Loading…

FL-AGN: A Privacy-Enhanced Federated Learning Method Based on Adaptive Gaussian Noise for Resisting Gradient Inference Attacks

As well-known, the paradigm of federated learning (FL) operates on the principle that without centralizing data into a single server, server only trains and updates global models based on the local model from multiple clients. Compared with traditional machine learning, FL enables that data availabi...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2024, Vol.12, p.101366-101373
Main Authors: Huang, Zhifu, Wei, Zihao, Wang, Jinyang
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As well-known, the paradigm of federated learning (FL) operates on the principle that without centralizing data into a single server, server only trains and updates global models based on the local model from multiple clients. Compared with traditional machine learning, FL enables that data availability and invisibility and preserves the data security. However, in the process of FL, recently gradient inference attack can be launched by malicious attacker to grasp gradient information, and then infer sensitive information by analyzing this gradient information. By analyzing existing schemes for combating gradient inference attacks, it can be seen that the resistance effect is not good. Designing an effective method for resisting gradient inference attacks is a challenge. In this paper, a privacy-enhanced federated learning method is proposed to efficiently defend against gradient inference attacks and improve the accuracy of the training model. In this method, the Gaussian noise has been used to enhance the training model's ability to resist gradient inference attacks, and the Adam gradient descent method has been applied to enhance the accuracy of the training model. Finally, this paper conducted experiments on the CIFAR-10 dataset and MNIST dataset, and the experimental results showed that compared to alternatives, the proposed method has stronger resistance to gradient inference attacks and higher model accuracy.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2024.3431031