Skip to main content

Advertisement

Springer Nature Link
Log in

Preserving differential privacy in neural networks for foreign object detection with heterogeneity-based noising among distributed devices

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Since foreign object intrusion is a cause of train accidents, railway image classification neural network is established to recognize any input railway images for intelligence control. With the cutting-edge technology and increasing data repositories emanating from Internet of Things (IoT) for driving system, Federated Learning (FL) has emerged as a prominent solution for training machine learning model in the context of distributed devices. Currently, federated learning can balance efficiency and security through differential privacy methods. In recent years, a noise adding mechanism in local differential privacy has provided a strict privacy guarantee for federated learning. However, two problems arise in the rail-driving system. On one hand, an attacker can still extract sensitive information from summation of data disturbed by zero mean noise generated by the existed noise adding mechanism. In this case, privacy concerns limit the publication of data in the IoT for driving system. On the other hand, a large variance of the noise makes the estimated average of the parameters of the model biased, which has an impact on the process of developing and refining Artificial Intelligence (AI) systems. To address these issues, we propose a federated learning framework of nonzero mean noise addition mechanism in differential privacy of deep networks based on fully homomorphic encryption and greedy average block Kaczmarz method, which is viewed as an improved AI application of foreign object detection in rail-driving system. Instead of zero mean noise, the nonzero mean noise to original data is determined locally according to the correlation between the local and global data distributions by a novel interior product calculation. As the means are different among the clients and unpredictable for attackers, the variance of the noise can be small while eliminating undue influence brought by a large variance of the zero mean noise in AI applications. Using fully homomorphic encryption and greedy average block Kaczmarz method, a denoising weighting aggregation strategy is derived without decryption of the mean to guarantee the privacy of individual device, while getting the real parameters on server. Moreover, the weight is generated completely randomly for safety. Meanwhile, the weight is associated with the heterogeneity of local data distribution across parties, balancing the trade-off between privacy loss and model performance. Experiments show that the proposed method provides a higher level of accuracy than the existed federated learning algorithms using the data collected by a number of devices, while it guarantees a better privacy during communications in driving system for multi-party machine learning tasks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data availability

The data supporting our findings are CIFAR10 and CIFAR100, which can be found on the Internet through Bing or Google search engine. We recommend the URL from the Department of Computer Science, University of Toronto, which is (https://www.cs.toronto.edu/~kriz/cifar.html).

Abbreviations

CIFAR10:

The CIFAR10 dataset consists of 60,000 color images in 10 classes, with 6000 images per class. There are 50,000 training images and 10,000 test images

CIFAR100:

The CIFAR10 is an imaging dataset. It has 100 classes containing 600 images each. There are 500 training images and 100 testing images per class. The 100 classes in the CIFAR100 are grouped into 20 superclasses. Each image comes with a "fine" label (the class to which it belongs) and a "coarse" label (the superclass to which it belongs)

IID:

One Features called Independent and Identically distributed in the dataset specially in federate learning

Non-IID:

One features called not independent and identically distributed in the dataset specially in federate learning

CKKS:

The CKKS (Cheon-Kim-Kim-Song) scheme is a leveled homomorphic encryption scheme that relies on the hardness of ring learning with errors problem for its security. CKKS supports approximate arithmetic on real and complex numbers with predefined precision

PDF:

A probability density function describes a probability distribution for a random, continuous variable. Use a probability density function to find the chances that the value of a random variable will occur within a range of values that you specify. More specifically, a PDF is a function where its integral for an interval provides the probability of a value occurring in that interval

VGG16:

VGG16 is a convolution neural net architecture that’s used for image recognition. It utilizes 16 layers with weights and is considered one of the best vision model architectures to date

FedAvg:

Federated averaging (FedAvg) is a communication efficient algorithm for the distributed training with an enormous number of clients in April 2021. In FedAvg, clients keep their data locally for privacy protection; a central parameter server is used to communicate between clients

pFedBayes:

Personalized federated learning via variational bayesian inference is the lateset algorithm on federated learning in 2022. This algorithm used weight uncertainty on neural networks for clients and the server to alleviate the overfitting. Also, each client updates its local distribution parameters by balancing its construction error over private data and its KL divergence to achieve personalization

RailSem19:

RailSem19 is a dataset for semantic rail scene understanding

References

  1. Li T, Sahu AK, Talwalkar A et al (2020) Federated learning: challenges, methods, and future directions[J]. IEEE Signal Process Mag 37(3):50–60

    Article  Google Scholar 

  2. Wang H, Yurochkin M, Sun Y et.al. (2020) Federated learning with matched averaging of neural networks. In: International Conference on Learning Representations

  3. Li Q, He B, Song D (2021) Model-contrastive federated learning. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp 10713–10722

  4. Duan M, Liu D, Chen X et al. (2019) Astraea: self-balancing federated learning for improving classification accuracy of mobile deep learning applications. In: IEEE 37th International Conference on Computer Design

  5. Bonawitz K, Ivanov V, Kreuter B et al. (2017) Practical secure aggregation for privacy-preserving machine learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17). Association for Computing Machinery, New York, NY, USA, pp 1175–1191

  6. Mao J, Cao C, Wang J et al. (2021) Research on the security technology of federated learning privacy preserving. In: Journal of Physics: Conference Series, pp 1757

  7. Friedman A, Schuster A (2010) Data mining with differential privacy. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp 493–502

  8. Geyer RC, Klein T, Nabi M et al. (2017) Differentially private federated learning: a client level perspective. NIPS

  9. Agarwal N, Kairouz P, Liu Z (2021) The skellam mechanism for differentially private federated learning. Neur IPS 34:5052–5064

    Google Scholar 

  10. Sabour S, Frosst N, and Hinton GE (2017) Dynamic routing between capsules. Advances in neural information processing systems

  11. Abadi M, Chu A, Goodfellow I et al. (2016) Deep learning with differential privacy[C]. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp 308-318

  12. Dwork C, Roth A (2014) The algorithmic foundations of differential privacy. Found Trends Theor Comput Sci 9(3–4):211–407

    MathSciNet  Google Scholar 

  13. McMahan H B, Moore E, Ramage D et al. (2017) Communication-efficient learning of deep networks from decentralized data.

  14. He K, Zhang X, Ren S et al (2016) Deep residual learning for image recognition[J]. IEEE 2016:770

    Google Scholar 

  15. Krizhevsky A (2009) Learning multiple layers of features from tiny images. http://www.cs.utoronto.ca/~kriz/cifar.html.

  16. Simonyan K, Zisserman A (2018) Very deep convolutional networks for large-scale image recognition. https: //arxiv.org/abs/1409.1556.

  17. Cheon JH, Kim A, Kim M et al. (2017) Homomorphic encryption for arithmetic of approximate numbers[C]. In: International Conference on the Theory and Application of Cryptology and Information Security. Springer, Cham, pp 409–437

  18. Triastcyn A, Faltings B (2019) Federated learning with bayesian differential privacy. In: 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA, pp 2587–2596. https://doi.org/10.1109/BigData47090.2019.9005465.

  19. Parastoo S, Mehdi K (2022) Offset-symmetric gaussians for differential privacy. IEEE Trans Inf Forensics Secur 17:2394–2409. https://doi.org/10.1109/TIFS.2022.3185770

    Article  Google Scholar 

  20. Chen B, Hawkins C, Karabag MO et al. (2023) Differential privacy in cooperative multiagent planning. CoRR abs/2301.08811

  21. Zhang X, Li Y, Li W et al. (2022) Personalized federated learning via variational bayesian inference[C]. In: International Conference on Machine Learning. PMLR, pp 26293–26310

  22. Jiang B, Li J, Yue G et al (2021) Differential privacy for industrial internet of things: opportunities, applications, and challenges[J]. IEEE Internet Things J 8(13):10430–10451

    Article  Google Scholar 

  23. Mothukuri V, Parizi RM, Pouriyeh S et al (2021) A survey on security and privacy of federated learning[J]. Futur Gener Comput Syst 115:619–640

    Article  Google Scholar 

  24. Li Y, Zuo Y, Song H et al (2021) Deep learning in security of internet of things[J]. IEEE Internet Things J 9(22):22133–22146

    Article  Google Scholar 

  25. Samardzic N, Feldmann A, Krastev A et al. (2021) F1: a fast and programmable accelerator for fully homomorphic encryption[C]. In: MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture, pp 238–252

  26. Niu YQ, Zheng B (2020) A greedy block Kaczmarz algorithm for solving large-scale linear systems[J]. Appl Math Lett 104:106294

    Article  MathSciNet  Google Scholar 

  27. Abdulrahman S, Tout H, Ould-Slimane H, Mourad A, Talhi C, Guizani M (2021) A survey on federated learning: the journey from centralized to distributed on-site learning and beyond. IEEE Internet Things J 8(7):5476–5497. https://doi.org/10.1109/JIoT.2020.3030072

    Article  Google Scholar 

  28. Qi K and Yang C (2020) Popularity prediction with federated learning for proactive caching at wireless edge. In: Proceedings IEEE Wireless Communication Network Conferences (WCNC), pp 1–6

  29. Liu T, Wang H, Ma M (2022) Federated learning for heterogeneous mobile edge device: a client selection game[C]. In: 2022 18th International Conference on Mobility, Sensing and Networking (MSN). IEEE, pp 897–902

  30. Wang S, Tuor T, Salonidis T et al (2019) Adaptive federated learning in resource constrained edge computing systems[J]. IEEE J Sel Areas Commun 37(6):1205–1221

    Article  Google Scholar 

  31. Cao X, Sun G, Yu H, Guizani M (2023) PerFED-GAN: personalized federated learning via generative adversarial networks. IEEE Internet Things J 10(5):3749–3762. https://doi.org/10.1109/JIoT.2022.3172114

    Article  Google Scholar 

  32. Chahoud M et al (2023) On-demand-FL: a dynamic and efficient multicriteria federated learning client deployment scheme. IEEE Internet Things J 10(18):15822–15834. https://doi.org/10.1109/JIoT.2023.3265564

    Article  Google Scholar 

  33. Malomo O, Rawat DB and Garuba M (2017) A federated cloud computing framework for adaptive cyber defense and distributed computing. In: Proceedings IEEE Conferences Computer Communication Workshops (INFOCOM WKSHPS), pp 1–6

  34. Malomo O, Rawat D, Garuba M (2020) Security through block vault in a blockchain enabled federated cloud framework. Appl Netw Sci 5(1):1–18

    Article  Google Scholar 

  35. Zhao Y, Zhao J, Jiang L et al (2020) Privacy-preserving blockchain-based federated learning for IoT devices[J]. IEEE Internet Things J 8(3):1817–1829

    Article  Google Scholar 

  36. Cetin B, Lazar A, Kim J, Sim A, and Wu K (2019) Federated wireless network intrusion detection. In: Proceedings IEEE International Conferences Big Data (Big Data), pp 6004–6006

  37. Yang W, Xiang W, Yang Y, Cheng P (2023) Optimizing federated learning with deep reinforcement learning for digital twin empowered industrial IoT. IEEE Trans Industr Inf 19(2):1884–1893. https://doi.org/10.1109/TII.2022.3183465

    Article  Google Scholar 

  38. Liu W, Cheng J, Wang X et al (2022) Hybrid differential privacy based federated learning for internet of things[J]. J Syst Archit 124:124. https://doi.org/10.1016/j.sysarc.2022.102418

    Article  Google Scholar 

  39. Ni L, Huang P, Wei Y et al (2021) Federated learning model with adaptive differential privacy protection in medical IoT[J]. Hindawi Limited, London

    Book  Google Scholar 

  40. Hua G, Zhu L, Wu J et al (2020) Blockchain-based federated learning for intelligent control in heavy haul railway. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3021253

    Article  Google Scholar 

  41. Zhou S, Du Y, Chen B, Li Y, Luan X (2022) An intelligent IoT sensing system for rail vehicle running states based on TinyML. IEEE Access 10:98860–98871. https://doi.org/10.1109/ACCESS.2022.3206954

    Article  Google Scholar 

  42. Chen W, Meng S, Jiang Y (2022) Foreign object detection in railway images based on an efficient two-stage convolutional neural network. Comput Intell Neurosci 2022:3749635. https://doi.org/10.1155/2022/3749635

    Article  Google Scholar 

  43. Zendel O, Murschitz M, Zeilinger M, Steininger D, Abbasi S and Beleznai C (2019) RailSem19: a dataset for semantic rail scene understanding. In: 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW), Long Beach, CA, USA, pp 1221–1229

Download references

Acknowledgements

This work is supported by Beijing Advanced Innovation Center for Future Blockchain and Privacy Computing and Innovative Entrepreneurship Project for College Students (Remote sensing image classification based on deep learning, 5112310860).

Funding

Innovative Entrepreneurship Project for College Students (Remote sensing image classification based on deep learning, 5112310860).

Author information

Authors and Affiliations

  1. School of Applied Science, Beijing Information Science and Technology University, Beijing, China

    Meng Wang, Qiong-Yun Wang, Zi-Xuan Zhang, Ya-Ning Feng & Yu-Feng Cao

  2. Telecommunication and Information Branch, State Grid Corporation of China, Beijing, China

    Ya-Hao Zhang

Authors
  1. Meng Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Qiong-Yun Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Ya-Hao Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Zi-Xuan Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Ya-Ning Feng
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Yu-Feng Cao
    View author publications

    You can also search for this author inPubMed Google Scholar

Contributions

Meng Wang is the first author of this work, she mainly demonstrated her ideas on the improvement of the Federated Learning by adding noise, she also finished some descriptions on the framework by mathematics formula and security analysis. Qiong-Yun Wang helps to prepare the local experimental files and also do some experiments both on the proposed methods and pFedBayes in CIFAR10. Ya-Hao Zhang is the communication author of the manuscript, who mainly took charge of the validation and visualization of the results on RailSem19. By coding on the data analyzing scripts on python, he converted the raw data into the accuracy rate in several tables and bar charts. He also modified the Introduction, Results and Discussion Sections. Zi-Xuan Zhang helps to finish coding and experiments on FedAvg in CIFAR10. Ya-Ning Feng helps to finish the experiments on CIFAR10, CIFAR100 and RailSem19. Her work focuses on data collection and so on. Yu-Feng Cao helps to finish the experiments, data collection and so on.

Corresponding author

Correspondence to Ya-Hao Zhang.

Ethics declarations

Conflict of interest

All authors disclosed no relevant relationships.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, M., Wang, QY., Zhang, YH. et al. Preserving differential privacy in neural networks for foreign object detection with heterogeneity-based noising among distributed devices. J Supercomput 80, 21447–21474 (2024). https://doi.org/10.1007/s11227-024-06243-1

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-024-06243-1

Keyword