面向医疗数据的隐私保护联邦学习架构  被引量：4

作　　者：王波 李洪涛 王洁[2] 郭一娜[1] WANG Bo;LI Hongtao;WANG Jie;GUO Yina(School of Electronic Information Engineering,Taiyuan University of Science and Technology,Taiyuan 030024,China;College of Mathematics and Computer Science,Shanxi Normal University,Taiyuan 030039,China)

机构地区：[1]太原科技大学电子与信息工程学院,山西太原030024 [2]山西师范大学数学与计算机科学学院,山西太原030039

出　　处：《西安电子科技大学学报》2023年第5期166-177,共12页Journal of Xidian University

基　　金：国家自然科学基金(62271341,61702316);国家留学基金委地区合作与高层次人才培养(20201417);山西省自然科学基金(20210302123338)。

摘　　要：联邦学习作为一种新兴的神经网络训练模型,因其可以在保护用户数据隐私的前提下进行模型训练而受到广泛关注。然而,由于攻击者可以从共享梯度中跟踪和提取参与者的隐私,因此联邦学习仍然面临各种安全和隐私威胁。针对医疗数据在联邦学习过程中面临的隐私泄露问题,基于Paillier同态加密技术提出一种保护隐私的医疗数据联邦学习架构。首先,采用Paillier加密技术对客户端的共享训练模型进行加密,确保训练模型的安全性和隐私性,同时设计了零知识证明身份认证模块确保参与训练成员身份的可信性;其次,在服务器端通过构造消息确认机制将掉线或无响应用户暂时剔除,减少了服务器等待时间,降低了通信开销。实验结果表明,所提机制在实现隐私保护的同时,具有较高的模型准确率,较低的通信时延,并具有一定的可扩展性。As an emerging training model with neural networks,federated learning has received widespread attention due to its ability to carry out model training on the premise of protecting user data privacy.However,since adversaries can track and derive participants’privacy from the shared gradients,federated learning is still exposed to various security and privacy threats.Aiming at the privacy leakage problem of medical data in the process of federated learning,a secure and privacy-preserving medical data federated learning architecture is proposed based on Paillier homomorphic encryption technology(HEFLPS).First,the shared training model of the client is encrypted with Paillier homomorphic encryption technology to ensure the security and privacy of the training model,and a zero-knowledge proof identity authentication module is designed to ensure the credibility of the training members;second,the disconnected or unresponsive users are temporarily eliminated by constructing a message confirmation mechanism on the server side,which reduces the waiting time of the server and reduces the communication cost.Experimental results show that the proposed mechanism has high model accuracy,low communication delay and a certain scalability while achieving privacy protection.

关 键 词：联邦学习 隐私保护技术 同态加密 医学图像 

分 类 号：TN393[电子电信—物理电子学]