We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Preserving differential privacy in neural networks for foreign object detection with heterogeneity-based noising among distributed devices.
- Authors
Wang, Meng; Wang, Qiong-Yun; Zhang, Ya-Hao; Zhang, Zi-Xuan; Feng, Ya-Ning; Cao, Yu-Feng
- Abstract
Since foreign object intrusion is a cause of train accidents, railway image classification neural network is established to recognize any input railway images for intelligence control. With the cutting-edge technology and increasing data repositories emanating from Internet of Things (IoT) for driving system, Federated Learning (FL) has emerged as a prominent solution for training machine learning model in the context of distributed devices. Currently, federated learning can balance efficiency and security through differential privacy methods. In recent years, a noise adding mechanism in local differential privacy has provided a strict privacy guarantee for federated learning. However, two problems arise in the rail-driving system. On one hand, an attacker can still extract sensitive information from summation of data disturbed by zero mean noise generated by the existed noise adding mechanism. In this case, privacy concerns limit the publication of data in the IoT for driving system. On the other hand, a large variance of the noise makes the estimated average of the parameters of the model biased, which has an impact on the process of developing and refining Artificial Intelligence (AI) systems. To address these issues, we propose a federated learning framework of nonzero mean noise addition mechanism in differential privacy of deep networks based on fully homomorphic encryption and greedy average block Kaczmarz method, which is viewed as an improved AI application of foreign object detection in rail-driving system. Instead of zero mean noise, the nonzero mean noise to original data is determined locally according to the correlation between the local and global data distributions by a novel interior product calculation. As the means are different among the clients and unpredictable for attackers, the variance of the noise can be small while eliminating undue influence brought by a large variance of the zero mean noise in AI applications. Using fully homomorphic encryption and greedy average block Kaczmarz method, a denoising weighting aggregation strategy is derived without decryption of the mean to guarantee the privacy of individual device, while getting the real parameters on server. Moreover, the weight is generated completely randomly for safety. Meanwhile, the weight is associated with the heterogeneity of local data distribution across parties, balancing the trade-off between privacy loss and model performance. Experiments show that the proposed method provides a higher level of accuracy than the existed federated learning algorithms using the data collected by a number of devices, while it guarantees a better privacy during communications in driving system for multi-party machine learning tasks.
- Subjects
FEDERATED learning; OBJECT recognition (Computer vision); IMAGE recognition (Computer vision); ARTIFICIAL intelligence; DATA libraries; RAILROAD accidents
- Publication
Journal of Supercomputing, 2024, Vol 80, Issue 14, p21447
- ISSN
0920-8542
- Publication type
Article
- DOI
10.1007/s11227-024-06243-1