WO2022258149A1 - User device, server device, method and system for privacy preserving model training - Google Patents
User device, server device, method and system for privacy preserving model training Download PDFInfo
- Publication number
- WO2022258149A1 WO2022258149A1 PCT/EP2021/065303 EP2021065303W WO2022258149A1 WO 2022258149 A1 WO2022258149 A1 WO 2022258149A1 EP 2021065303 W EP2021065303 W EP 2021065303W WO 2022258149 A1 WO2022258149 A1 WO 2022258149A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- model
- user
- server device
- parameter
- user device
- Prior art date
Links
- 238000012549 training Methods 0.000 title claims abstract description 111
- 238000000034 method Methods 0.000 title claims description 38
- 238000012360 testing method Methods 0.000 claims description 38
- 238000013527 convolutional neural network Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 2
- 238000010801 machine learning Methods 0.000 abstract description 14
- 238000012358 sourcing Methods 0.000 description 6
- 238000013145 classification model Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 3
- 238000013528 artificial neural network Methods 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 230000004931 aggregating effect Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000002860 competitive effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Definitions
- the present disclosure relates to the field of machine learning (ML) and model training.
- a user device and a server device are provided, which allow for training of a model stored in the server device in a distributed fashion, based on training data in the user device. Privacy of the training data is ensured, as the training data as such is not made available to the server device.
- Several user devices may cooperate with one server device for distributed model training.
- the present disclosure also provides corresponding methods and a system.
- effectivity of training relies on the amount of training data available.
- image classification i.e. a machine learning task with the goal to classify an image, based on training data comprising images and labels
- the accuracy of a classification model depends on the number of images and labels available for training. More training data leads to better accuracy.
- a conventional system for model training has the drawback that classification with a model that is trained using nice and clean ideal training data performs poorly on noisy images in real-world settings. Moreover, the conventional system may have to classify images with new labels for which a trained model is not able to predict accurate classifications (cf. FIG. 10A).
- crowd sourced training data is used for model training. That is, crowd sourced user images are relied on to improve classification accuracy (cf. FIG. 10B). These user images are collected from user devices (e.g. apps) and stored in a server device (e.g. a cloud server). A pre-trained model (e.g. a base model) is fine-tuned or trained using the collected user images. The fine-tuned model is then downloaded to the user devices and is used for image classification.
- crowd sourced training data can be prohibited by privacy law, according to which it is restricted to collect and store user images without consent.
- storing a huge amount of crowd sourced training data (e.g. user images) on a server device poses further requirements for storage capacity, security and data privacy.
- an objective of embodiments of the present disclosure is to enable model training based on crow sourced training data while meeting storage capacity, security and data privacy requirements.
- a first aspect of the present disclosure provides a user device for privacy preserving model training, wherein the user device is configured to obtain a training set of user data; receive a master model from a server device; determine a parameter based on the master model, the parameter being a parameter to be optimized; generate a model update based on the parameter and the training set of user data; and transmit the model update to the server device.
- model payload that is transferred over a network is much smaller (in particular due to a lower number of trainable parameters) compared to transferring crowd sourced training data.
- the subject matter according to the first aspect is advantageous, as quality of artificial intelligence (AI) assisted image classification apps is improved by incorporating user images in a privacy preserving way. Further, a competitive advantage is provided to developers which build image classification apps by crowd-sourcing user images. Training data can be collected and stored without violating privacy. Improved classification accuracy without comprising privacy yields better user experience.
- AI artificial intelligence
- the user device is a mobile device, a user equipment, a terminal, a personal computer, an IoT device, or the like.
- the user device is configured to make a prediction based on input user data by using the master model received from the server device. That is, the user device e.g. can perform image classification based on the master model.
- the user device is further configured to compute a gradient of the parameter, based on the training set of user data, and generate the model update based on the gradient.
- the gradient is generated in the user device using user images.
- the user images e.g. can be crowd sourced.
- the user device is further configured to obtain a testing set of user data; predict classification labels of the testing set of user data using the master model; compute performance metrics based on the predicted classification labels and the testing set of user data; and transmit the performance metrics to the server device.
- the performance metric is a precision, a recall, an FI score, or similar other classification performance metrics the like.
- the user device is further configured to classify user data stored in the device to obtain the training set of user data and the testing set of user data.
- the training set of user data comprises a training set of user images
- the testing set of user data comprises a testing set of user images. This ensures that the user device can in particular be used for training models for image classification.
- the parameter relates to at least one of: a convolutional layer of a convolutional neural network, a fully connected layer of a convolutional neural network, a classification layer of a convolutional neural network.
- a second aspect of the present disclosure provides a server device for privacy preserving model training, wherein the server device is configured to receive a pre-trained base model; generate a master model based on the base model; indicate a parameter in the master model, the parameter being a parameter to be optimized; transmit the master model to a user device; receive a model update corresponding to the master model from the user device; and update the master model based on the model update.
- the pre-trained base model comprises an image classification model.
- the image classification model is e.g. trained on a large amount of data.
- the server device and the user device participate in a crowd-source campaign.
- the master model comprises an image classification model.
- the server device is configured to initialize the master model using parameters of the base model, to generate the master model.
- the master model is optimized based on a stochastic gradient descent of utilizing model updates.
- the model update comprises gradient information relating exclusively to the parameter, and the server device is further configured to update the master model based on the gradient information.
- the server device is further configured to receive performance metrics from the user device and aggregate the performance metrics to update global performance metrics.
- the server device is further configured to add new labels to existing labels of the base model to generate the master model, wherein the new labels relate to a predefined use case.
- a third aspect of the present disclosure provides a method for privacy preserving model training, wherein method comprises the steps of obtaining, by a user device, a training set of user data; receiving, by the user device, a master model from a server device; determining, by the user device, a parameter to be optimized based on the master model; generating, by the user device, a model update based on the parameter and the training set of user data; and transmitting, by the user device, the model update to the server device.
- the method further comprises computing, by the user device, a gradient of the parameter, based on the training set of user data, and generating, by the user device, the model update based on the gradient.
- the method further comprises obtaining, by the user device, a testing set of user data; predicting, by the user device, classification labels of the testing set of user data using the master model; computing, by the user device, performance metrics based on the predicted classification labels and the testing set of user data; and transmitting, by the user device, the performance metrics to the server device.
- the method further comprises classifying, by the user device, user data stored in the device to obtain the training set of user data and the testing set of user data.
- the training set of user data comprises a training set of user images
- the testing set of user data comprises a testing set of user images
- the parameter relates to at least one of: a convolutional layer of a convolutional neural network, a fully connected layer of a convolutional neural network, a classification layer of a convolutional neural network.
- the third aspect and its implementation forms include the same advantages as the first aspect and its respective implementation forms.
- a fourth aspect of the present disclosure provides a method for privacy preserving model training, wherein the method comprises the steps of receiving, by a server device, a pre-trained base model; generating, by the server device, a master model based on the base model; indicating, by the server device, a parameter in the master model, the parameter being a parameter to be optimized; transmitting, by the server device, the master model to a user device; receiving, by the server device, a model update corresponding to the master model from the user device; and updating, by the server device, the master model based on the model update.
- the model update comprises gradient information relating exclusively to the parameter
- the method further comprises updating, by the server device, the master model based on the gradient information.
- the method further comprises receiving, by the server device, performance metrics from the user device and aggregating, by the server device, the performance metrics to update global performance metrics.
- the method further comprises adding, by the server device, new labels to existing labels of the base model to generate the master model, wherein the new labels relate to a predefined use case.
- the fourth aspect and its implementation forms include the same advantages as the second aspect and its respective implementation forms.
- a fifth aspect of the present disclosure provides a computer program comprising instructions which, when the program is executed by a computer, cause the computer to carry out the steps of the method of the third aspect or any of its implementation forms, or the fourth aspect or any of its implementation forms.
- the fifth aspect includes the same advantages as the third aspect or any of its implementation forms and the fourth aspect or any of its implementation forms.
- a sixth aspect of the present disclosure provides a non-transitory computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the steps of the method of the third aspect or any of its implementation forms, or the fourth aspect or any of its implementation forms.
- the sixth aspect includes the same advantages as the third aspect or any of its implementation forms and the fourth aspect or any of its implementation forms.
- a seventh aspect of the present disclosure provides a system for privacy preserving model training, comprising the user device according to the first aspect or any of its implementation forms, and the server device according to the second aspect or any of its implementation forms.
- the seventh aspect includes the same advantages as the first aspect or any of its implementation forms and the second aspect or any of its implementation forms.
- FIG. 1 shows a schematic view of a user device according to an embodiment of the present disclosure
- FIG. 2 shows a schematic view of a user device according to an embodiment of the present disclosure in more detail
- FIG. 3 shows a schematic view of a server device according to an embodiment of the present disclosure
- FIG. 4 shows a schematic view of a server device according to an embodiment of the present disclosure in more detail
- FIG. 5 shows a schematic view of an operating scenario according to the present disclosure
- FIG. 6 shows a schematic view of an operating scenario according to the present disclosure
- FIG. 7 shows a schematic view of an operating scenario according to the present disclosure
- FIG. 8 shows a schematic view of a method according to an embodiment of the present disclosure
- FIG. 9 shows a schematic view of a method according to an embodiment of the present disclosure.
- FIG. 10 shows a schematic view of a conventional system for model training.
- FIG. 1 shows a schematic view of a user device 100 according to an embodiment of the present disclosure.
- the server device 100 enables crowd sourcing of training data for model training, while at the same time maintaining privacy of such training data. That is, the device 100 is for privacy preserving model training.
- the user device 100 obtains a training set of user data 101.
- This may be any kind of user data which is suitable for training a model, e.g. a neural network.
- the training set of user data 101 may be pre-stored in the user device 100, generated by the user device 100, and/or received by the user device 100.
- the user device 100 may further receive a master model 102 from a server device 300.
- the server device 300 can be an entity with which the user device 100 can communicate for privacy preserving model training, that is, the server device 300 is not necessarily part of the user device
- the server device 300 and in particular generating the master model 102 are going to be described in more detail in view of FIG. 3 and FIG. 4 below.
- the user device 100 may further determine a parameter 103 based on the master model 102.
- the parameter 103 is a parameter to be optimized, e.g. by privacy preserving model training. In other words, in the master model 102 it may be indicated which parameter 103 of the master model 102 is to be optimized.
- the user device 100 generates, based on the parameter 103 and the training set of user data 101, a model update 104.
- the model update 104 is then transmitted to the server device 300. Further processing of the model update 104 in the server device 300 is going to be described in view of FIG. 3 and FIG. 4 below.
- the server device 300 provides a master model 102 to the user device 100, based on which the user device 100 generates a model update 104, which is in turn provided to the server device 300.
- the model update 104 is also generated based on the training set of user data
- FIG. 2 shows a schematic view of a user device 100 according to an embodiment of the present disclosure in more detail.
- the user device 100 shown in FIG. 2 comprises all features and functionality of the user device 100 of FIG. 1, as well as the following optional features:
- the user device 100 based on the training set of user data 101, the user device 100 optionally can compute a gradient 201 of the parameter 103. The model update 104 is then generated based on the gradient 201. Further optionally, the user device 100 can obtain a testing set of user data 202. The testing set of user data 202 can be obtained in a similar way as the training set of user data 101. By using the master model 102, the user device 100 can predict classification labels 203 of the testing set of user data 202. The classification labels 203 and the testing set of user data 202 can be used for performance measurement. That is, the user device 100 can compute performance metrics 204 based on the predicted classification labels 203 and the testing set of user data 202. In turn, the performance metrics 204 can be transmitted to the server device 300.
- the training set of user data 101 and/or the testing set of user data 202 can be obtained by classifying user data 205, which is stored in the user device 100. That is, the user device 100 can determine, which part of the user data 205 can be used for training, and which part can be used for testing. The user data 205 however is not made available to the server device 300 as such. Only the model update 104 and/or the performance metrics 204 can be transmitted to the server device 300.
- the user data 205 that is stored in the user device 100 may comprise image data. That is, the training set of user data 101 optionally may comprise a training set of user images 206. In other words, the training set of user data 101 may comprise user images selected for training, which are stored in the user device 100.
- the testing set of user data 202 optionally may comprise a testing set of user images 207. In other words, the testing set of user data 202 may comprise user images selected for testing, which are stored in the user device 100.
- FIG. 3 shows a schematic view of a server device 300 according to an embodiment of the present disclosure.
- the server device 300 enables crowd sourcing of training data in a privacy preserving way. That is, only model updates are received at the server device 300, while the training data (based on which a model update was created) remains at a corresponding user device 100.
- the server device 300 first receives a pre-trained base model 301.
- the base model 301 can e.g. be received from a service which offers general ML capabilities, such as models which can be used for classification.
- general ML capabilities such as models which can be used for classification.
- models are pre-trained on an ideal set of training data only and may need to be further optimized. This optimization may e.g. be performed based on crowd sourced user data. However, the privacy of such data must be maintained.
- the service device 300 generates a master model 302 based on the base model 301.
- a parameter 303 which is to be optimized is indicated.
- the master model 302 is then transmitted to a user device 100.
- the master model 302 that is transmitted by the server device 300 illustrated in FIG. 3 is the master model 102 received by the user device 100 show in FIG. 1 and FIG. 2.
- the server device 300 receives a model update 304 from the user device 100.
- the model update 304 corresponds to the master model 302.
- the model update 304 that is received by the server device 300 illustrated in FIG. 3 is the model update 104 that is sent by the user device 100 shown in FIG. 1 and FIG. 2.
- the server device 300 updates the master model 302 based on the model update 304. Thereby, the master model 302 can be further trained and fined tuned.
- the master model 302 is optimized compared to the base model 301, while not user date of the user device 100 was transmitted from the user device 100 to the server device 300.
- FIG. 4 shows a schematic view of a server device 300 according to an embodiment of the present disclosure in more detail.
- the server device 300 shown in FIG. 4 comprises all features and functionality of the server device 300 of FIG. 3, as well as the following optional features:
- the model update 304 optionally may comprise gradient information 401.
- the gradient information 401 may relate exclusively to the parameter 303.
- the master model 302 can in particular be updated based on the gradient information 401, by the server device 300.
- the server device 300 optionally can receive performance metrics 402 from the user device 100.
- the performance metrics 402 illustrated in FIG. 4 are the performance metrics 204 transmitted by the user device 100 of FIG. 2.
- the server device 300 may aggregate the performance metrics 402 and update global performance metrics 403, based thereon.
- the server device 300 optionally may add new labels 404 to existing labels 405 of the base model 301. This allows generating a master model 302, in which the new labels 404 relate to a predefined use case, e.g. desired by a user of the server device 300.
- the user device 100 described in view of FIG. 1 and FIG. 2 and the server device 300 described in view of FIG. 3 and FIG. 4 provide a solution for privacy preserving crowd sourcing of user data (e.g. user images) to improve the accuracy of a model (e.g. a model for image classification).
- This solution allows fine-tuning of the base model 301 without collecting user data on the server device 300.
- the user data remains exclusively on the user device 100.
- the server devices defines a new model (i.e. the master model 302, which can also be called federated master model) by extending the base model 301 provided by the service.
- a copy of master model 302 is downloaded to at least one user device 100.
- Each user device 100 computes model updates 104 using locally stored training data (i.e. the training set of user data 101, which e.g. may comprise user images). These model updates 104 are transmitted to the server device
- the server device 300 updates the master model 302 using the model updates 104 received from the user devices 100. Then, the updated master model 302 can again be distributed to a user device 100, where it is used for solving an ML task (e.g. a classification task, in particular an image classification task).
- an ML task e.g. a classification task, in particular an image classification task.
- FIG. 5 shows a schematic view of an operating scenario according to the present disclosure.
- a service which provides general ML capability (labelled “HMS ML Kit”) trains a base model 301 with ideal training data.
- ideal training data e.g. includes nice and clean training images.
- the pre-trained base model 301 is then provided to a server device 300 (labelled “App Cloud Server”).
- the server device 300 generates a master model 302 based on the base model
- FIG. 6 shows another schematic view of an operating scenario according to the present disclosure.
- the user device 100 is also call “user 1”
- the server device 300 is also called “app cloud server”
- the service which provides general ML capabilities is also called “HMS ML Kit”.
- the HMS ML Kit trains an image classification model (i.e. the base model 301) using training data (e.g. publicly available ideal image data sets).
- training data e.g. publicly available ideal image data sets.
- the app cloud server can download the pre-trained base model 301.
- a federated model i.e. the master model 302 can be initialized using at least one parameter of the base model 301.
- the app cloud server can freeze parameters of the federated model which do not need to be fine- tuned e.g., G cn (a parameter of a convolutional layer) and indicate, which model parameters are to be fine-tuned (e.g. G C and Of).
- the app cloud server can transmit the federated model to all users (i.e. the user device 100, also called client or app).
- the app cloud server can receive these gradients (in particular of parameters VG C and V0 C ) for fine-tuning using crowd sourced training data.
- the parameters of the federated model are then updated using a stochastic gradient descent (cf. section 601).
- the app cloud server also can receive performance metrics from all users and aggregate these performance metrics.
- User 1 can receive the model parameters which are to be fine-tuned (e.g. G C and G ) from the app cloud server.
- user images can be divided into training sets and testing sets.
- the training set of user images can be used to compute the gradients of the parameters, VGf C and VG C
- user 1 can compute classification performance metrics such as precision pr, recall re, fl, accuracy acc.
- the gradients (VGf C and V0 C ) can be transmitted to the app cloud server.
- the performance metrics pr, re, fl and acc can be transmitted to the app cloud server.
- FIG. 7 shows another schematic view of an operating scenario according to the present disclosure.
- the HMS ML Kit sends a pre-trained base model 301 to the server device 300 (labelled app cloud server).
- the server device 300 initializes a master model 302 (i.e. the federated model) based on the base model 301 and freezes parameters which do not need to be fine-tuned.
- the master model 302 is sent to the user device 100 (also called app or client).
- the user device 100 already divided user data into training and testing data (e.g. user images are divided in training images and testing images).
- the server device 300 also indicates a parameter 303 to the user device 100 which needs to be fine-tuned (this indication is done by means of the master model 302).
- a model update 104 is computed, which includes a gradient of the to be optimized parameter 303.
- the model update 104 including the gradient is then transmitted to the server device 300, where a stochastic gradient descent is performed to update the master model 302 (i.e. model parameters).
- the user device 100 may also predict classification labels based on testing data (i.e. the testing set of user data 202), compute performance metrics based thereon, and send the performance metrics to the server device 300.
- the server device 300 then may aggregate the performance metrics.
- FIG. 8 shows a schematic view of a method 800 according to an embodiment of the present disclosure.
- the method 800 is for privacy preserving model training.
- the method 800 comprises a step of obtaining 801, by a user device 100, a training set of user data 101.
- the method 800 further comprises a step of receiving 802, by the user device 100, a master model 102 from a server device 300.
- the method 800 further comprises a step of determining 803, by the user device 100, a parameter 103 to be optimized based on the master model 102.
- the method 800 further comprises a step of generating 804, by the user device 100, a model update 104 based on the parameter 103 and the training set of user data 101.
- the method 800 further comprises a step of transmitting 805, by the user device 100, the model update 104 to the server device 300.
- FIG. 9 shows a schematic view of a method 900 according to an embodiment of the present disclosure.
- the method 900 is for privacy preserving model training.
- the method 900 comprises a step of receiving 901, by a server device 300, a pre-trained base model 301.
- the method 900 further comprises a step of generating 902, by the server device 300, a master model 302 based on the base model 301.
- the method 900 further comprises a step of indicating 903, by the server device 300, a parameter 303 in the master model 302, the parameter 303 being a parameter to be optimized.
- the method 900 further comprises a step of transmitting
- the method 900 further comprises a step of receiving 905, by the server device 300, a model update 304 corresponding to the master model 302 from the user device 100.
- the method 900 further comprises a step of updating 906, by the server device 300, the master model 302 based on the model update 304.
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present disclosure relates to the field of machine learning (ML) and model training. The present disclosure provides a way for training a model in a server device based on training data in a user device. Privacy of the training data is ensured, as the training data as such is not made available to the server device. The present disclosure therefore provides a user device (100) for privacy preserving model training. The user device (100) is configured to obtain a training set of user data (101); receive a master model (102) from a server device (300); determine a parameter (103) based on the master model (102), the parameter (103) being a parameter to be optimized; generate a model update (104) based on the parameter (103) and the training set of user data (101); and transmit the model update (104) to the server device (300).
Description
USER DEVICE, SERVER DEVICE, METHOD AND SYSTEM FOR PRIVACY PRESERVING MODEL TRAINING
TECHNICAL FIELD
The present disclosure relates to the field of machine learning (ML) and model training. A user device and a server device are provided, which allow for training of a model stored in the server device in a distributed fashion, based on training data in the user device. Privacy of the training data is ensured, as the training data as such is not made available to the server device. Several user devices may cooperate with one server device for distributed model training. The present disclosure also provides corresponding methods and a system.
BACKGROUND
In a conventional system for model training, effectivity of training relies on the amount of training data available. For example, in the field of image classification (i.e. a machine learning task with the goal to classify an image, based on training data comprising images and labels), the accuracy of a classification model depends on the number of images and labels available for training. More training data leads to better accuracy.
Due to the limitation of training data, a conventional system for model training has the drawback that classification with a model that is trained using nice and clean ideal training data performs poorly on noisy images in real-world settings. Moreover, the conventional system may have to classify images with new labels for which a trained model is not able to predict accurate classifications (cf. FIG. 10A).
To overcome these drawbacks, crowd sourced training data is used for model training. That is, crowd sourced user images are relied on to improve classification accuracy (cf. FIG. 10B). These user images are collected from user devices (e.g. apps) and stored in a server device (e.g. a cloud server). A pre-trained model (e.g. a base model) is fine-tuned or trained using the collected user images. The fine-tuned model is then downloaded to the user devices and is used for image classification. However, using crowd sourced training data can be prohibited by privacy law, according to which it is restricted to collect and store user images without consent. Moreover, storing a huge amount of crowd sourced training data (e.g. user images) on a server device poses further requirements for storage capacity, security and data privacy.
SUMMARY
In view of the above-mentioned problem, an objective of embodiments of the present disclosure is to enable model training based on crow sourced training data while meeting storage capacity, security and data privacy requirements.
This or other objectives may be achieved by embodiments of the present disclosure as described in the enclosed independent claims. Advantageous implementations of embodiments of the present disclosure are further defined in the dependent claims.
A first aspect of the present disclosure provides a user device for privacy preserving model training, wherein the user device is configured to obtain a training set of user data; receive a master model from a server device; determine a parameter based on the master model, the parameter being a parameter to be optimized; generate a model update based on the parameter and the training set of user data; and transmit the model update to the server device.
This ensures that classification accuracy of a model can be improved without compromising privacy of crowd sourcing users, i.e. of their training set of user data. The training set of user data remains on the user device. Also, there is no need to collect and store user images on cloud servers. Moreover, model payload that is transferred over a network is much smaller (in particular due to a lower number of trainable parameters) compared to transferring crowd sourced training data.
Moreover, the subject matter according to the first aspect is advantageous, as quality of artificial intelligence (AI) assisted image classification apps is improved by incorporating user images in a privacy preserving way. Further, a competitive advantage is provided to developers which build image classification apps by crowd-sourcing user images. Training data can be collected and stored without violating privacy. Improved classification accuracy without comprising privacy yields better user experience.
In particular, the user device is a mobile device, a user equipment, a terminal, a personal computer, an IoT device, or the like.
In particular, the user device is configured to make a prediction based on input user data by using the master model received from the server device. That is, the user device e.g. can perform image classification based on the master model.
In an implementation form of the first aspect, the user device is further configured to compute a gradient of the parameter, based on the training set of user data, and generate the model update based on the gradient.
This ensures that a precise way of generating an accurate model update is provided.
In particular the gradient is generated in the user device using user images. The user images e.g. can be crowd sourced.
In a further implementation form of the first aspect, the user device is further configured to obtain a testing set of user data; predict classification labels of the testing set of user data using the master model; compute performance metrics based on the predicted classification labels and the testing set of user data; and transmit the performance metrics to the server device.
This ensures that performance metrics can be taken into account to improve the processing of the user device and the corresponding server device.
In particular, the performance metric is a precision, a recall, an FI score, or similar other classification performance metrics the like.
In a further implementation form of the first aspect, the user device is further configured to classify user data stored in the device to obtain the training set of user data and the testing set of user data.
This ensures that user data stored in the user device can be used for several advantageous purposes. Moreover, an efficient way of obtaining testing data and training data is provided.
In a further implementation form of the first aspect, the training set of user data comprises a training set of user images, and/or the testing set of user data comprises a testing set of user images.
This ensures that the user device can in particular be used for training models for image classification.
In a further implementation form of the first aspect, the parameter relates to at least one of: a convolutional layer of a convolutional neural network, a fully connected layer of a convolutional neural network, a classification layer of a convolutional neural network.
This ensures that several kinds of layers of a neural network can be used for obtaining the parameter.
A second aspect of the present disclosure provides a server device for privacy preserving model training, wherein the server device is configured to receive a pre-trained base model; generate a master model based on the base model; indicate a parameter in the master model, the parameter being a parameter to be optimized; transmit the master model to a user device; receive a model update corresponding to the master model from the user device; and update the master model based on the model update.
This ensures that classification accuracy of a model can be improved without compromising privacy of crowd sourcing users, i.e. of their training set of user data, and without undue storage and security burdens at the server device.
In particular, the pre-trained base model comprises an image classification model. The image classification model is e.g. trained on a large amount of data.
In particular, the server device and the user device participate in a crowd-source campaign.
In particular, the master model comprises an image classification model.
In particular, the server device is configured to initialize the master model using parameters of the base model, to generate the master model.
In particular, the master model is optimized based on a stochastic gradient descent of utilizing model updates.
In an implementation form of the second aspect, the model update comprises gradient information relating exclusively to the parameter, and the server device is further configured to update the master model based on the gradient information.
This ensures that a precise way of updating the master model is provided.
In a further implementation form of the second aspect, the server device is further configured to receive performance metrics from the user device and aggregate the performance metrics to update global performance metrics.
This ensures that performance metrics can be taken into account to improve the processing of the server device and the corresponding user device.
In a further implementation form of the second aspect, the server device is further configured to add new labels to existing labels of the base model to generate the master model, wherein the new labels relate to a predefined use case.
This ensures that using the base model can be extended according to predefined use cases.
A third aspect of the present disclosure provides a method for privacy preserving model training, wherein method comprises the steps of obtaining, by a user device, a training set of user data; receiving, by the user device, a master model from a server device; determining, by the user device, a parameter to be optimized based on the master model; generating, by the user device, a model update based on the parameter and the training set of user data; and transmitting, by the user device, the model update to the server device.
In an implementation form of the third aspect, the method further comprises computing, by the user device, a gradient of the parameter, based on the training set of user data, and generating, by the user device, the model update based on the gradient.
In a further implementation form of the third aspect, the method further comprises obtaining, by the user device, a testing set of user data; predicting, by the user device, classification labels of the testing set of user data using the master model; computing, by the user device,
performance metrics based on the predicted classification labels and the testing set of user data; and transmitting, by the user device, the performance metrics to the server device.
In a further implementation form of the third aspect, the method further comprises classifying, by the user device, user data stored in the device to obtain the training set of user data and the testing set of user data.
In a further implementation form of the third aspect, the training set of user data comprises a training set of user images, and/or the testing set of user data comprises a testing set of user images.
In a further implementation form of the third aspect, the parameter relates to at least one of: a convolutional layer of a convolutional neural network, a fully connected layer of a convolutional neural network, a classification layer of a convolutional neural network.
The third aspect and its implementation forms include the same advantages as the first aspect and its respective implementation forms.
A fourth aspect of the present disclosure provides a method for privacy preserving model training, wherein the method comprises the steps of receiving, by a server device, a pre-trained base model; generating, by the server device, a master model based on the base model; indicating, by the server device, a parameter in the master model, the parameter being a parameter to be optimized; transmitting, by the server device, the master model to a user device; receiving, by the server device, a model update corresponding to the master model from the user device; and updating, by the server device, the master model based on the model update.
In an implementation form of the fourth aspect, the model update comprises gradient information relating exclusively to the parameter, and the method further comprises updating, by the server device, the master model based on the gradient information.
In a further implementation form of the fourth aspect, the method further comprises receiving, by the server device, performance metrics from the user device and aggregating, by the server device, the performance metrics to update global performance metrics.
In a further implementation form of the fourth aspect, the method further comprises adding, by the server device, new labels to existing labels of the base model to generate the master model, wherein the new labels relate to a predefined use case.
The fourth aspect and its implementation forms include the same advantages as the second aspect and its respective implementation forms.
A fifth aspect of the present disclosure provides a computer program comprising instructions which, when the program is executed by a computer, cause the computer to carry out the steps of the method of the third aspect or any of its implementation forms, or the fourth aspect or any of its implementation forms.
The fifth aspect includes the same advantages as the third aspect or any of its implementation forms and the fourth aspect or any of its implementation forms.
A sixth aspect of the present disclosure provides a non-transitory computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to carry out the steps of the method of the third aspect or any of its implementation forms, or the fourth aspect or any of its implementation forms.
The sixth aspect includes the same advantages as the third aspect or any of its implementation forms and the fourth aspect or any of its implementation forms.
A seventh aspect of the present disclosure provides a system for privacy preserving model training, comprising the user device according to the first aspect or any of its implementation forms, and the server device according to the second aspect or any of its implementation forms.
The seventh aspect includes the same advantages as the first aspect or any of its implementation forms and the second aspect or any of its implementation forms.
It has to be noted that all devices, elements, units and means described in the present application could be implemented in the software or hardware elements or any kind of combination thereof. All steps which are performed by the various entities described in the present application as well as the functionalities described to be performed by the various entities are intended to mean
that the respective entity is adapted to or configured to perform the respective steps and functionalities. Even if, in the following description of specific embodiments, a specific functionality or step to be performed by external entities is not reflected in the description of a specific detailed element of that entity which performs that specific step or functionality, it should be clear for a skilled person that these methods and functionalities can be implemented in respective software or hardware elements, or any kind of combination thereof.
BRIEF DESCRIPTION OF DRAWINGS
The above-described aspects and implementation forms of the present disclosure will be explained in the following description of specific embodiments in relation to the enclosed drawings, in which
FIG. 1 shows a schematic view of a user device according to an embodiment of the present disclosure;
FIG. 2 shows a schematic view of a user device according to an embodiment of the present disclosure in more detail;
FIG. 3 shows a schematic view of a server device according to an embodiment of the present disclosure;
FIG. 4 shows a schematic view of a server device according to an embodiment of the present disclosure in more detail;
FIG. 5 shows a schematic view of an operating scenario according to the present disclosure;
FIG. 6 shows a schematic view of an operating scenario according to the present disclosure;
FIG. 7 shows a schematic view of an operating scenario according to the present disclosure;
FIG. 8 shows a schematic view of a method according to an embodiment of the present disclosure;
FIG. 9 shows a schematic view of a method according to an embodiment of the present disclosure; and
FIG. 10 shows a schematic view of a conventional system for model training.
DETAILED DESCRIPTION OF EMBODIMENTS
FIG. 1 shows a schematic view of a user device 100 according to an embodiment of the present disclosure. The server device 100 enables crowd sourcing of training data for model training, while at the same time maintaining privacy of such training data. That is, the device 100 is for privacy preserving model training.
To this end, the user device 100 obtains a training set of user data 101. This may be any kind of user data which is suitable for training a model, e.g. a neural network. The training set of user data 101 may be pre-stored in the user device 100, generated by the user device 100, and/or received by the user device 100.
The user device 100 may further receive a master model 102 from a server device 300. The server device 300 can be an entity with which the user device 100 can communicate for privacy preserving model training, that is, the server device 300 is not necessarily part of the user device
100. The server device 300 and in particular generating the master model 102 are going to be described in more detail in view of FIG. 3 and FIG. 4 below.
The user device 100 may further determine a parameter 103 based on the master model 102. The parameter 103 is a parameter to be optimized, e.g. by privacy preserving model training. In other words, in the master model 102 it may be indicated which parameter 103 of the master model 102 is to be optimized. To optimize the parameter 103, the user device 100 generates, based on the parameter 103 and the training set of user data 101, a model update 104. The model update 104 is then transmitted to the server device 300. Further processing of the model update 104 in the server device 300 is going to be described in view of FIG. 3 and FIG. 4 below.
In other words, the server device 300 provides a master model 102 to the user device 100, based on which the user device 100 generates a model update 104, which is in turn provided to the server device 300. The model update 104 is also generated based on the training set of user data
101, which remains in the user device 100 and is not provided to the server device 300, as such. As a result, privacy of the training set of user data 101 is maintained and not overhead for transmitting the training set of user data 101 to the server device 300 and storing it is generated.
FIG. 2 shows a schematic view of a user device 100 according to an embodiment of the present disclosure in more detail. The user device 100 shown in FIG. 2 comprises all features and functionality of the user device 100 of FIG. 1, as well as the following optional features:
As it is illustrated in FIG. 2, based on the training set of user data 101, the user device 100 optionally can compute a gradient 201 of the parameter 103. The model update 104 is then generated based on the gradient 201.
Further optionally, the user device 100 can obtain a testing set of user data 202. The testing set of user data 202 can be obtained in a similar way as the training set of user data 101. By using the master model 102, the user device 100 can predict classification labels 203 of the testing set of user data 202. The classification labels 203 and the testing set of user data 202 can be used for performance measurement. That is, the user device 100 can compute performance metrics 204 based on the predicted classification labels 203 and the testing set of user data 202. In turn, the performance metrics 204 can be transmitted to the server device 300.
In particular, the training set of user data 101 and/or the testing set of user data 202 can be obtained by classifying user data 205, which is stored in the user device 100. That is, the user device 100 can determine, which part of the user data 205 can be used for training, and which part can be used for testing. The user data 205 however is not made available to the server device 300 as such. Only the model update 104 and/or the performance metrics 204 can be transmitted to the server device 300.
The user data 205 that is stored in the user device 100 may comprise image data. That is, the training set of user data 101 optionally may comprise a training set of user images 206. In other words, the training set of user data 101 may comprise user images selected for training, which are stored in the user device 100. The testing set of user data 202 optionally may comprise a testing set of user images 207. In other words, the testing set of user data 202 may comprise user images selected for testing, which are stored in the user device 100.
FIG. 3 shows a schematic view of a server device 300 according to an embodiment of the present disclosure. The server device 300 enables crowd sourcing of training data in a privacy preserving way. That is, only model updates are received at the server device 300, while the training data (based on which a model update was created) remains at a corresponding user device 100.
To facilitate model training, the server device 300 first receives a pre-trained base model 301. The base model 301 can e.g. be received from a service which offers general ML capabilities, such as models which can be used for classification. However, such models are pre-trained on an ideal set of training data only and may need to be further optimized.
This optimization may e.g. be performed based on crowd sourced user data. However, the privacy of such data must be maintained.
Therefore, the service device 300 generates a master model 302 based on the base model 301. In the master model 302, a parameter 303 which is to be optimized is indicated. Although there is only one parameter 303 illustrated in FIG. 3, there can be an arbitrary number of parameters 303 indicated in the master model 302. The master model 302 is then transmitted to a user device 100. The master model 302 that is transmitted by the server device 300 illustrated in FIG. 3 is the master model 102 received by the user device 100 show in FIG. 1 and FIG. 2.
After the master model 302 is transmitted to the user device 100, the server device 300 receives a model update 304 from the user device 100. The model update 304 corresponds to the master model 302. The model update 304 that is received by the server device 300 illustrated in FIG. 3 is the model update 104 that is sent by the user device 100 shown in FIG. 1 and FIG. 2.
After the model update 304 is received by the server device 300, the server device 300 updates the master model 302 based on the model update 304. Thereby, the master model 302 can be further trained and fined tuned. The master model 302 is optimized compared to the base model 301, while not user date of the user device 100 was transmitted from the user device 100 to the server device 300.
FIG. 4 shows a schematic view of a server device 300 according to an embodiment of the present disclosure in more detail. The server device 300 shown in FIG. 4 comprises all features and functionality of the server device 300 of FIG. 3, as well as the following optional features:
As illustrated in FIG. 4, the model update 304 optionally may comprise gradient information 401. The gradient information 401 may relate exclusively to the parameter 303. The master model 302 can in particular be updated based on the gradient information 401, by the server device 300.
The server device 300 optionally can receive performance metrics 402 from the user device 100. The performance metrics 402 illustrated in FIG. 4 are the performance metrics 204 transmitted by the user device 100 of FIG. 2. The server device 300 may aggregate the performance metrics 402 and update global performance metrics 403, based thereon.
In order to support more use cases than originally intended by the service (which offers the general ML capabilities) that provided the base model 301 to the server device 300, the server device 300 optionally may add new labels 404 to existing labels 405 of the base model 301. This allows generating a master model 302, in which the new labels 404 relate to a predefined use case, e.g. desired by a user of the server device 300.
The user device 100 described in view of FIG. 1 and FIG. 2 and the server device 300 described in view of FIG. 3 and FIG. 4 provide a solution for privacy preserving crowd sourcing of user data (e.g. user images) to improve the accuracy of a model (e.g. a model for image classification). This solution allows fine-tuning of the base model 301 without collecting user data on the server device 300. The user data remains exclusively on the user device 100. The server devices defines a new model (i.e. the master model 302, which can also be called federated master model) by extending the base model 301 provided by the service. A copy of master model 302 is downloaded to at least one user device 100. Each user device 100 computes model updates 104 using locally stored training data (i.e. the training set of user data 101, which e.g. may comprise user images). These model updates 104 are transmitted to the server device
300 instead of the training data. The server device 300 updates the master model 302 using the model updates 104 received from the user devices 100. Then, the updated master model 302 can again be distributed to a user device 100, where it is used for solving an ML task (e.g. a classification task, in particular an image classification task).
FIG. 5 shows a schematic view of an operating scenario according to the present disclosure. In FIG. 5, a service which provides general ML capability (labelled “HMS ML Kit”) trains a base model 301 with ideal training data. Such ideal training data e.g. includes nice and clean training images. The pre-trained base model 301 is then provided to a server device 300 (labelled “App Cloud Server”). The server device 300 generates a master model 302 based on the base model
301 and indicates a parameter 303 to be optimized (which is not shown in FIG. 5) in the master model 302. The master model 302 is transmitted to the user device 100 (“User 1”) as master model 102. In the user device 100, a model update 104 is generated based on the parameter 103 and a training set of user date 101. The model update 104 is then transmitted to the server device 300, where it is received as model update 304. The master model 302 is then updated by the server device 300, based on the model update 304.
FIG. 6 shows another schematic view of an operating scenario according to the present disclosure. In particular, the general capabilities of the user device 100 and the server device 300 are described. In FIG. 6 and the following description, the user device 100 is also call “user 1”, the server device 300 is also called “app cloud server” and the service which provides general ML capabilities is also called “HMS ML Kit”.
As shown in the figure, the HMS ML Kit trains an image classification model (i.e. the base model 301) using training data (e.g. publicly available ideal image data sets).
The app cloud server can download the pre-trained base model 301. A federated model (i.e. the master model 302) can be initialized using at least one parameter of the base model 301. The app cloud server can freeze parameters of the federated model which do not need to be fine- tuned e.g., Gcn (a parameter of a convolutional layer) and indicate, which model parameters are to be fine-tuned (e.g. G C and Of). The app cloud server can transmit the federated model to all users (i.e. the user device 100, also called client or app). After user 1 provides a model update 104 comprising gradients, the app cloud server can receive these gradients (in particular of parameters VG C and V0C) for fine-tuning using crowd sourced training data. The parameters of the federated model are then updated using a stochastic gradient descent (cf. section 601). The app cloud server also can receive performance metrics from all users and aggregate these performance metrics.
User 1 can receive the model parameters which are to be fine-tuned (e.g. G C and G ) from the app cloud server. In user 1, user images can be divided into training sets and testing sets. The training set of user images can be used to compute the gradients of the parameters, VGfC and VGC Using the testing set of images, user 1 can compute classification performance metrics such as precision pr, recall re, fl, accuracy acc. After the gradients (VGfC and V0C) are computed, these can be transmitted to the app cloud server. Also the performance metrics pr, re, fl and acc can be transmitted to the app cloud server.
In particular, essentially the parameters of the fully connected and/or classification layers of a model are fine-tuned, which are much less than the total number of parameters in the base model 301. In particular, GfC and Gf are transmitted from the app cloud server to the user devices, and VG C and VGC are transmitted from the user devices to the app cloud server.
FIG. 7 shows another schematic view of an operating scenario according to the present disclosure. As illustrated, the HMS ML Kit sends a pre-trained base model 301 to the server device 300 (labelled app cloud server). The server device 300 initializes a master model 302 (i.e. the federated model) based on the base model 301 and freezes parameters which do not need to be fine-tuned. The master model 302 is sent to the user device 100 (also called app or client). The user device 100 already divided user data into training and testing data (e.g. user images are divided in training images and testing images). The server device 300 also indicates a parameter 303 to the user device 100 which needs to be fine-tuned (this indication is done by means of the master model 302). Based on this parameter 303 and the testing data (i.e. the testing set of user data 101) a model update 104 is computed, which includes a gradient of the to be optimized parameter 303. The model update 104 including the gradient is then transmitted to the server device 300, where a stochastic gradient descent is performed to update the master model 302 (i.e. model parameters). The user device 100 may also predict classification labels based on testing data (i.e. the testing set of user data 202), compute performance metrics based thereon, and send the performance metrics to the server device 300. The server device 300 then may aggregate the performance metrics.
FIG. 8 shows a schematic view of a method 800 according to an embodiment of the present disclosure. The method 800 is for privacy preserving model training. To this end, the method 800 comprises a step of obtaining 801, by a user device 100, a training set of user data 101. The method 800 further comprises a step of receiving 802, by the user device 100, a master model 102 from a server device 300. The method 800 further comprises a step of determining 803, by the user device 100, a parameter 103 to be optimized based on the master model 102. The method 800 further comprises a step of generating 804, by the user device 100, a model update 104 based on the parameter 103 and the training set of user data 101. The method 800 further comprises a step of transmitting 805, by the user device 100, the model update 104 to the server device 300.
FIG. 9 shows a schematic view of a method 900 according to an embodiment of the present disclosure. The method 900 is for privacy preserving model training. To this end, the method 900 comprises a step of receiving 901, by a server device 300, a pre-trained base model 301. The method 900 further comprises a step of generating 902, by the server device 300, a master model 302 based on the base model 301. The method 900 further comprises a step of indicating
903, by the server device 300, a parameter 303 in the master model 302, the parameter 303 being a parameter to be optimized. The method 900 further comprises a step of transmitting
904, by the server device 300, the master model 302 to a user device 100. The method 900 further comprises a step of receiving 905, by the server device 300, a model update 304 corresponding to the master model 302 from the user device 100. The method 900 further comprises a step of updating 906, by the server device 300, the master model 302 based on the model update 304.
The present disclosure has been described in conjunction with various embodiments as examples as well as implementations. However, other variations can be understood and effected by those persons skilled in the art and practicing the claimed disclosure, from the studies of the drawings, this disclosure, and the independent claims. In the claims as well as in the description, the word “comprising” does not exclude other elements or steps and the indefinite article “a” or “an” does not exclude a plurality. A single element or other unit may fulfill the functions of several entities or items recited in the claims. The mere fact that certain measures are recited in the mutual different dependent claims does not indicate that a combination of these measures cannot be used in an advantageous implementation.
Claims
1. A user device (100) for privacy preserving model training, wherein the user device (100) is configured to:
- obtain a training set of user data (101),
- receive a master model (102) from a server device (300),
- determine a parameter (103) based on the master model (102), the parameter (103) being a parameter to be optimized,
- generate a model update (104) based on the parameter (103) and the training set of user data
(101), and
- transmit the model update (104) to the server device (300).
2. The user device (100) according to claim 1, further configured to
- compute a gradient (201) of the parameter (103), based on the training set of user data (101), and
- generate the model update (104) based on the gradient (201).
3. The user device (100) according to claim 2, further configured to
- obtain a testing set of user data (202),
- predict classification labels (203) of the testing set of user data (202) using the master model
(102),
- compute performance metrics (204) based on the predicted classification labels (203) and the testing set of user data (202), and
- transmit the performance metrics (204) to the server device (300).
4. The user device (100) according to claim 3, further configured to classify user data (205) stored in the device (100) to obtain the training set of user data (101) and the testing set of user data (202).
5. The user device (100) according to any one of the preceding claims, wherein the training set of user data (101) comprises a training set of user images (206), and/or wherein the testing set of user data (202) comprises a testing set of user images (207).
6. The user device (100) according to any one of the preceding claims, wherein the parameter (103) relates to at least one of: a convolutional layer of a convolutional neural network, a fully connected layer of a convolutional neural network, a classification layer of a convolutional neural network.
7. A server device (300) for privacy preserving model training, wherein the server device (300) is configured to:
- receive a pre-trained base model (301),
- generate a master model (302) based on the base model (301),
- indicate a parameter (303) in the master model(302), the parameter (303) being a parameter to be optimized,
- transmit the master model (302) to a user device (100),
- receive a model update (304) corresponding to the master model (302) from the user device (100), and
- update the master model (302) based on the model update (304).
8. The server device (300) according to claim 7, wherein the model update (304) comprises gradient information (401) relating exclusively to the parameter (303), and wherein the server device (300) is further configured to update the master model (302) based on the gradient information (401).
9. The server device (300) according to claim 7 or 8, further configured to receive performance metrics (402) from the user device (100) and aggregate the performance metrics (402) to update global performance metrics (403).
10. The server device (300) according to any one of claims 7 to 9, further configured to add new labels (404) to existing labels (405) of the base model (301) to generate the master model (302), wherein the new labels (404) relate to a predefined use case.
11. A method (800) for privacy preserving model training, wherein method (800) comprises the steps of :
- obtaining (801), by a user device (100), a training set of user data (101),
- receiving (802), by the user device (100), a master model (102) from a server device (300),
- determining (803), by the user device (100), a parameter (103) to be optimized based on the master model (102),
- generating (804), by the user device (100), a model update (104) based on the parameter (103) and the training set of user data (101), and - transmitting (805), by the user device (100), the model update (104) to the server device (300).
12. A method (900) for privacy preserving model training, wherein the method (900) comprises the steps of:
- receiving (901), by a server device (300), a pre-trained base model (301), - generating (902), by the server device (300), a master model (302) based on the base model
(301),
- indicating (903), by the server device (300), a parameter (303) in the master model (302), the parameter (303) being a parameter to be optimized,
- transmitting (904), by the server device (300), the master model (302) to a user device (100), - receiving (905), by the server device (300), a model update (304) corresponding to the master model (302) from the user device (100), and
- updating (906), by the server device (300), the master model (302) based on the model update (304). 13. A computer program comprising instructions which, when the program is executed by a computer, cause the computer to carry out the steps of the method of claim 11 or claim 12.
14. A system for privacy preserving model training, comprising the user device (100) according to any one of claims 1 to 6 and the server device (300) according to any one of claim 7 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/EP2021/065303 WO2022258149A1 (en) | 2021-06-08 | 2021-06-08 | User device, server device, method and system for privacy preserving model training |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/EP2021/065303 WO2022258149A1 (en) | 2021-06-08 | 2021-06-08 | User device, server device, method and system for privacy preserving model training |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2022258149A1 true WO2022258149A1 (en) | 2022-12-15 |
Family
ID=76355512
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/EP2021/065303 WO2022258149A1 (en) | 2021-06-08 | 2021-06-08 | User device, server device, method and system for privacy preserving model training |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2022258149A1 (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190227980A1 (en) * | 2018-01-22 | 2019-07-25 | Google Llc | Training User-Level Differentially Private Machine-Learned Models |
| EP3528179A1 (en) * | 2018-02-15 | 2019-08-21 | Koninklijke Philips N.V. | Training a neural network |
| US20200125737A1 (en) * | 2017-08-02 | 2020-04-23 | Alibaba Group Holding Limited | Model training method and apparatus based on data sharing |
| WO2020192896A1 (en) * | 2019-03-26 | 2020-10-01 | Huawei Technologies Co., Ltd. | Apparatus and method for hyperparameter optimization of a machine learning model in a federated learning system |
-
2021
- 2021-06-08 WO PCT/EP2021/065303 patent/WO2022258149A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200125737A1 (en) * | 2017-08-02 | 2020-04-23 | Alibaba Group Holding Limited | Model training method and apparatus based on data sharing |
| US20190227980A1 (en) * | 2018-01-22 | 2019-07-25 | Google Llc | Training User-Level Differentially Private Machine-Learned Models |
| EP3528179A1 (en) * | 2018-02-15 | 2019-08-21 | Koninklijke Philips N.V. | Training a neural network |
| WO2020192896A1 (en) * | 2019-03-26 | 2020-10-01 | Huawei Technologies Co., Ltd. | Apparatus and method for hyperparameter optimization of a machine learning model in a federated learning system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AbdulRahman et al. | FedMCCS: Multicriteria client selection model for optimal IoT federated learning | |
| US11537493B2 (en) | System and method for low latency edge computing | |
| WO2019090954A1 (en) | Prediction method, and terminal and server | |
| US11164108B2 (en) | Transfer learning without local data export in multi-node machine learning | |
| US11715044B2 (en) | Methods and systems for horizontal federated learning using non-IID data | |
| CN108351881A (en) | The system and method for optimally in distributed mode | |
| CN110809771A (en) | System and method for compression and distribution of machine learning models | |
| US20220132358A1 (en) | Network function selection for increased quality of service in communication networks | |
| US20210359898A1 (en) | Methods, systems, and devices for provisioning an application on a network node according to movement patterns and application parameters for mobile devices | |
| CN116306910B (en) | Fair privacy calculation method based on federal node contribution | |
| US20200019560A1 (en) | Systems and methods for providing predictions to applications executing on a computing device | |
| US11412010B2 (en) | Content delivery and consumption with affinity-based remixing | |
| US20230281221A1 (en) | Method for content synchronization and replacement | |
| WO2021245327A1 (en) | Collaborative machine learning | |
| Khanal et al. | Route-based proactive content caching using self-attention in hierarchical federated learning | |
| US8291052B2 (en) | Method, apparatus, and computer program product for determining a path update via distributed information management | |
| WO2024012235A1 (en) | Method, apparatus and device for analyzing artificial intelligence request | |
| WO2022258149A1 (en) | User device, server device, method and system for privacy preserving model training | |
| CN116843016A (en) | Federal learning method, system and medium based on reinforcement learning under mobile edge computing network | |
| CN114492849B (en) | Model updating method and device based on federal learning | |
| CN110322039B (en) | Click rate estimation method, server and computer readable storage medium | |
| US20240185127A1 (en) | Client model training method in decentralized learning environment and client device performing the same | |
| CN113850390A (en) | Method, device, equipment and medium for sharing data in federal learning system | |
| JP6450672B2 (en) | Network quality prediction apparatus, network quality prediction method, and program | |
| CN110636525A (en) | Credibility perception-based data transmission control method suitable for 5G network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21731153 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 21731153 Country of ref document: EP Kind code of ref document: A1 |