Weighted Distributed Differential Privacy ERM: Convex and Non-convex

Distributed machine learning is an approach allowing different parties to learn a model over all data sets without disclosing their own data. In this paper, we propose a weighted distributed differential privacy (WD-DP) empirical risk minimization (ERM) method to train a model in distributed setting, considering different weights of different clients. We guarantee differential privacy by gradient perturbation, adding Gaussian noise, and advance the state-of-the-art on gradient perturbation method in distributed setting. By detailed theoretical analysis, we show that in distributed setting, the noise bound and the excess empirical risk bound can be improved by considering different weights held by multiple parties. Moreover, considering that the constraint of convex loss function in ERM is not easy to achieve in some situations, we generalize our method to non-convex loss functions which satisfy Polyak-Lojasiewicz condition. Experiments on real data sets show that our method is more reliable and we improve the performance of distributed differential privacy ERM, especially in the case that data scale on different clients is uneven.

[1]  Yin Yang,et al.  Functional Mechanism: Regression Analysis under Differential Privacy , 2012, Proc. VLDB Endow..

[2]  Di Wang,et al.  Differentially Private Empirical Risk Minimization Revisited: Faster and More General , 2018, NIPS.

[3]  Lingxiao Wang,et al.  Distributed Learning without Distress: Privacy-Preserving Empirical Risk Minimization , 2018, NeurIPS.

[4]  Mark W. Schmidt,et al.  Linear Convergence of Gradient and Proximal-Gradient Methods Under the Polyak-Łojasiewicz Condition , 2016, ECML/PKDD.

[5]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[6]  Houqiang Li,et al.  Convolutional Neural Networks with Generalized Attentional Pooling for Action Recognition , 2018, 2018 IEEE Visual Communications and Image Processing (VCIP).

[7]  Liwei Wang,et al.  Efficient Private ERM for Smooth Objectives , 2017, IJCAI.

[8]  Bingbing Ni,et al.  Video Prediction via Selective Sampling , 2018, NeurIPS.

[9]  Di Wang,et al.  Principal Component Analysis in the Local Differential Privacy Model , 2019, IJCAI.

[10]  Peter Richtárik,et al.  Global Convergence of Arbitrary-Block Gradient Methods for Generalized Polyak-{\L} ojasiewicz Functions , 2017, 1709.03014.

[11]  Anand D. Sarwate,et al.  A near-optimal algorithm for differentially-private principal components , 2012, J. Mach. Learn. Res..

[12]  Tassilo Klein,et al.  Differentially Private Federated Learning: A Client Level Perspective , 2017, ArXiv.

[13]  Guy N. Rothblum,et al.  Boosting and Differential Privacy , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[14]  Blaise Agüera y Arcas,et al.  Communication-Efficient Learning of Deep Networks from Decentralized Data , 2016, AISTATS.

[15]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[16]  Han Liu,et al.  Minimax-Optimal Privacy-Preserving Sparse PCA in Distributed Systems , 2018, AISTATS.

[17]  Raef Bassily,et al.  Differentially Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds , 2014, 1405.7085.

[18]  Rui Zhang,et al.  Mining Twitter to Assess the Determinants of Health Behavior towards Human Papillomavirus Vaccination in the United States , 2019, J. Am. Medical Informatics Assoc..

[19]  Di Wang,et al.  Differentially Private Empirical Risk Minimization with Smooth Non-Convex Loss Functions: A Non-Stationary View , 2019, AAAI.

[20]  Jian Sun,et al.  Delving Deep into Rectifiers: Surpassing Human-Level Performance on ImageNet Classification , 2015, 2015 IEEE International Conference on Computer Vision (ICCV).

[21]  Yarin Gal,et al.  Differentially Private Continual Learning , 2019, ArXiv.

[22]  Yanjiao Chen,et al.  InPrivate Digging: Enabling Tree-based Distributed Data Mining with Differential Privacy , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[23]  H. Brendan McMahan,et al.  Learning Differentially Private Recurrent Language Models , 2017, ICLR.

[24]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[25]  Ian Goodfellow,et al.  Deep Learning with Differential Privacy , 2016, CCS.