A journal of IEEE and CAA , publishes high-quality papers in English on original theoretical/experimental research and development in all areas of automation
Volume 12 Issue 2
Feb.  2025

IEEE/CAA Journal of Automatica Sinica

  • JCR Impact Factor: 19.2, Top 1 (SCI Q1)
    CiteScore: 28.2, Top 1% (Q1)
    Google Scholar h5-index: 95, TOP 5
Turn off MathJax
Article Contents
L. Xu, D. Xu, X. Yi, C. Deng, T. Chai, and  T. Yang,  “Decentralized federated learning algorithm under adversary eavesdropping,” IEEE/CAA J. Autom. Sinica, vol. 12, no. 2, pp. 448–456, Feb. 2025. doi: 10.1109/JAS.2024.125079
Citation: L. Xu, D. Xu, X. Yi, C. Deng, T. Chai, and  T. Yang,  “Decentralized federated learning algorithm under adversary eavesdropping,” IEEE/CAA J. Autom. Sinica, vol. 12, no. 2, pp. 448–456, Feb. 2025. doi: 10.1109/JAS.2024.125079

Decentralized Federated Learning Algorithm Under Adversary Eavesdropping

doi: 10.1109/JAS.2024.125079
Funds:  This work was supported by the National Key Research and Development Program of China (2022YFB3305904), the National Natural Science Foundation of China (62133003, 61991403, 61991400), the Open Project of State Key Laboratory of Synthetical Automation for Process Industries (SAPI-2024-KFKT-05, SAPI-2024-KFKT-08), China Academy of Engineering Institute of Land Cooperation Consulting Project (2023-DFZD-60-02, N2424004), the Fundamental Research Funds for the Central Universities and Shanghai Municipal Science and Technology Major Project (2021SHZDZX0100), and the Key Research and Development Program of Liaoning Province (2023JH26/10200011)
More Information
  • In this paper, we study the decentralized federated learning problem, which involves the collaborative training of a global model among multiple devices while ensuring data privacy. In classical federated learning, the communication channel between the devices poses a potential risk of compromising private information. To reduce the risk of adversary eavesdropping in the communication channel, we propose TRADE (transmit difference weight) concept. This concept replaces the decentralized federated learning algorithm’s transmitted weight parameters with differential weight parameters, enhancing the privacy data against eavesdropping. Subsequently, by integrating the TRADE concept with the primal-dual stochastic gradient descent (SGD) algorithm, we propose a decentralized TRADE primal-dual SGD algorithm. We demonstrate that our proposed algorithm’s convergence properties are the same as those of the primal-dual SGD algorithm while providing enhanced privacy protection. We validate the algorithm’s performance on fault diagnosis task using the Case Western Reserve University dataset, and image classification tasks using the CIFAR-10 and CIFAR-100 datasets, revealing model accuracy comparable to centralized federated learning. Additionally, the experiments confirm the algorithm’s privacy protection capability.

     

  • loading
  • [1]
    M. Qi, Z. Wang, Q.-L. Han, J. Zhang, S. Chen, and Y. Xiang, “Privacy protection for blockchain-based healthcare IoT systems: A survey,” IEEE/CAA J. Autom. Sinica, vol. 11, no. 8, pp. 1757–1776, 2022.
    [2]
    J. Zhang, L. Pan, Q.-L. Han, C. Chen, S. Wen, and Y. Xiang, “Deep learning based attack detection for cyber-physical system cybersecurity: A survey,” IEEE/CAA J. Autom. Sinica, vol. 9, no. 3, pp. 377–391, 2021.
    [3]
    Q. Yang, Y. Liu, Y. Cheng, Y. Kang, T. Chen, and H. Yu, “Federated learning,” Synthesis Lectures on Artificial Intelligence and Machine Learning, vol. 13, no. 3, pp. 1–207, 2019. doi: 10.1007/978-3-031-01585-4
    [4]
    Q. Li, Z. Wen, Z. Wu, S. Hu, N. Wang, Y. Li, X. Liu, and B. He, “A survey on federated learning systems: Vision, hype and reality for data privacy and protection,” IEEE Trans. Knowledge and Data Engi- neering, vol. 35, no. 4, pp. 3347–3366, 2021.
    [5]
    B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y Arcas, “Communication-efficient learning of deep networks from decentralized data,” in Proc. 20th Int. Conf. Artificial Intelligence and Statistics, 2017, pp. 1273–1282.
    [6]
    J. Konečnỳ, H. B. McMahan, F. X. Yu, P. Richtárik, A. T. Suresh, and D. Bacon, “Federated learning: Strategies for improving communication efficiency,” arXiv preprint arXiv: 1610.05492, 2016.
    [7]
    A. G. Roy, S. Siddiqui, S. Pölsterl, N. Navab, and C. Wachinger, “Braintorrent: A peer-to-peer environment for decentralized federated learning,” arXiv preprint arXiv: 1905.06731, 2019.
    [8]
    Y. Yuan, J. Liu, D. Jin, et al., “DeceFL: A principled fully decentralized federated learning framework,” National Science Open, vol. 2, no. 1, p. 20220043, 2023. doi: 10.1360/nso/20220043
    [9]
    Y. Wang and A. Nedić, “Decentralized gradient methods with time-varying uncoordinated stepsizes: Convergence analysis and privacy design,” IEEE Trans. Autom. Control, vol. 69, no. 8, pp. 5352–5367, 2023.
    [10]
    O. Goldreich, Foundations of Cryptography: Volume 2, Basic Applications. Cambridge, UK: Cambridge University Press, 2009.
    [11]
    W. Yang, Z. Zheng, G. Chen, Y. Tang, and X. Wang, “Security analysis of a distributed networked system under eavesdropping attacks,” IEEE Trans. Circuits and Systems II: Express Briefs, vol. 67, no. 7, pp. 1254–1258, 2019.
    [12]
    Y. Aono, T. Hayashi, L. Wang, and S. Moriai, “Privacy-preserving deep learning via additively homomorphic encryption,” IEEE Trans. Infor. Forensics and Security, vol. 13, no. 5, pp. 1333–1345, 2017.
    [13]
    C. Fontaine and F. Galand, “A survey of homomorphic encryption for nonspecialists,” EURASIP J. Infor. Security, vol. 2007, pp. 1–10, 2007.
    [14]
    C. Dwork, “Differential privacy: A survey of results,” in Proc. Int. Conf. Theory and Applications of Models of Computation, 2008, pp. 1–19.
    [15]
    D. Maity and V. S. Mai, “Ensuring system-level protection against eavesdropping adversaries in distributed dynamical systems,” arXiv preprint arXiv: 2409.09539, 2024.
    [16]
    A. Krizhevsky, “Learning multiple layers of features from tiny images,” University of Toronto, Toronto, Canada, Tech. Rep., 2009.
    [17]
    S. Warnat-Herresthal, H. Schultze, K. L. Shastry, et al., “Swarm learning for decentralized and confidential clinical machine learning,” Nature, vol. 594, no. 7862, pp. 265–270, 2021. doi: 10.1038/s41586-021-03583-3
    [18]
    H. Kim, J. Park, M. Bennis, and S.-L. Kim, “Blockchained on-device federated learning,” IEEE Communi. Lett., vol. 24, no. 6, pp. 1279–1283, 2019.
    [19]
    M. Blot, D. Picard, M. Cord, and N. Thome, “Gossip training for deep learning,” arXiv preprint arXiv: 1611.09726, 2016.
    [20]
    J. Daily, A. Vishnu, C. Siegel, T. Warfel, and V. Amatya, “Gossipgrad: Scalable deep learning using gossip communication based asynchronous gradient descent,” arXiv preprint arXiv: 1803.05880, 2018.
    [21]
    R. L. Rivest, L. Adleman, and M. L. Dertouzos, “On data banks and privacy homomorphisms,” Foundations of Secure Computation, vol. 4, no. 11, pp. 169–180, 1978.
    [22]
    C. Dwork, F. McSherry, K. Nissim, and A. Smith, “Calibrating noise to sensitivity in private data analysis,” in Proc. Theory of Cryptography Conf., 2006, pp. 265–284.
    [23]
    P. Paillier, “Public-key cryptosystems based on composite degree residuosity classes,” in Proc. Int. Conf. Theory and Applications of Cryptographic Techniques, 1999, pp. 223–238.
    [24]
    T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Trans.n Inform. Theory, vol. 31, no. 4, pp. 469–472, 1985. doi: 10.1109/TIT.1985.1057074
    [25]
    C. Gentry, “Fully homomorphic encryption using ideal lattices,” in Proc. 41th Annual ACM Symp. Theory Computing, 2009, pp. 169–178.
    [26]
    K. Bonawitz, V. Ivanov, B. Kreuter, A. Marcedone, H. B. McMahan, S. Patel, D. Ramage, A. Segal, and K. Seth, “Practical secure aggregation for privacy-preserving machine learning,” in Proc. ACM SIGSAC Conf. Computer and Communi. Security, 2017, pp. 1175–1191.
    [27]
    C. Zhang, S. Li, J. Xia, W. Wang, F. Yan, and Y. Liu, “BatchCrypt: Efficient homomorphic encryption for Cross-Silo federated learning,” in Proc. USENIX Annu. Technical Conf., 2020, pp. 493–506.
    [28]
    F. D. McSherry, “Privacy integrated queries: An extensible platform for privacy-preserving data analysis,” in Proc. ACM SIGMOD Int. Conf. Management of Data, 2009, pp. 19–30.
    [29]
    B. Bebensee, “Local differential privacy: A tutorial,” arXiv preprint arXiv: 1907.11908, 2019.
    [30]
    F. McSherry and K. Talwar, “Mechanism design via differential privacy,” in Proc. 48th Annual IEEE Symp. Foundations of Computer Science, 2007, pp. 94–103.
    [31]
    X. Yi, S. Zhang, T. Yang, T. Chai, and K. H. Johansson, “A primal-dual SGD algorithm for distributed nonconvex optimization,” IEEE/CAA J. Autom. Sinica, vol. 9, no. 5, pp. 812–833, 2022. doi: 10.1109/JAS.2022.105554
    [32]
    X. Li, K. Huang, W. Yang, S. Wang, and Z. Zhang, “On the convergence of fedavg on non-IID data,” in Proc. Int. Conf. Learning Representations, 2019, pp. 1–26.
    [33]
    X. Liang, S. Shen, J. Liu, Z. Pan, E. Chen, and Y. Cheng, “Variance reduced local SGD with lower communication complexity,” arXiv preprint arXiv: 1912.12844, 2019.
    [34]
    F. Haddadpour and M. Mahdavi, “On the convergence of local descent methods in federated learning,” arXiv preprint arXiv: 1910.14425, 2019.
    [35]
    D. Maity and P. Tsiotras, “Multiagent consensus subject to communication and privacy constraints,” IEEE Trans. Control Network Systems, vol. 9, no. 2, pp. 943–955, 2021.
    [36]
    A. Tsiamis, K. Gatsis, and G. J. Pappas, “State-secrecy codes for networked linear systems,” IEEE Trans. Autom. Control, vol. 65, no. 5, pp. 2001–2015, 2019.
    [37]
    W. A. Smith and R. B. Randall, “Rolling element bearing diagnostics using the case western reserve university data: A benchmark study,” Mechanical Systems and Signal Processing, vol. 64, pp. 100–131, 2015.
    [38]
    D. Misra, “Mish: A self regularized non-monotonic activation function,” arXiv preprint arXiv: 1908.08681, 2019.

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(8)  / Tables(2)

    Article Metrics

    Article views (375) PDF downloads(76) Cited by()

    Highlights

    • Propose the TRADE concept for secure weight transmission
    • Prove similar convergence as the primal-dual SGD baseline
    • Validate privacy-preserving with an eavesdropper error bound
    • Demonstrates comparable performance to FedAvg

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return