Differentially Private Support Vector Machines with Knowledge Aggregation  

作　　者：Teng Wang Yao Zhang Jiangguo Liang Shuai Wang Shuanggen Liu 

机构地区：[1]School of Cyberspace Security,Xi’an University of Posts and Telecommunications,Xi’an,710121,China

出　　处：《Computers, Materials & Continua》2024年第3期3891-3907,共17页计算机、材料和连续体（英文）

基　　金：supported in part by National Natural Science Foundation of China(Nos.62102311,62202377,62272385);in part by Natural Science Basic Research Program of Shaanxi(Nos.2022JQ-600,2022JM-353,2023-JC-QN-0327);in part by Shaanxi Distinguished Youth Project(No.2022JC-47);in part by Scientific Research Program Funded by Shaanxi Provincial Education Department(No.22JK0560);in part by Distinguished Youth Talents of Shaanxi Universities,and in part by Youth Innovation Team of Shaanxi Universities.

摘　　要：With the widespread data collection and processing,privacy-preserving machine learning has become increasingly important in addressing privacy risks related to individuals.Support vector machine(SVM)is one of the most elementary learning models of machine learning.Privacy issues surrounding SVM classifier training have attracted increasing attention.In this paper,we investigate Differential Privacy-compliant Federated Machine Learning with Dimensionality Reduction,called FedDPDR-DPML,which greatly improves data utility while providing strong privacy guarantees.Considering in distributed learning scenarios,multiple participants usually hold unbalanced or small amounts of data.Therefore,FedDPDR-DPML enables multiple participants to collaboratively learn a global model based on weighted model averaging and knowledge aggregation and then the server distributes the global model to each participant to improve local data utility.Aiming at high-dimensional data,we adopt differential privacy in both the principal component analysis(PCA)-based dimensionality reduction phase and SVM classifiers training phase,which improves model accuracy while achieving strict differential privacy protection.Besides,we train Differential privacy(DP)-compliant SVM classifiers by adding noise to the objective function itself,thus leading to better data utility.Extensive experiments on three high-dimensional datasets demonstrate that FedDPDR-DPML can achieve high accuracy while ensuring strong privacy protection.

关 键 词：Differential privacy support vector machine knowledge aggregation data utility 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]