检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:LüBoshen Song Xiao 吕泊伸;宋晓(北京航空航天大学网络空间安全学院,北京100191)
机构地区:[1]School of Cyber Science and Technology,Beihang University,Beijing 100191,China
出 处:《系统仿真学报》2024年第12期2850-2870,共21页Journal of System Simulation
基 金:Beijing Natural Science Foundation (L233005);National Key Research and Development Program of China (2023YFB3308200)。
摘 要:To solve the problem of increased computation and communication costs caused by using homomorphic encryption(HE) to protect all gradients in traditional cryptographic aggregation(cryptoaggregation) schemes,a fast crypto-aggregation scheme called RandomCrypt was proposed.RandomCrypt performed clipping and quantization to fix the range of gradient values and then added two types of noise on the gradient for encryption and differential privacy(DP) protection.It conducted HE on noise keys to revise the precision loss caused by DP protection.RandomCrypt was implemented based on a FATE framework,and a hacking simulation experiment was conducted.The results show that the proposed scheme can effectively hinder inference attacks while ensuring training accuracy.It only requires 45%~51% communication cost and 5%~23% computation cost compared with traditional schemes.为解决传统的加密聚合方案使用同态加密(homomorphic encryption,HE)对所有梯度进行加密保护,导致计算和通信成本增加的问题,提出一种快速加密聚合方案RandomCrypt。执行剪切和量化以固定梯度值范围;在梯度上添加两种类型的噪声分别进行加密和差分隐私(differential privacy,DP)保护;对噪声密钥执行HE,以修复由DP保护引起的精度损失。基于FATE框架实现了RandomCrypt方案,并开展了黑客攻击仿真实验,实验结果表明本方案可有效抵抗反推攻击且保证训练精度的同时,相比传统方案仅需要45%~51%的通信成本和5%~23%的计算成本。
关 键 词:federated learning differential privacy homomorphic encryption inference attack hacking simulation
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.221.248.199