Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Backdoor Defense Method of Vertical Federated Learning Based on Clustering of Neuron Activation Values

A neuron and activation value technology, which is applied in the privacy and security field of commodity recommendation, can solve the problems such as the decrease in the accuracy of commodity recommendation tasks, the inability to balance backdoor defense performance and recommendation task performance, and the inability to defend against backdoor attacks, etc., to achieve the goal of improving defense capabilities Effect

Active Publication Date: 2022-05-10
浙江君同智能科技有限责任公司
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these two technologies are not suitable for product recommendation systems to defend against the threat of backdoor attacks. The differential privacy technology makes the accuracy of product recommendation tasks drop sharply by adding random noise, and cannot balance the performance of backdoor defense and recommendation task performance.
Gradient sparseness cannot defend the active party of the vertical federated recommendation system from backdoor attacks, mainly because the active party launches backdoor attacks that do not depend on the gradient information of the model

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Backdoor Defense Method of Vertical Federated Learning Based on Clustering of Neuron Activation Values
  • Backdoor Defense Method of Vertical Federated Learning Based on Clustering of Neuron Activation Values
  • Backdoor Defense Method of Vertical Federated Learning Based on Clustering of Neuron Activation Values

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, and do not limit the protection scope of the present invention.

[0045] Aiming at how to protect the model security in vertical federated learning, it is necessary to study an effective defense method in view of the risk of backdoor attacks after the vertical federated recommendation system is widely deployed in commercial scenarios. The present invention aims to propose a vertical federated learning backdoor defense method based on neuron activation value clustering from the perspective of collaborators in the vertical federated recommendation system. The specific technical concept is: backdoor attacks initiated by the active and pass...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a vertical federated learning backdoor defense method based on neuron activation value clustering, including: constructing a vertical federated recommendation system including multiple participants and collaborators; After the product-oriented links are constructed, the product-oriented links of potential backdoor attacks are effectively screened out by classifying the product-oriented links, and the product-oriented links of backdoor attacks are repaired by using the clustering results to guide the direction of backdoor attacks. Commodity samples are learned towards the correct prediction direction, so that the repaired commodity recommendation model can defend against backdoor attacks without obtaining the commodity samples of the participants; it also filters out the joint embedding representation with the same ID as the aggregate embedding representation of the backdoor attack Or attack repair, to prevent or improve the aggregation embedding representation of backdoor attacks, optimize the parameters of the product recommendation model, and improve the defense ability of the product recommendation model against backdoor attacks.

Description

technical field [0001] The invention belongs to the technical field of privacy security for product recommendation, and in particular relates to a backdoor defense method based on neuron activation value clustering for longitudinal federated learning. Background technique [0002] Deep learning has achieved excellent performance in complex and variable recommendation tasks, which makes it widely used and deployed in commodity recommendation systems in real scenarios. Compared with the traditional product recommendation system, the product recommendation system built by deep learning has further improved performance, which is mainly due to abundant computing resources and sufficient computing data. However, in recent years, some countries and regions have introduced data privacy protection regulations that restrict the large-scale collection of commercial data, which brings great challenges to the product recommendation system built by deep learning, and the following is the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06Q30/06G06K9/62G06N3/08
CPCG06Q30/0631G06N3/08G06F18/23213
Inventor 林昶廷韩蒙熊海洋陈晋音纪守领
Owner 浙江君同智能科技有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com