local models by using different training data, so that the local models of the first object and the second object can learn more features, the accuracy of model training is ensured, and the first object and the second object determine the same part after carrying out privacy processing on respective data, so that the data of all parties are prevented from being leaked.
And the second object can be combined with the parameters of the local model of the first object, trains the model based on the client category label and the second type of characteristics (such as public characteristics), does not directly train by using the third type of characteristics (such as characteristics needing authorization), trains together with the first object, meets the prediction requirement of high-quality client portrait, and achieves the purposes of meeting the large-range prediction requirement without client authorization and obtaining the high-quality client portrait at the same time during prediction.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
FIG. 1 is a schematic flow chart diagram illustrating a client representation model training method based on federated learning according to a first embodiment of the present application;
FIG. 2 is a schematic flow chart diagram illustrating a method for client representation model training based on federated learning according to a second embodiment of the present application;
FIG. 3 is a schematic flow chart diagram illustrating a method for client representation model training based on federated learning according to a third embodiment of the present application;
FIG. 4 is a schematic structural diagram of a client representation model training system based on federated learning provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
Referring to fig. 1, a flow chart of a client representation model training method based on federal learning is provided for a first embodiment of the present application, and as shown in fig. 1, the method may include, but is not limited to, the following steps:
and S11, the first object determines the first class characteristics of each first customer sample in the owned first customer sample set, and simultaneously sends the risk preference information to the second object.
The first object, can be understood as: objects having a need for representation prediction, such as banking institutions.
It should be noted that the risk preference information provided by the first object is determined by the first object and the second object in advance and according to the third type of feature of the second object, and the risk preference information is independent of the first type of feature.
And S12, the second object determines the second class characteristics and the third class characteristics of a second customer sample in a second customer sample set owned by the second object, and determines a customer category label corresponding to the second customer sample based on the risk preference information and the third class characteristics, wherein the second class characteristics and the third class characteristics are different from the first class characteristics.
The second type of characteristics of the second customer sample may include, but is not limited to: public characteristics of the second customer sample.
The third type of characteristics of the second customer sample may include, but is not limited to: high value characteristics of the second customer sample.
It will be appreciated that the disclosure feature is data that can be publicly available, and the high value feature is one that requires authorization from the customer to be disclosed.
The second object may be, but is not limited to: a data provider, such as a government agency.
In this embodiment, the determining, based on the risk preference information and the third type of feature, a customer category label corresponding to the second customer sample may include, but is not limited to: and determining a customer rating rule based on the risk preference information, and determining a customer category label corresponding to the second customer sample based on the customer rating rule and the third class characteristics. The customer category label may characterize the rating of the customer. Specifically, the second object groups the second customer samples in the second customer sample set according to the industry to obtain S groups of customer samples. For a certain group of customer samples q, according to their high-value characteristics A i The ranking is divided into 10 grades (1-10,1 grade represents the highest category, 10 grades represents the lowest category, and the number of enterprises in each grade is the same) to obtain the grade D of each customer sample under the characteristic q (A i ) Other features do the same. The final grading of the customer sample is the minimum gear D in all the characteristics of the group q =Min(D q (A 1 ),D q (A 2 ),...,D q (A Na )),N a Is a characteristic number. The labels of the S sets of customer samples are then mixed together to form a customer category label indicating that one of the second customer samples corresponds.
Step S13, the first object carries out privacy processing on the first client sample set by adopting a target privacy processing mode to obtain a first privacy sample set, the second object carries out privacy processing on the second client sample set by adopting the target privacy processing mode to obtain a second privacy sample set, the same sample part between the first privacy sample set and the second privacy sample set is determined, and the same sample part is sent to the first object.
Step S14, the first object and the second object respectively obtain the features to be used corresponding to the same sample part from the features possessed by the first object and the second object, and determine training data, where the training data of the first object includes a first class of features to be used, and the training data of the second object includes a second class of features to be used and a customer class label.
And the first object takes the first class of characteristics to be used in the acquired characteristics to be used corresponding to the same sample part as training data of the first object.
And the second object takes the second class of characteristics to be used and the customer class label in the acquired characteristics to be used corresponding to the same sample part as training data of the second object.
And S15, training the local model of the first object and the second object respectively based on the training data of the first object and the second object, acquiring parameter information of the local model, encrypting the parameter information of the local model to obtain a parameter information ciphertext, and sending the parameter information ciphertext to the other party.
In this embodiment, the local model of the first object and the local model of the second object may be, but are not limited to, federal XGBoost models with the same structure. Accordingly, the present step may include, but is not limited to:
and S151, the second object determines a root node based on the training data, splits the root node based on the training data, and initially determines a local model of the second object.
S152, the second object calculates a first derivative and a second derivative of training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object.
The first derivative of one of the training data in the local model of the second object may be expressed as
Figure 7519DEST_PATH_IMAGE001
The second derivative of the training data may be expressed as
Figure 393501DEST_PATH_IMAGE002
. The second object can calculateThe sum of the derivatives of the training data in its local model, obtaining the total derivative
Figure 376500DEST_PATH_IMAGE003
And
Figure 489819DEST_PATH_IMAGE004
then will be
Figure 773033DEST_PATH_IMAGE001
And
Figure 798757DEST_PATH_IMAGE002
is subjected to additive homomorphic encryption to obtain
Figure 534632DEST_PATH_IMAGE005
And
Figure 687527DEST_PATH_IMAGE006
will be
Figure 559668DEST_PATH_IMAGE007
And
Figure 5562DEST_PATH_IMAGE008
and sending the data to each first object.
And S153, the first object determines all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point based on the first parameter information ciphertext, homomorphic encryption is performed on all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and the second parameter information ciphertext is sent to the second object.
The first derivative of the homomorphic encrypted second parameter information ciphertext may be expressed as
Figure 963154DEST_PATH_IMAGE009
The second derivative of the homomorphic encrypted second parameter information in the ciphertext can be expressed as
Figure 903428DEST_PATH_IMAGE010
. Wherein the content of the first and second substances,
Figure 646387DEST_PATH_IMAGE011
the m-th first object
Figure 279494DEST_PATH_IMAGE012
All possible values of each feature k of the individual training data are taken as the first derivative of the break-up point,
Figure 724382DEST_PATH_IMAGE013
the m-th first object
Figure 452035DEST_PATH_IMAGE012
All possible values of each feature k of the individual training data are taken as the second derivative of the break-up point,
Figure 564347DEST_PATH_IMAGE014
the m-th first object
Figure 102776DEST_PATH_IMAGE012
The ith possible value of each feature k of the training data is taken as the first derivative of the split point,
Figure 785693DEST_PATH_IMAGE015
the m-th first object
Figure 333349DEST_PATH_IMAGE012
The ith possible value of each feature k of the training data is taken as the second derivative of the split point,
Figure 34588DEST_PATH_IMAGE016
representing all possible values for each feature k.
It will be appreciated that additive homomorphic encryption is of a nature
Figure 524344DEST_PATH_IMAGE017
I.e. after the addition of the data in the encrypted state and the addition of the dataThe re-encrypted results are consistent, and the correct results can be ensured
Figure 678245DEST_PATH_IMAGE018
And the derivative is not decrypted by the first object.
S154, the second object determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is in the first object, the information of the global optimal segmentation point is sent to the first object, the first object divides the training data of the first object based on the information of the global optimal segmentation point, and the division result is sent to the second object; if the global optimal segmentation point is on a second object, the second object divides the training data without sending a segmentation result;
specifically, the second object decrypts the second parameter information text to obtain the second parameter information text
Figure 764013DEST_PATH_IMAGE019
And
Figure 336071DEST_PATH_IMAGE020
all possible gains are calculated, and the gain for a certain value of a certain feature is calculated as:
Figure 481881DEST_PATH_IMAGE021
Figure 123078DEST_PATH_IMAGE022
Figure 261804DEST_PATH_IMAGE023
Figure 203216DEST_PATH_IMAGE024
Figure 785507DEST_PATH_IMAGE025
and comparing all gains, and selecting the characteristics and values corresponding to the optimal gains as global optimal segmentation points.
Based on
Figure 914000DEST_PATH_IMAGE026
Obtaining the [ place, characteristics and value of the global optimal segmentation point]。
Figure 357882DEST_PATH_IMAGE027
In order to be an iterative formula,
Figure 622641DEST_PATH_IMAGE028
the right side of the middle mark is the historical optimal gain of the previous iteration, gain is the optimal gain of the current iteration, and the max () function is used for taking the maximum value of the two, and assigning the maximum value to
Figure 110254DEST_PATH_IMAGE028
To the left of the middle mark
Figure 240890DEST_PATH_IMAGE029
. Through iteration, the [ place, characteristics and value of the global optimal segmentation point are obtained]。
Specifically, if the global optimal segmentation point is in the second object, it is not transmitted. And if the global optimal segmentation point is in the first object, the second object sends the [ feature, value ] to the corresponding first object.
And the object with the characteristics divides the data according to the global optimal segmentation point, sends the division result to a second object, establishes a lookup table at the second object and records the [ characteristics, values ].
S155, the second object updates the local model of the second object based on the division result.
Specifically, the second object splits the current node according to the received partitioning result, and records the object to which the feature of the current node belongs.
And S16, updating the parameters of the local model of the first object and the second object respectively based on the parameter information ciphertext from the opposite side.
And S17, under the condition that the local models of the first object and the second object do not reach the training end condition, returning to the step of executing the training of the local models of the first object and the second object based on the training data of the first object and the second object respectively.
In this embodiment, the training end condition may include, but is not limited to:
a convergence of loss function values of local models of the first object and the second object;
or the maximum tree depth of the local models of the first object and the second object reaches a set depth.
And under the condition that the local models of the first object and the second object reach a training ending condition, ending the training, and taking the trained local models as prediction models.
When the prediction model of the first object is applied, the first class characteristics of the customer to be predicted can be input into the prediction model of the first object, and a customer class label of the customer to be predicted, which is predicted by the prediction model of the first object, is obtained as a rating result.
When the prediction model of the second object is applied, the second class characteristics of the customer to be predicted can be input into the prediction model of the second object, and the customer class label of the customer to be predicted, which is predicted by the prediction model of the second object, is obtained as a rating result.
In this embodiment, the first object and the second object respectively determine their training data from their local data, and jointly train the local models using different training data, so that the local models of the first object and the second object can both learn more features, thereby ensuring the accuracy of model training, and the first object and the second object determine the same part after performing privacy processing on their respective data, thereby ensuring that each data is not leaked.
And the second object can be combined with the parameters of the local model of the first object, trains the model based on the client category label and the second type of characteristics (such as public characteristics), does not directly train by using the third type of characteristics (such as characteristics needing authorization), trains together with the first object, meets the prediction requirement of high-quality client portrait, and achieves the purposes of meeting the large-range prediction requirement without client authorization and obtaining the high-quality client portrait at the same time during prediction.
As another alternative embodiment of the present application, referring to fig. 2, a flow chart of a client representation model training method based on federal learning provided in the second embodiment of the present application is shown, and this embodiment is mainly a refinement of the model training method based on federal learning described in the first embodiment, as shown in fig. 2, the method may include, but is not limited to, the following steps:
and S21, the first object determines the first class characteristics of each first customer sample in the owned first customer sample set, and simultaneously sends the risk preference information to the second object.
And S22, the second object determines a second type of characteristics and a third type of characteristics of a second customer sample in a second customer sample set owned by the second object, and determines a customer category label corresponding to the second customer sample based on the risk preference information and the third type of characteristics, wherein the second type of characteristics and the third type of characteristics are different from the first type of characteristics.
The detailed processes of steps S21-S22 can be referred to the related descriptions of steps S11-S12 in the first embodiment, and are not described herein again.
And step S23, the second object acquires the encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set.
In this embodiment, the first object may generate an encryption key and a decryption key, where the encryption key and the decryption key are in one-to-one correspondence, and may be interchanged. In particular, the first object may generate, but is not limited to, an encryption key and a decryption key based on the RSA algorithm.
The first object sends the encryption key to the second object. Accordingly, the second object receives the encryption key generated by the first object.
Specifically, the second set of compressed samples may be derived based on the following equation:
Figure 472151DEST_PATH_IMAGE030
where Z1 represents a second set of compressed samples, R represents noise data, en represents an encryption key, hash () represents a Hash function, U represents a second set of customer samples, and U represents the inclusion of the second set of customer samples.
And step S24, the second object sends the second compressed sample set to the first object, so that the first object decrypts the second compressed sample set based on the decryption key corresponding to the encryption key, to obtain a second decrypted sample set.
In this embodiment, the first object may obtain the second decrypted sample set based on the following formula:
Figure 856996DEST_PATH_IMAGE031
where Z2 represents the second set of decrypted samples, R represents the noise data, hash () represents a Hash function, de represents the decryption key, U represents the second customer sample, and U represents the second set of customer samples.
And S25, the first object decrypts the first client sample set after compressing the first client sample set through a Hash function, performs secondary Hash to obtain a first privacy sample set, and sends the second decrypted sample set and the first privacy sample set to the second object.
In this embodiment, the first object may determine the first privacy sample set based on the following formula:
Figure 266243DEST_PATH_IMAGE032
where B represents the first set of privacy samples, hash () represents a Hash function, de represents the decryption key, V represents the first customer sample, and V represents the first set of customer samples.
And S26, deleting the noise data in the second decryption sample set by the second object, and performing secondary hash calculation on the second decryption sample set after the noise data is deleted to obtain a second privacy sample set.
In this embodiment, the second privacy sample set may be obtained based on the following formula:
Figure 369328DEST_PATH_IMAGE033
where Z3 represents the second set of privacy samples, hash () represents a Hash function, de represents the decryption key, U represents the second customer sample, and U represents the second set of customer samples.
Step S27, the second object determines the same part of the first and second privacy sample sets.
In this embodiment, the whole process of steps S23 to S27 has no plaintext transmission, and the original customer sample cannot be analyzed. The two parties obtain the same part under the condition that all client samples of the two parties are not known, and the difference parts of the two parties are well protected.
Steps S23 to S27 are a specific implementation of step S13 in example 1.
Step S28, the first object and the second object respectively obtain the features to be used corresponding to the same sample part from the features possessed by the first object and the second object, and determine training data, where the training data of the first object includes the first class of features to be used, and the training data of the second object includes the second class of features to be used and the customer class label.
And S29, training the local model of the first object and the second object respectively based on the training data of the first object and the second object, acquiring parameter information of the local model, encrypting the parameter information of the local model to obtain a parameter information ciphertext, and sending the parameter information ciphertext to the other party.
Step S210, the first object and the second object update the parameters of the local model of the first object and the second object respectively based on the parameter information ciphertext from the other party.
Step S211, when the local models of the first object and the second object do not reach the training end condition, returning to the step of executing the training of the local models of the first object and the second object based on the training data of the first object and the second object, respectively.
The detailed processes of steps S28 to S211 can be referred to the related descriptions of steps S14 to S17 in the first embodiment, and are not described herein again.
As another alternative embodiment of the present application, referring to fig. 3, a flow chart of a client representation model training method based on federal learning provided in the third embodiment of the present application is shown, and this embodiment is mainly a refinement of the model training method based on federal learning described in the first embodiment, as shown in fig. 3, the method may include, but is not limited to, the following steps:
and S31, the first object determines the first type of characteristics of each first client sample in the first client sample set owned by the first object, and simultaneously sends the risk preference information to the second object.
Step S32, the second object determines a second class of characteristics and a third class of characteristics of a second customer sample in a second customer sample set owned by the second object, and determines a customer category label corresponding to the second customer sample based on the risk preference information and the third class of characteristics, wherein the second class of characteristics and the third class of characteristics are different from the first class of characteristics.
The detailed processes of steps S31-S32 can be referred to the related descriptions of steps S11-S12 in the first embodiment, and are not described herein again.
And S33, randomly selecting M groups of customer samples from the first customer sample set by the first object, wherein the total number of the M groups of customer samples is more than N.
And step S34, the first object sends the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution rationality of the M customer samples based on the customer category labels, wherein M is not less than N.
In this embodiment, the coding of the M groups of client samples may be, but is not limited to: and (5) uniformly numbering enterprises.
And step S35, if the distribution reasonability of the M customer samples meets the reasonability requirement, determining the M groups of customer samples as a first customer sample set to be used.
And S36, the first object carries out privacy processing on the first client sample set to be used in a target privacy processing mode to obtain a first privacy sample set.
Step S37, the second object performs privacy processing on the second client sample set by using the target privacy processing method to obtain a second privacy sample set, determines a same sample portion between the first client sample set and the second client sample set, and sends the same sample portion to the first object.
Steps S33 to S37 are a specific implementation of step S13 in example 1.
Step S38, the first object and the second object respectively obtain the features to be used corresponding to the same sample part from the features possessed by the first object and the second object, and determine training data, where the training data of the first object includes the first class of features to be used, and the training data of the second object includes the second class of features to be used and the customer class label.
And S39, training the local model of the first object and the second object respectively based on the training data of the first object and the second object, acquiring parameter information of the local model, encrypting the parameter information of the local model to obtain a parameter information ciphertext, and sending the parameter information ciphertext to the other party.
And step S310, updating the parameters of the local model of the first object and the second object respectively based on the parameter information ciphertext from the other party.
And S311, under the condition that the local models of the first object and the second object do not reach the training end condition, returning to the step of executing the training of the local models of the first object and the second object based on the training data of the first object and the second object respectively.
The detailed process of steps S38-S311 can be referred to the related description of steps S14-S17 in the first embodiment, and will not be described herein again.
In this embodiment, the first object and the second object respectively determine their training data from their local data, and jointly train the local models using different training data, so that the local models of the first object and the second object can learn more features, thereby ensuring the accuracy of model training, and the first object and the second object determine the same part after performing privacy processing on their respective data, thereby ensuring that each data is not leaked.
And the second object can combine the parameters of the local model of the first object, train the model based on the client category label and the second type of characteristics (such as public characteristics), and not directly train by using the third type of characteristics (such as characteristics needing authorization), so that the prediction requirement of the high-quality client portrait is met, and the purposes of meeting the large-range prediction requirement without client authorization and obtaining the high-quality client portrait during prediction are achieved.
Further, the first object randomly selects M groups of client samples, the total number of the M groups of client samples is greater than N, the first object sends the first class features of the M groups of client samples to the second object, so that the second object randomly extracts the first class features of the M client samples from the first class features of each group of client samples in the M groups of client samples, determines the client category label corresponding to each client sample in the M client samples based on the first class features of the M client samples, determines the distribution rationality of the M client samples based on the client category label corresponding to each client sample in the M client samples, and further improves the accuracy of model training if the distribution rationality of the M client samples meets the rationality requirement.
Corresponding to the above embodiment of the client portrait model training method based on federal learning provided by the present application, the present application also provides an embodiment of a client portrait model training system based on federal learning.
In the present embodiment, as shown in fig. 4, a client figure model training system based on federal learning includes: a first object module 100 and a second object module 200.
The first object module 100 is used for determining the first class characteristics of each first customer sample in the owned first customer sample set and sending the risk preference information to the second object module 200;
the second object module 200 is configured to determine a second class of features and a third class of features of a second customer sample in a second customer sample set owned by the second object module 200, and determine a customer category label corresponding to the second customer sample based on the risk preference information and the third class of features, where the second class of features and the third class of features are different from the first class of features;
the first object module 100 is further configured to perform privacy processing on the first client sample set by using a target privacy processing manner, so as to obtain a first privacy sample set;
the second object module 200 is further configured to perform privacy processing on the second client sample set by using the target privacy processing manner to obtain a second privacy sample set, determine a same sample portion between the first privacy sample set and the second privacy sample set, and send the same sample portion to the first object;
the first object module 100 and the second object module 200 are further configured to obtain features to be used corresponding to the same sample part from the features owned by the first object module and the second object module, respectively, and determine training data, where the training data of the first object includes a first class of features to be used, and the training data of the second object includes a second class of features to be used and a client class label;
the first object module 100 and the second object module 200 are further configured to train a local model thereof based on training data thereof, obtain parameter information of the local model, encrypt the parameter information of the local model to obtain a parameter information ciphertext, and send the parameter information ciphertext to the other party;
the first object module 100 and the second object module 200 are further configured to update parameters of the local model thereof based on the parameter information ciphertext from the other party, respectively;
and under the condition that the local models of the first object module 100 and the second object module 200 do not reach the training end condition, the first object module 100 and the second object module 200 respectively return to execute the step of training the local models based on the training data.
In this embodiment, the first object module 100 performs privacy processing on the first client sample set by using a target privacy processing method to obtain a first privacy sample set, the second object module 200 performs privacy processing on a second client sample set owned by the second object module by using the target privacy processing method to obtain a second privacy sample set, and a process of determining a same sample portion between the first privacy sample set and the second privacy sample set specifically includes a process of performing privacy processing on the first client sample set by using the target privacy processing method
The second object module 200 obtains an encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set;
the second object module 200 sends the second compressed sample set to the first object module 100, so that the first object module 100 decrypts the second compressed sample set based on the decryption key corresponding to the encryption key to obtain a second decrypted sample set;
the first object module 100 decrypts the first client sample set after compressing the first client sample set by using a hash function, performs a second hash to obtain a first privacy sample set, and sends the second decrypted sample set and the first privacy sample set to the second object module 200;
the second object module 200 deletes the noise data in the second decrypted sample set, and performs a second hash calculation on the second decrypted sample set after the noise data is deleted to obtain a second privacy sample set;
the second object module 200 determines the same portion of the first and second privacy sample sets.
In this embodiment, the steps of training the local model of the first object module 100 and the local model of the second object module 200 in the federate XGBoost model with the same structure, respectively training the local model of the first object module 100 and the second object module 200 based on the training data of the first object module and the second object module, obtaining parameter information of the local model, encrypting the parameter information of the local model to obtain a parameter information ciphertext, and sending the parameter information ciphertext to the other party include:
the second object module 200 determines a root node based on its training data, and splits the root node based on the training data, initially determining a local model of the second object;
the second object module 200 calculates a first derivative and a second derivative of the training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object;
the first object module 100 determines, based on the first parameter information ciphertext, all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point, performs homomorphic encryption using all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and sends the second parameter information ciphertext to the second object module 200;
the second object module 200 determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is at the first object module 100, sends information of the global optimal segmentation point to the first object module 100, so that the first object module 100 divides training data of the first object module 100 based on the information of the global optimal segmentation point, and sends a division result to the second object module 200;
the second object module 200 updates its local model based on the results of the partitioning;
and in the case that the local models of the first object module 100 and the second object module 200 do not reach the training end condition, returning to execute the second object module 200 to calculate the first derivative and the second derivative of the data in the local models.
In this embodiment, the training end condition includes:
the loss function values of the local models of the first object module 100 and the second object module 200 converge;
or, the maximum tree depth of the local models of the first object module 100 and the second object module 200 reaches a set depth.
In this embodiment, the process of performing privacy processing on the first client sample set by the first object module 100 in a target privacy processing manner specifically includes:
randomly selecting M groups of customer samples from a first customer sample set, wherein the total amount of the M groups of customer samples is more than N;
sending the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution rationality of the M customer samples based on the customer category labels, wherein M is not less than N;
if the distribution reasonability of the M customer samples meets the reasonability requirement, determining the M groups of customer samples as a first customer sample set to be used;
and carrying out privacy processing on the first client sample set to be used by adopting a target privacy processing mode.
It should be noted that the focus of each embodiment is different from that of other embodiments, and the same and similar parts between the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The method and the system for training the client portrait model based on the federal learning provided by the application are introduced in detail, specific examples are applied in the method for explaining the principle and the implementation mode of the application, and the description of the above embodiments is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (10)

1. A client portrait model training method based on federal learning is characterized by comprising the following steps:
the first object determines a first type of characteristics of each sample in a first customer sample set owned by the first object, and simultaneously sends risk preference information to the second object;
the second object determines a second class of characteristics and a third class of characteristics of a second customer sample in a second customer sample set owned by the second object, and determines a customer category label corresponding to the second customer sample based on the risk preference information and the third class of characteristics, wherein the second class of characteristics and the third class of characteristics are different from the first class of characteristics;
the first object carries out privacy processing on the first client sample set by adopting a target privacy processing mode to obtain a first privacy sample set, the second object carries out privacy processing on the second client sample set by adopting the target privacy processing mode to obtain a second privacy sample set, the same sample part between the first privacy sample set and the second privacy sample set is determined, and the same sample part is sent to the first object;
the first object and the second object respectively obtain the features to be used corresponding to the same sample part from the features owned by the first object and the second object, and determine training data, wherein the training data of the first object comprises a first class of features to be used, and the training data of the second object comprises a second class of features to be used and a client class label;
the first object and the second object respectively train a local model of the first object and the second object based on training data of the first object and the second object, acquire parameter information of the local model, encrypt the parameter information of the local model to acquire a parameter information ciphertext, and send the parameter information ciphertext to the other party;
the first object and the second object update the parameters of the local model of the first object and the second object respectively based on the parameter information ciphertext from the opposite side;
and returning to execute the step that the first object and the second object respectively train the local models of the first object and the second object based on the training data under the condition that the local models of the first object and the second object do not reach the training end condition.
2. The method of claim 1, wherein the first object performs privacy processing on the first client sample set by using a target privacy processing method to obtain a first privacy sample set, the second object performs privacy processing on a second client sample set owned by the second object by using the target privacy processing method to obtain a second privacy sample set, and determining a same sample portion between the first privacy sample set and the second privacy sample set comprises:
the second object acquires an encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set;
the second object sends the second compressed sample set to the first object, so that the first object decrypts the second compressed sample set based on a decryption key corresponding to the encryption key to obtain a second decrypted sample set;
the first object decrypts the first client sample set after compressing the first client sample set through a hash function, performs secondary hash to obtain a first privacy sample set, and sends the second decryption sample set and the first privacy sample set to the second object;
the second object deletes the noise data in the second decryption sample set, and performs secondary hash calculation on the second decryption sample set after the noise data is deleted to obtain a second privacy sample set;
the second object determines a same portion of the first and second privacy sample sets.
3. The method of claim 1, wherein the local model of the first object and the local model of the second object are federal XGboost models with the same structure, the first object and the second object respectively train the local models thereof based on training data thereof, obtain parameter information of the local models, encrypt the parameter information of the local models to obtain parameter information ciphertexts, and send the parameter information ciphertexts to the other party, and the method comprises:
the second object determines a root node based on training data of the second object, splits the root node based on the training data, and initially determines a local model of the second object;
the second object calculates a first derivative and a second derivative of training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object;
the first object determines all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point based on the first parameter information ciphertext, performs homomorphic encryption by taking all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and sends the second parameter information ciphertext to the second object;
the second object determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is in the first object, the information of the global optimal segmentation point is sent to the first object, the first object divides training data of the first object based on the information of the global optimal segmentation point, and sends a division result to the second object; if the global optimal segmentation point is on a second object, the second object divides the training data without sending a segmentation result;
the second object updates the local model of the second object based on the division result;
under the condition that the local models of the first object and the second object do not reach the training end condition, returning to execute the steps of training the local models of the first object and the second object based on the training data of the first object and the second object respectively, wherein the steps comprise:
and under the condition that the local models of the first object and the second object do not reach the training end condition, returning to execute the second object to calculate the first derivative and the second derivative of the data in the local model of the second object.
4. The method of claim 3, wherein the end-of-training condition comprises:
a loss function value convergence of local models of the first object and the second object;
or the maximum tree depth of the local models of the first object and the second object reaches a set depth.
5. The method of claim 1, wherein the first object employs a target privacy approach to privacy processing the first customer sample set, comprising:
randomly selecting M groups of customer samples from a first customer sample set by the first object, wherein the total number of the M groups of customer samples is more than N;
the first object sends the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution reasonableness of the M customer samples based on the customer category labels, wherein M is not less than N;
if the distribution rationality of the M customer samples meets the rationality requirement, determining the M groups of customer samples as a first customer sample set to be used;
and the first object carries out privacy processing on the first client sample set to be used in a target privacy processing mode.
6. A client portrait model training system based on federal learning, comprising:
the first object module is used for determining the first type characteristics of each first client sample in the first client sample set owned by the first object module and sending the risk preference information to the second object module;
the second object module is used for determining a second class of characteristics and a third class of characteristics of a second customer sample in a second customer sample set owned by the second object module, and determining a customer category label corresponding to the second customer sample based on the risk preference information and the third class of characteristics, wherein the second class of characteristics and the third class of characteristics are different from the first class of characteristics;
the first object module is further configured to perform privacy processing on the first client sample set in a target privacy processing manner to obtain a first privacy sample set;
the second object module is further configured to perform privacy processing on the second client sample set in the target privacy processing manner to obtain a second privacy sample set, determine a same sample portion between the first privacy sample set and the second privacy sample set, and send the same sample portion to the first object;
the first object module and the second object module are further respectively used for obtaining the features to be used corresponding to the same sample part from the features owned by the first object module and the second object module, and determining training data, wherein the training data of the first object comprises a first class of features to be used, and the training data of the second object comprises a second class of features to be used and a customer class label;
the first object module and the second object module are respectively used for training local models of the first object module and the second object module based on training data of the first object module and the second object module, obtaining parameter information of the local models, encrypting the parameter information of the local models to obtain parameter information ciphertexts, and sending the parameter information ciphertexts to the opposite side;
the first object module and the second object module are respectively used for updating the parameters of the local model based on the parameter information ciphertext from the other party;
and under the condition that the local models of the first object module and the second object module do not reach the training end condition, the first object module and the second object module respectively return to execute the step of training the local models based on the training data.
7. The system according to claim 6, wherein the first object module performs privacy processing on the first client sample set by using a target privacy processing method to obtain a first privacy sample set, and the second object module performs privacy processing on a second client sample set owned by the second object module by using the target privacy processing method to obtain a second privacy sample set, and the process of determining a same sample portion between the first privacy sample set and the second privacy sample set specifically includes:
the second object module obtains an encryption key generated by the first object, compresses the second client sample set based on a hash function, adds noise data, and encrypts the noise data by using the encryption key to obtain a second compressed sample set;
the second object module sends the second compressed sample set to the first object module, so that the first object module decrypts the second compressed sample set based on a decryption key corresponding to the encryption key to obtain a second decrypted sample set;
the first object module decrypts the first customer sample set after compressing the first customer sample set through a hash function, and then carries out secondary hash to obtain a first privacy sample set, and the second decryption sample set and the first privacy sample set are sent to the second object module;
the second object module deletes the noise data in the second decryption sample set, and performs secondary hash calculation on the second decryption sample set after the noise data is deleted to obtain a second privacy sample set;
the second object module determines a same portion of the first and second sets of privacy samples.
8. The system of claim 6, wherein the local model of the first object module and the local model of the second object module are federated XGboost models with the same structure, and the first object module and the second object module respectively train the local models thereof based on training data thereof, obtain parameter information of the local models, encrypt the parameter information of the local models to obtain parameter information ciphertexts, and send the parameter information ciphertexts to the other party, including:
the second object module determines a root node based on training data of the second object module, splits the root node based on the training data, and initially determines a local model of the second object;
the second object module calculates a first derivative and a second derivative of training data in the local model, performs additive homomorphic encryption on the first derivative and the second derivative of the training data in the local model to obtain a first parameter information ciphertext, and sends the first parameter information ciphertext to the first object;
the first object module determines all possible values of each feature of the training data of the first object as a first derivative and a second derivative of a split point based on the first parameter information ciphertext, performs homomorphic encryption by taking all possible values of each feature of the training data of the first object as the first derivative and the second derivative of the split point to obtain a second parameter information ciphertext, and sends the second parameter information ciphertext to the second object module;
the second object module determines a global optimal segmentation point based on the second parameter information ciphertext, if the global optimal segmentation point is in the first object module, the information of the global optimal segmentation point is sent to the first object module, so that the first object module divides the training data of the first object module based on the information of the global optimal segmentation point, and sends a division result to the second object module;
the second object module updates the local model thereof based on the result of the division;
and under the condition that the local models of the first object module and the second object module do not reach the training end condition, returning to execute the second object module to calculate the first derivative and the second derivative of the data in the local models.
9. The system of claim 8, wherein the end-of-training condition comprises:
a loss function value convergence of local models of the first object module and the second object module;
or the maximum tree depth of the local models of the first object module and the second object module reaches a set depth.
10. The system of claim 6, wherein the first object module performs a privacy processing process on the first client sample set in a target privacy processing manner, specifically comprising:
randomly selecting M groups of customer samples from a first customer sample set, wherein the total amount of the M groups of customer samples is more than N;
sending the codes of the M groups of customer samples to the second object, so that the second object randomly extracts M customer samples from each group of customer samples in the M groups of customer samples, determines a customer category label corresponding to each customer sample in the M customer samples based on the risk preference information, and determines the distribution rationality of the M customer samples based on the customer category labels, wherein M is not less than N;
if the distribution rationality of the M customer samples meets the rationality requirement, determining the M groups of customer samples as a first customer sample set to be used;
and carrying out privacy processing on the first client sample set to be used by adopting a target privacy processing mode.
CN202310018596.7A 2023-01-06 2023-01-06 Client portrait model training method and system based on federal learning Active CN115936112B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310018596.7A CN115936112B (en) 2023-01-06 2023-01-06 Client portrait model training method and system based on federal learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310018596.7A CN115936112B (en) 2023-01-06 2023-01-06 Client portrait model training method and system based on federal learning

Publications (2)

Publication Number Publication Date
CN115936112A true CN115936112A (en) 2023-04-07
CN115936112B CN115936112B (en) 2023-07-18

Family

ID=86699208

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310018596.7A Active CN115936112B (en) 2023-01-06 2023-01-06 Client portrait model training method and system based on federal learning

Country Status (1)

Country Link
CN (1) CN115936112B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109299728A (en) * 2018-08-10 2019-02-01 深圳前海微众银行股份有限公司 Federal learning method, system and readable storage medium storing program for executing
CN112085159A (en) * 2020-07-24 2020-12-15 西安电子科技大学 User tag data prediction system, method and device and electronic equipment
CN112750043A (en) * 2021-01-14 2021-05-04 中国工商银行股份有限公司 Business data pushing method and device and server
US20210174243A1 (en) * 2019-12-06 2021-06-10 International Business Machines Corporation Efficient private vertical federated learning
CN113283185A (en) * 2021-07-23 2021-08-20 平安科技(深圳)有限公司 Federal model training and client imaging method, device, equipment and medium
CN113722987A (en) * 2021-08-16 2021-11-30 京东科技控股股份有限公司 Federal learning model training method and device, electronic equipment and storage medium
CN114329527A (en) * 2021-12-17 2022-04-12 阿里巴巴(中国)有限公司 Intersection data acquisition method, equipment and system
CN114969503A (en) * 2022-03-30 2022-08-30 贵州大学 Multi-data user portrait implementation method based on federal learning
CN115269983A (en) * 2022-07-28 2022-11-01 上海光之树科技有限公司 Target sample recommendation method based on two-party data privacy protection

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109299728A (en) * 2018-08-10 2019-02-01 深圳前海微众银行股份有限公司 Federal learning method, system and readable storage medium storing program for executing
US20210174243A1 (en) * 2019-12-06 2021-06-10 International Business Machines Corporation Efficient private vertical federated learning
CN112085159A (en) * 2020-07-24 2020-12-15 西安电子科技大学 User tag data prediction system, method and device and electronic equipment
CN112750043A (en) * 2021-01-14 2021-05-04 中国工商银行股份有限公司 Business data pushing method and device and server
CN113283185A (en) * 2021-07-23 2021-08-20 平安科技(深圳)有限公司 Federal model training and client imaging method, device, equipment and medium
CN113722987A (en) * 2021-08-16 2021-11-30 京东科技控股股份有限公司 Federal learning model training method and device, electronic equipment and storage medium
CN114329527A (en) * 2021-12-17 2022-04-12 阿里巴巴(中国)有限公司 Intersection data acquisition method, equipment and system
CN114969503A (en) * 2022-03-30 2022-08-30 贵州大学 Multi-data user portrait implementation method based on federal learning
CN115269983A (en) * 2022-07-28 2022-11-01 上海光之树科技有限公司 Target sample recommendation method based on two-party data privacy protection

Also Published As

Publication number Publication date
CN115936112B (en) 2023-07-18

Similar Documents

Publication Publication Date Title
CN109002861B (en) Federal modeling method, device and storage medium
US20200394518A1 (en) Method for collaborative learning of an artificial neural network without disclosing training data
US11902413B2 (en) Secure machine learning analytics using homomorphic encryption
CN114401079B (en) Multi-party united information value calculation method, related equipment and storage medium
TW202006615A (en) Model-based prediction method and device
CN110633806A (en) Longitudinal federated learning system optimization method, device, equipment and readable storage medium
CN111695697A (en) Multi-party combined decision tree construction method and device and readable storage medium
CN110084377A (en) Method and apparatus for constructing decision tree
CN111210003B (en) Longitudinal federated learning system optimization method, device, equipment and readable storage medium
CN111368901A (en) Multi-party combined modeling method, device and medium based on federal learning
WO2020238677A1 (en) Data processing method and apparatus, and computer readable storage medium
CN113947211A (en) Federal learning model training method and device, electronic equipment and storage medium
CN112862001A (en) Decentralized data modeling method under privacy protection
CN111339412A (en) Longitudinal federal recommendation recall method, device, equipment and readable storage medium
CN115269983A (en) Target sample recommendation method based on two-party data privacy protection
CN113221153B (en) Graph neural network training method and device, computing equipment and storage medium
CN114362948A (en) Efficient federal derivative feature logistic regression modeling method
CN111914281B (en) Bayesian model training method and device based on blockchain and homomorphic encryption
CN111859440B (en) Sample classification method of distributed privacy protection logistic regression model based on mixed protocol
CN115936112B (en) Client portrait model training method and system based on federal learning
CN113537516B (en) Training method, device, equipment and medium for distributed machine learning model
US20220164712A1 (en) Systems and methods for federated learning using distributed messaging with entitlements for anonymous computation and secure delivery of model
CN114997423A (en) Semi-centralized confrontation training method for federal learning
CN113362168A (en) Risk prediction method and device, storage medium and electronic equipment
JP2021083039A (en) Secret arithmetic unit, secret arithmetic method, and secret arithmetic program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant