nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Ranking Distance Metric for Privacy Budget in Distributed Learning of Finite Embedding Data

verfasst von : Georgios Papadopoulos, Yash Satsangi, Shaltiel Eloul, Marco Pistoia

Erschienen in: Advances in Information Retrieval

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Federated Learning (FL) is a collective of distributed learning paradigm that aims to preserve privacy in data. Recent studies have shown FL models to be vulnerable to reconstruction attacks that compromise data privacy by inverting gradients computed on confidential data. To address the challenge of defending against these attacks, it is common to employ methods that guarantee data confidentiality using the principles of Differential Privacy (DP). However, in many cases, especially for machine learning models trained on unstructured data such as text, evaluating privacy requires to consider also the finite space of embedding for client’s private data. In this study, we show how privacy in a distributed FL setup is sensitive to the underlying finite embeddings of the confidential data. We show that privacy can be quantified for a client batch that uses either noise, or a mixture of finite embeddings, by introducing a normalised rank distance (\(d_{rank}\)). This measure has the advantage of taking into account the size of a finite vocabulary embedding, and align the privacy budget to a partitioned space. We further explore the impact of noise and client batch size on the privacy budget and compare it to the standard \(\epsilon \) derived from Local-DP.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Absolute Variation Distance: An Inversion Attack Evaluation Metric for Federated Learning

Nächstes Kapitel Experiments in News Bias Detection with Pre-trained Neural Transformers

Nur mit Berechtigung zugänglich

https://www.merriam-webster.com/legal#::text=Search

https://www.investopedia.com/financial-term-dictionary-4769738

Concise Medical Dictionary. Oxford University Press, January 2010. https://doi.org/10.1093/acref/9780199557141.001.0001, https://doi.org/10.1093/acref/9780199557141.001.0001

(Oct 2023), https://en.wikipedia.org/wiki/List_of_dictionaries_by_number_of_words

Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, October 2016. https://doi.org/10.1145/2976749.2978318

Adnan, M., Kalra, S., Cresswell, J.C., Taylor, G.W., Tizhoosh, H.R.: Federated learning and differential privacy for medical image analysis. Sci. Rep. 12(1), February 2022. https://doi.org/10.1038/s41598-022-05539-7

Carvalho, R.S., Vasiloudis, T., Feyisetan, O.: TEM: High utility metric differential privacy on text (2021). https://doi.org/10.48550/ARXIV.2107.07928, https://arxiv.org/abs/2107.07928

Chamikara, M.A.P., Liu, D., Camtepe, S., Nepal, S., Grobler, M., Bertok, P., Khalil, I.: Local differential privacy for federated learning (2022). https://doi.org/10.48550/ARXIV.2202.06053, https://arxiv.org/abs/2202.06053

Chatzikokolakis, K., Andrés, M.E., Bordenabe, N.E., Palamidessi, C.: Broadening the scope of differential privacy using metrics. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 82–102. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39077-7_5CrossRef

10.

Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006). https://doi.org/10.1007/11787006_1CrossRef

11.

Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_14CrossRef

12.

Elkordy, A.R., Zhang, J., Ezzeldin, Y.H., Psounis, K., Avestimehr, S.: How much privacy does federated learning with secure aggregation guarantee? (2022). https://doi.org/10.48550/ARXIV.2208.02304, https://arxiv.org/abs/2208.02304

13.

Eloul, S., Silavong, F., Kamthe, S., Georgiadis, A., Moran, S.J.: Enhancing privacy against inversion attacks in federated learning by using mixing gradients strategies (2022)

14.

Feyisetan, O., Aggarwal, A., Xu, Z., Teissier, N.: Research challenges in designing differentially private text generation mechanisms (2020). https://doi.org/10.48550/ARXIV.2012.05403, https://arxiv.org/abs/2012.05403

15.

Feyisetan, O., Balle, B., Drake, T., Diethe, T.: Privacy- and utility-preserving textual analysis via calibrated multivariate perturbations (2019). https://doi.org/10.48550/ARXIV.1910.08902, https://arxiv.org/abs/1910.08902

16.

Gafni, T., Shlezinger, N., Cohen, K., Eldar, Y.C., Poor, H.V.: Federated learning: a signal processing perspective. IEEE Sign. Process. Mag. 39(3), 14–41 (2022). https://doi.org/10.1109/msp.2021.3125282CrossRef

17.

Hu, L., Habernal, I., Shen, L., Wang, D.: Differentially private natural language models: Recent advances and future directions (2023)

18.

Imola, J., Kasiviswanathan, S., White, S., Aggarwal, A., Teissier, N.: Balancing utility and scalability in metric differential privacy. In: UAI 2022 (2022). https://www.amazon.science/publications/balancing-utility-and-scalability-in-metric-differential-privacy

19.

Klymenko, O., Meisenbacher, S., Matthes, F.: Differential privacy in natural language processing the story so far. In: Proceedings of the Fourth Workshop on Privacy in Natural Language Processing. Association for Computational Linguistics (2022). https://doi.org/10.18653/v1/2022.privatenlp-1.1, https://doi.org/10.18653

20.

Koufogiannis, F., Han, S., Pappas, G.J.: Optimality of the Laplace mechanism in differential privacy (2015). https://doi.org/10.48550/ARXIV.1504.00065, https://arxiv.org/abs/1504.00065

21.

Maas, A.L., Daly, R.E., Pham, P.T., Huang, D., Ng, A.Y., Potts, C.: Learning word vectors for sentiment analysis. In: Proceedings of the 49th Annual Meeting of the Association for Computational Linguistics: Human Language Technologies. pp. 142–150. Association for Computational Linguistics, Portland, Oregon, USA (Jun 2011), https://aclanthology.org/P11-1015

22.

Meehan, C., Mrini, K., Chaudhuri, K.: Sentence-level privacy for document embeddings (2022). https://doi.org/10.48550/ARXIV.2205.04605, https://arxiv.org/abs/2205.04605

23.

Wei, K., et al.: Federated learning with differential privacy: algorithms and performance analysis. IEEE Trans. Inf. Forensics Secur. 15, 3454–3469 (2020). https://doi.org/10.1109/TIFS.2020.2988575CrossRef

24.

Zhao, Y., et al.: Local differential privacy based federated learning for Internet of Things (2020)

25.

Zhu, L., Liu, Z., Han, S.: Deep leakage from gradients. In: Wallach, H., Larochelle, H., Beygelzimer, A., d’Alché-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems. vol. 32. Curran Associates, Inc. (2019). https://proceedings.neurips.cc/paper_files/paper/2019/file/60a6c4002cc7b29142def8871531281a-Paper.pdf

Titel: Ranking Distance Metric for Privacy Budget in Distributed Learning of Finite Embedding Data
verfasst von: Georgios Papadopoulos
Yash Satsangi
Shaltiel Eloul
Marco Pistoia
Verlag: Springer Nature Switzerland
Buch: Advances in Information Retrieval
Print ISBN: 978-3-031-56065-1

Electronic ISBN: 978-3-031-56066-8

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-56066-8_21

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner