DP-FedSecure: A Secure and Efficient Federated Learning Scheme Based on Adaptive Differential Privacy

Abstract

Federated learning, as a paradigm of distributed machine learning, allows participants to collaboratively model without sharing data, effectively addressing the data island problem. However, relying solely on model transmission still poses privacy leakage risks. Hao et al. proposed an efficient and lightweight federated learning scheme, HLX+19, based on differential privacy, which demonstrates significant advantages in privacy protection and performance. However, we found that HLX+19 has inherent security vulnerabilities and limited scalability. Therefore, this paper first designs a reconstruction attack experiment aimed at approximating the recovery of original data from the noise-added data of HLX+19 in a collusion scenario. Subsequently, we propose DP-FedSecure, a federated learning privacy protection scheme based on adaptive noise. By adopting adaptive noise, we enhance the randomness of the noise distribution, thereby improving the security of the scheme. We conducted a security analysis of DP-FedSecure and experimentally validated its effectiveness in resisting reconstruction attacks. Finally, we performed comparative experiments on encryption efficiency and accuracy. The results indicate that, DP-FedSecure achieves approximately 97.43% improvement in encryption efficiency compared to HLX+19, and the impact of security parameters on encryption efficiency has been reduced from exponential to linear. Therefore, DP-FedSecure demonstrates high efficiency and good scalability in terms of encryption. Experiments on real-world datasets further validate the high accuracy of DP-FedSecure, while we balanced the relationship between security and accuracy through adaptive noise.