FedShield-LLM: A Secure and Scalable Federated Fine-Tuned Large Language Model

TL;DR

FedShield-LLM introduces a privacy-preserving federated fine-tuning approach for large language models, combining pruning, Fully Homomorphic Encryption, and Low-Rank Adaptation to enhance security, scalability, and efficiency.

Contribution

It presents a novel framework integrating pruning, FHE, and LoRA for secure, scalable federated LLM fine-tuning with improved performance and resource efficiency.

Findings

FedShield-LLM outperforms existing methods in collaborative performance.

The approach reduces computational and communication overhead.

Experiments on Llama-2 models demonstrate practical deployment benefits.

Abstract

Federated Learning (FL) offers a decentralized framework for training and fine-tuning Large Language Models (LLMs) by leveraging computational resources across organizations while keeping sensitive data on local devices. It addresses privacy and security concerns while navigating challenges associated with the substantial computational demands of LLMs, which can be prohibitive for small and medium-sized organizations. FL supports the development of task-specific LLMs for cross-silo applications through fine-tuning but remains vulnerable to inference-related risks that threaten sensitive information. Prior studies have utilized Differential Privacy (DP) in LLM fine-tuning, which, despite being effective at preserving privacy, can degrade model performance. To overcome these challenges, we propose FedShield-LLM which integrates pruning with Fully Homomorphic Encryption (FHE) applied to Low-Rank Adaptation (LoRA) parameters. This combination enables secure computation over encrypted model updates and reduces the attack surface by deactivating less important LoRA parameters. Furthermore, optimized federated algorithms for cross-silo environments enhance scalability and efficiency. Parameter-efficient fine-tuning techniques like LoRA substantially reduce computational and communication overhead, making FL feasible for resource-constrained clients. Extensive experiments using Llama-2 models (7B and 13B) on four diverse datasets demonstrate that FedShield-LLM achieves superior collaborative performance and system efficiency compared to existing methods, supporting practical deployment across multiple domains.