Squeezing More Utility via Adaptive Clipping on Differentially Private Gradients in Federated Meta-Learning

Ning Wang, Yang Xiao, Yimin Chen, Ning Zhang, Wenjing Lou, Y. Thomas Hou

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

Federated meta-learning has emerged as a promising AI framework for today's mobile computing scenes involving distributed clients. It enables collaborative model training using the data located at distributed mobile clients and accommodates clients that need fast model customization with limited new data. However, federated meta-learning solutions are susceptible to inference-based privacy attacks since the global model encoded with clients' training data is open to all clients and the central server. Meanwhile, differential privacy (DP) has been widely used as a countermeasure against privacy inference attacks in federated learning. The adoption of DP in federated meta-learning is complicated by the model accuracy-privacy trade-off and the model hierarchy attributed to the meta-learning component. In this paper, we introduce DP-FedMeta, a new differentially private federated meta-learning architecture that addresses such data privacy challenges. DP-FedMeta features an adaptive gradient clipping method and a one-pass meta-training process to improve the model utility-privacy trade-off. At the core of DP-FedMeta are two DP mechanisms, namely DP-AGR and DP-AGRLR, to provide two notions of privacy protection for the hierarchical models. Extensive experiments in an emulated federated meta-learning scenario on well-known datasets (Omniglot, CIFAR-FS, and Mini-ImageNet) demonstrate that DP-FedMeta accomplishes better privacy protection while maintaining comparable model accuracy compared to the state-of-the-art solution that directly applies DP-based meta-learning to the federated setting.

Original languageEnglish
Title of host publicationProceedings - 38th Annual Computer Security Applications Conference, ACSAC 2022
Pages647-657
Number of pages11
ISBN (Electronic)9781450397599
DOIs
StatePublished - Dec 5 2022
Event38th Annual Computer Security Applications Conference, ACSAC 2022 - Austin, United States
Duration: Dec 5 2022Dec 9 2022

Publication series

NameACM International Conference Proceeding Series

Conference

Conference38th Annual Computer Security Applications Conference, ACSAC 2022
Country/TerritoryUnited States
CityAustin
Period12/5/2212/9/22

Bibliographical note

Publisher Copyright:
© 2022 Owner/Author.

Funding

This work was supported in part by the Office of Naval Research under grant N00014-19-1-2621, the US National Science Foundation under grants CNS-1837519 and CNS-1916902, and the Army Research Office under grant W911NF-20-1-0141.

FundersFunder number
National Science Foundation (NSF)CNS-1837519, CNS-1916902
Office of Naval ResearchN00014-19-1-2621
Army Research OfficeW911NF-20-1-0141

    Keywords

    • adaptive clipping
    • differential privacy
    • federated meta-learning
    • privacy utility trade-off

    ASJC Scopus subject areas

    • Software
    • Human-Computer Interaction
    • Computer Vision and Pattern Recognition
    • Computer Networks and Communications

    Fingerprint

    Dive into the research topics of 'Squeezing More Utility via Adaptive Clipping on Differentially Private Gradients in Federated Meta-Learning'. Together they form a unique fingerprint.

    Cite this