Longitudinal federated learning backdoor defense method based on neuron activation value clustering

A neuron and activation value technology, applied in the privacy and security field of product recommendation, can solve the problems of decreased accuracy of product recommendation tasks, inability to defend against backdoor attacks, inability to balance backdoor defense performance and recommended task performance, etc. Effect

Active Publication Date: 2022-03-18
浙江君同智能科技有限责任公司
View PDF8 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these two technologies are not suitable for product recommendation systems to defend against the threat of backdoor attacks. The differential privacy technology makes the accuracy of product recommendation tasks drop sharply by adding random noise, and cannot balance the performance of backdoor defense and recommendation task performance.
Gradient sparseness cannot defend the active party of the vertical federated recommendation system from backdoor attacks, mainly because the active party launches backdoor attacks that do not depend on the gradient information of the model

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Longitudinal federated learning backdoor defense method based on neuron activation value clustering
  • Longitudinal federated learning backdoor defense method based on neuron activation value clustering
  • Longitudinal federated learning backdoor defense method based on neuron activation value clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the objects, technical solutions and advantages of the present invention, the present invention will be further described below with reference to the accompanying drawings and examples. It will be appreciated that the specific embodiments described herein are intended to explain the present invention and does not limit the scope of the invention.

[0045] In view of how to protect the model security issues in longitudinal federal learning, given a valid defensive method in view of the risks of the longitudinal federal recommendation system in business scenes. The present invention aims to propose longitudinal federal learning latte defense based on neuronal activation value clustering from the perspective of the longitudinal federated recommendation system, specific technical concept is: lattime attacks initiated by the initiative and passive in portrait federal recommendation system In the end, it will show the effect of injection of the back door, in part...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a longitudinal federated learning backdoor defense method based on neuron activation value clustering. The method comprises the following steps: constructing a longitudinal federated recommendation system comprising a plurality of participants and collaborators; and federated learning: after obtaining a constructed commodity guiding link corresponding to the aggregation embedding representation, the collaboration party classifies the commodity guiding link to effectively screen out a commodity guiding link with potential backdoor attack, and repairs the commodity guiding link with the backdoor attack by using a clustering result. The back door attack commodity sample is guided to learn towards a correct prediction direction, so that the commodity sample of a participant does not need to be obtained, and the repaired commodity recommendation model can defend the back door attack; and the joint embedded representation with the same ID as the aggregation embedded representation of the backdoor attack is filtered or attacked and repaired, so that the parameter optimization of the aggregation embedded representation of the backdoor attack on the commodity recommendation model is prevented or improved, and the defense capability of the commodity recommendation model on the backdoor attack is improved.

Description

Technical field [0001] The present invention belongs to the provision of privacy safety technology, which specifically relates to a longitudinal federal learning latte defense method based on neuronal activation value clustering. Background technique [0002] Deep learning excellent performance in complex and varied recommended tasks, which makes it gets large-scale applications and deployments in the commodity recommendation system in real scenes. Product recommendation systems constructed in deep learning have further improved their performance than traditional commodity recommendations, which is mainly due to rich computing resources and sufficient calculation data. However, in recent years, some countries and regions have issued data privacy protection regulations to limit the large-scale collection of commercial data, which brings great challenges to deep learning products recommended systems, and coming to enterprises. Data is island phenomenon. [0003] The commercial reco...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06Q30/06G06K9/62G06N3/08
CPCG06Q30/0631G06N3/08G06F18/23213
Inventor 林昶廷韩蒙熊海洋陈晋音纪守领
Owner 浙江君同智能科技有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap