| Domain adaptation is an important research direction of transfer learning,which aims to solve the problem of knowledge transfer from labeled datasets to unlabeled datasets.In practical applications,labeled datasets often need to be collected from multiple data sources,which also known as multi-source domain adaptation.However,recurring data breaches have cast doubt on the reliability of centralized data collection.To solve the privacy and security problems brought by data collection,federated learning is proposed,which aims to complete joint modeling by interacting irreversible intermediate information.Although federated learning avoids the direct collection of raw data,attackers can still deduce some private information from the communicated data through confidentiality attacks.Based on the above background,this thesis mainly studies the security transfer of knowledge in multi-source scenarios.The specific work includes the following three aspects:1.A federated transfer model for multi-source domain adaptation is proposed.The model consists of a feature extractor,a domain discriminator,and a task classifier,and both run collaboratively by the participants and server.The training of the model is divided into three steps.First,the server initializes the global domain adaptation model and distributes it to the participants.Then,the source domain participants update all parameters based on the sample labels and domain labels,while the target domain participant uses the domain labels to update the extractor and classifier.Finally,the server collects the gradient information of each participant,and uses the designed Federated Transfer Aggregation(FedTransAgg)algorithm to aggregate the gradient information to realize knowledge transfer in the process of continuous iteration.In addition,the lossless and security of the model have been verified and analyzed on the Digits and Office datasets,and the average accuracy rate of 80.2% in the nonIID experiments is superior to the existing baseline models.2.A defense strategy based on inner product functional encryption and differential privacy is designed.Although the gradient update does not directly expose the original data,the attacker can still recover some private information from it.Firstly,functional encryption is used to protect gradient’s confidentiality,and the FedTransAgg algorithm is regarded as an inner product operation function.After each participant encrypts the gradient locally,the server uses the functional private key to aggregate the collected ciphertext.Secondly,when the participant encrypts locally,a partial encryption mechanism is introduced to improve computational efficiency.Then,considering the possible collusion behavior,Gaussian noise satisfying differential privacy is added to the gradient before encryption.Finally,the effectiveness of the defense strategy and the sensitivity of related parameters are verified and analyzed on multiple datasets.3.An integrated system for multi-source federated transfer learning visualization is built.The system is divided into display layer,application layer,security protocol and service layer in architecture,which can realize the full life cycle display of the multi-source federated transfer learning.The front-end accepts user operations and initiates a request to the back-end in parallel.After receiving the request,the back-end processes the dataset and intermediate training logs by calling calculation modules such as federated transfer models and feature embeddings,and return the obtained prediction accuracy,discrimination accuracy and lowdimensional embedded data to the front-end visualization display. |
PDF Full Text Request