Desafios e Soluções para Privacidade em Aprendizado Federado: Abordagem de Privacidade Diferencial

José Augusto Nogueira Florentino; Carlos Alberto Vieira Campos

doi:10.5753/wsis.2025.15784

José Augusto Nogueira Florentino UNIRIO
Carlos Alberto Vieira Campos UNIRIO

DOI: https://doi.org/10.5753/wsis.2025.15784

Resumo

Este artigo analisa a aplicação de privacidade diferencial (DP) em aprendizado federado (FL) usando PyTorch, investigando o trade-off entre privacidade e desempenho em dados não-IID. Experimentalmente, demonstramos que a DP impacta a acurácia e a perda, com maior rigor (ϵ=0,5) resultando em maior degradação, mas sem inviabilizar o sistema. A pesquisa confirma a relação inversa entre privacidade e qualidade do modelo, ressaltando a necessidade de balanceamento. Este trabalho contribui para a implementação prática de políticas de proteção de dados robustas em FL.

Palavras-chave: privacidade diferencial, aprendizado federado, dados não-IID, PyTorch, Opacus

Referências

Abadi, M., Chu, A., Goodfellow, I., McMahan, H. B., Mironov, I., Talwar, K., and Zhang, L. (2016). Deep learning with differential privacy. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pages 308–318.

Andrew, G., Thakkar, O., McMahan, B., and Ramaswamy, S. (2021). Differentially private learning with adaptive clipping. Advances in Neural Information Processing Systems, 34:17455–17466.

Beutel, D. J., Topal, T., Mathur, A., Qiu, X., Fernandez-Marques, J., Gao, Y., Sani, L., Li, K. H., Parcollet, T., De Gusmão, P. P. B., et al. (2020). Flower: A friendly federated learning research framework. arXiv preprint arXiv:2007.14390.

Dwork, C., McSherry, F., Nissim, K., and Smith, A. (2006). Calibrating noise to sensitivity in private data analysis. In Theory of cryptography conference, pages 265–284. Springer.

Geyer, R. C., Klein, T., and Nabi, M. (2017). Differentially private federated learning: A client level perspective. arXiv preprint arXiv:1712.07557.

Hsieh, K., Phanishayee, A., Mutlu, O., and Gibbons, P. (2020). The non-iid data quagmire of decentralized machine learning. In International Conference on Machine Learning, pages 4387–4398. PMLR.

Kim, S.-W., Kim, S., Kim, J., Ji, S., and Lee, S.-H. (2025). Fedwsq: Efficient federated learning with weight standardization and distribution-aware non-uniform quantization. arXiv preprint arXiv:2506.23516.

Li, T., Sahu, A. K., Talwalkar, A., and Smith, V. (2020). Federated learning: Challenges, methods, and future directions. IEEE signal processing magazine, 37(3):50–60.

McMahan, B., Moore, E., Ramage, D., Hampson, S., and y Arcas, B. A. (2017). Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics, pages 1273–1282. PMLR.

Paszke, A., Gross, S., Massa, F., Lerer, A., Bradbury, J., Chanan, G., Killeen, T., Lin, Z., Gimelshein, N., Antiga, L., et al. (2019). Pytorch: An imperative style, high-performance deep learning library. Advances in neural information processing systems, 32.

Truex, S., Liu, L., Chow, K.-H., Gursoy, M. E., and Wei, W. (2020). Ldp-fed: Federated learning with local differential privacy. In Proceedings of the third ACM international workshop on edge systems, analytics and networking, pages 61–66.

Vieira, F. and Campos, C. A. V. (2024). Reducing costs using normalization in federated learning in heterogeneous data distributions.

Wei, K., Li, J., Ding, M., Ma, C., Yang, H. H., Farokhi, F., Jin, S., Quek, T. Q., and Poor, H. V. (2020). Federated learning with differential privacy: Algorithms and performance analysis. IEEE transactions on information forensics and security, 15:3454–3469.