:::info
Authors:
(1) Yosuke Kaga, Hitachi, Ltd., Japan;
(2) Yusei Suzuki, Hitachi, Ltd., Japan;
(3) Kenta Takahashi, Hitachi, Ltd., Japan.
:::
Table of Links
Abstract and I. Introduction
II. Related Work
III. IPFED
IV. Experiments
[V. Conclusion and References]()
Abstract—With the development of laws and regulations related to privacy preservation, it has become difficult to collect personal data to perform machine learning. In this context, federated learning, which is distributed learning without sharing personal data, has been proposed. In this paper, we focus on federated learning for user authentication. We show that it is difficult to achieve both privacy preservation and high accuracy with existing methods. To address these challenges, we propose IPFed which is privacy-preserving federated learning using random projection for class embedding. Furthermore, we prove that IPFed is capable of learning equivalent to the state-of-the-art method. Experiments on face image datasets show that IPFed can protect the privacy of personal data while maintaining the accuracy of the state-of-the-art method.
I. INTRODUCTION
User authentication, such as face recognition, has recently achieved dramatic improvements in accuracy through the application of deep learning, and one of the reasons for this is that large numbers of images have been collected through web crawling and used as training data [1]. However, in recent years, GDPR [2] and other privacy-related regulations have made it more difficult to collect personal data. In order to continue to improve the accuracy of user authentication, Privacy-Preserving Machine Learning (PPML) [3] is needed, which performs machine learning without directly collecting personal data. One of the most popular methods in PPML is federated learning [4], which can perform privacy-preserving distributed learning using personal data on the client, and it has attracted attention. Federated learning has been applied to user authentication [5]–[8]. However, these methods face the challenges of privacy of training data [5], [6] and model accuracy [7], [8]. We propose Identity Protected Federated Learning (IPFed) as a solution to this problem. The main contributions of our work are as follows.
• We develop IPFed, which is a method to perform federated learning for user authentication while preserving the privacy of personal data using random projection for class embeddings.
• We prove mathematically that IPFed can perform equivalent learning to the state-of-the-art method while preserving the privacy of the training data.
• Experiments on face image datasets show that the proposed method can learn models with equivalent accuracy to the state-of-the-art method.
II. RELATED WORKS
A. Federated learning
Federated learning is a method of machine learning in which training data is not shared but distributed across multiple devices. A typical federated learning algorithm is federated averaging (FedAvg) [4]. In this method, machine learning is performed while the personal data is kept in the clients, thus the privacy of training data can be preserved.
B. Federated learning for user authentication
Federated learning for user authentication is a method of learning a discriminator based on personal data such as fingerprints, faces, veins, etc., to determine a person’s identity. An overview of federated learning for user authentication is shown in Fig.1. Since a client is often occupied by a single person in user authentication, it is natural for a single client to contain the personal data of only one user. Under this assumption, it is difficult to train a model that can discriminate between others because it is not possible for the client to refer to the personal data of others.
Two main approaches have been proposed to solve this problem. The first one is [5], [6], a method where the learning server performs the learning to increase the distance between the embeddings of the others, and the second is [7], [8], a method where the clients randomly assign representative embeddings for each class (called class embedding). In the following, we will give an overview of each method.
FedAwS [5], FedFace [6]: Federated Averaging with Spreadout (FedAwS) [5] is the algorithm to realize federated learning for user authentication by learning to increase the distance between each other’s embeddings on the learning server side. Furthermore, Aggarwal et.al. introduce FedFace, which applies FedAwS to face recognition[6].
Hosseini at.el. [7], [8]: Next, we outline the second approach [7], [8]. In this method, class embeddings are randomly initialized and frozen on the client side, and are not shared with the learning server in order to preserve the privacy of the training data. The clients use the fixed class embedding to train the model, and the learning server aggregates the training results and updates the model parameter
C. Challenging of related work
From the above discussion, as far as we know, there is no method that can perform federated learning for user authentication with both high accuracy and privacy preservation of training data. Satisfying these two requirements is an important problem to be solved in the field of federated learning for user authentication.
:::info
This paper is available on arxiv under CC by 4.0 Deed (Attribution 4.0 International) license.
:::
