CN116094993A - Federal learning security aggregation method suitable for edge computing scene - Google Patents
Federal learning security aggregation method suitable for edge computing scene Download PDFInfo
- Publication number
- CN116094993A CN116094993A CN202211657554.XA CN202211657554A CN116094993A CN 116094993 A CN116094993 A CN 116094993A CN 202211657554 A CN202211657554 A CN 202211657554A CN 116094993 A CN116094993 A CN 116094993A
- Authority
- CN
- China
- Prior art keywords
- terminal
- edge
- model
- aggregation
- terminals
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000002776 aggregation Effects 0.000 title claims abstract description 71
- 238000004220 aggregation Methods 0.000 title claims abstract description 70
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000004891 communication Methods 0.000 claims abstract description 49
- 230000008569 process Effects 0.000 claims description 20
- 238000012549 training Methods 0.000 claims description 20
- 238000010586 diagram Methods 0.000 claims description 16
- 239000013598 vector Substances 0.000 claims description 15
- 230000006870 function Effects 0.000 claims description 8
- 238000011478 gradient descent method Methods 0.000 claims description 3
- 238000012986 modification Methods 0.000 claims description 3
- 230000004048 modification Effects 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 abstract description 3
- 238000004458 analytical method Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 5
- 238000010801 machine learning Methods 0.000 description 4
- 238000012935 Averaging Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000002474 experimental method Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007728 cost analysis Methods 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 230000000873 masking effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/48—Routing tree calculation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Evolutionary Computation (AREA)
- Biophysics (AREA)
- Molecular Biology (AREA)
- Biomedical Technology (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明公开了一种适用于边缘计算场景下的联邦学习安全聚合方法,包括:(1)边缘节点将各个终端之间的通信拓扑图结构由全连通图修改为基于最小生成树的终端连通拓扑图;(2)各个终端利用本地数据训练联邦学习的模型,并根据修改的终端连通拓扑图与邻居终端以广播密钥的方式进行通信;(3)各个终端计算掩码并用于加密模型梯度;(4)边缘节点接收终端传输的加密的模型梯度并进行局部聚合;(5)云计算处理中心接收来局部聚合模型梯度,再进行一次聚合形成全局聚合模型,并将全局聚合模型下发到边缘节点,为终端提供服务。本发明在解决联邦学习中隐私泄露问题的同时,避免了需要大量额外的计算和通信开销,并提高了模型的收敛速度。
The invention discloses a federated learning security aggregation method applicable to an edge computing scenario, including: (1) the edge node modifies the communication topology graph structure between terminals from a fully connected graph to a terminal connectivity topology based on a minimum spanning tree Figure; (2) Each terminal uses local data to train the model of federated learning, and communicates with neighbor terminals in a way of broadcasting keys according to the modified terminal connection topology graph; (3) Each terminal calculates a mask and uses it to encrypt the model gradient; (4) The edge node receives the encrypted model gradient transmitted by the terminal and performs local aggregation; (5) The cloud computing processing center receives the local aggregation model gradient, performs another aggregation to form a global aggregation model, and sends the global aggregation model to the edge Nodes provide services for terminals. While solving the privacy leakage problem in federated learning, the invention avoids the need for a large amount of extra calculation and communication overhead, and improves the convergence speed of the model.
Description
技术领域Technical Field
本发明涉及边缘计算技术领域,具体地说,是涉及一种适用于边缘计算场景下的联邦学习安全聚合方法。The present invention relates to the field of edge computing technology, and in particular to a federated learning security aggregation method suitable for edge computing scenarios.
背景技术Background Art
随着移动智能设备的普及以及5G等无线通信技术的发展,涌现出了许多具有低延迟要求的计算密集型应用,如在线沉浸式游戏、增强现实和视频流分析等。由于传统的云计算无法满足这些应用对低延迟的需求,Satyanarayanan等人提出了一种新型的计算模式,称为边缘计算,它将大量的计算任务从云端卸载到处于距离用户更近的边缘节点,如wifi无线接入点、基站,同时可以更有效的保护数据隐私。With the popularity of mobile smart devices and the development of wireless communication technologies such as 5G, many computing-intensive applications with low latency requirements have emerged, such as online immersive games, augmented reality, and video streaming analysis. Since traditional cloud computing cannot meet the low latency requirements of these applications, Satyanarayanan et al. proposed a new computing model called edge computing, which offloads a large number of computing tasks from the cloud to edge nodes closer to users, such as Wi-Fi wireless access points and base stations, while more effectively protecting data privacy.
谷歌提出的联邦学习(FL,Federated Learning)技术是分布式机器学习中解决隐私保护的重要技术方法。一方面,在联合建模过程中如何能够把尽量多的数据利用起来。另一方面,监管机构和社会对隐私保护的要求日趋严格。联邦学习提出以数据不动模型动和数据可用不可见的方式,来解决这种两难的困境。McMahan等人提出了用于联邦学习的联邦平均算法FedAvg(Federated Averaging),但是该算法中每个终端的工作量相同。而实际场景下,不同终端的可用计算资源不相同并且数据是高度异构的。针对此问题,Tian等人提出了一种改进的FedProx算法,该算法允许系统根据不同终端的可用计算资源去执行可变的工作量以避免其由于负载过大而被迫退出。Karimireddy等人针对异构数据问题,提出了改进算法SCAFFOLD。当终端高度数据异构的情况下,该算法相比于FedAvg可以避免全局模型向局部最优发展,加快收敛速度。Federated Learning (FL) technology proposed by Google is an important technical method to solve privacy protection in distributed machine learning. On the one hand, how to make use of as much data as possible in the joint modeling process. On the other hand, regulators and society have increasingly stringent requirements for privacy protection. Federated learning proposes to solve this dilemma by keeping the data fixed and the model moving, and making the data available but invisible. McMahan et al. proposed a federated averaging algorithm FedAvg (Federated Averaging) for federated learning, but the workload of each terminal in this algorithm is the same. In actual scenarios, the available computing resources of different terminals are different and the data is highly heterogeneous. To address this problem, Tian et al. proposed an improved FedProx algorithm, which allows the system to perform variable workloads based on the available computing resources of different terminals to avoid being forced to exit due to excessive load. Karimireddy et al. proposed an improved algorithm SCAFFOLD for heterogeneous data problems. When the terminal data is highly heterogeneous, this algorithm can avoid the global model from developing towards the local optimum and accelerate the convergence speed compared to FedAvg.
然而,联邦学习并没有彻底解决隐私泄露问题。针对该问题,M.Abadi等人提出将差分隐私技术运用在深度学习的随机梯度下降(SGD)算法中,以保护用户数据的隐私。由于联邦学习的发展以及隐私保护需求的提高,Geyer等人提出将差分隐私技术运用在联邦学习中,以保护终端的数据在联邦学习过程中不泄露。另一个方案是在联邦学习中部署多方安全计算(MPC,secure multiparty computation),简称MPL。Song等人提出了在多个数据集上训练具有隐私保护的机器学习模型所存在(简称为TMMPP)的问题并给出解决方案,即利用MPC去解决分布式机器学习中的安全问题。G Xu等人提出可验证框架VerifyNet来保证模型的机密性和完整性,Wang R等人提出在边缘计算下医疗物联网的隐私保护联邦学习框架,Bonawitz等人提出了安全聚合(SA,Secure Aggregation)的概念,将密码学中密钥共享、加解密等原语用于联邦学习框架中,目的是保护终端的隐私不受侵犯。However, federated learning does not completely solve the problem of privacy leakage. To address this problem, M.Abadi et al. proposed to apply differential privacy technology to the stochastic gradient descent (SGD) algorithm of deep learning to protect the privacy of user data. Due to the development of federated learning and the increase in the demand for privacy protection, Geyer et al. proposed to apply differential privacy technology to federated learning to protect the terminal data from being leaked during the federated learning process. Another solution is to deploy secure multiparty computation (MPC), or MPL, in federated learning. Song et al. proposed the problem of training a machine learning model with privacy protection on multiple data sets (abbreviated as TMMPP) and gave a solution, that is, using MPC to solve the security problem in distributed machine learning. G Xu et al. proposed a verifiable framework VerifyNet to ensure the confidentiality and integrity of the model. Wang R et al. proposed a privacy-preserving federated learning framework for medical Internet of Things under edge computing. Bonawitz et al. proposed the concept of secure aggregation (SA), which uses cryptographic primitives such as key sharing, encryption and decryption in the federated learning framework to protect the privacy of the terminal from being violated.
然而,由于密钥共享以及加解密给框架带来的计算和通信开销较大,所以常常导致全局模型的收敛速度变慢。对此,Bell等人提出使用稀疏图来减小终端的连通性以减少安全聚合的计算开销和通信开销;Choi等人也提出了一种基于稀疏图Erdos-Renyi图的CCESA算法,该算法通过降低图的连通度,让终端只与邻居终端共享密钥,以达到降低通信计算开销的目的。However, due to the large computational and communication overheads brought to the framework by key sharing and encryption and decryption, the convergence speed of the global model is often slowed down. In response to this, Bell et al. proposed using sparse graphs to reduce the connectivity of terminals to reduce the computational and communication overheads of security aggregation; Choi et al. also proposed a CCESA algorithm based on the sparse Erdos-Renyi graph, which reduces the connectivity of the graph and allows the terminal to share the key only with neighboring terminals to achieve the purpose of reducing communication computation overhead.
但是这里仍然存在一些不足。第一,无论是SA还是CCESA,它们都需要借助云服务器去广播公钥和密钥份额,这极大的增加了云服务器的通信计算开销;第二,CCESA方案虽然通过将终端共享密钥份额的对象从所有其他终端改为邻居终端,但是由于需要从邻居终端获取密钥份额来重构密钥,所以该方案需要保证每个终端至少有t个邻居终端;第三,在某些云服务器距离终端很远的场景下,它们之间的通信时延很高,在通过云服务器广播公钥和密钥份额这一步就需要付出很多额外时间,减慢了系统整体的模型收敛时间。However, there are still some shortcomings. First, whether it is SA or CCESA, they both need to use cloud servers to broadcast public keys and key shares, which greatly increases the communication computing overhead of cloud servers; second, although the CCESA scheme changes the object of terminal sharing key shares from all other terminals to neighbor terminals, it needs to obtain key shares from neighbor terminals to reconstruct the key, so the scheme needs to ensure that each terminal has at least t neighbor terminals; third, in some scenarios where the cloud server is far away from the terminal, the communication delay between them is very high, and it takes a lot of extra time to broadcast the public key and key share through the cloud server, which slows down the overall model convergence time of the system.
综上,如何在解决联邦学习中隐私泄露问题的同时,避免需要大量额外的计算和通信开销,并提高模型的收敛速度,便成为本领域技术人员亟需解决的问题。In summary, how to solve the privacy leakage problem in federated learning while avoiding the need for a large amount of additional computing and communication overhead and improving the convergence speed of the model has become an urgent problem that technical personnel in this field need to solve.
发明内容Summary of the invention
本发明的目的在于提供一种适用于边缘计算场景下的联邦学习安全聚合方法,可以在解决联邦学习中隐私泄露问题的同时,避免需要大量额外的计算和通信开销,并提高模型的收敛速度。The purpose of the present invention is to provide a federated learning security aggregation method suitable for edge computing scenarios, which can solve the privacy leakage problem in federated learning while avoiding the need for a large amount of additional computing and communication overhead and improving the convergence speed of the model.
为实现上述目的,本发明采用的技术方案如下:To achieve the above purpose, the technical solution adopted by the present invention is as follows:
一种适用于边缘计算场景下的联邦学习安全聚合方法,包括以下步骤:A federated learning security aggregation method suitable for edge computing scenarios includes the following steps:
(1)处于边缘计算中间层的边缘节点,以处于边缘计算边缘层的各个终端之间的通信时延作为终端全连通拓扑图的边的权重,将参与联邦学习的各个终端之间的通信拓扑图结构由全连通图修改为基于最小生成树的终端连通拓扑图;(1) The edge nodes in the middle layer of edge computing use the communication delay between each terminal in the edge layer of edge computing as the edge weight of the terminal fully connected topology graph, and modify the communication topology graph structure between each terminal participating in federated learning from a fully connected graph to a terminal connected topology graph based on a minimum spanning tree;
(2)各个终端利用本地数据训练联邦学习的模型,并根据修改的终端连通拓扑图与邻居终端以广播密钥的方式进行通信,然后由边缘节点收集各个终端的密钥份额;(2) Each terminal uses local data to train the federated learning model and communicates with neighboring terminals by broadcasting keys based on the modified terminal connectivity topology. The edge node then collects the key shares of each terminal.
(3)各个终端利用与邻居终端之间的对称密钥通过伪随机生成器PRG生成随机向量,并将其作为掩码用于加密模型梯度,然后向边缘节点传输加密的模型梯度;(3) Each terminal uses the symmetric key between the neighbor terminal and the pseudo-random generator PRG to generate a random vector, and uses it as a mask to encrypt the model gradient, and then transmits the encrypted model gradient to the edge node;
(4)边缘节点接收终端传输的加密的模型梯度,并利用收集的终端密钥份额消除掩码后进行局部聚合,得到局部聚合模型梯度;(4) The edge node receives the encrypted model gradient transmitted by the terminal, and uses the collected terminal key shares to remove the mask and perform local aggregation to obtain the local aggregated model gradient;
(5)边缘节点将局部聚合模型梯度发送至边缘计算最高层的云计算处理中心;(5) The edge node sends the local aggregate model gradient to the cloud computing processing center at the highest level of edge computing;
(6)云计算中心接收来自边缘节点的局部聚合模型梯度,再进行一次聚合形成全局聚合模型,并将全局聚合模型下发到边缘节点,为终端提供服务。(6) The cloud computing center receives the local aggregation model gradients from the edge nodes, aggregates them again to form a global aggregation model, and sends the global aggregation model to the edge nodes to provide services for the terminals.
所述步骤(1)中,基于最小生成树的终端连通拓扑图的修改过程为:边缘节利用最小生成树算法依次选择权重最小的边,同时保证当前选择的边和已经选择的边不会产生回路,直到所有终端位于一个连通分量为止,最终将参与联邦学习的各个终端之间的通信拓扑图结构由全连通图修改为基于最小生成树的终端连通拓扑图。In the step (1), the modification process of the terminal connectivity topology graph based on the minimum spanning tree is as follows: the edge node uses the minimum spanning tree algorithm to select the edge with the smallest weight in turn, while ensuring that the currently selected edge and the already selected edge will not generate a loop, until all terminals are located in a connected component, and finally the communication topology graph structure between the terminals participating in the federated learning is modified from a fully connected graph to a terminal connectivity topology graph based on the minimum spanning tree.
进一步地,所述步骤(2)中,模型的训练过程采用梯度下降法SGD更新参数,公式如下:Furthermore, in step (2), the training process of the model uses the gradient descent method SGD to update parameters, and the formula is as follows:
式中,wt,k是终端k第t轮更新后的参数,wt-1,k是第(t-1)轮的参数,η为学习率,是目标函数Fk(w)对于参数w的梯度方向。Where w t,k is the updated parameter of terminal k in the tth round, w t-1,k is the parameter of the (t-1)th round, η is the learning rate, is the gradient direction of the objective function F k (w) with respect to the parameter w.
具体地,所述步骤(2)中,终端与邻居终端通信的过程如下:Specifically, in step (2), the process of the terminal communicating with the neighbor terminal is as follows:
(a)使用t-out-of-n算法将私钥si sk和随机数bui各自分为t个份额,即SS.share(t,bui)→{bui,j+,SS.share(t,si sk)→{si,j sk},j∈neighbori(j);其中,SS.share()代表密钥分享协议,neighbori(j)代表终端i的邻居终端集合;(a) Use the t-out-of-n algorithm to divide the private key si sk and the random number bu i into t shares, that is, SS.share(t,bu i )→{bu i,j +,SS.share(t, si sk )→{si ,j sk },j∈neighbor i (j); where SS.share() represents the key sharing protocol, and neighbor i (j) represents the set of neighbor terminals of terminal i;
(b)使用其他终端公钥sj pk对{bui,j}和{si,j sk}进行加密,即ei,j代表对bui,j和si,j sk进行加密产生的密文,代表使用私钥sj sk的加密算法;(b) Use the other terminal public key sjpk to encrypt {bui ,j } and {si ,jsk } , that is, e i,j represents the ciphertext generated by encrypting bu i,j and si ,j sk . Represents the encryption algorithm using the private key s j sk ;
(c)根据修改的终端连通拓扑图,将份额{i,j,ei,j}和公钥si pk发送给邻居终端(Advertise());(c) According to the modified terminal connectivity topology, the shares {i,j,e i,j } and the public key s i pk are sent to the neighboring terminal (Advertise());
(d)终端接收来自邻居终端的份额集合{j,i,ej,i},存储属于自己的份额ej,i,同时转发{j,i,ej,i}和公钥si pk至j外的其他的邻居终端(Transmit())。(d) The terminal receives the share set {j,i,e j,i } from the neighbor terminal, stores its own share e j,i , and forwards {j,i,e j,i } and the public key s i pk to other neighbor terminals other than j (Transmit()).
进一步地,所述步骤(4)中,采用如下公式消除掩码并进行局部聚合:Furthermore, in step (4), the following formula is used to eliminate the mask and perform local aggregation:
式中,Θedge为局部聚合模型梯度,Θi ~为终端i加密的模型梯度,nk为终端本地的数据量,n为所有终端的全部数据量。Where Θ edge is the local aggregated model gradient, Θ i ~ is the encrypted model gradient of terminal i, nk is the amount of local data of the terminal, and n is the total amount of data of all terminals.
再进一步地,所述步骤(4)中,采用如下公式对模型梯度进行局部聚合:Furthermore, in step (4), the model gradient is locally aggregated using the following formula:
式中,wt是第t轮带有掩码的模型梯度。Where wt is the masked model gradient of the tth round.
作为优选,所述终端为物联网设备。Preferably, the terminal is an Internet of Things device.
作为优选,所述边缘节点为基站、wifi接入点。Preferably, the edge node is a base station or a wifi access point.
与现有技术相比,本发明具有以下有益效果:Compared with the prior art, the present invention has the following beneficial effects:
本发明中,边缘节点以各个终端之间的通信时延构造出基于最小生成树的终端连通拓扑图,极大的降低了终端连通图的连通度;同时终端只和邻居终端之间生成对称密钥并计算掩码,降低了系统的计算开销。In the present invention, the edge node constructs a terminal connectivity topology graph based on the minimum spanning tree with the communication delay between each terminal, which greatly reduces the connectivity of the terminal connectivity graph; at the same time, the terminal only generates symmetric keys and calculates masks with neighboring terminals, which reduces the computational overhead of the system.
进一步地,本发明使用最小生成树作为终端连通拓扑图,密钥的分发与共享均通过邻居终端进行转发广播而不是边缘节点,也很好地降低了边缘节点的工作负载和通信开销。Furthermore, the present invention uses a minimum spanning tree as a terminal connectivity topology diagram, and the distribution and sharing of keys are forwarded and broadcasted through neighbor terminals instead of edge nodes, which also greatly reduces the workload and communication overhead of edge nodes.
并且,最小生成树结构可以让密钥广播的时延达到最小,有效提高了模型的收敛速度。大量实验结果表明,本发明设计的安全聚合方法相比于传统的安全聚合方法,当终端数量为10时,可以在不降低联邦学习安全级别和模型精度的基础上至少减少了28.2%的联邦学习运行时间。Moreover, the minimum spanning tree structure can minimize the delay of key broadcasting, effectively improving the convergence speed of the model. A large number of experimental results show that the security aggregation method designed by the present invention can reduce the running time of federated learning by at least 28.2% without reducing the security level and model accuracy of federated learning when the number of terminals is 10, compared with the traditional security aggregation method.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1为实现本发明-实施例的系统构架图。FIG. 1 is a system architecture diagram for implementing an embodiment of the present invention.
图2为本发明-实施例中修改为基于最小生成树的终端连通拓扑图的过程示意图。FIG. 2 is a schematic diagram of a process of modifying a terminal connectivity topology diagram based on a minimum spanning tree in an embodiment of the present invention.
图3为本发明-实施例中终端广播的过程示意图。FIG. 3 is a schematic diagram of a terminal broadcasting process in an embodiment of the present invention.
图4为本发明-实施例与传统安全聚合方案CCESA和SA的系统运行时间对比示意图。FIG. 4 is a schematic diagram showing a comparison of system running time between an embodiment of the present invention and traditional security aggregation schemes CCESA and SA.
图5为本发明-实施例与传统安全聚合方案CCESA和SA的模型准确率对比示意图。FIG5 is a schematic diagram showing a comparison of the model accuracy of an embodiment of the present invention and traditional security aggregation schemes CCESA and SA.
图6为本发明-实施例与传统安全聚合方案CCESA和SA的安全性对比示意图。FIG6 is a schematic diagram showing a security comparison between an embodiment of the present invention and traditional security aggregation schemes CCESA and SA.
图7为本发明-实施例中根据终端之间的通信时延产生基于最小生成树的终端连通拓扑图。FIG. 7 is a terminal connectivity topology diagram based on a minimum spanning tree generated according to communication delays between terminals in an embodiment of the present invention.
具体实施方式DETAILED DESCRIPTION
下面结合附图说明和实施例对本发明作进一步说明,本发明的方式包括但不仅限于以下实施例。The present invention is further described below in conjunction with the accompanying drawings and embodiments. The embodiments of the present invention include but are not limited to the following embodiments.
实施例Example
本实施例提供了一种适用于边缘计算场景下的联邦学习安全聚合方法,可以在解决联邦学习中隐私泄露问题的同时,避免需要大量额外的计算和通信开销,并提高模型的收敛速度。This embodiment provides a federated learning security aggregation method suitable for edge computing scenarios, which can solve the privacy leakage problem in federated learning while avoiding the need for a large amount of additional computing and communication overhead and improving the convergence speed of the model.
下面对本实施例中的边缘计算场景下的三层联邦学习安全聚合整体框架进行系统定义,包括系统的整体框架图以及系统中参与联邦学习的实体的定义。The following is a system definition of the three-layer federated learning security aggregation overall framework in the edge computing scenario of this embodiment, including the overall framework diagram of the system and the definition of the entities participating in federated learning in the system.
联邦学习是一种分布式的机器学习模型范式,在此基础上,本实施例将联邦学习引入到边缘计算,定义“云-边-端”三层模型。从整体来看,终端在本地训练模型,然后将模型的梯度加密传输至边缘节点,边缘节点根据加密梯度进行安全聚合,得到局部聚合模型。随后边缘节点将局部聚合模型传输至云计算中心进行进一步聚合,得到全局聚合模型。“云-边-端”三层架构的联邦学习的示意如图1所示。Federated learning is a distributed machine learning model paradigm. On this basis, this embodiment introduces federated learning into edge computing and defines a "cloud-edge-end" three-layer model. Overall, the terminal trains the model locally, and then encrypts the gradient of the model and transmits it to the edge node. The edge node performs secure aggregation based on the encrypted gradient to obtain a local aggregation model. The edge node then transmits the local aggregation model to the cloud computing center for further aggregation to obtain a global aggregation model. The schematic diagram of the federated learning of the "cloud-edge-end" three-layer architecture is shown in Figure 1.
整个三层边缘计算架构包括三类实体,第一层为云计算处理中心,用于聚合来自边缘节点的模型同时将最终聚合完成的模型下发至边缘节点;第二层为边缘节点,用于聚合来自终端的局部模型。第三层为终端,是产生用户数据的地方。终端利用用户数据进行本地模型训练,最后将训练完的模型梯度上传至边缘节点进行聚合。The entire three-layer edge computing architecture includes three types of entities. The first layer is the cloud computing processing center, which is used to aggregate models from edge nodes and send the final aggregated model to edge nodes. The second layer is the edge node, which is used to aggregate local models from terminals. The third layer is the terminal, which is where user data is generated. The terminal uses user data to train the local model, and finally uploads the trained model gradient to the edge node for aggregation.
1、终端1. Terminal
处于边缘计算三层架构边缘层的物联网设备,如移动手机、个人电脑等。在本实施例中,终端的主要功能是利用本地数据训练模型并与邻居终端以广播密钥的方式进行通信,同时计算掩码并加密模型梯度,然后发送至边缘节点。IoT devices at the edge layer of the edge computing three-layer architecture, such as mobile phones, personal computers, etc. In this embodiment, the main function of the terminal is to train the model using local data and communicate with neighbor terminals in a broadcast key manner, while calculating the mask and encrypting the model gradient, and then sending it to the edge node.
2、边缘节点2. Edge Nodes
处于边缘计算三层架构中间层的边缘服务器,如基站或wifi接入点等。在本实施例中,边缘节点作为联邦学习中的局部聚合中心,接收终端传输的加密梯度并进行局部聚合和消除掩码,最终将局部模型发送至云端进一步聚合。The edge server in the middle layer of the three-layer architecture of edge computing, such as a base station or a wifi access point, etc. In this embodiment, the edge node acts as a local aggregation center in federated learning, receives the encrypted gradient transmitted by the terminal, performs local aggregation and removes the mask, and finally sends the local model to the cloud for further aggregation.
3、云计算处理中心3. Cloud computing processing center
处于边缘计算三层架构最高层,它的主要功能是接收来自边缘节点的局部聚合模型梯度,再进行一次聚合形成全局的模型,最终将全局模型下发到边缘节点,为终端提供服务。Located at the highest layer of the three-layer architecture of edge computing, its main function is to receive local aggregated model gradients from edge nodes, aggregate them again to form a global model, and finally send the global model to edge nodes to provide services for terminals.
在本实施例的联邦学习的模型中,将提出的安全聚合方案引入到边缘计算中的“边-端”边缘层,以达到边缘节点开销最小化和终端的数据隐私保护的目的。假定边-端联邦学习中终端的模型目标函数为Fk(w),则边缘节点的目标函数表现为同时,在保证全局模型收敛、准确率高以及数据隐私保护良好的情况下,需要确保系统有更小的额外通信和计算开销。假设计算开销为a、通信开销为b,模型的问题定义为:In the federated learning model of this embodiment, the proposed security aggregation scheme is introduced into the "edge-to-end" edge layer in edge computing to minimize the edge node overhead and protect the data privacy of the terminal. Assuming that the model objective function of the terminal in edge-to-end federated learning is F k (w), the objective function of the edge node is expressed as At the same time, while ensuring global model convergence, high accuracy, and good data privacy protection, it is necessary to ensure that the system has smaller additional communication and computing overhead. Assuming that the computing overhead is a and the communication overhead is b, the problem definition of the model is:
s.t.min(a+b)(2)s.t.min(a+b)(2)
参数定义Parameter Definition
这里详细介绍本实施例中使用的一些参数的定义,如表1和表2所示。Here, the definitions of some parameters used in this embodiment are described in detail, as shown in Table 1 and Table 2.
表1参数定义Table 1 Parameter definition
表2算法定义Table 2 Algorithm definition
考虑到边缘计算中,不同终端的一些要求较大计算量的任务会被卸载到边缘节点去执行,例如模型的训练和推理过程,边缘节点的开销一般较大。这时,如果再把安全聚合过程中大量的广播终端信息的任务放在边缘节点,可能会导致边缘节点的宕机,从而影响整体三层边缘计算架构的联邦学习模型的训练效果。对此,本实施例将大量的通信计算开销放在本地,不通过边缘节点去广播终端的公钥和密钥份额,而是让终端本身去广播。Considering that in edge computing, some tasks requiring large amounts of computing power at different terminals will be offloaded to edge nodes for execution, such as model training and reasoning processes, the overhead of edge nodes is generally large. At this time, if a large amount of tasks of broadcasting terminal information in the security aggregation process are placed on edge nodes, it may cause downtime of edge nodes, thereby affecting the training effect of the federated learning model of the overall three-layer edge computing architecture. In this regard, this embodiment places a large amount of communication computing overhead locally, and does not broadcast the public key and key share of the terminal through the edge node, but allows the terminal itself to broadcast.
根据图1可知,参与联邦学习的终端i与终端j之间互相通信,并将通信时延ti,j传至边缘节点,边缘节点利用最小生成树算法将终端之间的通信拓扑图结构由全连通图G修改为基于最小生成树的终端连通拓扑图G~。根据此图结构,终端与邻居终端之间互相转发以达到广播密钥的目的。终端利用与邻居终端之间的对称密钥通过伪随机生成器PRG生成随机向量作为梯度的掩码,并将加了掩码的梯度传输到边缘节点进行局部的模型聚合并解码。最后边缘节点将聚合之后的模型梯度传输到云计算中心进行进一步聚合,最终得到全局模型。该全局模型在下一轮迭代中会被下发至边缘节点,并为终端提供服务。As shown in Figure 1, the terminals i and j participating in federated learning communicate with each other and transmit the communication delay ti,j to the edge node. The edge node uses the minimum spanning tree algorithm to modify the communication topology graph structure between the terminals from the fully connected graph G to the terminal connected topology graph G ~ based on the minimum spanning tree. According to this graph structure, the terminal and the neighboring terminals forward each other to achieve the purpose of broadcasting the key. The terminal uses the symmetric key between the neighboring terminals to generate a random vector as a gradient mask through the pseudo-random generator PRG, and transmits the masked gradient to the edge node for local model aggregation and decoding. Finally, the edge node transmits the aggregated model gradient to the cloud computing center for further aggregation, and finally obtains the global model. The global model will be sent to the edge node in the next round of iteration and provide services for the terminal.
下面详细介绍本实施例方案的每一步流程。Each step of the process of this embodiment is described in detail below.
首先,边缘节点利用最小生成树算法依次选择权重最小的边,同时保证当前选择的边和已经选择的边不会产生回路,直到所有终端位于一个连通分量为止,最终将参与联邦学习的各个终端之间的通信拓扑图结构由全连通图修改为基于最小生成树的终端连通拓扑图。First, the edge node uses the minimum spanning tree algorithm to select the edge with the smallest weight in turn, while ensuring that the currently selected edge and the already selected edge will not produce a loop, until all terminals are located in a connected component, and finally the communication topology graph structure between the terminals participating in federated learning is modified from a fully connected graph to a terminal connected topology graph based on the minimum spanning tree.
如图2所示,左边是一个边缘计算场景下的终端之间的连通图,其中有7个终端(图的节点)V={a,b,c,d,e,f,g}。线条表示终端之间可以通信(图的边)E={ea,b,ea,d,ea,f,eb,c,eb,d,ec,e,ed,e,ed,f,ee,f,ee,g,ef,g},数字表示通信时延(边的权重)。右边是经过最小生成树算法选择出来的一个最小生成树的终端连通拓扑图。算法过程为从左边连通图中选择权重最小的边开始,此时最小权重为边ef,g,权重为3,对应终端为f和g,同时将ef,g和终端f、g加入到已选终端集合V~中。随后继续选择剩余边中权重最小的边,假设为ex,y,对应终端为x、y。只要该边的两个终端x、y位于两个不同的连通分量(无向图中的极大连通子图称为连通分量),就可以选择该边组成最小生成树。对于V~,做以下分类:As shown in Figure 2, the left side is a connectivity graph between terminals in an edge computing scenario, in which there are 7 terminals (nodes of the graph) V = {a, b, c, d, e, f, g}. Lines indicate that the terminals can communicate (edges of the graph) E = {e a, b , e a, d , e a, f , e b, c , e b, d , e c, e d, e d , f , e e, f , e e , g , e f, g }, and the numbers indicate the communication delay (edge weight). The right side is a terminal connectivity topology graph of a minimum spanning tree selected by the minimum spanning tree algorithm. The algorithm process starts by selecting the edge with the smallest weight from the connectivity graph on the left. At this time, the minimum weight is the edge e f, g , with a weight of 3, and the corresponding terminals are f and g. At the same time, e f, g and terminals f and g are added to the selected terminal set V ~ . Then continue to select the edge with the smallest weight among the remaining edges, assuming it is e x, y , and the corresponding terminals are x and y. As long as the two terminals x and y of the edge are located in two different connected components (the maximal connected subgraph in an undirected graph is called a connected component), the edge can be selected to form a minimum spanning tree. For V~, the following classification is made:
如果V~只有一个连通分量,则x、y需要满足以下三个条件之一:If V~ has only one connected component, then x and y need to satisfy one of the following three conditions:
如果V~包含多于一个连通分量,假设V~=V1∪V2∪…∪Vm,其中Vi(i∈[1,m])是V~的与其他Vj(j∈[1,m],j≠i)不连通的子连通分量。则终端x、y需要满足以下四个条件之一:If V~ contains more than one connected component, assume that V~ = V 1 ∪V 2 ∪…∪V m , where V i (i∈[1,m]) is a sub-connected component of V~ that is not connected to other V j (j∈[1,m],j≠i). Then the terminals x and y need to satisfy one of the following four conditions:
按照上述规则,依次选择原终端连通图的最小权重的边,直到所有终端位于一个连通分量为止。在边缘计算场景下,当有n个终端时,边缘节点就需要根据终端之间的通信时延选择出合适的n-1条通信路径去生成基于最小生成树的终端连通拓扑图。According to the above rules, the edges with the minimum weight of the original terminal connectivity graph are selected in turn until all terminals are located in one connected component. In the edge computing scenario, when there are n terminals, the edge node needs to select appropriate n-1 communication paths based on the communication delay between the terminals to generate a terminal connectivity topology graph based on the minimum spanning tree.
而后,各个终端利用本地数据训练联邦学习的模型,并根据修改的终端连通拓扑图与邻居终端以广播密钥的方式进行通信,然后由边缘节点收集各个终端的密钥份额。Then, each terminal uses local data to train the federated learning model, and communicates with neighboring terminals by broadcasting keys based on the modified terminal connectivity topology. The edge node then collects the key shares of each terminal.
本实施例使用FedAvg作为边缘侧的联邦学习算法。具体来说,终端节点在本地进行多次迭代训练并形成本地模型,模型的训练过程采用梯度下降法SGD更新参数,公式如下:This embodiment uses FedAvg as the federated learning algorithm on the edge side. Specifically, the terminal node performs multiple iterations of training locally and forms a local model. The training process of the model uses the gradient descent method SGD to update the parameters. The formula is as follows:
式中,wt,k是终端k第t轮更新后的参数,wt-1,k是第(t-1)轮的参数,η为学习率,是目标函数Fk(w)对于参数w的梯度方向。Where w t,k is the updated parameter of terminal k in the tth round, w t-1,k is the parameter of the (t-1)th round, η is the learning rate, is the gradient direction of the objective function F k (w) with respect to the parameter w.
安全聚合过程所使用的终端的密钥是通过发送给邻居终端,邻居终端再进行转发实现的。转发的过程中邻居终端不再将密钥重新发回给原始发送该密钥的终端,避免密钥无限传播。The key of the terminal used in the security aggregation process is sent to the neighboring terminal, which then forwards it. During the forwarding process, the neighboring terminal no longer sends the key back to the terminal that originally sent the key, avoiding unlimited key propagation.
图3展示了终端d进行密钥广播的过程。d首先向邻居终端a、e进行发送密钥,随后a、e接受到来自d的密钥后帮助d进行转发以达到广播的效果,即a再转发给b,e再转发给g,但是不会再次传给d。整个过程不需要边缘节点的介入,从而减小了边缘节点的工作负载。下面是具体的基于邻居终端转发的广播算法:Figure 3 shows the key broadcasting process of terminal d. d first sends the key to neighboring terminals a and e. Then a and e receive the key from d and help d forward it to achieve the broadcasting effect. That is, a forwards it to b, and e forwards it to g, but it will not be forwarded to d again. The whole process does not require the intervention of edge nodes, thus reducing the workload of edge nodes. The following is a specific broadcast algorithm based on neighbor terminal forwarding:
上述算法1是用于终端初始阶段发送广播数据,即终端将公钥和密钥份额发送给所有的邻居终端;算法2用于接收邻居终端(索引为last_id)发出的数据,同时帮助进行转发给自己的不包括索引为last_id的所有其他邻居终端。下面是终端共享广播密钥的步骤:The above algorithm 1 is used for the terminal to send broadcast data in the initial stage, that is, the terminal sends the public key and key share to all neighbor terminals; Algorithm 2 is used to receive data sent by the neighbor terminal (indexed as last_id), and at the same time help forward it to all other neighbor terminals excluding the indexed as last_id. The following are the steps for the terminal to share the broadcast key:
对于终端:For Terminal:
1、使用t-out-of-n算法将私钥si pk和bui分为n份,SS.share(t,bui)→{bui,j},1. Use the t-out-of-n algorithm to divide the private keys s i pk and bu i into n shares, SS.share(t,bu i )→{bu i,j },
SS.share(t,si sk)→{si,j sk},j∈neighbori(j);SS.share(t,s i sk )→{s i,j sk },j∈neighbor i (j);
2、使用其他终端公钥对{bui,j}和{si,j sk}加密, 2. Use other terminal public keys to encrypt {bu i,j } and {s i,j sk }.
3、根据G~,将份额{i,j,ei,j}和公钥si pk发送给邻居终端(Advertise())。3. According to G~, the shares {i,j,e i,j } and the public key s i pk are sent to the neighbor terminal (Advertise()).
4、收到来自邻居终端的份额集合{j,i,ej,i},存储属于自己的份额ej,i,同时转发{j,i,ej,i}和公钥si pk至j外的其他的邻居(Transmit())。4. Receive the share set {j,i,e j,i } from the neighbor terminal, store its own share e j,i , and forward {j,i,e j,i } and public key s i pk to other neighbors other than j (Transmit()).
对于边缘节点:For edge nodes:
1、收集来自终端的公钥{si pk,i∈V}。1. Collect the public keys {s i pk , i∈V} from the terminals.
紧接着,各个终端利用与邻居终端之间的对称密钥通过伪随机生成器PRG生成随机向量,并将其作为掩码用于加密模型梯度,然后向边缘节点传输加密的模型梯度。边缘节点接收终端传输的加密的模型梯度,并利用收集的终端密钥份额消除掩码后进行局部聚合,得到局部聚合模型梯度。Next, each terminal uses the symmetric key between the neighboring terminal and the pseudo-random generator PRG to generate a random vector, and uses it as a mask to encrypt the model gradient, and then transmits the encrypted model gradient to the edge node. The edge node receives the encrypted model gradient transmitted by the terminal, and uses the collected terminal key shares to remove the mask and perform local aggregation to obtain the local aggregated model gradient.
终端训练完成后,就将模型梯度使用掩码进行加密,并将加密后的梯度传输至边缘节点进行局部聚合,公式如下:After the terminal training is completed, the model gradient is encrypted using a mask, and the encrypted gradient is transmitted to the edge node for local aggregation. The formula is as follows:
其中nk为终端本地的数据量,n为所有终端的全部数据量。此时得到的wt是第t轮带有掩码的模型梯度,下一步需要边缘节点从终端那里得到密钥份额并重构密钥,进而去除掩码。具体算法如下:Where n k is the amount of data in the local terminal, and n is the total amount of data in all terminals. At this time, w t is the model gradient with mask in the tth round. The next step is to obtain the key share from the terminal and reconstruct the key, and then remove the mask. The specific algorithm is as follows:
最后,云计算处理中心接收来自边缘节点的局部聚合模型梯度,再进行一次聚合形成全局聚合模型,并将全局聚合模型下发到边缘节点,为终端提供服务。Finally, the cloud computing processing center receives the local aggregation model gradients from the edge nodes, aggregates them again to form a global aggregation model, and sends the global aggregation model to the edge nodes to provide services for the terminals.
归纳起来,可概括如下:In summary, it can be summarized as follows:
对于终端:For Terminal:
1、使用自己的私钥进行解密获取 1. Use your own private key to decrypt and obtain
2、将所有份额{(buj,i,sj,i sk)}发送至边缘节点;2. Send all shares {(bu j,i ,s j,is k )} to the edge nodes;
对于边缘节点:For edge nodes:
1、收集来自终端的所有密钥份额{(buj,i,sj,i sk)};1. Collect all key shares {(bu j,i ,s j,is k )} from the terminal;
2、利用t个份额密钥重构SS.recon({bui,j})→bui,SS.recon({si,j sk})→si sk;2. Use t shared keys to reconstruct SS.recon({bu i,j })→bu i , SS.recon({s i,j sk })→s i sk ;
3、使用联邦学习聚合函数联邦平均算法FedAvg: 3. Use the federated learning aggregation function federated average algorithm FedAvg:
4、边缘节点消除掩码:4. Edge node elimination mask:
对于云计算处理中心:For cloud computing processing centers:
1、收集来自边缘节点的模型梯度;1. Collect model gradients from edge nodes;
2、计算聚合模型梯度:Θcloud=∑Θedge;2. Calculate the aggregate model gradient: Θ cloud = ∑Θ edge ;
3、下发全局模型Θcloud至边缘侧,进行下一轮迭代。3. Send the global model Θ cloud to the edge side for the next round of iteration.
下面将本实施例方案与传统方案进行实验对比和分析。实验主要从运行时间、模型准确率和安全性三个维度进行对本实施例方案以及传统安全聚合方案CCESA和SA进行分析比较。分别使用Resnet18模型和Vgg16模型在CIFAR10、CIFAR100数据集上并选择不同的终端数量,测试三种联邦学习安全聚合方案的运行时间、准确率和安全性。所有的代码都是用python语言和pytorch框架实现,代码全部在GPU上运行。The following experimental comparison and analysis is conducted between the scheme of this embodiment and the traditional scheme. The experiment mainly analyzes and compares the scheme of this embodiment and the traditional security aggregation schemes CCESA and SA from three dimensions: running time, model accuracy, and security. The Resnet18 model and the Vgg16 model are used on the CIFAR10 and CIFAR100 datasets respectively, and different numbers of terminals are selected to test the running time, accuracy, and security of the three federated learning security aggregation schemes. All codes are implemented in Python language and PyTorch framework, and all codes run on GPU.
1、实验配置1. Experimental configuration
分别使用Resnet18模型和Vgg16模型在CIFAR10、CIFAR100数据集上去测试上述三种联邦学习的安全聚合方案。我们进行多次实验并设置不同的终端数量,分别为n=5,n=7,n=10;重构密钥的阈值t=n/2+1;设置边缘侧联邦学习中终端的局部训练迭代次数为local_epochs=3;全局迭代次数为global_epochs=60;一次训练的样本数量为batch_size=32;学习率设置为η=0.001。The three federated learning security aggregation schemes are tested on the CIFAR10 and CIFAR100 datasets using the Resnet18 model and the Vgg16 model. We conducted multiple experiments and set different numbers of terminals, n=5, n=7, and n=10; the threshold for reconstructing the key is t=n/2+1; the number of local training iterations of the terminal in the edge-side federated learning is set to local_epochs=3; the number of global iterations is set to global_epochs=60; the number of samples for one training is batch_size=32; and the learning rate is set to η=0.001.
2、实验结果分析2. Experimental results analysis
(1)运行时间分析(1) Run time analysis
表3展示了终端数量分别是n=5,n=7,n=10时,各个安全聚合方案使用Resnet18模型、Vgg16模型在Cifar10数据集、Cifar100数据集上的全局每轮训练时间的平均值的比较,训练时间包括了广播共享密钥时间、加密解密时间以及各个终端局部训练时间。Table 3 shows the comparison of the average global training time per round of various security aggregation schemes using the Resnet18 model and the Vgg16 model on the Cifar10 dataset and the Cifar100 dataset when the number of terminals is n=5, n=7, and n=10 respectively. The training time includes the time for broadcasting shared keys, encryption and decryption time, and the local training time of each terminal.
表3运行时间对比Table 3. Comparison of running time
表3给出了各个安全聚合方案在终端数量不同、不同模型和数据集的情况下,全局训练一轮的时间。从终端数量角度来看,对于同一种安全聚合方案,终端数量上升时,对应的全局每轮训练时间按也会增加。原因是终端总体的掩码计算量变大,并且广播密钥、密钥共享的时间随着终端数量增加也会更久。从终端拓扑图结构来看,无论终端数量是5、7还是10,本实施例所需要的全局每轮训练时间都小于CCESA和SA,并且随着终端数量的上升,与CCESA、SA之间的运行时间差距也会越来越大。这一点在Cifar100数据集上表现得尤为突出。从表中可以看出,在终端数量为5、数据集为Cifar100情况下,EFLSAS分别比CCESA、SA的每轮平均运行时间降低16.24、17.42秒。在终端数量为7、数据集为Cifar100情况下,本实施例分别比CCESA、SA多出35.29、39.63秒。在终端数量为10、数据集为Cifar100情况下,本实施例分别比CCESA、SA多出47.73、77.07秒。Table 3 shows the time for a global training round for each security aggregation scheme under different terminal numbers, different models and data sets. From the perspective of the number of terminals, for the same security aggregation scheme, when the number of terminals increases, the corresponding global training time per round will also increase. The reason is that the overall mask calculation amount of the terminal becomes larger, and the time for broadcasting keys and key sharing will also be longer as the number of terminals increases. From the perspective of the terminal topology structure, whether the number of terminals is 5, 7 or 10, the global training time per round required by this embodiment is less than that of CCESA and SA, and as the number of terminals increases, the running time gap between CCESA and SA will also become larger and larger. This is particularly prominent on the Cifar100 data set. It can be seen from the table that when the number of terminals is 5 and the data set is Cifar100, EFLSAS is 16.24 and 17.42 seconds lower than the average running time per round of CCESA and SA, respectively. When the number of terminals is 7 and the data set is Cifar100, this embodiment is 35.29 and 39.63 seconds longer than CCESA and SA, respectively. When the number of terminals is 10 and the data set is Cifar100, this embodiment takes 47.73 and 77.07 seconds longer than CCESA and SA respectively.
图4为边缘侧终端数量是7和10时,各个安全聚合方案使用Vgg16模型在CIFAR100数据集上全局训练一轮的运行时间。Figure 4 shows the running time of each security aggregation scheme for one round of global training on the CIFAR100 dataset using the Vgg16 model when the number of edge terminals is 7 and 10.
根据图4可以看到,本实施例的系统运行时间最短,其次是CCESA方案,最后是SA方案。具体来说,图4(a)为各个方案终端数量均为7时,使用Vgg16模型在Cifar100数据集上运行的结果,图4(b)为各个方案终端数量均为10时的结果。图4(a)中,本实施例整体上明显低于其他两种方案,运行时间始终维持在170秒上下。图4(b)中,本实施例的运行时间维持在196秒。运行时间从170秒升至196秒的原因是终端数量增大,计算开销和通信开销都增加了。CCESA方案和SA方案的从整体来看运行时间相差不大。经计算,当终端数量为7和10时,本实施例比SA方案在Cifar100数据集上运行时间分别降低了18.9%、28.2%。本实施例可以降低运行时间的主要原因是,基于最小生成树的终端连通拓扑图的连通性较低,终端的邻居终端数是常数级别O(1),需要用PRG计算掩码的开销是O(m),m为向量数据大小。相比来看,SA的邻居数量为O(n)级别,计算掩码的开销是O(mn)级别。同时,由于通信开销从边缘节点卸载至终端,边缘节点的通信计开销也显著降低,由SA方案的O(n2+mn)降低为O(n+mn)。且终端广播密钥是根据最小生成树结构进行广播的,通信时延大大缩短。根据表3可以看出,当终端数量越大时,各个方案系统运行时间相差越大。According to Figure 4, it can be seen that the system running time of this embodiment is the shortest, followed by the CCESA solution, and finally the SA solution. Specifically, Figure 4(a) shows the results of running the Vgg16 model on the Cifar100 dataset when the number of terminals of each solution is 7, and Figure 4(b) shows the results when the number of terminals of each solution is 10. In Figure 4(a), this embodiment is significantly lower than the other two solutions as a whole, and the running time is always maintained at around 170 seconds. In Figure 4(b), the running time of this embodiment is maintained at 196 seconds. The reason for the increase in running time from 170 seconds to 196 seconds is that the number of terminals has increased, and both the computing overhead and the communication overhead have increased. Overall, the running time of the CCESA solution and the SA solution is not much different. After calculation, when the number of terminals is 7 and 10, the running time of this embodiment on the Cifar100 dataset is reduced by 18.9% and 28.2% respectively compared with the SA solution. The main reason why this embodiment can reduce the running time is that the connectivity of the terminal connection topology diagram based on the minimum spanning tree is low, the number of neighbor terminals of the terminal is a constant level O(1), and the overhead of using PRG to calculate the mask is O(m), where m is the vector data size. In comparison, the number of neighbors of SA is at the O(n) level, and the overhead of calculating the mask is at the O(mn) level. At the same time, since the communication overhead is unloaded from the edge node to the terminal, the communication overhead of the edge node is also significantly reduced, from O( n2 +mn) of the SA solution to O(n+mn). And the terminal broadcast key is broadcast according to the minimum spanning tree structure, and the communication delay is greatly shortened. It can be seen from Table 3 that when the number of terminals is larger, the difference in the running time of each solution system is greater.
(2)准确率分析(2) Accuracy analysis
图5为终端数量为7时,ResNet18模型在CIFAR10数据集上全局每一轮后的模型准确率、Vgg16模型在CIFAR100数据集上全局每一轮后的模型准确率。Figure 5 shows the model accuracy of the ResNet18 model after each global round on the CIFAR10 dataset and the model accuracy of the Vgg16 model after each global round on the CIFAR100 dataset when the number of terminals is 7.
根据图5可以看出,本实施例、CCESA和SA三种不同的安全聚合方案的模型准确率相差不大,即本文提出的EFLSAS方案可以在降低联邦学习的运行时间的同时保证模型的准确率。具体来说,各个安全聚合方案在Cifar10数据集上基本都是在前20轮左右模型准确率开始收敛至85%,在Cifar100数据集上基本都是在前10轮左右模型准确率开始收敛至65%。According to Figure 5, it can be seen that the model accuracy of the three different security aggregation schemes, this embodiment, CCESA and SA, is not much different, that is, the EFLSAS scheme proposed in this paper can reduce the running time of federated learning while ensuring the accuracy of the model. Specifically, the model accuracy of each security aggregation scheme basically begins to converge to 85% in the first 20 rounds on the Cifar10 dataset, and the model accuracy of each security aggregation scheme basically begins to converge to 65% in the first 10 rounds on the Cifar100 dataset.
(3)安全性分析(3) Safety analysis
对于安全性,采用L.Zhu等人在2019年提出的梯度泄露攻击DLG对不同得安全聚合方案以及没有任何安全措施的联邦学习FedAvg进行攻击。为了执行攻击,首先随机生成一对伪输入和标签,然后执行通常的前向和反向传播。在从伪数据推导出伪梯度后,不像典型训练中那样优化模型权重,而是优化伪输入和标签,以最小化伪梯度和真实梯度之间的距离,通过匹配梯度使虚拟数据接近原始的数据。图6展示了不同安全聚合方案以及FedAvg在面对梯度泄露攻击时的表现。测试使用的数据集Cifar10。For security, the gradient leakage attack DLG proposed by L. Zhu et al. in 2019 is used to attack different secure aggregation schemes and federated learning FedAvg without any security measures. To perform the attack, a pair of pseudo inputs and labels are first randomly generated, and then the usual forward and backward propagation is performed. After the pseudo gradient is derived from the pseudo data, instead of optimizing the model weights as in typical training, the pseudo inputs and labels are optimized to minimize the distance between the pseudo gradient and the true gradient, and the virtual data is made close to the original data by matching the gradient. Figure 6 shows the performance of different secure aggregation schemes and FedAvg in the face of gradient leakage attacks. The test uses the Cifar10 dataset.
根据图6可以看出,联邦平均算法在将梯度泄露给攻击者后,攻击者通过梯度泄露攻击DLG经过大约30轮的迭代,就可以基本还原出原始训练数据。相比之下,本实施例在DLG前270轮的迭代攻击中,和CCESA以及SA表现出相同的安全性。所以可以证明,本实施例在保证模型准确率和安全性的前提下,很大程度上降低了终端和边缘节点的计算和通信开销,降低了模型整体的收敛时间。As can be seen from Figure 6, after the federated average algorithm leaks the gradient to the attacker, the attacker can basically restore the original training data after about 30 rounds of iterations through the gradient leakage attack DLG. In contrast, this embodiment shows the same security as CCESA and SA in the first 270 rounds of iterative attacks on DLG. Therefore, it can be proved that this embodiment greatly reduces the computing and communication overhead of the terminal and edge nodes, and reduces the overall convergence time of the model while ensuring the accuracy and security of the model.
3、性能分析3. Performance Analysis
将本实施例与CCESA方案和SA方案做性能分析对比,证明本实施例可以实现可靠的安全聚合,并且在计算效率和通信效率上优于SA和CCESA算法。The performance analysis of this embodiment is compared with the CCESA scheme and the SA scheme, which proves that this embodiment can achieve reliable security aggregation and is superior to the SA and CCESA algorithms in terms of computing efficiency and communication efficiency.
(1)系统开销分析(1) System Overhead Analysis
图7给出了最小连通子图的生成方式,即根据终端之间的通信时延产生基于最小生成树的终端连通拓扑图结构。FIG. 7 shows a method for generating a minimum connected subgraph, that is, generating a terminal connected topology graph structure based on a minimum spanning tree according to the communication delay between terminals.
根据图7,原SA方案,终端a的掩码公式为:According to Figure 7, in the original SA scheme, the mask formula of terminal a is:
Θi ~=Θi+PRG(bua)+PRG(sa,b)+PRG(sa,c)+PRG(sa,d)+PRG(sa,e) (3)Θ i ~ = Θ i +PRG(bu a )+PRG(s a,b )+PRG(s a,c )+PRG(s a,d )+PRG(s a,e ) (3)
本实施例中,终端a的掩码公式为:In this embodiment, the mask formula of terminal a is:
Θi ~= Θi+PRG(bua)+PRG(sa,d)+PRG(sd,e) (4)Θ i ~ = Θ i +PRG(bu a )+PRG(s a,d )+PRG(s d,e ) (4)
根据式(4),相比于不采取隐私保护措施的联邦学习,本实施例在比SA方案使用更少资源的情况下也实现了隐私保护。表4是经过数学证明推断出的各算法计算开销和通信开销(n为终端数量,m为传输的向量数据)。According to formula (4), compared with federated learning without taking privacy protection measures, this embodiment also achieves privacy protection while using fewer resources than the SA solution. Table 4 shows the computational overhead and communication overhead of each algorithm inferred through mathematical proof (n is the number of terminals, m is the transmitted vector data).
表4各类安全聚合算法的计算开销和通信开销对比Table 4 Comparison of computational overhead and communication overhead of various security aggregation algorithms
(2)终端开销分析(2) Terminal Cost Analysis
计算开销:O(n2+m)。终端计算开销分为以下几个:1.由于最小生成树拓扑结构中有n-1条边,所有节点总共需要执行2(n-1)次密钥协商协议平均每个节点执行2(n-1)/n次密钥协商协议,当n较大时,这个过程是常数级别的,即需要耗费O(1)。2.使用t-out-of-n算法共享密钥和bu,需要耗费O(n2)。3.以密钥和bu作为为随机生器PRG的参数生成k个长度为m的掩码向量,k是常数(邻居终端数),需要耗费O(m)。总共需要O(n2+m)。Computational overhead: O(n 2 +m). The terminal computational overhead is divided into the following: 1. Since there are n-1 edges in the minimum spanning tree topology, all nodes need to execute a total of 2(n-1) key negotiation protocols. On average, each node executes 2(n-1)/n key negotiation protocols. When n is large, this process is at a constant level, that is, it takes O(1). 2. Using the t-out-of-n algorithm to share the key and bu, it takes O(n 2 ). 3. Using the key and bu as parameters of the random generator PRG to generate k mask vectors of length m, k is a constant (the number of neighbor terminals), which takes O(m). A total of O(n 2 +m) is required.
通信开销:O(m+n)。终端通信开销分为以下几个:Communication overhead: O(m+n). Terminal communication overhead is divided into the following:
1)终端需要传输1个与其他终端之间的通信时延的向量,并接收终端拓扑图结构。1) The terminal needs to transmit a vector of the communication delay between it and other terminals and receive the terminal topology structure.
2)最坏情况下发送n个公钥,接收n个公钥。2) In the worst case, n public keys are sent and n public keys are received.
3)最坏情况下发送2(n-1)个密钥和bu的份额,接收2(n-1)个密钥和bu的份额。3) In the worst case, 2(n-1) keys and shares of bu are sent, and 2(n-1) keys and shares of bu are received.
4)发送边缘节点2n个密钥和bu的份额。4) Send the edge node 2n keys and bu’s share.
5)发送长度为m的加密梯度至边缘节点。总共的通信开销为a1+a2+2na3+2(2n-n)a4+m,其中a1为记录终端之间通信时延向量的比特位数,a2为拓扑图的比特位数,a3为公钥的比特位数,a4为密钥份额的比特位数,m为梯度向量的比特位数。总共的通信开销为O(m+n)。5) Send the encrypted gradient of length m to the edge node. The total communication overhead is a 1 +a 2 +2na 3 +2(2n-n)a 4 +m, where a 1 is the number of bits used to record the communication delay vector between terminals, a 2 is the number of bits in the topology graph, a 3 is the number of bits in the public key, a 4 is the number of bits in the key share, and m is the number of bits in the gradient vector. The total communication overhead is O(m+n).
(3)边缘节点开销分析(3) Edge Node Overhead Analysis
计算开销:O(n2+m)。边缘节点计算开销分为以下几个:Computational cost: O(n 2 +m). The computational cost of edge nodes is divided into the following:
1)边缘节点需要为每一个端设备重构密钥和bu,这需要耗费O(n2)。1) The edge node needs to reconstruct the key and bu for each end device, which costs O(n 2 ).
2)生成最小生成树拓扑图结构,需要O(n2)。2) Generate the minimum spanning tree topology structure, which requires O(n 2 ).
3)以密钥和bu作为为随机生器PRG的参数生成长度为m的掩码向量,同时消除掩码,需要耗费O(mn)。总共需要O(n2+mn)。3) Using the key and bu as the parameters of the random generator PRG to generate a mask vector of length m, and removing the mask at the same time, it takes O(mn). A total of O(n 2 +mn) is required.
通信开销:O(mn+n)。边缘节点通信开销分为以下几个:Communication overhead: O(mn+n). The communication overhead of edge nodes is divided into the following:
1)边缘节点需要接收n个时延向量,需要耗费O(n)。1) The edge node needs to receive n delay vectors, which costs O(n).
2)传输n个拓扑图结构,这需要耗费O(n)。2) Transmit n topological graph structures, which takes O(n).
3)接收2n个密钥和bu的份额,需要耗费O(n)。3) Receiving 2n keys and bu's share costs O(n).
4)接收n个长度为m的掩码梯度向量,需要耗费O(mn)。总共的通信开销为na1+na2+2na3+mn,其中a1为记录终端之间通信时延向量的比特位数,a2为拓扑图的比特位数,a3为密钥份额的比特位数,m为梯度向量的比特位数。需要总共需要O(mn+n)。4) Receiving n mask gradient vectors of length m requires O(mn). The total communication overhead is na 1 +na 2 +2na 3 +mn, where a 1 is the number of bits used to record the communication delay vector between terminals, a 2 is the number of bits in the topology graph, a 3 is the number of bits in the key share, and m is the number of bits in the gradient vector. A total of O(mn+n) is required.
本发明通过合理的安全聚合方案设计,不仅最大化降低了系统通信时间和终端的计算开销,而且可以在确保模型精确度、用户数据安全性的前提下降低系统整体训练时间。因此,与现有技术相比,本发明技术进步十分明显,具有突出的实质性特点和显著的进步。The present invention not only reduces the system communication time and the terminal computing overhead to the maximum extent through the design of a reasonable security aggregation scheme, but also reduces the overall system training time while ensuring the accuracy of the model and the security of user data. Therefore, compared with the prior art, the present invention has significant technical progress, outstanding substantive features and significant progress.
上述实施例仅为本发明的优选实施方式之一,不应当用于限制本发明的保护范围,但凡在本发明的主体设计思想和精神上作出的毫无实质意义的改动或润色,其所解决的技术问题仍然与本发明一致的,均应当包含在本发明的保护范围之内。The above embodiment is only one of the preferred implementation modes of the present invention and should not be used to limit the protection scope of the present invention. Any changes or modifications that are made to the main design concept and spirit of the present invention and have no substantive significance, and the technical problems they solve are still consistent with the present invention, should be included in the protection scope of the present invention.
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211657554.XA CN116094993B (en) | 2022-12-22 | 2022-12-22 | A secure aggregation method for federated learning in edge computing scenarios |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211657554.XA CN116094993B (en) | 2022-12-22 | 2022-12-22 | A secure aggregation method for federated learning in edge computing scenarios |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116094993A true CN116094993A (en) | 2023-05-09 |
CN116094993B CN116094993B (en) | 2024-05-31 |
Family
ID=86198382
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211657554.XA Active CN116094993B (en) | 2022-12-22 | 2022-12-22 | A secure aggregation method for federated learning in edge computing scenarios |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116094993B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116596065A (en) * | 2023-07-12 | 2023-08-15 | 支付宝(杭州)信息技术有限公司 | Gradient calculation method and device, storage medium, product and electronic equipment |
CN116720594A (en) * | 2023-08-09 | 2023-09-08 | 中国科学技术大学 | A decentralized hierarchical federated learning method |
CN117010485A (en) * | 2023-10-08 | 2023-11-07 | 之江实验室 | Distributed model training system and gradient protocol method in edge scene |
CN117077186A (en) * | 2023-10-18 | 2023-11-17 | 南方电网科学研究院有限责任公司 | Power load prediction method for realizing privacy protection by federal learning |
CN117196014A (en) * | 2023-09-18 | 2023-12-08 | 深圳大学 | Model training methods, devices, computer equipment and media based on federated learning |
CN119834960B (en) * | 2025-01-15 | 2025-07-08 | 福州瑞邦信息技术有限公司 | Dynamic key generation and code conversion system and method for heterogeneous Internet of things communication |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190138934A1 (en) * | 2018-09-07 | 2019-05-09 | Saurav Prakash | Technologies for distributing gradient descent computation in a heterogeneous multi-access edge computing (mec) networks |
CN112100659A (en) * | 2020-09-14 | 2020-12-18 | 电子科技大学 | A blockchain federated learning system and Byzantine attack detection method |
CN112565331A (en) * | 2020-11-02 | 2021-03-26 | 中山大学 | Edge calculation-based end-edge collaborative federated learning optimization method |
CN113791895A (en) * | 2021-08-20 | 2021-12-14 | 北京工业大学 | Edge computing and resource optimization method based on federated learning |
US20210406782A1 (en) * | 2020-06-30 | 2021-12-30 | TieSet, Inc. | System and method for decentralized federated learning |
CN114116198A (en) * | 2021-10-21 | 2022-03-01 | 西安电子科技大学 | Asynchronous federated learning method, system, device and terminal for moving vehicles |
CN114154646A (en) * | 2021-12-07 | 2022-03-08 | 南京华苏科技有限公司 | Efficiency optimization method for federal learning in mobile edge network |
CN114298331A (en) * | 2021-12-29 | 2022-04-08 | 中国电信股份有限公司 | Data processing method and device, equipment, storage medium |
CN114492739A (en) * | 2022-01-04 | 2022-05-13 | 北京邮电大学 | Federal learning method based on Internet of vehicles, roadside unit, vehicle node and base station |
CN115017541A (en) * | 2022-06-06 | 2022-09-06 | 电子科技大学 | A ubiquitous intelligent federated learning privacy protection system and method for cloud-edge-device collaboration |
CN115277015A (en) * | 2022-07-16 | 2022-11-01 | 西安邮电大学 | Asynchronous federated learning privacy protection method, system, medium, device and terminal |
EP4102351A1 (en) * | 2021-06-11 | 2022-12-14 | Mellanox Technologies, Ltd. | Secure network access device |
CN115484042A (en) * | 2021-06-14 | 2022-12-16 | 迈络思科技有限公司 | Machine learning assisted network device |
-
2022
- 2022-12-22 CN CN202211657554.XA patent/CN116094993B/en active Active
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190138934A1 (en) * | 2018-09-07 | 2019-05-09 | Saurav Prakash | Technologies for distributing gradient descent computation in a heterogeneous multi-access edge computing (mec) networks |
US20210406782A1 (en) * | 2020-06-30 | 2021-12-30 | TieSet, Inc. | System and method for decentralized federated learning |
CN112100659A (en) * | 2020-09-14 | 2020-12-18 | 电子科技大学 | A blockchain federated learning system and Byzantine attack detection method |
CN112565331A (en) * | 2020-11-02 | 2021-03-26 | 中山大学 | Edge calculation-based end-edge collaborative federated learning optimization method |
EP4102351A1 (en) * | 2021-06-11 | 2022-12-14 | Mellanox Technologies, Ltd. | Secure network access device |
CN115484042A (en) * | 2021-06-14 | 2022-12-16 | 迈络思科技有限公司 | Machine learning assisted network device |
CN113791895A (en) * | 2021-08-20 | 2021-12-14 | 北京工业大学 | Edge computing and resource optimization method based on federated learning |
CN114116198A (en) * | 2021-10-21 | 2022-03-01 | 西安电子科技大学 | Asynchronous federated learning method, system, device and terminal for moving vehicles |
CN114154646A (en) * | 2021-12-07 | 2022-03-08 | 南京华苏科技有限公司 | Efficiency optimization method for federal learning in mobile edge network |
CN114298331A (en) * | 2021-12-29 | 2022-04-08 | 中国电信股份有限公司 | Data processing method and device, equipment, storage medium |
CN114492739A (en) * | 2022-01-04 | 2022-05-13 | 北京邮电大学 | Federal learning method based on Internet of vehicles, roadside unit, vehicle node and base station |
CN115017541A (en) * | 2022-06-06 | 2022-09-06 | 电子科技大学 | A ubiquitous intelligent federated learning privacy protection system and method for cloud-edge-device collaboration |
CN115277015A (en) * | 2022-07-16 | 2022-11-01 | 西安邮电大学 | Asynchronous federated learning privacy protection method, system, medium, device and terminal |
Non-Patent Citations (4)
Title |
---|
DIANLEI XU: ""Edge Intelligence: Empowering Intelligence to the Edge of Network"", 《PROCEEDINGS OF THE IEEE》, 1 November 2021 (2021-11-01) * |
刘庆祥;许小龙;张旭云;窦万春: "基于联邦学习的边缘智能协同计算与隐私保护方法", 计算机集成制造系统, no. 009, 31 December 2021 (2021-12-31) * |
王亚珅;: "面向数据共享交换的联邦学习技术发展综述", 无人系统技术, no. 06, 15 November 2019 (2019-11-15) * |
程帆: ""边缘场景下动态权重的联邦学习优化方法"", 《计算机科学》, 15 December 2022 (2022-12-15) * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116596065A (en) * | 2023-07-12 | 2023-08-15 | 支付宝(杭州)信息技术有限公司 | Gradient calculation method and device, storage medium, product and electronic equipment |
CN116596065B (en) * | 2023-07-12 | 2023-11-28 | 支付宝(杭州)信息技术有限公司 | Gradient calculation method and device, storage medium, product and electronic equipment |
CN116720594A (en) * | 2023-08-09 | 2023-09-08 | 中国科学技术大学 | A decentralized hierarchical federated learning method |
CN116720594B (en) * | 2023-08-09 | 2023-11-28 | 中国科学技术大学 | Decentralized hierarchical federal learning method |
CN117196014A (en) * | 2023-09-18 | 2023-12-08 | 深圳大学 | Model training methods, devices, computer equipment and media based on federated learning |
CN117196014B (en) * | 2023-09-18 | 2024-05-10 | 深圳大学 | Model training method, device, computer equipment and medium based on federated learning |
CN117010485A (en) * | 2023-10-08 | 2023-11-07 | 之江实验室 | Distributed model training system and gradient protocol method in edge scene |
CN117010485B (en) * | 2023-10-08 | 2024-01-26 | 之江实验室 | Distributed model training system and gradient reduction method in edge scenarios |
CN117077186A (en) * | 2023-10-18 | 2023-11-17 | 南方电网科学研究院有限责任公司 | Power load prediction method for realizing privacy protection by federal learning |
CN117077186B (en) * | 2023-10-18 | 2024-02-02 | 南方电网科学研究院有限责任公司 | Power load prediction method for realizing privacy protection by federal learning |
CN119834960B (en) * | 2025-01-15 | 2025-07-08 | 福州瑞邦信息技术有限公司 | Dynamic key generation and code conversion system and method for heterogeneous Internet of things communication |
Also Published As
Publication number | Publication date |
---|---|
CN116094993B (en) | 2024-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN116094993B (en) | A secure aggregation method for federated learning in edge computing scenarios | |
Ni et al. | Providing task allocation and secure deduplication for mobile crowdsensing via fog computing | |
US20210143987A1 (en) | Privacy-preserving federated learning | |
Wu et al. | Provably secure authentication key exchange scheme using fog nodes in vehicular ad hoc networks | |
Li et al. | Scalable privacy-preserving participant selection for mobile crowdsensing systems: Participant grouping and secure group bidding | |
CN112104619A (en) | Data access control system and method based on outsourcing ciphertext attribute encryption | |
US20230342669A1 (en) | Machine learning model update method and apparatus | |
CN112953700B (en) | A method, system and storage medium for improving the efficiency of secure multi-party computing | |
Xuemin et al. | Self-organizing key security management algorithm in socially aware networking | |
Wang et al. | Cloud-based federated boosting for mobile crowdsensing | |
CN116187482A (en) | Lightweight trusted federation learning method under edge scene | |
CN118862143A (en) | A method and system for protecting the privacy of federated learning in the whole process based on pairwise masking and elastic differential privacy | |
CN118400089A (en) | Block chain-based intelligent internet of things privacy protection federation learning method | |
CN117892322A (en) | Construction method and equipment of cross-island heterogeneous federation learning system based on homomorphic encryption | |
WO2024239591A1 (en) | Multi-party key agreement method and system based on guomi algorithms | |
Liang et al. | Secure and efficient hierarchical decentralized learning for Internet of Vehicles | |
Fan et al. | ID-based multireceiver homomorphic proxy re-encryption in federated learning | |
Zhang et al. | A security optimization scheme for data security transmission in UAV-assisted edge networks based on federal learning | |
CN116760634B (en) | A data privacy protection method, system, device and storage medium | |
CN118118152A (en) | A federated learning method and system based on multi-key homomorphic encryption | |
CN117349685A (en) | Clustering method, system, terminal and medium for communication data | |
WO2023213190A1 (en) | Model security aggregation method and device | |
Liu et al. | PPEFL: An Edge Federated Learning Architecture with Privacy‐Preserving Mechanism | |
CN115277175A (en) | A method for protecting industrial Internet data privacy | |
Meng et al. | A novel multi-party authentication scheme for FCN-based MIoT systems in natural language processing environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |