CN116049862A - Data protection method, device and system based on asynchronous packet federation learning - Google Patents

Data protection method, device and system based on asynchronous packet federation learning Download PDF

Info

Publication number
CN116049862A
CN116049862A CN202310265804.3A CN202310265804A CN116049862A CN 116049862 A CN116049862 A CN 116049862A CN 202310265804 A CN202310265804 A CN 202310265804A CN 116049862 A CN116049862 A CN 116049862A
Authority
CN
China
Prior art keywords
disturbance
initial
parameter
parameters
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310265804.3A
Other languages
Chinese (zh)
Other versions
CN116049862B (en
Inventor
周少鹏
王滨
朱伟康
王旭
毕志城
张峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Hikvision Digital Technology Co Ltd
Original Assignee
Hangzhou Hikvision Digital Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Hikvision Digital Technology Co Ltd filed Critical Hangzhou Hikvision Digital Technology Co Ltd
Priority to CN202310265804.3A priority Critical patent/CN116049862B/en
Publication of CN116049862A publication Critical patent/CN116049862A/en
Application granted granted Critical
Publication of CN116049862B publication Critical patent/CN116049862B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • G06N20/20Ensemble learning
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Bioethics (AREA)
  • Mathematical Physics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a data protection method, device and system based on asynchronous packet federation learning, wherein the method comprises the following steps: the method comprises the steps of sending initial global model parameters and initial disturbance parameters to an Internet of things terminal, so that the Internet of things terminal obtains local model parameters based on the initial global model parameters, and generating disturbance model parameters based on the local model parameters and the initial disturbance parameters; acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals, and determining a target global model parameter based on the plurality of disturbance model parameters and weight coefficients corresponding to each disturbance model parameter; if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; and if the target global model parameters are converged, determining the target global model parameters as trained parameters. Through the scheme, potential safety hazards of data are avoided, data safety is guaranteed, and bandwidth resources are saved.

Description

Data protection method, device and system based on asynchronous packet federation learning
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a data protection method, device, and system based on asynchronous packet federal learning.
Background
Machine learning is a way to realize artificial intelligence, is a multi-domain interdisciplinary, and relates to multiple disciplines such as probability theory, statistics, approximation theory, convex analysis, algorithm complexity theory and the like. Machine learning is used to study how computers mimic or implement learning behavior of humans to acquire new knowledge or skills, reorganizing existing knowledge structures to continually improve their performance. Machine learning is more focused on algorithm design, enabling a computer to automatically learn rules from data and utilize the rules to predict unknown data. Machine learning has found very wide application such as deep learning, data mining, computer vision, natural language processing, biometric identification, search engines, medical diagnostics, speech recognition, handwriting recognition, and the like.
In order to implement artificial intelligence processing by using machine learning, a large amount of sample data (such as image data, i.e., an image with tag data) needs to be acquired, a machine learning model (such as a machine learning model with a target detection function and a target classification function) is trained based on the sample data, and the machine learning model is deployed to an internet of things terminal, so that the internet of things terminal implements artificial intelligence processing based on the machine learning model.
Because the quantity of the sample data of the internet of things terminals is limited, a machine learning model with higher performance cannot be trained, each internet of things terminal needs to send local sample data to a server, and the server trains out the machine learning model based on a large quantity of sample data of a plurality of internet of things terminals.
However, the above manner needs to transmit sample data between the internet of things terminal and the server, so that potential safety hazards of the data exist, the data safety cannot be guaranteed, the sample data is used as a digital asset of the internet of things terminal, and the internet of things terminal is not willing to share the sample data to the server. Since a large amount of sample data (such as image data) needs to be transmitted between the internet of things terminal and the server, the sample data needs to occupy a large amount of bandwidth resources.
Disclosure of Invention
In view of this, the application provides a data protection method and system based on asynchronous packet federal learning, which can reduce data transmitted to an internet of things terminal, so as to ensure the security of the data.
The application provides a data protection method based on asynchronous packet federation learning, which is applied to a server in an internet of things system, wherein the internet of things system further comprises a plurality of internet of things terminals, and the method comprises the following steps:
Acquiring an initial global model parameter and an initial disturbance parameter, and transmitting the initial global model parameter and the initial disturbance parameter to an Internet of things terminal so that the Internet of things terminal acquires a local model parameter based on the initial global model parameter and generates a disturbance model parameter based on the local model parameter and the initial disturbance parameter;
acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals, and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to each disturbance model parameter;
if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
The application provides an internet of things system, including server and a plurality of internet of things terminal, wherein:
the server is used for acquiring initial global model parameters and initial disturbance parameters and sending the initial global model parameters and the initial disturbance parameters to each Internet of things terminal;
The internet of things terminal is used for acquiring local model parameters based on the initial global model parameters and generating disturbance model parameters based on the local model parameters and the initial disturbance parameters;
the server is further used for acquiring a plurality of disturbance model parameters from a plurality of internet of things terminals and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to the disturbance model parameters; if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
The application provides a data protection device based on asynchronous packet federal study, is applied to the server in the internet of things system, and the internet of things system still includes a plurality of internet of things terminals, the device includes:
the acquisition module is used for acquiring initial global model parameters and initial disturbance parameters;
The sending module is used for sending the initial global model parameters and the initial disturbance parameters to the Internet of things terminal so that the Internet of things terminal obtains local model parameters based on the initial global model parameters and generates disturbance model parameters based on the local model parameters and the initial disturbance parameters;
the determining module is used for acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to the disturbance model parameters;
the processing module is used for acquiring new initial disturbance parameters if the target global model parameters are not converged, determining the target global model parameters as the initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
The application provides a server, comprising: a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor; the processor is configured to execute the machine executable instructions to implement the data protection method based on asynchronous packet federation learning.
The present application provides a machine-readable storage medium storing machine-executable instructions executable by a processor; the processor is configured to execute the machine executable instructions to implement the data protection method based on asynchronous packet federation learning.
The present application provides a computer program stored on a machine-readable storage medium, which when executed by a processor causes the processor to implement the asynchronous packet federal learning-based data protection method described above.
According to the technical scheme, in the embodiment of the application, the disturbance model parameters are sent to the server by the terminal of the Internet of things instead of the data of the terminal of the Internet of things, so that the digital asset of the terminal of the Internet of things is protected, potential safety hazards of the data are avoided, the data safety is guaranteed, and data leakage is avoided. Because the disturbance model parameters are transmitted between the terminal of the Internet of things and the server instead of a large amount of data (such as image data), bandwidth resources are saved, and occupation of a large amount of bandwidth resources is avoided. Because the disturbance model parameters are obtained after the local model parameters are disturbed, even if an attacker can obtain the disturbance model parameters, the data of the terminal of the Internet of things cannot be reversely deduced based on the disturbance model parameters, and the data safety is further ensured. A plurality of internet of things terminals and servers can cooperate to train the machine learning model with high efficiency, protect the data security of all internet of things terminals simultaneously, can effectively defend security risks such as poisoning attack, the convergence rate of federal study is faster, and the precision of machine learning model is higher.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the following description will briefly describe the drawings that are required to be used in the embodiments of the present application or the description in the prior art, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings may also be obtained according to these drawings of the embodiments of the present application for a person having ordinary skill in the art.
FIG. 1 is a flow diagram of a data protection method based on asynchronous packet federation learning;
FIG. 2 is a flow diagram of a data protection method based on asynchronous packet federation learning;
FIG. 3 is a schematic diagram of a data protection device based on asynchronous packet federation learning;
fig. 4 is a hardware configuration diagram of a server in an embodiment of the present application.
Detailed Description
The terminology used in the embodiments of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to any or all possible combinations including one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in embodiments of the present application to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, a first message may also be referred to as a second message, and similarly, a second message may also be referred to as a first message, without departing from the scope of the present application. Depending on the context, furthermore, the word "if" used may be interpreted as "at … …" or "at … …" or "in response to a determination".
The embodiment of the application provides a data protection method based on asynchronous packet federation learning, which can be applied to a server (also called a central server) in an internet of things system, wherein the internet of things system further comprises a plurality of internet of things terminals, and the method is shown in fig. 1 and is a flow diagram of the method, and comprises the following steps:
step 101, acquiring initial global model parameters and initial disturbance parameters, and transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things so that the terminal of the Internet of things acquires local model parameters based on the initial global model parameters and generates disturbance model parameters based on the local model parameters and the initial disturbance parameters.
And 102, acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals, and determining a target global model parameter based on the plurality of disturbance model parameters and weight coefficients corresponding to each disturbance model parameter.
Step 103, determining whether the target global model parameters are converged.
If not, step 104 may be performed, and if so, step 105 may be performed.
And 104, if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as the initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things, namely returning to execute the step 101.
Step 105, if the target global model parameters are converged, determining the target global model parameters as trained parameters, where the trained parameters are used for processing the data, such as artificial intelligence processing.
For example, before determining the target global model parameter based on the plurality of disturbance model parameters and the weight coefficient corresponding to each disturbance model parameter, the weight coefficient corresponding to each disturbance model parameter may also be obtained. For example, the weight coefficient corresponding to each disturbance model parameter may be obtained as follows: and determining the prediction accuracy corresponding to each disturbance model parameter based on the verification data set, and dividing the disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter. Configuring a weight coefficient for each disturbance model parameter based on the parameter set; when the weight coefficient is configured for each disturbance model parameter, the disturbance model parameters in the same parameter group correspond to the same weight coefficient, the disturbance model parameters in different parameter groups correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter group is.
Illustratively, new initial perturbation parameters are obtained, including but not limited to: determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter; a new initial disturbance parameter is generated based on the initial disturbance parameter and the parameter adjustment value.
Exemplary, acquiring new initial disturbance parameters, determining the target global model parameters as the initial global model parameters, and returning to perform the operation of sending the initial global model parameters and the initial disturbance parameters to the terminal of the internet of things, including but not limited to: if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is less than a preset threshold, acquiring a new initial disturbance parameter, determining the target global model parameter as the initial global model parameter, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
Illustratively, after determining the target global model parameter based on the plurality of disturbance model parameters and the weight coefficient corresponding to each disturbance model parameter, if the target global model parameter does not converge, then: if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is not less than a preset threshold, determining the target global model parameter as the initial global model parameter, and sending the initial global model parameter to the Internet of things terminal so that the Internet of things terminal obtains the local model parameter based on the initial global model parameter and determines the local model parameter as the disturbance model parameter.
If the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, a new initial disturbance parameter is obtained, the initial global model parameter is kept unchanged, and the operation of sending the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things is performed.
For example, for each internet of things terminal, obtaining the disturbance model parameters from the internet of things terminal may include, but is not limited to: and receiving a push message sent by the internet of things terminal, wherein the push message is sent by the internet of things terminal after the disturbance model parameters are generated, and the push message can comprise the disturbance model parameters. Or, a request message can be sent to the internet of things terminal, and if a response message returned by the internet of things terminal for the request message is received, disturbance model parameters generated by the internet of things terminal are analyzed from the response message; if the response message returned by the internet of things terminal is not received, after a preset time interval, the request message is continuously sent to the internet of things terminal until the response message returned by the internet of things terminal is received.
For example, for each internet of things terminal, the initial global model parameters and the initial disturbance parameters are sent to the internet of things terminal, which may include, but is not limited to: after receiving the request message sent by the internet of things terminal, sending a response message to the internet of things terminal, wherein the response message can comprise an initial global model parameter and an initial disturbance parameter; the time when the different Internet of things terminals send the request message to the server is different; or sending a push message to the internet of things terminal, wherein the push message can comprise an initial global model parameter and an initial disturbance parameter; the time for sending the push message to different internet of things terminals is the same.
According to the technical scheme, in the embodiment of the application, the disturbance model parameters are sent to the server by the terminal of the Internet of things instead of the data of the terminal of the Internet of things, so that the digital asset of the terminal of the Internet of things is protected, potential safety hazards of the data are avoided, the data safety is guaranteed, and data leakage is avoided. Because the disturbance model parameters are transmitted between the terminal of the Internet of things and the server instead of a large amount of data (such as image data), bandwidth resources are saved, and occupation of a large amount of bandwidth resources is avoided. Because the disturbance model parameters are obtained after the local model parameters are disturbed, even if an attacker can obtain the disturbance model parameters, the data of the terminal of the Internet of things cannot be reversely deduced based on the disturbance model parameters, and the data safety is further ensured. A plurality of internet of things terminals and servers can cooperate to train the machine learning model with high efficiency, protect the data security of all internet of things terminals simultaneously, can effectively defend security risks such as poisoning attack, the convergence rate of federal study is faster, and the precision of machine learning model is higher.
The following describes the technical solution of the embodiment of the present application in conjunction with a specific application scenario.
The internet of things (Internet of Things, ioT) refers to collecting information (such as sound, light, heat, electricity, mechanics, chemistry, biology, position and the like) in real time through various devices and technologies such as an information sensor, a radio frequency identification technology, a global positioning system, an infrared sensor, a laser scanner and the like, and realizing ubiquitous connection of things and people through various network accesses, thereby realizing intelligent perception, identification and management of articles and processes. The internet of things is an information carrier based on the internet, a telecommunication network and the like, so that all common physical objects which can be independently addressed form an interconnection network. For example, the industrial Internet is used as the Internet of things, can be continuously developed by being fused with artificial intelligence technology, and is widely applied to the fields of intelligent medical treatment, intelligent home, intelligent industry and the like. In this embodiment, the device in the internet of things is referred to as an internet of things terminal, and the device in the industrial internet is referred to as an industrial internet terminal, which is a type of internet of things terminal, and may include, but is not limited to: industrial control devices (e.g., programmable Logic Controllers (PLCs), remote Terminal Units (RTUs), etc.), industrial network security devices (e.g., industrial switches, industrial firewalls, etc.); industrial intelligent terminal devices (e.g., data acquisition gateway, video acquisition device (i.e., camera, etc.)).
In order to realize artificial intelligence processing by adopting machine learning in the internet of things system, a large amount of sample data (such as image data) needs to be acquired, a machine learning model is trained based on the sample data, and the machine learning model is deployed to the internet of things terminal, so that the internet of things terminal realizes the artificial intelligence processing based on the machine learning model. Because the quantity of the sample data of the internet of things terminals is limited, a machine learning model with higher performance cannot be trained, each internet of things terminal needs to send local sample data to a server, and the server trains out the machine learning model based on a large quantity of sample data of a plurality of internet of things terminals.
However, the above manner needs to transmit sample data between the internet of things terminal and the server, so that potential safety hazards of the data exist, the data safety cannot be guaranteed, the sample data is used as a digital asset of the internet of things terminal, and the internet of things terminal is not willing to share the sample data to the server. Since a large amount of sample data (such as image data) needs to be transmitted between the internet of things terminal and the server, the sample data needs to occupy a large amount of bandwidth resources.
Aiming at the discovery, the data protection method based on asynchronous packet federal learning is provided in the embodiment of the application, and the disturbance model parameters are sent to the server by the internet of things terminal instead of the data of the internet of things terminal, so that the digital asset of the internet of things terminal can be protected, the potential safety hazard of the data is avoided, the data safety is ensured, and the data leakage is avoided. Because the disturbance model parameters are transmitted between the terminal of the Internet of things and the server instead of a large amount of data, bandwidth resources are saved, and occupation of a large amount of bandwidth resources is avoided. Because the disturbance model parameters are obtained after the local model parameters are disturbed, even if an attacker can obtain the disturbance model parameters, the data of the terminal of the Internet of things cannot be reversely deduced based on the disturbance model parameters, and the data safety is further ensured.
The embodiment of the application provides a data protection method based on asynchronous packet federation learning, which can be applied to an internet of things system, wherein the internet of things system can comprise a server (also called a central server) and a plurality of internet of things terminals, and is shown in fig. 2, and a flow diagram of the method comprises the following steps:
step 201, a central server acquires initial global model parameters and initial disturbance parameters.
For example, the central server may obtain an initial global model, and the process of obtaining the initial global model is not limited. The initial global model may be a machine learning model, such as a deep learning algorithm-based machine learning model, a neural network-based machine learning model, and the like, without limitation. The network parameters (i.e., network weights) of the initial global model may be referred to as initial global model parameters.
For example, the central server may obtain the initial disturbance parameters, e.g., the initial disturbance parameters may be randomly generated, e.g., based on a known initial disturbance parameter range. The initial disturbance parameter may be a parameter for disturbing the model parameter, for example, the initial disturbance parameter may be k (e.g., 0.8, 0.9, 1.1, 1.2, 1.3, etc.), which indicates that when the model parameter is disturbed by the initial disturbance parameter, the model parameter may be multiplied by k to implement the disturbance.
For example, assuming that the network model includes M network layers, each network layer includes a plurality of model parameters, the initial disturbance parameter may be one disturbance value, that is, all model parameters of the M network layers correspond to the same disturbance value, the initial disturbance parameter may be M disturbance values, that is, the M network layers correspond to the M disturbance values one by one, that is, all model parameters of the 1 st network layer correspond to the 1 st disturbance value, all model parameters of the 2 nd network layer correspond to the 2 nd disturbance value, and so on. Of course, the initial disturbance parameters may also include more or less disturbance values, for example, all model parameters of two continuous network layers correspond to one disturbance value, all model parameters of three continuous network layers correspond to one disturbance value, one network layer corresponds to two or more disturbance values, and the like, which is not limited as long as each model parameter of the network model corresponds to a disturbance value.
For example, the initial perturbation parameter may also be referred to as a privacy budget parameter, which indicates that the initial perturbation parameter is used to implement privacy budget, and the privacy budget refers to a process of perturbation of the model parameter with the initial perturbation parameter.
Step 202, the central server sends the initial global model parameters and the initial disturbance parameters to the terminals of the internet of things, for example, sends the initial global model parameters and the initial disturbance parameters to each terminal of the internet of things.
For example, the internet of things system may include a plurality of internet of things terminals, and thus, the center server may transmit the initial global model parameters and the initial disturbance parameters to each of the internet of things terminals.
Step 203, aiming at each internet of things terminal, the internet of things terminal obtains local model parameters based on the initial global model parameters, and generates disturbance model parameters based on the local model parameters and the initial disturbance parameters.
For example, the internet of things terminal may maintain a sample data set, where the sample data set may include a plurality of sample data (such as image data, text data, audio data, etc.), and the sample data may be data adopted by the internet of things terminal itself or data acquired by another manner, which is not limited.
After obtaining the initial global model parameters, the internet of things terminal can construct an initial global model based on the initial global model parameters, train the initial global model by adopting a sample data set, do not limit the training process, obtain a trained local model, and can refer to network parameters (i.e. network weights) of the local model as local model parameters. Because the local model is obtained based on the local sample data set training of the terminal of the Internet of things, the local model parameters are model parameters matched with the local data of the terminal of the Internet of things.
The internet of things terminal generates disturbance model parameters based on the local model parameters and the initial disturbance parameters and provides the disturbance model parameters to the central server instead of directly providing the local model parameters to the central server after obtaining the local model parameters. For example, the internet of things terminal perturbs the local model parameters based on the initial perturbation parameters, and takes the perturbed local model parameters as perturbation model parameters.
For example, if the local model includes M network layers, each network layer includes a plurality of model parameters, that is, the local model parameters may include all model parameters of the M network layers, and the initial disturbance parameter is a disturbance value k, that is, all model parameters of the M network layers correspond to the same disturbance value k, then the terminal of the internet of things may multiply the model parameters of the M network layers by the disturbance value k to obtain the disturbance model parameters.
For another example, if the local model includes M network layers, each network layer includes a plurality of model parameters, that is, the local model parameters may include all model parameters of the M network layers, and the initial disturbance parameters are M disturbance values (such as a disturbance value k-1, a disturbance value k-2, …, and a disturbance value k-M), that is, the M network layers are in one-to-one correspondence with the M disturbance values, then the internet of things terminal may multiply all model parameters of the 1 st network layer by the disturbance value k-1 to obtain disturbance model parameters of the 1 st network layer, may multiply all model parameters of the 2 nd network layer by the disturbance value k-2 to obtain disturbance model parameters of the 2 nd network layer, and so on, may multiply all model parameters of the M network layer by the disturbance value k-M to obtain disturbance model parameters of the M network layer. The perturbation model parameters for all network layers may then be combined.
Of course, the foregoing are only examples of generating the disturbance model parameters based on the local model parameters and the initial disturbance parameters, and the generation mode of the disturbance model parameters is not limited, so long as the local model parameters can be disturbed based on the initial disturbance parameters to obtain the disturbance model parameters after disturbance.
The internet of things terminal provides the disturbance model parameters to the central server instead of providing the local model parameters to the central server, which is because: if the local model parameters are provided for the central server, if an attacker obtains the local model parameters, the data of the internet of things terminal can be deduced reversely through the local model parameters (namely, when the internet of things terminal obtains the local model parameters through local data training, the local data of the internet of things terminal can be deduced reversely through the local model parameters), so that potential safety hazards of data are caused, and the data safety cannot be guaranteed. If the disturbance model parameters are provided for the central server, even if an attacker can obtain the disturbance model parameters, the disturbance model parameters are obtained by disturbing the local model parameters, so that the data of the terminal of the Internet of things cannot be deduced reversely through the disturbance model parameters, and the data safety is ensured.
And 204, the central server acquires a plurality of disturbance model parameters from a plurality of Internet of things terminals.
Illustratively, the central server may obtain a plurality of perturbation model parameters in the following manner:
in the mode 1, for each internet of things terminal, after the internet of things terminal completes training of the local model and generates the disturbance model parameters based on the local model parameters and the initial disturbance parameters, a push message may be sent to the central server, where the push message may include the disturbance model parameters. The center server can receive the push message sent by the terminal of the Internet of things and analyze disturbance model parameters from the push message. After obtaining the disturbance model parameters, the central server may further store the disturbance model parameters to a storage unit of the central server, where the storage unit may be a shared memory or middleware, and the type of the storage unit is not limited.
And 2, the central server sends a request message to each Internet of things terminal, and if a response message returned by the Internet of things terminal aiming at the request message is received, disturbance model parameters generated by the Internet of things terminal are analyzed from the response message. If the response message returned by the internet of things terminal is not received, after the preset time interval, the request message is continuously sent to the internet of things terminal until the response message returned by the internet of things terminal is received.
For example, in each acquisition period, the central server may send a request message to a plurality of internet of things terminals, and for each internet of things terminal, after receiving the request message, if the internet of things terminal has completed training of the local model and generates a disturbance model parameter based on the local model parameter and the initial disturbance parameter, send a response message to the central server, where the response message includes the disturbance model parameter. If the terminal of the Internet of things does not complete the training of the local model and/or does not generate disturbance model parameters, a response message is not sent to the central server. When the central server receives the response message, the disturbance model parameters are analyzed from the response message, and the disturbance model parameters are stored in a storage unit of the central server.
And after the next acquisition period (namely after a preset time interval), if the disturbance model parameters returned by all the internet of things terminals are obtained, ending the acquisition process of the disturbance model parameters, stopping sending the request message, and if the disturbance model parameters returned by all the internet of things terminals are not obtained, continuing to send the request message to the internet of things terminals by the center server (for example, sending the request message to all the internet of things terminals or only sending the request message to the internet of things terminals which do not return the disturbance model parameters), until the response message returned by all the internet of things terminals is received, namely, obtaining the disturbance model parameters returned by all the internet of things terminals by the center server.
Illustratively, in modes 1 and 2, when the central server stores the disturbance model parameters in the storage unit of the central server, if the disturbance model parameters matched with the disturbance model parameters are already stored in the storage unit, the disturbance model parameters in the storage unit may be replaced by the disturbance model parameters.
For example, the disturbance model parameter a1 of the internet of things terminal a is already stored in the storage unit, and after obtaining the disturbance model parameter a2 of the internet of things terminal a, the central server may replace the disturbance model parameter a1 with the disturbance model parameter a2, that is, store the disturbance model parameter a2 of the internet of things terminal a through the storage unit.
By way of example, mode 1 differs from mode 2 in that: in mode 1, the internet of things terminal actively transmits the disturbance model parameters to the central server, so that after the central server transmits the initial global model parameters and the initial disturbance parameters to the internet of things terminal, the connection between the central server and the internet of things terminal is not required to be maintained, and the internet of things terminal can reestablish the connection and transmit the disturbance model parameters to the central server when the disturbance model parameters need to be reported. In the mode 2, the central server actively acquires the disturbance model parameters from each internet of things terminal, so that after the central server transmits the initial global model parameters and the initial disturbance parameters to the internet of things terminal, the connection between the central server and the internet of things terminal needs to be maintained, and then the disturbance model parameters are periodically acquired from each internet of things terminal.
In mode 1, the plurality of internet of things terminals may send the disturbance model parameters to the center server in an asynchronous manner, that is, the plurality of internet of things terminals may send the disturbance model parameters to the center server at different times. In mode 2, the plurality of internet of things terminals may send the disturbance model parameters to the central server in a synchronous manner, that is, the plurality of internet of things terminals may send the disturbance model parameters to the central server at the same time or at an approximate time after receiving the request message.
In the mode 1, since the plurality of internet of things terminals actively store the disturbance model parameters to the storage unit of the central server, the central server can execute the subsequent steps when the disturbance model parameters of part of the internet of things terminals exist in the storage unit, obtain the target global model parameters, and can accelerate the model convergence speed. In the mode 2, since the central server needs to actively acquire the disturbance model parameters from each internet of things terminal, the central server needs to execute the subsequent steps after the disturbance model parameters of all the internet of things terminals exist in the storage unit, so that the target global model parameters are obtained, and the model convergence speed is slower.
Step 205, the central server obtains the weight coefficient corresponding to each disturbance model parameter.
For example, the central server may select a portion of the perturbation model parameters from the storage unit, and determine the target global model parameters based on the selected perturbation model parameters. Alternatively, the central server may select all disturbance model parameters from the storage unit, and determine the target global model parameters based on the selected disturbance model parameters.
For example, when selecting a part of disturbance model parameters from the storage unit, a target proportion may be used to randomly select a part of disturbance model parameters from the storage unit, and assuming that the target proportion is 30%, 100 disturbance model parameters exist in the storage unit, 30 disturbance model parameters may be randomly selected from the storage unit.
For another example, all the disturbance model parameters in the storage unit may be divided into a plurality of device groups according to the device types, each device group corresponds to a disturbance model parameter of one device type, and a target proportion may be used to randomly select a part of the disturbance model parameters from each device group. Assuming that the target proportion is 30%, there are 10 disturbance model parameters of device type 1 in the device group 1 (i.e., the device type of the terminal of the internet of things is device type 1), and there are 15 disturbance model parameters of device type 2 in the device group 2, then 3 disturbance model parameters may be randomly selected from the device group 1, and 4 disturbance model parameters (i.e., the downward rounding result) or 5 disturbance model parameters (i.e., the upward rounding result) may be randomly selected from the device group 2.
After the central server selects part of disturbance model parameters or all disturbance model parameters from the storage unit, the central server needs to acquire a weight coefficient corresponding to each disturbance model parameter selected, and then determines a target global model parameter based on the selected disturbance model parameters and the weight coefficients corresponding to the disturbance model parameters.
For example, the following steps may be adopted to obtain the weight coefficient corresponding to each disturbance model parameter:
step 2051, determining a prediction accuracy corresponding to each disturbance model parameter based on the verification data set.
For example, the central server may obtain a verification data set, which may include a large amount of verification data (e.g., image data) and the corresponding real results of the verification data, without limitation. For example, the verification data set may include verification data s1 and a true result s1-1 corresponding to the verification data s1, which means that after the verification data s1 is processed by the model, the correct result is the true result s1-1.
For each disturbance model parameter, the central server may construct a disturbance model based on the disturbance model parameter after obtaining the disturbance model parameter, input verification data in the verification data set to the disturbance model, and process the verification data by the disturbance model to obtain a prediction result corresponding to the verification data. If the predicted result corresponding to the verification data is the same as the real result corresponding to the verification data, the prediction of the verification data is correct, and if the predicted result corresponding to the verification data is different from the real result corresponding to the verification data, the prediction of the verification data is wrong. After each verification data in the verification data set is input to the disturbance model, the number p1 of correct prediction and the number p2 of incorrect prediction can be counted, and the prediction accuracy corresponding to the disturbance model parameter can be determined based on the number p1 and the number p2, for example, the prediction accuracy is p 1/(p1+p2). Of course, the foregoing is merely an example, and is not limiting.
Obviously, based on the above mode, the prediction accuracy corresponding to each disturbance model parameter can be obtained.
Step 2052, dividing the plurality of disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter, where each parameter set may include at least one disturbance model parameter. For example, the prediction accuracy corresponding to the disturbance model parameters may also be referred to as prediction accuracy.
For example, the parameter set and the threshold interval have a mapping relationship, and if the prediction accuracy corresponding to the disturbance model parameter is in a certain threshold interval, the central server divides the disturbance model parameter into the parameter set corresponding to the threshold interval. For example, if K parameter sets are required to be divided, the K parameter sets correspond to K threshold intervals, for example, the parameter set 1 corresponds to the threshold interval 1, the parameter set 2 corresponds to the threshold interval 2, …, and the parameter set K corresponds to the threshold interval K, then if the prediction accuracy corresponding to the disturbance model parameter is located in the threshold interval 1, the disturbance model parameter is divided into the parameter set 1, if the prediction accuracy corresponding to the disturbance model parameter is located in the threshold interval 2, the disturbance model parameter is divided into the parameter sets 2, …, and if the prediction accuracy corresponding to the disturbance model parameter is located in the threshold interval K, the disturbance model parameter is divided into the parameter set K.
For example, if K parameter sets are 3 parameter sets, and the threshold interval 1 corresponding to the parameter set 1 is [0, 70], the threshold interval 2 corresponding to the parameter set 2 is (70, 90), and the threshold interval 3 corresponding to the parameter set 3 is (90, 90), then if the prediction accuracy corresponding to the disturbance model parameter is less than 70%, the disturbance model parameter may be divided into the parameter set 1, if the prediction accuracy corresponding to the disturbance model parameter is greater than 70% and less than 90%, the disturbance model parameter may be divided into the parameter set 2, and if the prediction accuracy corresponding to the disturbance model parameter is greater than 90%, the disturbance model parameter may be divided into the parameter set 3.
In summary, based on the prediction accuracy corresponding to each disturbance model parameter, the disturbance model parameter may be divided into a certain parameter group, so as to obtain K parameter groups, where each parameter group includes a disturbance model parameter.
Step 2053, configuring a weight coefficient for each disturbance model parameter based on the K parameter sets.
When the central server configures a weight coefficient for each disturbance model parameter, disturbance model parameters in the same parameter set correspond to the same weight coefficient, disturbance model parameters in different parameter sets correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter set is.
For example, assuming that K parameter sets are divided, the threshold interval 1 corresponding to the parameter set 1 is smaller than the threshold interval 2 corresponding to the parameter set 2, the threshold interval 2 corresponding to the parameter set 2 is smaller than the threshold intervals 3, … corresponding to the parameter set 3, and the threshold interval K-1 corresponding to the parameter set K-1 is smaller than the threshold interval K corresponding to the parameter set K, the central server configures the weight coefficient W for all disturbance model parameters in the parameter set 1 1 Configuring weight coefficients W for all disturbance model parameters in parameter group 2 2 Configuring weight coefficients W for all disturbance model parameters in parameter set 3 3 …, weight coefficients W are configured for all disturbance model parameters in parameter set K K
Because the threshold interval 1 corresponding to the parameter set 1 is smaller than the threshold interval 2 corresponding to the parameter set 2, i.e. the prediction accuracy corresponding to the disturbance model parameters in the parameter set 1 is smaller than the prediction accuracy corresponding to the disturbance model parameters in the parameter set 2, the weight system isNumber W 1 Less than the weight coefficient W 2 Similarly, the weight coefficient W 2 Less than the weight coefficient W 3 …, and so on, weight coefficient W K-1 Less than the weight coefficient W K
So far, step 205 is completed, and the weight coefficient corresponding to each disturbance model parameter is obtained.
Step 206, the central server determines the target global model parameters based on the disturbance model parameters and the weight coefficient corresponding to each disturbance model parameter. For example, based on the weight coefficient corresponding to each disturbance model parameter, the central server performs a weighted operation on a plurality of disturbance model parameters to obtain a target global model parameter.
For example, the central server may determine the target global model parameters using the following formula:
S=S 1 *W 1 +S 2 *W 2 +S 3 *W 3 +…+S K *W K
in the above formula, S represents the target global model parameter, S 1 Representing the 1 st disturbance model parameter, W 1 Represents the weight coefficient corresponding to the 1 st disturbance model parameter, S 2 Representing the 2 nd disturbance model parameters, W 2 Represent the weight coefficient corresponding to the 2 nd disturbance model parameter, …, and so on, S K Represents the K-th disturbance model parameter, W K And (5) representing the weight coefficient corresponding to the K-th disturbance model parameter.
In summary, by performing the weighting operation on the plurality of disturbance model parameters, the model parameters after the weighting operation can be obtained, and the model parameters after the weighting operation are used as the target global model parameters.
By way of example, the greater the prediction accuracy is, the greater the weight coefficient corresponding to the parameter set is, so that safety risks such as poisoning attack can be effectively defended, the convergence rate of the target global model is higher, the accuracy of the target global model is higher, the prediction accuracy of the target global model is higher, and the prediction performance is better.
For example, if the attacker also sends disturbance model parameters to the central server, if the weight coefficients of all disturbance model parameters are the same, the disturbance model parameters sent by the attacker will cause the accuracy of the target global model to be reduced, the prediction accuracy of the target global model to be reduced, and the prediction performance to be reduced. In this embodiment, when the disturbance model parameters are divided into a certain parameter set by using the prediction accuracy corresponding to the disturbance model parameters, the disturbance model parameters sent by the attacker enter the parameter set with the lowest prediction accuracy, that is, the weight coefficient corresponding to the disturbance model parameters sent by the attacker is lower, so that when the target global model parameters are determined based on all the multiple disturbance model parameters and the weight coefficient corresponding to each disturbance model parameter, safety risks such as poisoning attack can be effectively defended, and the target global model has higher accuracy, higher prediction accuracy and better prediction performance.
Step 207, the central server determines whether the target global model parameters have converged.
If yes, step 208 may be performed, and if not, step 209 may be performed.
In a possible implementation manner, the prediction accuracy corresponding to the target global model parameter may be determined based on the verification data set, and the determination manner may refer to step 205, which is not described herein. If the prediction accuracy corresponding to the target global model parameter is greater than the convergence threshold (which may be configured empirically, e.g., 98%, 99, etc., without limitation), then it is determined that the target global model parameter has converged. And if the prediction accuracy corresponding to the target global model parameter is not greater than the convergence threshold, determining that the target global model parameter is not converged.
In another possible implementation, if the number of iterations of the target global model parameter is greater than a preset number of thresholds (which may be empirically configured), then it is determined that the target global model parameter has converged. And if the iteration times of the target global model parameters are not greater than the preset time threshold, determining that the target global model parameters are not converged.
In another possible implementation, if the iteration time of the target global model parameter is greater than a preset time period threshold (which may be empirically configured), then it is determined that the target global model parameter has converged. And if the iteration time of the target global model parameter is not greater than the preset time threshold, determining that the target global model parameter is not converged.
Of course, the above is just a few examples, and the convergence condition is not limited in this embodiment.
In step 208, if the target global model parameters have converged, the central server determines the target global model parameters as trained parameters, and the trained parameters are used for processing the data, such as artificial intelligence processing.
For example, if the target global model parameters have converged, the central server may send the target global model parameters to each of the terminals of the internet of things, and after obtaining the target global model parameters, the terminals of the internet of things may construct a target global model based on the target global model parameters, deploy the target global model, and then implement artificial intelligence processing based on the target global model. For example, after obtaining the data to be processed (such as image data), the terminal of the internet of things may input the data to be processed into the target global model, and the target global model processes the data to be processed to obtain a processing result of the data to be processed, which is not limited in this process.
Step 209, if the target global model parameter does not converge, the central server determines whether the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter.
If yes, that is, the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter, step 210 may be performed, and if not, that is, the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, step 213 may be performed.
In one possible implementation manner, the prediction accuracy corresponding to the target global model parameter may be determined based on the verification data set, and the prediction accuracy corresponding to the initial global model parameter may be determined based on the verification data set, where the determination manner may refer to step 205, and details thereof are omitted herein. Then, whether the prediction accuracy corresponding to the target global model parameter is larger than the prediction accuracy corresponding to the initial global model parameter can be judged.
Step 210, the central server judges whether the prediction accuracy corresponding to the target global model parameter is smaller than a preset threshold, if not, step 211 can be executed, and if so, step 212 can be executed.
For example, if the prediction accuracy corresponding to the target global model parameter is not less than the preset threshold, it indicates that the target global model parameter has a higher prediction performance, and the global model parameter is only sent to each internet of things terminal without optimizing the model parameter through the initial disturbance parameter, so that step 211 is executed.
If the prediction accuracy corresponding to the target global model parameter is smaller than the preset threshold, it indicates that the target global model parameter has only a low prediction performance, and the model parameter still needs to be optimized through the initial disturbance parameter, that is, the global model parameter and the initial disturbance parameter need to be sent to each internet of things terminal, and step 212 is executed.
Step 211, the central server determines the target global model parameter as an initial global model parameter, and sends the initial global model parameter to the terminal of the internet of things. And after the terminal of the Internet of things receives the initial global model parameters, acquiring local model parameters based on the initial global model parameters, and determining the local model parameters as disturbance model parameters.
For example, the internet of things system may include a plurality of internet of things terminals, and the central server may transmit the initial global model parameters to each of the internet of things terminals. For each Internet of things terminal, after obtaining initial global model parameters, an initial global model can be built based on the initial global model parameters, the initial global model is trained by adopting a sample data set, a trained local model is obtained, network parameters of the local model can be called local model parameters, and the local model parameters are determined to be disturbance model parameters.
Further, after each internet of things terminal obtains the disturbance model parameters, the step 204 may be returned, and the central server obtains a plurality of disturbance model parameters from a plurality of internet of things terminals, which will not be repeated herein.
For example, the initial global model parameters may be sent to the internet of things terminal in the following manner:
in mode 1, for each internet of things terminal, after receiving a request message sent by the internet of things terminal, a central server sends a response message to the internet of things terminal, where the response message includes initial global model parameters. The time when different internet of things terminals send the request message to the central server may be different or the same.
For each internet of things terminal, the internet of things terminal can actively request the initial global model parameters from the central server, namely, the internet of things terminal can self-decide the acquisition time of the initial global model parameters and send a request message to the central server at the time. Because each Internet of things terminal makes a decision on the acquisition time of the initial global model parameters, the time when different Internet of things terminals send request messages to the server can be different, namely, the center server sends the initial global model parameters to different Internet of things terminals at different times, namely, the center server sends the initial global model parameters to each Internet of things terminal in an asynchronous mode.
In the mode 2, the central server sends a push message to each internet of things terminal, where the push message may include initial global model parameters, and the time when the push message is sent to different internet of things terminals may be the same.
The central server actively transmits the initial global model parameter to each of the internet of things terminals, that is, after determining the target global model parameter as the initial global model parameter, the central server may transmit the initial global model parameter to each of the internet of things terminals, that is, transmit the initial global model parameter to each of the internet of things terminals at the same time. Because the center server sends the initial global model parameters to each Internet of things terminal at the same time, the center server sends the initial global model parameters to each Internet of things terminal in a synchronous mode.
In modes 1 and 2, the center server stores the initial global model parameters in a storage unit of the center server, acquires the initial global model parameters from the storage unit, and transmits the initial global model parameters to each internet of things terminal.
By way of example, mode 1 differs from mode 2 in that: in the mode 1, the internet of things terminal actively acquires the initial global model parameters, so that connection between the central server and the internet of things terminal is not required to be maintained, and when the internet of things terminal needs to acquire the initial global model parameters, the internet of things terminal can reestablish connection and acquire the initial global model parameters from the central server. In mode 2, the central server actively transmits the initial global model parameters to the internet of things terminal, so that the connection between the central server and the internet of things terminal needs to be maintained, and then the initial global model parameters can be transmitted to the internet of things terminal.
In the mode 1, the plurality of internet of things terminals acquire the initial global model parameters from the central server in an asynchronous mode, that is, the plurality of internet of things terminals can acquire the initial global model parameters from the central server at different moments. In the mode 2, the central server adopts a synchronous mode to transmit the initial global model parameters to a plurality of internet of things terminals, namely, transmits the initial global model parameters to a plurality of internet of things terminals at the same time.
Step 212, the central server acquires new initial disturbance parameters, determines the target global model parameters as the initial global model parameters, and sends the initial global model parameters and the initial disturbance parameters (i.e. the new initial disturbance parameters) to the terminals of the internet of things (i.e. each terminal of the internet of things), namely, returns to execute step 202.
For example, after obtaining the initial global model parameter and the initial disturbance parameter, the central server may send the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things in the following manner:
in mode 1, for each internet of things terminal, after receiving a request message sent by the internet of things terminal, a central server sends a response message to the internet of things terminal, where the response message may include an initial global model parameter and an initial disturbance parameter. The time when different internet of things terminals send the request message to the central server may be different or the same. The internet of things terminal can actively request the initial global model parameters and the initial disturbance parameters from the central server, namely, the internet of things terminal can self-decide the acquisition time of the initial global model parameters and the initial disturbance parameters and send a request message to the central server at the time. Because each Internet of things terminal self-decides the acquisition time of the initial global model parameter and the initial disturbance parameter, the time when different Internet of things terminals send the request message to the server can be different, namely the center server sends the initial global model parameter and the initial disturbance parameter to the different Internet of things terminals at different time, namely the center server sends the initial global model parameter and the initial disturbance parameter to each Internet of things terminal in an asynchronous mode.
The method 2 includes that a center server sends push information to each Internet of things terminal, wherein the push information can comprise initial global model parameters and initial disturbance parameters; the time when the central server sends the push message to different internet of things terminals can be the same. The central server may actively send the initial global model parameter and the initial disturbance parameter to each of the internet of things terminals, that is, send the initial global model parameter and the initial disturbance parameter to each of the internet of things terminals at the same time. Because the center server sends the initial global model parameters and the initial disturbance parameters to each Internet of things terminal at the same time, the center server sends the initial global model parameters and the initial disturbance parameters to each Internet of things terminal in a synchronous mode.
In one possible implementation, the central server obtains new initial perturbation parameters, which may include, but are not limited to: determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter; a new initial disturbance parameter is generated based on the initial disturbance parameter and the parameter adjustment value. For example, if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter, the current adjustment trend (such as a positive value or a negative value) of the parameter adjustment value is correct, and the parameter adjustment value corresponding to the initial disturbance parameter needs to be determined according to the current adjustment trend, for example, if the current adjustment trend is a positive value, the parameter adjustment value corresponding to the initial disturbance parameter is a positive value, such as 0.1, 0.2, 0.3, etc., and if the current adjustment trend is a negative value, the parameter adjustment value corresponding to the initial disturbance parameter is a negative value, such as-0.1, -0.2, -0.3, etc. If the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, the current adjustment trend (such as a positive value or a negative value) of the parameter adjustment value is incorrect, and the parameter adjustment value corresponding to the initial disturbance parameter needs to be determined according to the reverse trend of the current adjustment trend, for example, if the current adjustment trend is a positive value, the parameter adjustment value corresponding to the initial disturbance parameter is a negative value, and if the current adjustment trend is a negative value, the parameter adjustment value corresponding to the initial disturbance parameter is a positive value. Of course, the above is merely an example of a determination method, and is not limited thereto.
After obtaining the parameter adjustment value corresponding to the initial disturbance parameter, the central server may generate a new initial disturbance parameter based on the initial disturbance parameter and the parameter adjustment value, for example, the central server may use the sum of the initial disturbance parameter and the parameter adjustment value as the new initial disturbance parameter, which is not limited.
In summary, it can be seen that the central server can dynamically adjust the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter, so as to obtain a new initial disturbance parameter. In order to balance the utility and protection capability of the target global model parameter, when the initial disturbance parameter is adjusted, a proportional-integral-derivative algorithm may be further used to adjust the initial disturbance parameter, for example, the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter are used as input data of the proportional-integral-derivative algorithm, the optimization objective of the proportional-integral-derivative algorithm is to make the prediction accuracy corresponding to the target global model parameter greater than the prediction accuracy corresponding to the initial global model parameter, the adjustment object of the proportional-integral-derivative algorithm is the initial disturbance parameter, that is, the generated parameter adjustment value is used to adjust the initial disturbance parameter, so that the initial disturbance parameter is adjusted continuously to obtain the adjusted initial disturbance parameter, and the processing procedure of the proportional-integral-derivative algorithm is not limited in this embodiment.
Step 213, the central server acquires new initial disturbance parameters, keeps the initial global model parameters unchanged, and sends the initial global model parameters and the initial disturbance parameters to the terminal of the internet of things, namely, returns to execute step 202.
Illustratively, step 213 is to keep the initial global model parameters unchanged, i.e. not to update the initial global model parameters, in step 213, compared to step 212, and to determine the target global model parameters as initial global model parameters, i.e. to update the initial global model parameters, in step 212.
According to the technical scheme, in the embodiment of the application, the disturbance model parameters are sent to the central server by the Internet of things terminal instead of the data of the Internet of things terminal, so that the digital asset of the Internet of things terminal is protected, potential safety hazards of the data are avoided, the data safety is guaranteed, and data leakage is avoided. Because the disturbance model parameters are transmitted between the terminal of the Internet of things and the central server and are not a large amount of image data, bandwidth resources are saved, and occupation of a large amount of bandwidth resources is avoided. Because the disturbance model parameters are obtained after the local model parameters are disturbed, even if an attacker can obtain the disturbance model parameters, the data of the terminal of the Internet of things cannot be reversely deduced based on the disturbance model parameters, and the data security is ensured. The plurality of internet of things terminals and the central server can cooperate to train the machine learning model efficiently, meanwhile, the data security of all internet of things terminals is protected, the security risks such as poisoning attack can be effectively defended, the convergence speed of federal learning is faster, the precision of the machine learning model is higher, and the problems of slow convergence speed, low precision and data leakage of federal learning on non-uniform independent distribution real data sets are solved.
Based on the same application concept as the above method, the embodiment of the application provides an internet of things system, which may include a server (such as a central server) and a plurality of internet of things terminals, where:
the server is used for acquiring initial global model parameters and initial disturbance parameters and sending the initial global model parameters and the initial disturbance parameters to each Internet of things terminal;
the internet of things terminal is used for acquiring local model parameters based on the initial global model parameters and generating disturbance model parameters based on the local model parameters and the initial disturbance parameters;
the server is further used for acquiring a plurality of disturbance model parameters from a plurality of internet of things terminals and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to the disturbance model parameters; if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
The server is further configured to determine a prediction accuracy corresponding to each disturbance model parameter based on the verification data set, and divide the plurality of disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter; configuring a weight coefficient for each disturbance model parameter based on the parameter set; the disturbance model parameters in the same parameter set correspond to the same weight coefficient, the disturbance model parameters in different parameter sets correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter set is.
For example, if the target global model parameter does not converge, the server is specifically configured to: determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter; generating new initial disturbance parameters based on the initial disturbance parameters and the parameter adjustment values.
The server obtains a new initial disturbance parameter, determines the target global model parameter as an initial global model parameter, and returns to perform the operation of sending the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things, which is specifically used for: if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is less than a preset threshold, acquiring a new initial disturbance parameter, determining the target global model parameter as the initial global model parameter, and returning to the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
The server is further configured to determine the target global model parameter as an initial global model parameter if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is not less than the preset threshold, and send the initial global model parameter to the internet of things terminal, so that the internet of things terminal obtains a local model parameter based on the initial global model parameter and determines the local model parameter as a disturbance model parameter; if the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, acquiring a new initial disturbance parameter, keeping the initial global model parameter unchanged, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
Based on the same application concept as the above method, in the embodiment of the present application, an asynchronous packet federal learning-based data protection device is provided, where the device is applied to a server in an internet of things system, and the internet of things system further includes a plurality of internet of things terminals, as shown in fig. 3, which is a schematic structural diagram of the asynchronous packet federal learning-based data protection device, and the device may include:
An obtaining module 31, configured to obtain an initial global model parameter and an initial disturbance parameter;
the sending module 32 is configured to send an initial global model parameter and an initial disturbance parameter to an internet of things terminal, so that the internet of things terminal obtains a local model parameter based on the initial global model parameter, and generates a disturbance model parameter based on the local model parameter and the initial disturbance parameter;
the determining module 33 is configured to obtain a plurality of disturbance model parameters from a plurality of terminals of the internet of things, and determine a target global model parameter based on the plurality of disturbance model parameters and a weight coefficient corresponding to each disturbance model parameter;
the processing module 34 is configured to acquire a new initial disturbance parameter if the target global model parameter is not converged, determine the target global model parameter as an initial global model parameter, and return to perform an operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
Illustratively, the processing module 34 is further configured to determine a prediction accuracy corresponding to each disturbance model parameter based on the verification data set, and divide the plurality of disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter; configuring a weight coefficient for each disturbance model parameter based on the parameter set; when weight coefficients are configured for each disturbance model parameter, disturbance model parameters in the same parameter group correspond to the same weight coefficient, disturbance model parameters in different parameter groups correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter group is.
For example, if the target global model parameter does not converge, the processing module 34 is specifically configured to, when acquiring the new initial disturbance parameter: determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter; generating new initial disturbance parameters based on the initial disturbance parameters and the parameter adjustment values.
Illustratively, the processing module 34 obtains a new initial disturbance parameter, determines the target global model parameter as an initial global model parameter, and returns to the operation of sending the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things, where the operation is specifically used for: if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is less than a preset threshold, acquiring a new initial disturbance parameter, determining the target global model parameter as the initial global model parameter, and returning to perform the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
The processing module 34 is further configured to determine the target global model parameter as an initial global model parameter if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is not less than the preset threshold, and send the initial global model parameter to the internet of things terminal, so that the internet of things terminal obtains a local model parameter based on the initial global model parameter and determines the local model parameter as a disturbance model parameter; if the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, acquiring a new initial disturbance parameter, keeping the initial global model parameter unchanged, and returning to execute the step of sending the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
For example, for each internet of things terminal, the determining module 33 is specifically configured to, when obtaining the disturbance model parameters from the internet of things terminal: receiving a push message sent by the internet of things terminal, wherein the push message is sent by the internet of things terminal after generating disturbance model parameters, and the push message comprises the disturbance model parameters; or sending a request message to the internet of things terminal, and if a response message returned by the internet of things terminal is received, analyzing disturbance model parameters generated by the internet of things terminal from the response message; if the response message returned by the internet of things terminal is not received, after a preset time interval, continuing to send the request message to the internet of things terminal until the response message returned by the internet of things terminal is received.
For example, for each terminal of the internet of things, the sending module 32 is specifically configured to, when sending the initial global model parameter and the initial disturbance parameter to the terminal of the internet of things: after receiving a request message sent by an internet of things terminal, sending a response message to the internet of things terminal, wherein the response message comprises an initial global model parameter and an initial disturbance parameter; the time when different Internet of things terminals send request messages to the server is different; or sending a push message to the terminal of the Internet of things, wherein the push message comprises an initial global model parameter and an initial disturbance parameter; the time for sending the push message to different internet of things terminals is the same.
Based on the same application concept as the above method, the embodiment of the present application proposes a server (such as a central server), as shown in fig. 4, including a processor 41 and a machine-readable storage medium 42, where the machine-readable storage medium 42 stores machine-executable instructions that can be executed by the processor 41; the processor 41 is configured to execute machine-executable instructions to implement the asynchronous packet federal learning-based data protection method described above.
Based on the same application concept as the above method, the embodiment of the application further provides a machine-readable storage medium, where a plurality of computer instructions are stored on the machine-readable storage medium, and when the computer instructions are executed by a processor, the data protection method based on asynchronous packet federal learning can be implemented.
Wherein the machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device that can contain or store information, such as executable instructions, data, or the like. For example, a machine-readable storage medium may be: RAM (Radom Access Memory, random access memory), volatile memory, non-volatile memory, flash memory, a storage drive (e.g., hard drive), a solid state drive, any type of storage disk (e.g., optical disk, dvd, etc.), or a similar storage medium, or a combination thereof.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer entity or by an article of manufacture having some functionality. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present application.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Moreover, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims (10)

1. The data protection method based on asynchronous packet federation learning is characterized by being applied to a server in an Internet of things system, wherein the Internet of things system further comprises a plurality of Internet of things terminals, and the method comprises the following steps:
acquiring an initial global model parameter and an initial disturbance parameter, and transmitting the initial global model parameter and the initial disturbance parameter to an Internet of things terminal so that the Internet of things terminal acquires a local model parameter based on the initial global model parameter and generates a disturbance model parameter based on the local model parameter and the initial disturbance parameter;
acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals, and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to each disturbance model parameter;
if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
2. The method of claim 1, wherein prior to determining the target global model parameter based on the plurality of perturbation model parameters and the weight coefficient corresponding to each perturbation model parameter, further comprising:
determining the prediction accuracy corresponding to each disturbance model parameter based on the verification data set, and dividing the disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter;
configuring a weight coefficient for each disturbance model parameter based on the parameter set; the disturbance model parameters in the same parameter set correspond to the same weight coefficient, the disturbance model parameters in different parameter sets correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter set is.
3. The method of claim 1, wherein the step of determining the position of the substrate comprises,
if the target global model parameter is not converged, the obtaining a new initial disturbance parameter includes:
determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter;
generating new initial disturbance parameters based on the initial disturbance parameters and the parameter adjustment values.
4. The method of claim 1, wherein the acquiring the new initial perturbation parameter and determining the target global model parameter as the initial global model parameter, and returning to performing the operation of sending the initial global model parameter and the initial perturbation parameter to the internet of things terminal, comprises:
if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is less than a preset threshold, acquiring a new initial disturbance parameter, determining the target global model parameter as the initial global model parameter, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
5. The method of claim 4, wherein the step of determining the position of the first electrode is performed,
after determining the target global model parameter based on the plurality of disturbance model parameters and the weight coefficient corresponding to each disturbance model parameter, if the target global model parameter is not converged, the method further includes:
if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is not less than the preset threshold, determining the target global model parameter as an initial global model parameter, and sending the initial global model parameter to an Internet of things terminal so that the Internet of things terminal obtains a local model parameter based on the initial global model parameter and determines the local model parameter as a disturbance model parameter;
If the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, acquiring a new initial disturbance parameter, keeping the initial global model parameter unchanged, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
6. The method of claim 1, wherein the step of determining the position of the substrate comprises,
for each internet of things terminal, obtaining disturbance model parameters from the internet of things terminal comprises:
receiving a push message sent by the internet of things terminal, wherein the push message is sent by the internet of things terminal after generating disturbance model parameters, and the push message comprises the disturbance model parameters; or alternatively, the process may be performed,
sending a request message to the Internet of things terminal, and if a response message returned by the Internet of things terminal is received, analyzing disturbance model parameters generated by the Internet of things terminal from the response message; if the response message returned by the internet of things terminal is not received, after a preset time interval, continuing to send the request message to the internet of things terminal until the response message returned by the internet of things terminal is received.
7. The method of claim 1, wherein for each internet of things terminal, sending the initial global model parameters and the initial perturbation parameters to the internet of things terminal comprises:
after receiving the request message sent by the Internet of things terminal, sending a response message to the Internet of things terminal, wherein the response message comprises an initial global model parameter and an initial disturbance parameter; the time when different Internet of things terminals send request messages to the server is different; or alternatively, the process may be performed,
sending a push message to the Internet of things terminal, wherein the push message comprises an initial global model parameter and an initial disturbance parameter; the time for sending the push message to different internet of things terminals is the same.
8. The Internet of things system is characterized by comprising a server and a plurality of Internet of things terminals, wherein:
the server is used for acquiring initial global model parameters and initial disturbance parameters and sending the initial global model parameters and the initial disturbance parameters to each Internet of things terminal;
the internet of things terminal is used for acquiring local model parameters based on the initial global model parameters and generating disturbance model parameters based on the local model parameters and the initial disturbance parameters;
The server is further used for acquiring a plurality of disturbance model parameters from a plurality of internet of things terminals and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to the disturbance model parameters; if the target global model parameters are not converged, acquiring new initial disturbance parameters, determining the target global model parameters as initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
9. The system of claim 8, wherein the system further comprises a controller configured to control the controller,
the server is further configured to determine a prediction accuracy corresponding to each disturbance model parameter based on the verification data set, and divide the plurality of disturbance model parameters into at least two parameter sets based on the prediction accuracy corresponding to each disturbance model parameter; configuring a weight coefficient for each disturbance model parameter based on the parameter set; the disturbance model parameters in the same parameter set correspond to the same weight coefficient, the disturbance model parameters in different parameter sets correspond to different weight coefficients, and the larger the prediction accuracy is, the larger the weight coefficient corresponding to the parameter set is;
The server is specifically configured to, when acquiring a new initial disturbance parameter: determining a parameter adjustment value corresponding to the initial disturbance parameter based on the prediction accuracy corresponding to the target global model parameter and the prediction accuracy corresponding to the initial global model parameter; generating new initial disturbance parameters based on the initial disturbance parameters and the parameter adjustment values;
the server acquires new initial disturbance parameters, determines the target global model parameters as initial global model parameters, and returns to the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the internet of things, wherein the operation is specifically used for: if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is less than a preset threshold, acquiring a new initial disturbance parameter, determining the target global model parameter as the initial global model parameter, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things;
the server is further configured to determine the target global model parameter as an initial global model parameter if the prediction accuracy corresponding to the target global model parameter is greater than the prediction accuracy corresponding to the initial global model parameter and the prediction accuracy corresponding to the target global model parameter is not less than the preset threshold, and send the initial global model parameter to the internet of things terminal, so that the internet of things terminal obtains a local model parameter based on the initial global model parameter and determines the local model parameter as a disturbance model parameter; if the prediction accuracy corresponding to the target global model parameter is not greater than the prediction accuracy corresponding to the initial global model parameter, acquiring a new initial disturbance parameter, keeping the initial global model parameter unchanged, and returning to execute the operation of transmitting the initial global model parameter and the initial disturbance parameter to the terminal of the Internet of things.
10. Data protection device based on asynchronous packet federation study, characterized in that is applied to the server in the thing networking system, thing networking system still includes a plurality of thing networking terminals, the device includes:
the acquisition module is used for acquiring initial global model parameters and initial disturbance parameters;
the sending module is used for sending the initial global model parameters and the initial disturbance parameters to the Internet of things terminal so that the Internet of things terminal obtains local model parameters based on the initial global model parameters and generates disturbance model parameters based on the local model parameters and the initial disturbance parameters;
the determining module is used for acquiring a plurality of disturbance model parameters from a plurality of Internet of things terminals and determining a target global model parameter based on the disturbance model parameters and weight coefficients corresponding to the disturbance model parameters;
the processing module is used for acquiring new initial disturbance parameters if the target global model parameters are not converged, determining the target global model parameters as the initial global model parameters, and returning to execute the operation of transmitting the initial global model parameters and the initial disturbance parameters to the terminal of the Internet of things; if the target global model parameters are converged, the target global model parameters are determined to be trained parameters, and the trained parameters are used for processing the data.
CN202310265804.3A 2023-03-13 2023-03-13 Data protection method, device and system based on asynchronous packet federation learning Active CN116049862B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310265804.3A CN116049862B (en) 2023-03-13 2023-03-13 Data protection method, device and system based on asynchronous packet federation learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310265804.3A CN116049862B (en) 2023-03-13 2023-03-13 Data protection method, device and system based on asynchronous packet federation learning

Publications (2)

Publication Number Publication Date
CN116049862A true CN116049862A (en) 2023-05-02
CN116049862B CN116049862B (en) 2023-06-27

Family

ID=86125858

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310265804.3A Active CN116049862B (en) 2023-03-13 2023-03-13 Data protection method, device and system based on asynchronous packet federation learning

Country Status (1)

Country Link
CN (1) CN116049862B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110443375A (en) * 2019-08-16 2019-11-12 深圳前海微众银行股份有限公司 A kind of federation's learning method and device
CN113094758A (en) * 2021-06-08 2021-07-09 华中科技大学 Gradient disturbance-based federated learning data privacy protection method and system
CN113361694A (en) * 2021-06-30 2021-09-07 哈尔滨工业大学 Layered federated learning method and system applying differential privacy protection
CN113705823A (en) * 2020-05-22 2021-11-26 华为技术有限公司 Model training method based on federal learning and electronic equipment
CN114398635A (en) * 2021-11-30 2022-04-26 北京邮电大学 Layered security federal learning method and device, electronic equipment and storage medium
CN114595831A (en) * 2022-03-01 2022-06-07 北京交通大学 Federal learning method integrating adaptive weight distribution and personalized differential privacy
CN115238905A (en) * 2022-07-05 2022-10-25 清华大学深圳国际研究生院 Transverse federated learning training method capable of improving system fairness under sensitive scene
US20220383198A1 (en) * 2022-02-17 2022-12-01 Beijing Baidu Netcom Science Technology Co., Ltd. Method for asynchronous federated learning, method for predicting business service, apparatus, and system
CN115759289A (en) * 2022-11-16 2023-03-07 海南大学 Federal learning method, system and device based on user grouping cooperation
CN115840900A (en) * 2022-09-16 2023-03-24 河海大学 Personalized federal learning method and system based on self-adaptive clustering layering

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110443375A (en) * 2019-08-16 2019-11-12 深圳前海微众银行股份有限公司 A kind of federation's learning method and device
CN113705823A (en) * 2020-05-22 2021-11-26 华为技术有限公司 Model training method based on federal learning and electronic equipment
CN113094758A (en) * 2021-06-08 2021-07-09 华中科技大学 Gradient disturbance-based federated learning data privacy protection method and system
CN113361694A (en) * 2021-06-30 2021-09-07 哈尔滨工业大学 Layered federated learning method and system applying differential privacy protection
CN114398635A (en) * 2021-11-30 2022-04-26 北京邮电大学 Layered security federal learning method and device, electronic equipment and storage medium
US20220383198A1 (en) * 2022-02-17 2022-12-01 Beijing Baidu Netcom Science Technology Co., Ltd. Method for asynchronous federated learning, method for predicting business service, apparatus, and system
CN114595831A (en) * 2022-03-01 2022-06-07 北京交通大学 Federal learning method integrating adaptive weight distribution and personalized differential privacy
CN115238905A (en) * 2022-07-05 2022-10-25 清华大学深圳国际研究生院 Transverse federated learning training method capable of improving system fairness under sensitive scene
CN115840900A (en) * 2022-09-16 2023-03-24 河海大学 Personalized federal learning method and system based on self-adaptive clustering layering
CN115759289A (en) * 2022-11-16 2023-03-07 海南大学 Federal learning method, system and device based on user grouping cooperation

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CAO D等: "Understanding distributed poisoning attack in federated learning", PROC. OF THE 25TH IEEE INT’L CONF. ON PARALLEL AND DISTRIBUTED SYSTEMS (ICPADS), pages 233 *
顾育豪等: "联邦学习模型安全与隐私研究进展", 软件学报 *

Also Published As

Publication number Publication date
CN116049862B (en) 2023-06-27

Similar Documents

Publication Publication Date Title
Lee et al. IMPACT: Impersonation attack detection via edge computing using deep autoencoder and feature abstraction
Wang et al. Deep reinforcement learning for dynamic multichannel access in wireless networks
US20200019842A1 (en) System, method and apparatus for machine learning
Chen et al. Fedgraph: Federated graph learning with intelligent sampling
WO2021244035A1 (en) Methods and apparatuses for defense against adversarial attacks on federated learning systems
Zhang et al. Efficient federated learning for cloud-based AIoT applications
Yu et al. Privacy-preserving federated deep learning for cooperative hierarchical caching in fog computing
Shi et al. Active deep learning attacks under strict rate limitations for online API calls
US11363479B2 (en) Method and device for people counting
Shin et al. Conflict resolution method utilizing context history for context-aware applications
Wang et al. Achieving cooperation through deep multiagent reinforcement learning in sequential prisoner's dilemmas
Jahwar et al. A state of the art survey of machine learning algorithms for IoT security
Malialis et al. Data augmentation on-the-fly and active learning in data stream classification
Al-Maslamani et al. Toward secure federated learning for iot using drl-enabled reputation mechanism
Rezvanian et al. Learning automata theory
CN116049862B (en) Data protection method, device and system based on asynchronous packet federation learning
Saputra et al. Federated learning framework with straggling mitigation and privacy-awareness for AI-based mobile application services
Wang et al. Variance priority based cooperative co-evolution differential evolution for large scale global optimization
Oka et al. Spatial feature-based prioritization for transmission of point cloud data in 3D-image sensor networks
Chen Police patrol optimization with security level functions
CN109819522B (en) User bandwidth resource allocation method for balancing energy consumption and user service quality
Naveed Online learning based contextual model for mobility prediction
Lee et al. Meta dropout: Learning to perturb features for generalization
Srinivas et al. Evolutionary computing assisted K-Means clustering based mapreduce distributed computing environment for IoT-driven smart city
Reichhuber et al. Active Reinforcement Learning--A Roadmap Towards Curious Classifier Systems for Self-Adaptation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant