Cross-silo Federated Learning with Record-level Personalized Differential Privacy

TL;DR

This paper introduces rPDP-FL, a novel federated learning framework that personalizes differential privacy at the record level, optimizing privacy-utility trade-offs with a hybrid sampling scheme and a new mathematical model.

Contribution

It proposes a new framework for cross-silo federated learning with personalized differential privacy at the record level, including a novel sampling scheme and a model for privacy-utility optimization.

Findings

Significant performance improvements over non-personalized baselines.

Effective modeling of the nonlinear relationship between privacy budget and sampling probability.

Demonstrated the framework's ability to meet diverse privacy requirements.

Abstract

Federated learning (FL) enhanced by differential privacy has emerged as a popular approach to better safeguard the privacy of client-side data by protecting clients' contributions during the training process. Existing solutions typically assume a uniform privacy budget for all records and provide one-size-fits-all solutions that may not be adequate to meet each record's privacy requirement. In this paper, we explore the uncharted territory of cross-silo FL with record-level personalized differential privacy. We devise a novel framework named \textit{rPDP-FL}, employing a two-stage hybrid sampling scheme with both uniform client-level sampling and non-uniform record-level sampling to accommodate varying privacy requirements. A critical and non-trivial problem is how to determine the ideal per-record sampling probability $q$ given the personalized privacy budget $\varepsilon$. We introduce a versatile solution named \textit{Simulation-CurveFitting}, allowing us to uncover a significant insight into the nonlinear correlation between $q$ and $\varepsilon$ and derive an elegant mathematical model to tackle the problem. Our evaluation demonstrates that our solution can provide significant performance gains over the baselines that do not consider personalized privacy preservation.