Research On Federated Learning Technology With Privacy Protection And Verifiability

As a branch of artificial intelligence,deep learning has been widely applied to solve datadriven issues because of its powerful ability of data mining and modeling.The success of deep learning benefits from the rapid growth of data volume,and the accuracy of data.In order to train high-precision models and improve competitiveness,more and more enterprises widely collect user data.However,the collected data contains user's sensitive information,such as photos,voice,etc.Users do not want their sensitive information to be used by enterprises.In addition,countries strengthen the construction of privacy protection laws,further constraining enterprises to collect and train data,resulting in data islands.To get rid of the above constraints,Google proposed federated learning,a distributed deep learning framework.Based on the fact that data are widely distributed,the framework allows data holders to cooperate in training model without revealing plaintext while avoiding cryptography technology with high time and space complexity.However,federated learning only protects data privacy superficially,more and more evidence shows that the gradients shared in the framework still carries the sensitive information of the original training set.What's more,the security threats from the aggregation server directly affect the classification result of the training model.How to protect the shared gradients and verify the correctness of the intermediate results returned by the aggregation server have become urgent issues to be solved.In view of the privacy and security threats faced by federated learning,this paper does the following research.(1)To solve the data privacy issue in linear outsourcing training under the current federated learning framework,this paper uses the distributed structure of federated learning to break the tradition of training local model based on stochastic gradient descent algorithm,and designs a privacy preserving federated learning linear outsourcing training scheme.The scheme realizes the correct training of linear model outsourcing through ADMM algorithm and the LASSO algorithm.At the same time,according to the theory of non-uniqueness of singular value decomposition,this paper analyzes the privacy of outsourcing data under this framework,which avoids the high time and space complexity of encryption technologies.Experimental results prove that the proposed scheme can achieve high precision of linear model training under the condition of protecting data privacy.(2)To solve the challenge of gradient secure aggregation and verification in federated learning,this paper analyzes the privacy leakage and security threats from the aggregation server and realizes the gradient secure aggregation by introducing the Paillier homomorphic encryption algorithm,which ensures the correct update of the global model.In order to verify the correctness of the results returned by the aggregation server,we combine bilinear aggregate signature technology and homomorphic hash function to design a new verification mechanism.Theoretical analysis and experiments show that this scheme ensures the accuracy of the training model while realizing the reliability of the gradient security aggregation and verification mechanism.(3)To solve the collusion and verifiability problems of privacy-preserving federated learning scheme based on homomorphic encryption,this paper analyzes the common defects of homomorphic encryption and the disadvantages of the high overhead of existing verification mechanisms.This paper combines Lagrange interpolation and blinding technology,which realizes the secure aggregation of gradients and lightweight verification of aggregation results.Compared with the existing verifiable federated learning,the cost of the verification mechanism in this paper is independent of the number of participants and does not increase with the number of participants.Theoretical analysis and experiments show that the scheme can effectively resist the collusion attack between participants and aggregation server,and the verification mechanism is reliable and efficient,while ensuring the accuracy of the model.