Bit-aware Randomized Response for Local Differential Privacy in Federated Learning

Phung Lai; Hai Phan; Li Xiong; Khang Tran; My Thai; Tong Sun; Franck Dernoncourt; Jiuxiang Gu; Nikolaos Barmpalios; Rajiv Jain

Bit-aware Randomized Response for Local Differential Privacy in Federated Learning

Phung Lai, Hai Phan, Li Xiong, Khang Tran, My Thai, Tong Sun, Franck Dernoncourt, Jiuxiang Gu, Nikolaos Barmpalios, Rajiv Jain

Published: 28 Jan 2022, Last Modified: 16 Mar 2023ICLR 2022 SubmittedReaders: Everyone

Keywords: local differential privacy, federated learning, bit-aware

Abstract: In this paper, we develop BitRand, a bit-aware randomized response algorithm, to preserve local differential privacy (LDP) in federated learning (FL). We encode embedded features extracted from clients' local data into binary encoding bits, in which different bits have different impacts on the embedded features. Based upon that, we randomize all the bits to preserve LDP with three key advantages: (1) Bit-aware: Bits with a more substantial influence on the model utility have smaller randomization probabilities, and vice-versa, under the same privacy protection; (2) Dimension-elastic: Increasing the dimensions of embedded features, gradients, model outcomes, and training rounds marginally affect the randomization probabilities of binary encoding bits under the same privacy protection; and (3) LDP protection is achieved for both embedded features and labels with tight privacy loss and expected error bounds ensuring high model utility. Extensive theoretical and experimental results show that our BitRand significantly outperforms various baseline approaches in text and image classification.

One-sentence Summary: In this paper, we develop BitRand, a novel bit-aware randomized response algorithm, to preserve local differential privacy (LDP) in federated learning (FL).

Supplementary Material: zip

25 Replies

Loading