高效抗合谋攻击分布式机器学习隐私保护方案  被引量：3

作　　者：曹来成[1] 吴琪瑞 吴蓉 郭显[1] CAO Laicheng;WU Qirui;WU Rong;GUO Xian(School of Computer and Communication,Lanzhou University of Technology,Lanzhou 730050,China)

机构地区：[1]兰州理工大学计算机与通信学院,甘肃兰州730050

出　　处：《华中科技大学学报（自然科学版）》2022年第5期39-45,共7页Journal of Huazhong University of Science and Technology(Natural Science Edition)

基　　金：国家自然科学基金资助项目(61562059,61461027);甘肃省自然科学基金资助项目(20JR5RA467).

摘　　要：针对基于分布式云端数据外包机器学习隐私泄露及存在合谋攻击的安全威胁,提出一种高效而抗合谋攻击的分布式机器学习隐私保护(EPDMLCA)方案.首先,基于部分同态Hash-ElGamal方案构建了数据提供者(DP)同态加密算法,用于数据隐私保护的外包传输及存储.在允许公开验证数据完整性的条件下,进行数据的动态性更新;然后,采用拉普拉斯分布机制建立了云服务器(CS)差分隐私算法,云服务器将加密的数据转换为噪声数据,避免了数据训练时敌手和数据分析师之间的合谋攻击;最后,利用分布式机群架构将大量计算任务分布式地部署到多台多类型机器上同时进行训练,在保证训练精度的基础上提高了计算效率.分析结果表明:该方案具有隐私性和抗合谋攻击性,同时有着完备性和较低的计算时间开销.Aiming at the security threats of privacy leakage and collusion attack of machine learning based on distributed cloud computing data outsourcing,an efficient privacy-protection scheme for distributed machine learning against collusion attack(EPDMLCA)was given.First,based on the partial homomorphic Hash-ElGamal scheme,the data provider(DP)homomorphic encryption algorithm was constructed for outsourcing transmission and storage of data privacy-protection.Under the condition that the data integrity was allowed to be publicly verified,the data was dynamically updated.Then,the cloud sever(CS)differential privacy algorithm was established by using Laplace distribution mechanism,and the cloud server transformed encrypted data into noise data,which avoided collusion attack between the adversary and data analysts in data training.Finally,using distributed cluster architecture,a large number of computing tasks were distributed to multiple types of computers for training at the same time,and the computing efficiency was improved while ensuring the training accuracy.Analysis results show that the scheme has privacy and resisting collusion attack with completeness and low computing time cost.

关 键 词：机器学习 分布式系统 合谋攻击 云存储 差分隐私 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]