Research On Optimization Of Federated Learning Algorithm Based On Differential Privacy

With the rapid development of the big data era,a large amount of data is involved in all fields of people’s lives.However,the data is often fragmented and difficult to be aggregated for model training in machine learning.Federated learning,as an emerging technology,can solve this problem by allowing model weights to be shared between different data sources without sharing the raw data itself.However,federated learning also has security risks,such as inference attacks and model reverse attacks,which may lead to model leakage and affect the accuracy of the model.In order to solve these problems,a federated learning method for differential privacy protection is proposed.While,compared with centralized learning,federated learning has slower convergence speed and lower model accuracy,which is exacerbated by the noise added in differential privacy protection.The research goal of this paper is to optimize the federated learning algorithm based on differential privacy,and to improve the practicality of the model while maintaining the same level of privacy protection.The specific achievements are as follows.This paper aims to address the problem of slow model convergence in the differential privacy federation learning algorithm and overcome the difficulty of computing the privacy budget in the federation learning environment.Specifically,this thesis proposes a differential privacy federation learning algorithm based on the Alternating Direction Method of Multipliers,referred to as the DP-FedADMM algorithm.The impact of noise on the convergence speed of the model is reduced by integrating the differential privacy(DP)constraints into the FedADMM algorithm and processing the noise-added gradients uploaded by each client.At the same time,using RDP theory,a privacy proof of DP-FedADMM is given in this paper.Through extensive experiments on three datasets,it is demonstrated that DP-FedADMM outperforms the currently popular DP-FedAvg algorithm in terms of model convergence speed.In the differential privacy federation learning algorthm,noise is added to protect individual privacy,but it also has a negative impact on the accuracy of the model.In view of this phenomenon,this paper proposes a score-based adaptive differential privacy federal learning algorithm,referred to as ADPFL algorithm.At the early stage of the federal learning model training,the noise added at this stage has relatively little impact on the training effect because the model is not yet fully optimized.In contrast,at the later stage of training,the model is close to optimization,and the presence of noise greatly limits the further improvement of the model accuracy.Therefore,this paper proposes a scoring function that integrates the gradient two paradigm,training loss,model accuracy and time factors for the adaptive addition of noise.At the same time,the privacy proof of ADPFL is given by using the RDP theory.In conclusion,the paper compares the ADPFL algorithm with a federated learning algorithm that keeps the noise fixed throughout training,and finally conducts experiments on three datasets.The experimental results show that the accuracy of the model using the ADPFL algorithm is better than that of the differential privacy federated learning algorithm with uniform noise addition.