DP-GSGLD: A Bayesian optimizer inspired by differential privacy defending against privacy leakage in federated learning

Chengyi Yang; Kun Jia; Deli Kong; Jiayin Qi; Aimin Zhou

doi:10.1016/j.cose.2024.103839

DP-GSGLD: A Bayesian optimizer inspired by differential privacy defending against privacy leakage in federated learning

Chengyi Yang, Kun Jia, Deli Kong, Jiayin Qi, Aimin Zhou

School of Computer Science and Technology

Research output: Contribution to journal › Article › peer-review

9 Scopus citations

Abstract

Stochastic Gradient Langevin Dynamics (SGLD) is believed to preserve differential privacy as its intrinsic attribute since it obtain randomness from posterior sampling and natural noise. In this paper, we propose Differentially Private General Stochastic Gradient Langevin Dynamics (DP-GSGLD), a novel variant of SGLD which realizes gradient estimation in parameter updating through Bayesian sampling. We introduce the technique of parameter clipping and prove that DP-GSGLD satisfies the property of Differential Privacy (DP). We conduct experiments on several image datasets for defending against gradient attack that is commonly appeared in the scenario of federated learning. The results demonstrate that DP-GSGLD can decrease the time for model training and achieve higher accuracy under the same privacy level.

Original language	English
Article number	103839
Journal	Computers and Security
Volume	142
DOIs	https://doi.org/10.1016/j.cose.2024.103839
State	Published - Jul 2024

Keywords

Bayesian learning
Deep learning optimizer
Differential privacy
Stochastic gradient Langevin dynamics

Access to Document

10.1016/j.cose.2024.103839

Cite this

@article{8f62926170f74eeeb53f80000e520763,

title = "DP-GSGLD: A Bayesian optimizer inspired by differential privacy defending against privacy leakage in federated learning",

abstract = "Stochastic Gradient Langevin Dynamics (SGLD) is believed to preserve differential privacy as its intrinsic attribute since it obtain randomness from posterior sampling and natural noise. In this paper, we propose Differentially Private General Stochastic Gradient Langevin Dynamics (DP-GSGLD), a novel variant of SGLD which realizes gradient estimation in parameter updating through Bayesian sampling. We introduce the technique of parameter clipping and prove that DP-GSGLD satisfies the property of Differential Privacy (DP). We conduct experiments on several image datasets for defending against gradient attack that is commonly appeared in the scenario of federated learning. The results demonstrate that DP-GSGLD can decrease the time for model training and achieve higher accuracy under the same privacy level.",

keywords = "Bayesian learning, Deep learning optimizer, Differential privacy, Stochastic gradient Langevin dynamics",

author = "Chengyi Yang and Kun Jia and Deli Kong and Jiayin Qi and Aimin Zhou",

note = "Publisher Copyright: {\textcopyright} 2024 Elsevier Ltd",

year = "2024",

month = jul,

doi = "10.1016/j.cose.2024.103839",

language = "英语",

volume = "142",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Ltd",

}

TY - JOUR

T1 - DP-GSGLD

T2 - A Bayesian optimizer inspired by differential privacy defending against privacy leakage in federated learning

AU - Yang, Chengyi

AU - Jia, Kun

AU - Kong, Deli

AU - Qi, Jiayin

AU - Zhou, Aimin

PY - 2024/7

Y1 - 2024/7

N2 - Stochastic Gradient Langevin Dynamics (SGLD) is believed to preserve differential privacy as its intrinsic attribute since it obtain randomness from posterior sampling and natural noise. In this paper, we propose Differentially Private General Stochastic Gradient Langevin Dynamics (DP-GSGLD), a novel variant of SGLD which realizes gradient estimation in parameter updating through Bayesian sampling. We introduce the technique of parameter clipping and prove that DP-GSGLD satisfies the property of Differential Privacy (DP). We conduct experiments on several image datasets for defending against gradient attack that is commonly appeared in the scenario of federated learning. The results demonstrate that DP-GSGLD can decrease the time for model training and achieve higher accuracy under the same privacy level.

AB - Stochastic Gradient Langevin Dynamics (SGLD) is believed to preserve differential privacy as its intrinsic attribute since it obtain randomness from posterior sampling and natural noise. In this paper, we propose Differentially Private General Stochastic Gradient Langevin Dynamics (DP-GSGLD), a novel variant of SGLD which realizes gradient estimation in parameter updating through Bayesian sampling. We introduce the technique of parameter clipping and prove that DP-GSGLD satisfies the property of Differential Privacy (DP). We conduct experiments on several image datasets for defending against gradient attack that is commonly appeared in the scenario of federated learning. The results demonstrate that DP-GSGLD can decrease the time for model training and achieve higher accuracy under the same privacy level.

KW - Bayesian learning

KW - Deep learning optimizer

KW - Differential privacy

KW - Stochastic gradient Langevin dynamics

UR - https://www.scopus.com/pages/publications/85190577986

U2 - 10.1016/j.cose.2024.103839

DO - 10.1016/j.cose.2024.103839

M3 - 文章

AN - SCOPUS:85190577986

SN - 0167-4048

VL - 142

JO - Computers and Security

JF - Computers and Security

M1 - 103839

ER -

DP-GSGLD: A Bayesian optimizer inspired by differential privacy defending against privacy leakage in federated learning

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this