Seminário de Avaliação - Série A: Secure Aggregation Protocols for Federated Learning

Hora: 13h

Orientadores:
Fábio Borges de Oliveira - Laboratório Nacional de Computação Científica - LNCC

Banca Examinadora:
Fábio Borges de Oliveira - Laboratório Nacional de Computação Científica - LNCC (presidente)
Bruno Richard Schulze - Laboratório Nacional de Computação Científica - LNCC
Lisandro Zambenedetti Granville - Universidade Federal do Rio Grande do Sul - UFRGS

Suplentes:
Renato Portugal - Laboratório Nacional de Computação Científica - LNCC

Resumo:

In the age of big data, devices like smartphones, wearables, sensors, and so on continuously produce enormous amounts of information. These data are frequently employed to train machine learning models capable of executing various tasks, including image recognition, senti ment analysis, demand prediction, and others. Nonetheless, these data might be sensitive and encompass personal details, such as medical records, banking information, or consumer records, among others. The leakage of this data can have detrimental consequences on individuals' lives and lead to penalties for companies that infringe upon user privacy. Federated Learning (FL) is a viable method to safeguard data privacy. FL is a form of distributed machine learning wherein numerous devices work together to train a global model. FL guarantees that data remains on each individual device and that only gradients originating from local models are exchanged. FL can be categorized into two types: Centralized Federated Learning, which involves a central server orchestrating the aggregation of each member's model into a global model, and Decentralized Federated Learning, which eliminates the need for a central server to manage the aggregation process. However, merely by exchanging the model gra dients, specific attacks can reconstruct user data. This can potentially lead to a breach of the Federated Learning principle, which aims to ensure the confidentiality of local data. Hence, it is crucial to guarantee that only the outcome of combining all local models is shared without encryption. This thesis introduces two secure aggregation protocols for different types of Federated learning: Centralized Federated Learning and Decentralized Federated Learning. The protocol for Centralized Federated Learning utilizes Homomorphic Encryption, Dining Cryptographer's Networks (DC-Nets), and Shamir's Secret Sharing. On the other hand, the protocol for Decentralized Federated Learning combines the Multi-Secret Sharing scheme with a Dining Cryptographers Network. The proposed protocols were validated through simulations using the MNIST handwritten digit dataset. These protocols yield outcomes similar to the FedAvg protocol in federated learning while incorporating additional privacy into the models.