FIFL- A fair incentive mechanism for FL

preview
试读
10页
联邦学习
激励机制
5星 · 超过95%的资源 需积分: 0 3 下载量 142 浏览量 更新于2023-04-04 收藏 2.2MB PDF 举报
联邦学习FL+激励机制+区块链论文阅读3 论文资源 FIFL: A Fair Incentive Mechanism for Federated Learning FL公平激励机制(多中心FL,无区块链) ### FIFL: 一种面向联邦学习的公平激励机制 #### 概述 联邦学习(Federated Learning, FL)是一种新型的机器学习框架,它允许多个设备在保护数据隐私的同时协同训练高性能模型。该技术将传统的集中式数据处理转变为分布式处理模式,使设备能够利用本地数据进行模型训练,而无需将数据上传到中央服务器。这种方式极大地增强了数据的安全性和隐私保护能力。然而,在实际应用中,如何激励设备积极参与训练过程,并确保参与者的可靠性和有效性成为了一大挑战。 #### 背景与动机 在联邦学习场景下,任务发起者通常需要与参与者共享利润,以此作为他们贡献数据和计算资源的回报。直观来看,如果没有合理的激励机制,设备可能不会愿意参与训练活动。此外,还需要防止恶意参与者通过上传无意义的更新来获得不应得的奖励,甚至损害全局模型的质量。因此,开发一种既能吸引可靠且高效的参与者,又能惩罚和排除恶意参与者的激励机制显得尤为重要。 #### FIFL:一种公平的激励机制 针对上述问题,研究团队提出了一种名为FIFL(Fair Incentive Mechanism for Federated Learning)的公平激励机制。该机制基于动态实时评估方法对参与者进行奖励或惩罚,旨在实现以下目标: - **公平性**:确保每位参与者根据其行为和贡献得到相应的奖励。 - **可靠性**:吸引并保持高质量、可靠的参与者。 - **攻击防御**:识别并惩罚恶意行为,防止其对全局模型造成负面影响。 #### 工作原理 FIFL通过以下几个关键步骤实现其目标: 1. **参与者的评估**:通过对每个参与者的贡献度、准确性和稳定性等方面进行评估,确定其价值。 2. **奖励分配**:基于评估结果,合理分配奖励,确保高价值参与者获得更高的回报。 3. **恶意检测与惩罚**:采用先进的检测算法识别恶意行为,并对这些行为实施惩罚措施。 #### 实验验证 为了验证FIFL的有效性,研究团队进行了理论分析和全面实验。结果显示: - 在可靠的联邦学习环境中,FIFL相比于基线方法,系统收益提高了0.2%至3.4%。 - 在存在攻击者破坏模型性能的不可靠场景下,FIFL的表现比基线方法高出超过46.7%。 这些结果表明,FIFL不仅能够有效地提高系统的整体表现,还能在面对恶意攻击时提供强大的抵御能力。 #### 结论与展望 FIFL作为一种创新性的联邦学习公平激励机制,解决了当前联邦学习领域中的一些核心问题。它不仅提升了参与者的积极性和系统的整体效率,还有效应对了潜在的安全威胁。随着未来联邦学习应用场景的不断扩展,FIFL及其类似机制的应用前景将更加广阔。 #### 关键词 - 联邦学习 (Federated Learning) - 激励机制 (Incentive Mechanism) - 攻击检测 (Attack Detection) ### ACM参考格式 Liang Gao, Li Li\*, Yingwen Chen\*, Wenli Zheng\*, ChengZhong Xu, and MingXu. 2021. FIFL: A Fair Incentive Mechanism for Federated Learning. In 50th International Conference.
FIFL: A Fair Incentive Mechanism for Federated Learning
Liang Gao
National University of Defense
Technology
China
Li Li*
State Key Laboratory of IoTSC,
University of Macau
China
Yingwen Chen*
National University of Defense
Technology
China
Wenli Zheng*
Shanghai Jiaotong University
China
ChengZhong Xu
State Key Laboratory of IoTSC,
University of Macau
China
Ming Xu
National University of Defense
Technology
China
ABSTRACT
Federated learning is a novel machine learning framework that
enables multiple devices to collaboratively train high-performance
models while preserving data privacy. Federated learning is a kind
of crowdsourcing computing, where a task publisher shares prot
with workers to utilize their data and computing resources. Intu-
itively, devices have no interest to participate in training without
rewards that match their expended resources. In addition, guarding
against malicious workers is also essential because they may up-
load meaningless updates to get undeserving rewards or damage
the global model. In order to eectively solve these problems, we
propose FIFL, a fair incentive mechanism for federated learning.
FIFL rewards workers fairly to attract reliable and ecient ones
while punishing and eliminating the malicious ones based on a
dynamic real-time worker assessment mechanism. We evaluate
the eectiveness of FIFL through theoretical analysis and compre-
hensive experiments. The evaluation results show that FIFL fairly
distributes rewards according to workers’ behaviour and quality.
FIFL increases the system revenue by 0
.
2% to 3
.
4% in reliable federa-
tions compared with baselines. In the unreliable scenario containing
attackers which destroy the model’s performance, the system rev-
enue of FIFL outperforms the baselines by more than 46.7%.
KEYWORDS
federated learning; incentive mechanism; attack detection
ACM Reference Format:
Liang Gao, Li Li*, Yingwen Chen*, Wenli Zheng*, ChengZhong Xu, and Ming
Xu. 2021. FIFL: A Fair Incentive Mechanism for Federated Learning. In 50th
International Conference on Parallel Processing (ICPP ’21), August 9–12, 2021,
Lemont, IL, USA. ACM, New York, NY, USA, 10 pages. https://doi.org/10.
1145/3472456.3472469
1 INTRODUCTION
Traditionally, the training data are collected and stored in the cloud
to train various machine learning models. However, data privacy
Permission to make digital or hard copies of all or part of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for prot or commercial advantage and that copies bear this notice and the full citation
on the rst page. Copyrights for components of this work owned by others than the
author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior specic permission
and/or a fee. Request permissions from permissions@acm.org.
ICPP ’21, August 9–12, 2021, Lemont, IL, USA
© 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.
ACM ISBN 978-1-4503-9068-2/21/08.. . $15.00
https://doi.org/10.1145/3472456.3472469
[
10
,
15
] becomes increasingly important for users and governments.
Gathering the sensitive user data to a central server can cause
serious privacy issues. In order to well protect data privacy in the
training process, Federated learning (FL) [
30
] gains popularity as it
allows workers (e.g., mobile devices) to train models collaboratively
by only uploading the model gradients instead of raw data. Thus,
data privacy is well preserved in the whole training process.
In a typical commercialization scenario of FL, data owners get
rewards for sharing their data resources and computing resources.
However, if workers’ rewards do not match their corresponding
utility and expenses, they would quit the current training or join
other high-yield federation [
31
]. In addition, it is dicult to pre-
vent attackers and free-riders [
6
,
20
] without punishments. Existing
research has already suggested that attacks such as sign-ipping
attack [
29
] and data-poison attack [
22
] greatly damage model per-
formance. The free-riders and low-quality workers can bring less
revenue to the system but get larger rewards, which leads to a
decline in the system revenue of the whole system. Even so, the
previous incentive mechanisms [
26
,
32
] assume all the workers to
be honest, which ignore attackers and unstable workers [
12
] though
they have a huge impact on the system revenue and expenditure.
As attracting high-quality workers and guarding against potential
attackers are important for FL, a fair incentive mechanism that
tolerates Byzantine attack [28, 29] is a must-have.
There are two challenges in the FL incentive mechanisms. First,
how can we accurately and eciently identify the workers’ utilities
without heavy computation overhead? Second, how to ensure fair-
ness and reliability of the incentive mechanism under attacks and
deceptions? Since the workers’ utilities determine their rewards,
an ecient assessment method is essential for the incentive mech-
anism. However, workers’ raw data is strictly protected in FL, thus
the traditional assessment approaches that require direct contact
with the original data are not practical in FL scenario. It is unre-
liable even if workers run the assessment procedure themselves
to avoid privacy leakage because the results may be tampered [
6
].
Designing an ecient and reliable incentive mechanism for FL in
unreliable scenarios is challenging.
We propose FIFL, an incentive mechanism that characterizes the
assessment results of workers based on two indicators: 1) contri-
bution and 2) reputation. Contribution measures workers’ current
utility to the system, and reputation is the probability of workers
producing helpful updates in one period. FIFL combines contribu-
tion and reputation to decide how much to reward honest workers
(or punish attackers). Besides, FIFL adopts a blockchain-based audit

下载后可阅读完整内容,剩余9页未读,立即下载

资源推荐
资源评论
weixin_59875350
  • 粉丝: 367
  • 资源: 5
上传资源 快速赚钱
voice
center-task 前往需求广场,查看用户热搜

最新资源