CN117473559A - Two-party privacy protection method and system based on federal learning and edge calculation - Google Patents
Two-party privacy protection method and system based on federal learning and edge calculation Download PDFInfo
- Publication number
- CN117473559A CN117473559A CN202311810061.XA CN202311810061A CN117473559A CN 117473559 A CN117473559 A CN 117473559A CN 202311810061 A CN202311810061 A CN 202311810061A CN 117473559 A CN117473559 A CN 117473559A
- Authority
- CN
- China
- Prior art keywords
- task
- worker
- publisher
- perception data
- crowdsourcing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000004364 calculation method Methods 0.000 title claims abstract description 12
- 230000008447 perception Effects 0.000 claims abstract description 62
- 238000011156 evaluation Methods 0.000 claims abstract description 6
- 230000002776 aggregation Effects 0.000 claims description 23
- 238000004220 aggregation Methods 0.000 claims description 23
- 230000007246 mechanism Effects 0.000 claims description 18
- 238000012549 training Methods 0.000 claims description 14
- 238000011157 data evaluation Methods 0.000 claims description 7
- 230000004931 aggregating effect Effects 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 5
- 230000001953 sensory effect Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 9
- 238000013473 artificial intelligence Methods 0.000 abstract description 2
- 230000008569 process Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000008030 elimination Effects 0.000 description 3
- 238000003379 elimination reaction Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000002474 experimental method Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000006116 polymerization reaction Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a two-party privacy protection method and system based on federal learning and edge calculation, and relates to the technical field of intersection of crowd sensing technology and artificial intelligence technology. In the task distribution stage, a task publisher submits task constraints to a crowdsourcing platform, and Bao Ping stations search workers according to the task constraints and send selected worker information to the task publisher; in the task execution stage, a task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform, a worker acquires task matching information from the crowdsourcing platform, and the task is started to be executed after decryption; the worker trains a local model by using the task-related perception data and perturbs the local model; after the sensing data are aggregated, submitting the sensing data to a platform by taking the group as a unit; and the task publisher evaluates the perception data and aggregates the perception data qualified in evaluation to obtain a global model. The invention can protect the privacy information of both the task publisher and the worker, and simultaneously ensure the quality of the submitted perceived data.
Description
Technical Field
The invention relates to the crossing technical field of crowd sensing technology and artificial intelligence technology, in particular to a two-party privacy protection method and system based on federal learning and edge calculation.
Background
In recent years, with rapid development of mobile internet, 5G technology and intelligent mobile devices, mobile crowdsourcing is a popular way of collecting perceived data. The mobile crowdsourcing provides a new solution mode for the collection and processing of traditional data, namely, the problem is solved by utilizing group wisdom, and the data collection, analysis and processing efficiency is greatly improved. Mobile crowdsourcing has been widely used in real world scenarios such as traffic flow monitoring, noise detection, mapping applications and take-away services to date.
In mobile crowdsourcing, task information published by task publishers and sensory data submitted by workers are typically accompanied by spatiotemporal information that perceives the task context. The space-time information inevitably contains privacy information (such as identity information, home address, behavior habit and the like) of the user, and is easily stolen and utilized by malicious attackers, so that the privacy of the user is revealed. Therefore, the problem of privacy disclosure has become a big obstacle restricting the development of mobile crowdsourcing, and how to protect user privacy has become one of the important research problems that MCS is urgently required to solve.
With the increasing exponential number of mobile devices, more and more people come into the crowdsourcing process. The crowdsourcing participants participate in the crowdsourcing process in different areas and at different times, and as the coverage of task performers and crowdsourcing tasks is continuously expanded, the range of crowdsourcing services is also expanded. Therefore, the following problems still face to effectively protect the privacy of users on this basis: (1) Traditional mobile crowdsourcing assumes that a third party platform (e.g., a crowdsourcing platform) is trusted, but in fact there is no fully trusted third party. (2) The traditional privacy protection methods such as disturbance bring about serious data quality loss, and privacy protection capability of the traditional privacy protection methods may not be satisfactory. (3) Traditional mobile crowdsourcing does not take into account the privacy protection issues of the task publishers. (4) Traditional mobile crowdsourcing does not consider the case where a worker is an attacker. In summary, since the credibility of the existing third-party platform cannot be guaranteed, the information security and integrity of both the task publisher and the worker are seriously threatened, so how to protect the privacy information of both the task publisher and the worker and improve the interaction quality of the perceived data is a problem to be solved urgently in the prior art.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention aims to provide the two-party privacy protection method and the two-party privacy protection system based on federal learning and edge calculation, which can effectively reduce the privacy leakage risk caused by an unreliable third party, protect the privacy information of both a task publisher and a worker, and simultaneously ensure the quality of submitting perceived data. And the execution efficiency of the whole system is improved by introducing an edge computing technology, and the data processing pressure of the cloud platform is relieved.
In order to achieve the above object, the present invention is realized by the following technical scheme:
the first aspect of the invention provides a two-party privacy protection method based on federal learning and edge calculation, which comprises a task allocation stage and a task execution stage;
in a task distribution stage, a task publisher submits task constraints to a crowdsourcing platform, a crowds Bao Ping station searches workers according to the task constraints and sends selected worker information to the task publisher, wherein the information transmission process in the task distribution stage is realized through an edge server;
in the task execution stage, a task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform, a worker acquires task matching information from the crowdsourcing platform, and the task is started to be executed after decryption; the worker trains a local model by using the task-related perception data and perturbs the local model; randomly grouping workers, firstly aggregating the perception data of the workers in the same group, and submitting the perception data to a platform by taking the group as a unit after aggregation; and the task publisher acquires the aggregated perception data from the platform, evaluates the perception data and aggregates the perception data qualified in evaluation to obtain a global model.
Further, the specific steps of submitting task constraints to the crowdsourcing platform by the task publisher are as follows: the task publisher generalizes the specific task position into a task area, and the task area and other constraints are submitted to the crowdsourcing platform through the edge server by the task publisher.
Furthermore, the crowdsourcing platform searches workers according to task constraint and issues the selected worker information to a task publisher, which comprises the following specific steps:
the crowdsourcing platform searches proper workers for the task through the edge server according to the constraint submitted by the task publisher;
submitting a local RSA public key and a matched task area to a crowdsourcing platform by the selected worker through an edge server;
the task publisher obtains information submitted by the selected worker from the crowdsourcing platform.
Still further, constraints include task start time, task end time, type of worker required for the task, and task area hiding the true task location.
Furthermore, the worker generates a pair of encryption keys by using an RSA algorithm as a local RSA public key, and sends the local RSA public key to the task publisher for encrypting and sending the real task position to the worker in the task execution stage so as to ensure that the worker can normally complete the task.
Further, the task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform, which comprises the following specific steps:
the task publisher takes the crowdsourcing task as an initial model and simultaneously generates a pair of homomorphic encryption keys;
then, the task publisher encrypts the real task position of the matching task of the worker by using the public key submitted by the worker;
and finally, uploading the task position ciphertext, the homomorphic encryption public key and the initial model to the crowdsourcing platform by the task publisher.
Further, the specific steps of training the local model by workers through the task related perception data and disturbing the local model are as follows:
the worker takes the collected perception data as training data, and trains the initial model into a local model through an edge server;
the local model is then perturbed, while the perturbation noise is encrypted with the homomorphic encryption public key.
Furthermore, the trained local model is perturbed by using a multi-perturbation mechanism based on localized differential privacy.
Further, the workers are randomly grouped, the perception data of the workers in the same group are firstly aggregated, and the perception data is submitted to the platform by taking the group as a unit after aggregation, which comprises the following specific steps:
the system randomly selects one worker from each group as a representative worker;
then, each group of workers performs a perception data aggregation operation according to a set sequence;
finally, the perceived data of the group aggregate is processed by the representative worker and then uploaded.
The second aspect of the invention provides a two-party privacy protection system based on federal learning and edge calculation, which comprises a task allocation module and a task execution module, wherein the task allocation module is used for task allocation, and the task execution module is used for executing tasks;
the task distribution module is configured to submit task constraints to the crowdsourcing platform by a task publisher, search workers according to the task constraints by the crowds Bao Ping, and send selected worker information to the task publisher, wherein the information transmission process of the task distribution stage is realized through an edge server;
the task execution module comprises a task uploading module, a local model training module, an aggregation module and a perception data evaluation module;
the task uploading module is configured to encrypt and upload the crowdsourcing task to the crowdsourcing platform by a task publisher, and a worker acquires task matching information from the crowdsourcing platform and starts to execute the task after decryption;
the local model training module is configured to train a local model by workers through task related perception data and disturb the local model;
the aggregation module is configured to randomly group workers, aggregate the perception data of the workers in the same group, and submit the perception data to the platform by taking the group as a unit after aggregation;
the perception data evaluation module is configured to acquire aggregated perception data from the platform by a task publisher, evaluate the perception data and aggregate the perception data qualified in evaluation to obtain a global model.
The one or more of the above technical solutions have the following beneficial effects:
the invention discloses a two-party privacy protection method and a two-party privacy protection system based on federal learning and edge computing, which are used for providing a two-stage privacy protection mechanism aiming at task position information of a task publisher, so that the task position information of the task publisher can be effectively protected, and the task position is prevented from being obtained by a malicious attacker. The invention provides a lightweight multi-disturbance mechanism (LDP-MP) based on localized differential privacy aiming at the privacy protection of workers. The mechanism protects the private data of workers locally by multiple perturbations to the original data. Meanwhile, a disturbance noise elimination mechanism is provided based on homomorphic encryption technology, and the problem of data quality loss caused by traditional disturbance is solved. Aiming at the position information of workers, the invention provides a grouping aggregation mechanism which breaks up the relation between workers and submitted data and protects the position information of the workers.
Additional aspects of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
FIG. 1 is an overall frame diagram of a task allocation stage in accordance with a first embodiment of the present invention;
FIG. 2 is an overall frame diagram of a task execution stage in accordance with a first embodiment of the present invention;
FIG. 3 is a diagram showing the effect of a task location generalization method according to an embodiment of the present invention;
FIG. 4 is a graph comparing data quality of a worker privacy protection method with a prior art method in accordance with a first embodiment of the present invention;
FIG. 5 is a privacy preserving capability effect diagram of a task location generalization method according to an embodiment of the present invention;
fig. 6 is a task coverage chart of a task allocation method according to a first embodiment of the present invention.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It should be noted that, in the embodiments of the present invention, related data such as task information and three-party information is required to obtain user permission or consent when the above embodiments of the present invention are applied to specific products or technologies, and the collection, use and processing of related data is required to comply with related laws and regulations and standards of related countries and regions.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, the singular is also intended to include the plural unless the context clearly indicates otherwise, and furthermore, it is to be understood that the terms "comprises" and/or "comprising" when used in this specification are taken to specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof;
embodiment one:
in a mobile crowdsourcing system, there are three main roles: task publishers, workers, and crowdsourcing platforms; for example, for mobile phone ordering running leg software which is popular, a user with running leg requirements is regarded as a task publisher, a running leg worker who receives a task acquisition reward is regarded as a crowdsourcing worker, and the mobile phone ordering running leg software can be regarded as a crowdsourcing platform. When a task publisher publishes own demands as tasks on a crowdsourcing platform; then, the crowdsourcing platform pairs the proper workers with the tasks; then, the proper worker receives and completes the task and uploads the perception data of the task; finally, the crowdsourcing platform processes the perceived data uploaded by the workers and then sends the perceived data to the task publisher.
The first embodiment of the invention provides a two-party privacy protection method based on federal learning and edge calculation, which provides a two-stage privacy protection mechanism aiming at task positions for the problem of privacy disclosure of task publishers. Aiming at the problem of privacy disclosure of workers, the privacy of the workers is protected by utilizing a lightweight multiple disturbance method and a grouping aggregation mechanism based on localized differential privacy. Aiming at the problem of data quality loss caused by disturbance, a disturbance noise elimination mechanism based on homomorphic encryption technology is provided. In addition, the embodiment also provides a task allocation scheme which is suitable for the privacy protection of the task position.
The method includes a task allocation phase shown in fig. 1 and a task execution phase shown in fig. 2. The main purpose in the task allocation phase is to find the appropriate worker based on task constraints. The task allocation phase can be divided into five steps: task location generalization, task constraint submission, worker matching, winning worker information submission, and winning worker information acquisition. Task location generalization: the task publisher generalizes the specific task location to a reasonably sized task area. Task constraint submission: the task publisher submits the task area and other constraints to the crowdsourcing platform through the edge server. Worker matching: and the crowdsourcing platform searches proper workers for the task through the edge server according to the constraint submitted by the task publisher. And submitting winning worker information: the selected workers submit the local RSA public key and the matched task area to the crowdsourcing platform through the edge server. Winning worker information acquisition: the task publisher obtains information submitted by the winning worker from the crowdsourcing platform.
After completion of the worker matching phase, called the task execution phase, the selected worker needs to acquire the true task location to execute the perceived task. The task execution phase can be divided into five steps: task uploading, task position receiving, task data processing, task data submitting and task data evaluating. Task uploading: first, a task publisher generates a task initial model and a pair of homomorphic encryption keys. The RSA public key submitted by the worker is then used to encrypt the actual location within the worker matching task area. And finally, uploading the position ciphertext, the homomorphic encryption public key and the initial model to the crowdsourcing platform. Task position reception: and the worker acquires the matching task information from the crowdsourcing platform, decrypts the position ciphertext and starts to execute the task. Task data processing: first, workers train the perception data to a local model through an edge server. The local model is then perturbed, while the perturbation noise is encrypted with the homomorphic encryption public key. Task data submission: first, the same group of workers performs intra-group data aggregation. The aggregated data is then submitted to the platform by the group's representative workers. Task data evaluation: firstly, a task publisher acquires perception data aggregated by each group of workers from a platform and evaluates the data; and then, the qualified data are aggregated to obtain a final global model.
The specific steps of the task allocation stage and the task execution stage are as follows:
in the task allocation stage, the information transfer process is realized through an edge server, and the method specifically comprises the following steps:
step 1, a task publisher submits task constraints to a crowdsourcing platform.
And 2, searching workers by the crowdsourcing platform according to task constraints.
And step 3, the crowdsourcing platform issues the selected worker information to the task publisher.
In the task execution phase, the method comprises the following steps:
step 4: the task publisher uploads the crowdsourcing task to the crowdsourcing platform. The task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform, and workers acquire task matching information from the crowdsourcing platform and start executing the task after decrypting the task matching information.
And 5, training a local model by workers by using the task-related perception data, disturbing the local model, and encrypting disturbance noise by using the CKS public key.
And 6, randomly grouping workers, firstly aggregating the perception data of the workers in the same group, and submitting the perception data to a platform by a representative worker by taking the group as a unit after aggregation.
And 7, acquiring aggregated perception data from the platform by the task publisher, evaluating the perception data, and aggregating the qualified perception data to obtain a global model.
In step 1, the specific steps of submitting task constraints to the crowdsourcing platform by the task publisher are as follows: the task publisher generalizes the specific task position into a task area, and the task area and other constraints are submitted to the crowdsourcing platform through the edge server by the task publisher.
Wherein the task publisher generalizes the real task location to a task area, such as: task issuers willPersonal real task position->Generalizing to->Personal task area->Wherein->,/>Representing the center point of the task area, < > and->The radius of the task area is represented, the task area is used for replacing the real task position to find a proper worker, and the position generalization effect is shown in fig. 3.
In the step 2 and the step 3, the crowdsourcing platform searches workers according to task constraint and sends the selected worker information to a task publisher, and the concrete steps are as follows:
step 2.1: the crowdsourcing platform searches for proper workers for the task through the edge server according to constraints submitted by the task publisher.
The constraints include task start time, task end time, type of worker required for the task, and task area hiding the real task position.
Specifically, the constraint is that<time stare ,time end ,type,task area >Wherein, time stare ,time end Respectively represent the start of the taskAnd an end time, type represents the type of worker required for the task, task area A task area is represented that hides the location of the real task.
The calculation formula for the distance between the distance task positions measured by the workers meeting the requirements is as follows:。
wherein,representing worker u t Distance to the ith task area, +.>Representing worker u t To the ith task area center point +.>Distance r of (2) i Representing the i-th task area radius.
Step 2.2: the selected worker submits the local RSA public key and the matched task area to the crowdsourcing platform through the edge server.
Wherein, the worker generates a pair of encryption keys { RSA } by utilizing RSA algorithm pk ,RSA sk And the real task position is encrypted and sent to a worker in the task execution stage so as to ensure that the worker can normally complete the task.
Step 2.3: the task publisher obtains information submitted by the selected worker from the crowdsourcing platform.
In step 4, the specific steps of uploading the crowdsourcing task to the crowdsourcing platform by the task publisher are as follows:
step 4.1: the task publisher takes the crowdsourcing task as an initial model and simultaneously generates a pair of homomorphic encryption keys.
Specifically, the task publisher locates each task location loc i ∈{loc 1 ,...,loc n Viewed as a subtask and generates a subtask model. Generating a pair of keys { CKKS by CKKS homomorphic encryption algorithm pk ,CKKS sk }。
Step 4.2: the task publisher encrypts the actual task location of the worker matching task using the public key submitted by the worker.
Specifically, each worker is submitted to a matched task area i The actual task position in (1.ltoreq.i.ltoreq.n) uses RSA submitted by the worker in step 2.2 pk Encryption.
Step 4.3: the task publisher encrypts the position ciphertext and homomorphic encryption public key CKKS of the task pk And uploading the initial model to a crowdsourcing platform.
Step 4.4: and (3) decrypting the task position ciphertext by the worker by using the RSA private key generated in the step (2.2) to obtain a true task position plaintext, and starting to execute the task according to the task position.
In step 5, the specific steps of training the local model by workers through the task related perception data and disturbing the local model are as follows:
step 5.1: the worker takes the collected perception data as training data locally and trains the initial model into a local model through an edge server. The perceived data may be data such as ambient temperature, humidity or pictures, and the better the task performance of the worker, the higher the quality of the collected perceived data.
The training mode is shown as follows:。
wherein,,/>respectively indicate worker->Local data set->Input and output vectors of>Representation->Size of->Representing a worker local model,/->Representing the training loss function of the local model.
Step 5.2: the local model is perturbed, and the perturbation noise is encrypted with the homomorphic encryption public key. Wherein, the trained local model is disturbed by using a multi-disturbance mechanism based on localized differential privacy, and disturbance noise is utilized to encrypt the public key CKKS in the homomorphic encryption generated in the step 4.1 pk Encryption.
The realization principle of the multi-disturbance mechanism based on localized differential privacy is as follows: the (epsilon, delta) -localization differential privacy is realized by adopting a Gaussian mechanism, wherein epsilon represents privacy budget, delta represents a relaxation factor, and two interference factors, namely a fixed interference factor alpha and a dynamic interference factor beta, are added to the localization differential privacy, wherein the fixed interference factor is related to epsilon, and the dynamic interference factor adds different noise with different probabilities.
Step 5.3: the disturbance model and the encryption noise are uploaded.
In step 6, workers are randomly grouped, the perception data of the workers in the same group are firstly aggregated, and then the perception data are submitted to a platform by taking the group as a unit after aggregation, wherein the aggregated perception data are the uploaded disturbance model and the encrypted noise.
The method comprises the following specific steps:
step 6.1: the system randomly selects one worker from each group as a representative worker.
Specifically, a plurality of workers u= { U 1 ,u 2 ,...,u p Dividing into multiple groups g= { G 1 ,...,g q }. At each polymerization, the system will be for each groupOne worker is randomly selected as a representative worker. Where p represents p workers and q represents dividing the p workers into q groups.
Step 6.2: each group of workers performs the sensing data aggregation operation according to the set sequence.
Wherein, every interval t, each group worker first sequentially aggregates the trained local models within the group.
Step 6.3: the perceived data for the group of aggregations is processed by the representative worker and then uploaded.
Specifically, the group representative worker processes the aggregated local model by the following formula and sends the processed local model to the task publisher:。
wherein,indicating the number of workers in group h, < > j->Representing a local model of the jth worker of the h group.
In step 7, after receiving each group of aggregated local models, the task publisher uses
The FedAVG algorithm aggregates the obtained local model meeting the requirements of the task publisher to obtain a new global model. The update process of the algorithm proposed in this embodiment is represented by the following formula: />。
Wherein,representing a new global model, +_>Representing the last global model,/->Is indicated as +.>A group.
To verify the effectiveness of the method of this embodiment, two-party privacy protection methods based on federal learning and edge computing were tested with a real dataset. Wherein the real data set is derived from existing public data and informed consent is obtained from the information owners.
(1) Privacy protection for workers
Wherein "herein" in the experimental plot represents the method of the present invention, the remaining algorithms are comparative algorithms.
Accuracy is an important index for measuring the superiority of the model. Therefore, experiments were conducted to determine the effect of different privacy budgets epsilon on model accuracy, and the results are shown in fig. 4. It can be seen from fig. 4 that as the privacy budget epsilon increases, the model accuracy obtained by each algorithm increases, but the model accuracy of the algorithm proposed in this embodiment is always higher than that of other perturbation algorithms. In addition, the accuracy of the algorithm of the embodiment is not much different from that of the algorithm under the condition of no privacy protection. This is because other algorithms may cause some data quality loss to the disturbance of the data or model, and the disturbance noise cancellation mechanism proposed by the embodiment may help cancel disturbance noise in the data or model, and solve the problem of data quality loss caused by disturbance.
(2) Privacy protection for task publishers
The present embodiment uses the area of the generalization area to represent the privacy-preserving capability of the location generalization algorithm, that is, the larger the area of the generalization area, the higher the anonymity to the real location, and the stronger the privacy-preserving capability to the location.
The present embodiment uses a privacy dynamics factor ε d And controlling the area size of the generalization area formed by the KM-ALG algorithm. To evaluate epsilon d The influence on privacy preserving ability was tested. FIG. 5 shows the privacy effort factor ε d When= 3,5,7,11, 100 task positions randomly generated by different data sets are formed by KM-ALG algorithmAverage area size of the generalization region.
From FIG. 5 it can be found that the privacy-dynamics factor ε follows d The increasing number of KM-ALG algorithms also increases the area of the average generalization region formed on different data sets, which indicates that the privacy preserving capability of KM-ALG algorithms is also increasing. This is because with the privacy strength factor epsilon d The maximum distance allowed between task locations of the same class increases. Therefore, the radius of the formed generalization region is enlarged, resulting in an increase in the area of the generated generalization region. The increased area of the generalization region improves the anonymity of the task position, thereby improving the privacy protection capability of the task position.
The problem of task coverage rate caused by the privacy protection of the task position is also considered in the experiment. From FIG. 6 it can be observed that the task coverage varies with the privacy-dynamics factor ε d Is continuously decreasing. This is because as the privacy-preserving factor ε d The increasing privacy protection capability for task locations has led to an increase in uncertainty of whether a worker is within the executable range of his task (i.e., the worker is not sure to complete the task). Therefore, in order to secure high credibility of the worker, the worker is not willing to accept a task with a large uncertainty, resulting in a decrease in task coverage. Therefore, when issuing tasks, the balance between privacy protection capability and task coverage rate needs to be comprehensively considered so as to obtain better task coverage rate.
In summary, the invention provides a two-party privacy protection method based on federal learning and edge computing, which provides a two-stage privacy protection mechanism for task position privacy of a task publisher, namely, the task position privacy is protected, and normal completion of tasks by workers is ensured. The method provides a multiple disturbance mechanism based on localized differential privacy aiming at the data privacy of workers; aiming at the problem of data quality reduction caused by disturbance, a disturbance noise elimination mechanism based on homomorphic encryption is provided; and the corresponding relation between workers and data thereof is broken through a grouping aggregation mechanism, so that the position privacy of the workers is protected. The privacy protection method provided by the invention not only can protect the privacy of workers and task publishers, but also can ensure the quality of data uploaded by the workers.
Embodiment two:
the second embodiment of the invention provides a two-party privacy protection system based on federal learning and edge calculation, which comprises a task allocation module and a task execution module, wherein the task allocation module is used for task allocation, and the task execution module is used for executing tasks;
the task distribution module is configured to submit task constraints to the crowdsourcing platform by a task publisher, search workers according to the task constraints by the crowds Bao Ping, and send selected worker information to the task publisher, wherein the information transmission process of the task distribution stage is realized through an edge server;
the task execution module comprises a task uploading module, a local model training module, an aggregation module and a perception data evaluation module;
the task uploading module is configured to encrypt and upload the crowdsourcing task to the crowdsourcing platform by a task publisher, and a worker acquires task matching information from the crowdsourcing platform and starts to execute the task after decryption;
the local model training module is configured to train a local model by workers through task related perception data and disturb the local model;
the aggregation module is configured to randomly group workers, aggregate the perception data of the workers in the same group, and submit the perception data to the platform by taking the group as a unit after aggregation;
the perception data evaluation module is configured to acquire aggregated perception data from the platform by a task publisher, evaluate the perception data and aggregate the perception data qualified in evaluation to obtain a global model.
The steps involved in the second embodiment correspond to those of the first embodiment of the method, and the detailed description of the second embodiment can be found in the related description section of the first embodiment.
It will be appreciated by those skilled in the art that the modules or steps of the invention described above may be implemented by general-purpose computer means, alternatively they may be implemented by program code executable by computing means, whereby they may be stored in storage means for execution by computing means, or they may be made into individual integrated circuit modules separately, or a plurality of modules or steps in them may be made into a single integrated circuit module. The present invention is not limited to any specific combination of hardware and software.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.
Claims (10)
1. The two-party privacy protection method based on federal learning and edge calculation is characterized by comprising a task allocation stage and a task execution stage;
in a task distribution stage, a task publisher submits task constraints to a crowdsourcing platform, a crowds Bao Ping station searches workers according to the task constraints and sends selected worker information to the task publisher, wherein the information transmission process in the task distribution stage is realized through an edge server;
in the task execution stage, a task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform, a worker acquires task matching information from the crowdsourcing platform, and the task is started to be executed after decryption; the worker trains a local model by using the task-related perception data and perturbs the local model; randomly grouping workers, firstly aggregating the perception data of the workers in the same group, and submitting the perception data to a platform by taking the group as a unit after aggregation; and the task publisher acquires the aggregated perception data from the platform, evaluates the perception data and aggregates the perception data qualified in evaluation to obtain a global model.
2. The two-party privacy preserving method based on federal learning and edge computing of claim 1, wherein the task publisher submits task constraints to the crowdsourcing platform in the specific steps of: the task publisher generalizes the specific task position into a task area, and the task area and other constraints are submitted to the crowdsourcing platform through the edge server by the task publisher.
3. The two-party privacy protection method based on federal learning and edge computing as set forth in claim 2, wherein the crowdsourcing platform finds workers according to task constraints and issues selected worker information to task publishers in the specific steps of:
the crowdsourcing platform searches workers for the task through the edge server according to the constraint submitted by the task publisher;
submitting a local RSA public key and a matched task area to a crowdsourcing platform by the selected worker through an edge server;
the task publisher obtains information submitted by the selected worker from the crowdsourcing platform.
4. The federal learning and edge computing-based two-party privacy protection method of claim 3, wherein the constraints include task start time, task end time, type of worker required for the task, and task area hiding real task location.
5. The federal learning and edge computing-based two-party privacy protection method of claim 3, wherein the worker generates a pair of encryption keys as a local RSA public key using an RSA algorithm and transmits the local RSA public key to the task publisher for encrypting the actual task location to the worker during the task execution phase to ensure that the worker can normally complete the task.
6. The two-party privacy protection method based on federal learning and edge computing as set forth in claim 1, wherein the task publisher encrypts and uploads the crowdsourcing task to the crowdsourcing platform as follows:
the task publisher takes the crowdsourcing task as an initial model and simultaneously generates a pair of homomorphic encryption keys;
then, the task publisher encrypts the real task position of the matching task of the worker by using the public key submitted by the worker;
and finally, uploading the task position ciphertext, the homomorphic encryption public key and the initial model to the crowdsourcing platform by the task publisher.
7. The federal learning and edge computing-based two-party privacy protection method of claim 1, wherein the worker trains the local model using task-related sensory data and perturbs the local model by the specific steps of:
the worker takes the collected perception data as training data, and trains the initial model into a local model through an edge server;
the local model is then perturbed, while the perturbation noise is encrypted with the homomorphic encryption public key.
8. The federal learning and edge computing-based two-party privacy protection method of claim 7, wherein the trained local model is perturbed using a localized differential privacy-based multi-perturbation mechanism.
9. The two-party privacy protection method based on federal learning and edge computing as claimed in claim 1, wherein the steps of randomly grouping workers, firstly aggregating the perception data of the same group of workers, and submitting the perception data to the platform in units of groups after the aggregation are as follows:
the system randomly selects one worker from each group as a representative worker;
then, each group of workers performs a perception data aggregation operation according to a set sequence;
finally, the perceived data of the group aggregate is processed by the representative worker and then uploaded.
10. The two-party privacy protection system based on federal learning and edge calculation is characterized by comprising a task distribution module and a task execution module, wherein the task distribution module is used for distributing tasks, and the task execution module is used for executing tasks;
the task distribution module is configured to submit task constraints to the crowdsourcing platform by a task publisher, search workers according to the task constraints by the crowds Bao Ping, and send selected worker information to the task publisher, wherein the information transmission process of the task distribution stage is realized through an edge server;
the task execution module comprises a task uploading module, a local model training module, an aggregation module and a perception data evaluation module;
the task uploading module is configured to encrypt and upload the crowdsourcing task to the crowdsourcing platform by a task publisher, and a worker acquires task matching information from the crowdsourcing platform and starts to execute the task after decryption;
the local model training module is configured to train a local model by workers through task related perception data and disturb the local model;
the aggregation module is configured to randomly group workers, aggregate the perception data of the workers in the same group, and submit the perception data to the platform by taking the group as a unit after aggregation;
the perception data evaluation module is configured to acquire aggregated perception data from the platform by a task publisher, evaluate the perception data and aggregate the perception data qualified in evaluation to obtain a global model.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311810061.XA CN117473559B (en) | 2023-12-27 | 2023-12-27 | Two-party privacy protection method and system based on federal learning and edge calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311810061.XA CN117473559B (en) | 2023-12-27 | 2023-12-27 | Two-party privacy protection method and system based on federal learning and edge calculation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117473559A true CN117473559A (en) | 2024-01-30 |
CN117473559B CN117473559B (en) | 2024-05-03 |
Family
ID=89636467
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311810061.XA Active CN117473559B (en) | 2023-12-27 | 2023-12-27 | Two-party privacy protection method and system based on federal learning and edge calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117473559B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160034840A1 (en) * | 2014-07-31 | 2016-02-04 | Microsoft Corporation | Adaptive Task Assignment |
CN109033865A (en) * | 2018-06-20 | 2018-12-18 | 苏州大学 | The method for allocating tasks of secret protection in a kind of space crowdsourcing |
CN110708155A (en) * | 2019-09-19 | 2020-01-17 | 北京奇艺世纪科技有限公司 | Copyright information protection method, copyright information protection system, copyright confirming method, copyright confirming device, copyright confirming equipment and copyright confirming medium |
CN113837761A (en) * | 2021-11-26 | 2021-12-24 | 北京理工大学 | Block chain and trusted execution environment based federated learning method and system |
CN115112167A (en) * | 2022-06-01 | 2022-09-27 | 浙江中烟工业有限责任公司 | Temperature and humidity sensor early warning system and method applied to production area of cigarette factory |
CN115694787A (en) * | 2022-09-29 | 2023-02-03 | 华东师范大学 | Verifiable privacy protection and personalized crowdsourcing task matching method and system under assistance of block chain |
CN115795518A (en) * | 2023-02-03 | 2023-03-14 | 西华大学 | Block chain-based federal learning privacy protection method |
CN116777294A (en) * | 2023-07-04 | 2023-09-19 | 华东师范大学 | Crowd-sourced quality safety assessment method based on federal learning under assistance of blockchain |
-
2023
- 2023-12-27 CN CN202311810061.XA patent/CN117473559B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160034840A1 (en) * | 2014-07-31 | 2016-02-04 | Microsoft Corporation | Adaptive Task Assignment |
CN109033865A (en) * | 2018-06-20 | 2018-12-18 | 苏州大学 | The method for allocating tasks of secret protection in a kind of space crowdsourcing |
CN110708155A (en) * | 2019-09-19 | 2020-01-17 | 北京奇艺世纪科技有限公司 | Copyright information protection method, copyright information protection system, copyright confirming method, copyright confirming device, copyright confirming equipment and copyright confirming medium |
CN113837761A (en) * | 2021-11-26 | 2021-12-24 | 北京理工大学 | Block chain and trusted execution environment based federated learning method and system |
CN115112167A (en) * | 2022-06-01 | 2022-09-27 | 浙江中烟工业有限责任公司 | Temperature and humidity sensor early warning system and method applied to production area of cigarette factory |
CN115694787A (en) * | 2022-09-29 | 2023-02-03 | 华东师范大学 | Verifiable privacy protection and personalized crowdsourcing task matching method and system under assistance of block chain |
CN115795518A (en) * | 2023-02-03 | 2023-03-14 | 西华大学 | Block chain-based federal learning privacy protection method |
CN116777294A (en) * | 2023-07-04 | 2023-09-19 | 华东师范大学 | Crowd-sourced quality safety assessment method based on federal learning under assistance of blockchain |
Non-Patent Citations (5)
Title |
---|
IACOVAZZI, ALFONSO等: "Protecting traffic privacy for massive aggregated traffic", COMPUTER NETWORKS, vol. 77, 11 March 2015 (2015-03-11) * |
方俊斌;蒋千越;李爱平;: "本地化差分隐私在数据众包中的应用", 信息技术与网络安全, vol. 37, no. 06, 10 June 2018 (2018-06-10) * |
毛新宏: "众包清洗平台的隐私与安全问题", 信息与电脑(理论版), vol. 35, no. 20, 25 October 2023 (2023-10-25), pages 207 * |
王辉等: "面向移动群智感知的两阶段位置隐私保护方法", 吉林大学学报(理学版), vol. 61, no. 05, 26 September 2023 (2023-09-26) * |
霍峥等: "满足本地化差分隐私的众包位置数据采集", 计算机应用, vol. 39, no. 3, 19 April 2019 (2019-04-19) * |
Also Published As
Publication number | Publication date |
---|---|
CN117473559B (en) | 2024-05-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Xu et al. | Privacy-preserving federated deep learning with irregular users | |
Xiong et al. | A personalized privacy protection framework for mobile crowdsensing in IIoT | |
Xu et al. | Efficient and privacy-preserving truth discovery in mobile crowd sensing systems | |
CN110288094B (en) | Model parameter training method and device based on federal learning | |
Song et al. | A privacy preserving communication protocol for IoT applications in smart homes | |
US11989634B2 (en) | Private federated learning with protection against reconstruction | |
Gong et al. | Optimal task recommendation for mobile crowdsourcing with privacy control | |
CN113395159B (en) | Data processing method based on trusted execution environment and related device | |
Zhang et al. | Location privacy-preserving task recommendation with geometric range query in mobile crowdsensing | |
Zhao et al. | Preserving privacy in WiFi localization with plausible dummy locations | |
CN109347829B (en) | Group intelligence perception network truth value discovery method based on privacy protection | |
CN112787809B (en) | Efficient crowd sensing data stream privacy protection truth value discovery method | |
US20220374544A1 (en) | Secure aggregation of information using federated learning | |
Zhu et al. | Privacy-preserving federated learning of remote sensing image classification with dishonest majority | |
Sodagari | Trends for mobile IoT crowdsourcing privacy and security in the big data era | |
Zhang et al. | BSDP: Blockchain-based smart parking for digital-twin empowered vehicular sensing networks with privacy protection | |
Lv et al. | ESPPTD: An efficient slicing-based privacy-preserving truth discovery in mobile crowd sensing | |
Singh et al. | Security enhancement of the cloud paradigm using a novel optimized crypto mechanism | |
CN117473559B (en) | Two-party privacy protection method and system based on federal learning and edge calculation | |
Liu et al. | Privacy-preserving truth discovery for collaborative-cloud encryption in mobile crowdsensing | |
CN113868695B (en) | Block chain-based trusted privacy protection method in crowd-sourced data aggregation | |
CN113901500B (en) | Graph topology embedding method, device, system, equipment and medium | |
Zhang et al. | TPP: Trajectory privacy preservation against tensor voting based inference attacks | |
Wang et al. | FRNet: An MCS framework for efficient and secure data sensing and privacy protection in IoVs | |
CN113158209A (en) | Top-k query why-not problem processing method for protecting privacy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |