FLRSP: Privacy-Preserving Federated Learning Using Randomly Selected Model Parameters

TL;DR

This paper introduces FLRSP, a federated learning approach that enhances privacy and robustness by randomly selecting model parameters for updates, maintaining accuracy in image classification tasks.

Contribution

The novel FLRSP method uses random parameter selection in federated learning to improve privacy and robustness without sacrificing model accuracy.

Findings

FLRSP achieves comparable accuracy to traditional methods.

FLRSP demonstrates increased robustness against attacks.

Experimental results on ResNet34 and ViT show effectiveness.

Abstract

In this paper, we propose a method for privacy-preserving federated learning that uses randomly selected model parameters to update global models. High-quality deep neural networks (DNN) models require a huge amount of training data in general, but model training raises privacy concerns when dealing with sensitive or personal information. Federated learning is a distributed machine learning framework in which multiple clients and a server train a model collaboratively. However, if the shared updates are compromised, an attacker may reconstruct the original training data. In addition, previous methods for improving robustness generally reduce the accuracy. To overcome these issues, in our method called federated learning using randomly selected model parameters (FLRSP), model parameters computed in each local server are randomly selected and shared to update a global model in a central server. In experiments, image classification tasks were carried out on the ResNet34 architecture and the Vision Transformer (ViT) under the use of Federated Stochastic Gradient Descent (FedSGD) and Federated Averaging (FedAvg), and the results demonstrated our method's effectiveness in terms of image classification accuracy and robustness against state-of-the-art attacks compared with previous methods.