Abstract
Federated meta-learning has emerged as a promising AI framework for today's mobile computing scenes involving distributed clients. It enables collaborative model training using the data located at distributed mobile clients and accommodates clients that need fast model customization with limited new data. However, federated meta-learning solutions are susceptible to inference-based privacy attacks since the global model encoded with clients' training data is open to all clients and the central server. Meanwhile, differential privacy (DP) has been widely used as a countermeasure against privacy inference attacks in federated learning. The adoption of DP in federated meta-learning is complicated by the model accuracy-privacy trade-off and the model hierarchy attributed to the meta-learning component. In this paper, we introduce DP-FedMeta, a new differentially private federated meta-learning architecture that addresses such data privacy challenges. DP-FedMeta features an adaptive gradient clipping method and a one-pass meta-training process to improve the model utility-privacy trade-off. At the core of DP-FedMeta are two DP mechanisms, namely DP-AGR and DP-AGRLR, to provide two notions of privacy protection for the hierarchical models. Extensive experiments in an emulated federated meta-learning scenario on well-known datasets (Omniglot, CIFAR-FS, and Mini-ImageNet) demonstrate that DP-FedMeta accomplishes better privacy protection while maintaining comparable model accuracy compared to the state-of-the-art solution that directly applies DP-based meta-learning to the federated setting.
Original language | English |
---|---|
Title of host publication | Proceedings - 38th Annual Computer Security Applications Conference, ACSAC 2022 |
Pages | 647-657 |
Number of pages | 11 |
ISBN (Electronic) | 9781450397599 |
DOIs | |
State | Published - Dec 5 2022 |
Event | 38th Annual Computer Security Applications Conference, ACSAC 2022 - Austin, United States Duration: Dec 5 2022 → Dec 9 2022 |
Publication series
Name | ACM International Conference Proceeding Series |
---|
Conference
Conference | 38th Annual Computer Security Applications Conference, ACSAC 2022 |
---|---|
Country/Territory | United States |
City | Austin |
Period | 12/5/22 → 12/9/22 |
Bibliographical note
Publisher Copyright:© 2022 Owner/Author.
Funding
This work was supported in part by the Office of Naval Research under grant N00014-19-1-2621, the US National Science Foundation under grants CNS-1837519 and CNS-1916902, and the Army Research Office under grant W911NF-20-1-0141.
Funders | Funder number |
---|---|
National Science Foundation (NSF) | CNS-1837519, CNS-1916902 |
Office of Naval Research | N00014-19-1-2621 |
Army Research Office | W911NF-20-1-0141 |
Keywords
- adaptive clipping
- differential privacy
- federated meta-learning
- privacy utility trade-off
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications