Skip to main content
SpringerLink
Log in

Fast-adapting and privacy-preserving federated recommender system

  • Special Issue Paper
  • Published:
The VLDB Journal Aims and scope Submit manuscript

Abstract

In the mobile Internet era, recommender systems have become an irreplaceable tool to help users discover useful items, thus alleviating the information overload problem. Recent research on deep neural network (DNN)-based recommender systems have made significant progress in improving prediction accuracy, largely attributed to the widely accessible large-scale user data. Such data is commonly collected from users’ personal devices and then centrally stored in the cloud server to facilitate model training. However, with the rising public concerns on user privacy leakage in online platforms, online users are becoming increasingly anxious over abuses of user privacy. Therefore, it is urgent and beneficial to develop a recommender system that can achieve both high prediction accuracy and strong privacy protection. To this end, we propose a DNN-based recommendation model called PrivRec running on the decentralized federated learning (FL) environment, which ensures that a user’s data is fully retained on her/his personal device while contributing to training an accurate model. On the other hand, to better embrace the data heterogeneity (e.g., users’ data vary in scale and quality significantly) in FL, we innovatively introduce a first-order meta-learning method that enables fast on-device personalization with only a few data points. Furthermore, to defend against potential malicious participants that pose serious security threat to other users, we further develop a user-level differentially private model, namely DP-PrivRec, so attackers are unable to identify any arbitrary user from the trained model. To compensate for the loss by adding noise during model updates, we introduce a two-stage training approach. Finally, we conduct extensive experiments on two large-scale datasets in a simulated FL environment, and the results validate the superiority of both PrivRec and DP-PrivRec.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Notes

  1. https://github.com/yuxiangw/autodp

  2. http://baltrunas.info/research-menu/frappe

  3. https://grouplens.org/datasets/movielens/

References

  1. Abadi, M., Chu, A., Goodfellow, I., McMahan, H.B., Mironov, I., Talwar, K., Zhang, L.: Deep learning with differential privacy. In: SIGSAC, pp. 308–318 (2016)

  2. Acar, A., Aksu, H., Uluagac, A.S., Conti, M.: A survey on homomorphic encryption schemes: theory and implementation. ACM Comput. Surv. (CSUR) 51(4), 1–35 (2018)

    Article  Google Scholar 

  3. Ammad-Ud-Din, M., Ivannikova, E., Khan, S.A., Oyomno, W., Fu, Q., Tan, K.E., Flanagan, A.: Federated collaborative filtering for privacy-preserving personalized recommendation system. arXiv:1901.09888 (2019)

  4. Bonawitz, K., Eichner, H., Grieskamp, W., Huba, D., Ingerman, A., Ivanov, V., Kiddon, C., Konečnỳ, J., Mazzocchi, S., McMahan, H.B., et al.: Towards federated learning at scale: System design. arXiv:1902.01046 (2019)

  5. Bonawitz, K., Ivanov, V., Kreuter, B., Marcedone, A., McMahan, H.B., Patel, S., Ramage, D., Segal, A., Seth, K.: Practical secure aggregation for privacy-preserving machine learning. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 1175–1191 (2017)

  6. Briggs, C., Fan, Z., Andras, P.: Federated learning with hierarchical clustering of local updates to improve training on non-iid data. In: IJCNN, pp. 1–9. IEEE (2020)

  7. Caron, M., Bojanowski, P., Joulin, A., Douze, M.: Deep clustering for unsupervised learning of visual features. In: ECCV, pp. 132–149 (2018)

  8. Caruana, R.: Multitask learning. Mach. Learn. 28(1), 41–75 (1997)

    Article  MathSciNet  Google Scholar 

  9. Chen, F., Dong, Z., Li, Z., He, X.: Federated meta-learning for recommendation. arXiv:1802.07876 (2018)

  10. Chen, T., Yin, H., Chen, H., Yan, R., Nguyen, Q.V.H., Li, X.: Air: Attentional intention-aware recommender systems. In: ICDE, pp. 304–315. IEEE (2019)

  11. Chen, T., Yin, H., Zheng, Y., Huang, Z., Wang, Y., Wang, M.: Learning elastic embeddings for customizing on-device recommenders. KDD (2021)

  12. Cremonesi, P., Koren, Y., Turrin, R.: Performance of recommender algorithms on top-n recommendation tasks. In: RecSys, pp. 39–46 (2010)

  13. Deng, Y., Kamani, M.M., Mahdavi, M.: Adaptive personalized federated learning. arXiv:2003.13461 (2020)

  14. Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv:1810.04805 (2018)

  15. Doersch, C., Gupta, A., Efros, A.A.: Unsupervised visual representation learning by context prediction. In: ICCV, pp. 1422–1430 (2015)

  16. Dwork, C.: Differential privacy: A survey of results. In: International conference on theory and applications of models of computation, pp. 1–19. Springer (2008)

  17. Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: Privacy via distributed noise generation. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 486–503 (2006)

  18. Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Theory of cryptography conference, pp. 265–284. Springer (2006)

  19. Dwork, C., Roth, A., et al.: The algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci. 9(3–4), 211–407 (2014)

    MathSciNet  MATH  Google Scholar 

  20. Evans, D., Kolesnikov, V., Rosulek, M.: A pragmatic introduction to secure multi-party computation. Found. Trends Privacy Secur. 2, 2–3 (2017)

    Google Scholar 

  21. Fallah, A., Mokhtari, A., Ozdaglar, A.: Personalized federated learning: a meta-learning approach. arXiv:2002.07948 (2020)

  22. Finn, C., Abbeel, P., Levine, S.: Model-agnostic meta-learning for fast adaptation of deep networks. In: ICML, pp. 1126–1135 (2017)

  23. Flanagan, A., Oyomno, W., Grigorievskiy, A., Tan, K.E., Khan, S.A., Ammad-Ud-Din, M.: Federated multi-view matrix factorization for personalized recommendations. arXiv:2004.04256 (2020)

  24. Fung, B.C., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4), 1–53 (2010)

    Article  Google Scholar 

  25. Geyer, R.C., Klein, T., Nabi, M.: Differentially private federated learning: A client level perspective. arXiv:1712.07557 (2017)

  26. Guo, L., Yin, H., Wang, Q., Chen, T., Zhou, A., Quoc Viet Hung, N.: Streaming session-based recommendation. In: KDD, pp. 1569–1577 (2019)

  27. Hamm, J., Cao, Y., Belkin, M.: Learning privately from multiparty data. In: ICML, pp. 555–563 (2016)

  28. Hard, A., Rao, K., Mathews, R., Ramaswamy, S., Beaufays, F., Augenstein, S., Eichner, H., Kiddon, C., Ramage, D.: Federated learning for mobile keyboard prediction. rXiv:1811.03604 (2018)

  29. Hardy, S., Henecka, W., Ivey-Law, H., Nock, R., Patrini, G., Smith, G., Thorne, B.: Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. arXiv:1711.10677 (2017)

  30. He, X., Liao, L., Zhang, H., Nie, L., Hu, X., Chua, T.S.: Neural collaborative filtering. In: WWW, pp. 173–182 (2017)

  31. Hidasi, B., Karatzoglou, A., Baltrunas, L., Tikk, D.: Session-based recommendations with recurrent neural networks. arXiv:1511.06939 (2015)

  32. Hidasi, B., Quadrana, M., Karatzoglou, A., Tikk, D.: Parallel recurrent neural network architectures for feature-rich session-based recommendations. In: RecSys, pp. 241–248 (2016)

  33. Huang, P.S., He, X., Gao, J., Deng, L., Acero, A., Heck, L.: Learning deep structured semantic models for web search using clickthrough data. In: CIKM, pp. 2333–2338 (2013)

  34. Hung, N.Q.V., Viet, H.H., Tam, N.T., Weidlich, M., Yin, H., Zhou, X.: Computing crowd consensus with partial agreement. TKDE 30(1), 1–14 (2017)

    Google Scholar 

  35. Jalalirad, A., Scavuzzo, M., Capota, C., Sprague, M.: A simple and efficient federated recommender system. In: IEEE/ACM International Conference on Big Data Computing, Applications and Technologies, pp. 53–58 (2019)

  36. Jayaraman, B., Evans, D.: Evaluating differentially private machine learning in practice. In: USENIX, pp. 1895–1912 (2019)

  37. Jiang, Y., Konečnỳ, J., Rush, K., Kannan, S.: Improving federated learning personalization via model agnostic meta learning. arXiv:1909.12488 (2019)

  38. Kasiviswanathan, S.P., Lee, H.K., Nissim, K., Raskhodnikova, S., Smith, A.: What can we learn privately? SIAM J. Comput. 40(3), 793–826 (2011)

    Article  MathSciNet  Google Scholar 

  39. Khodak, M., Balcan, M.F.F., Talwalkar, A.S.: Adaptive gradient-based meta-learning methods. In: Neurips, pp. 5917–5928 (2019)

  40. Kolesnikov, A., Zhai, X., Beyer, L.: Revisiting self-supervised visual representation learning. In: CVPR, pp. 1920–1929 (2019)

  41. Kong, L., d’Autume, C.d.M., Ling, W., Yu, L., Dai, Z., Yogatama, D.: A mutual information maximization perspective of language representation learning. arXiv:1910.08350 (2019)

  42. Le, Q., Mikolov, T.: Distributed representations of sentences and documents. In: ICML, pp. 1188–1196. PMLR (2014)

  43. Li, T., Song, L., Fragouli, C.: Federated recommendation system via differential privacy. arXiv:2005.06670 (2020)

  44. Ma, C., Li, J., Ding, M., Yang, H.H., Shu, F., Quek, T.Q., Poor, H.V.: On safeguarding privacy and security in the framework of federated learning. IEEE Network (2020)

  45. Makri, E., Rotaru, D., Smart, N.P., Vercauteren, F.: Epic: efficient private image classification (or: Learning from the masters). In: Cryptographers Track at the RSA Conference, pp. 473–492. Springer (2019)

  46. Mansour, Y., Mohri, M., Ro, J., Suresh, A.T.: Three approaches for personalization with applications to federated learning. arXiv:2002.10619 (2020)

  47. Masi, I., Wu, Y., Hassner, T., Natarajan, P.: Deep face recognition: A survey. In: SIBGRAPI, pp. 471–478. IEEE (2018)

  48. McMahan, H.B., Andrew, G., Erlingsson, U., Chien, S., Mironov, I., Papernot, N., Kairouz, P.: A general approach to adding differential privacy to iterative training procedures. arXiv:1812.06210 (2018)

  49. McMahan, H.B., Ramage, D., Talwar, K., Zhang, L.: Learning differentially private recurrent language models. arXiv:1710.06963 (2017)

  50. Melis, L., Song, C., De Cristofaro, E., Shmatikov, V.: Exploiting unintended feature leakage in collaborative learning. In: IEEE Symposium on Security and Privacy, pp. 691–706 (2019)

  51. Nasr, M., Shokri, R., Houmansadr, A.: Comprehensive privacy analysis of deep learning: Stand-alone and federated learning under passive and active white-box inference attacks. arXiv:1812.00910 (2018)

  52. Nguyen, Q.V.H., Duong, C.T., Nguyen, T.T., Weidlich, M., Aberer, K., Yin, H., Zhou, X.: Argument discovery via crowdsourcing. VLDB J. 26(4), 511–535 (2017)

    Article  Google Scholar 

  53. Nichol, A., Achiam, J., Schulman, J.: On first-order meta-learning algorithms. arXiv:1803.02999 (2018)

  54. Nock, R., Hardy, S., Henecka, W., Ivey-Law, H., Patrini, G., Smith, G., Thorne, B.: Entity resolution and federated learning get a federated resolution. arXiv:1803.04035 (2018)

  55. Oord, A.v.d., Li, Y., Vinyals, O.: Representation learning with contrastive predictive coding. arXiv:1807.03748 (2018)

  56. Orekondy, T., Oh, S.J., Zhang, Y., Schiele, B., Fritz, M.: Gradient-leaks: Understanding and controlling deanonymization in federated learning. arXiv:1805.05838 (2018)

  57. Phan, N., Wu, X., Hu, H., Dou, D.: Adaptive laplace mechanism: Differential privacy preservation in deep learning. In: ICDM, pp. 385–394. IEEE (2017)

  58. Qiu, R., Huang, Z., Li, J., Yin, H.: Exploiting cross-session information for session-based recommendation with graph neural networks. TOIS 38(3), 1–23 (2020)

    Article  Google Scholar 

  59. Rahman, M.A., Rahman, T., Laganière, R., Mohammed, N., Wang, Y.: Membership inference attack against differentially private deep learning model. Trans. Data Privacy 11(1), 61–79 (2018)

    Google Scholar 

  60. Rajeswaran, A., Finn, C., Kakade, S., Levine, S.: Meta-learning with implicit gradients (2019)

  61. Ramaswamy, S., Mathews, R., Rao, K., Beaufays, F.: Federated learning for emoji prediction in a mobile keyboard. arXiv:1906.04329 (2019)

  62. Ribero, M., Henderson, J., Williamson, S., Vikalo, H.: Federating recommendations using differentially private prototypes. arXiv:2003.00602 (2020)

  63. Ryffel, T., Trask, A., Dahl, M., Wagner, B., Mancuso, J., Rueckert, D., Passerat-Palmbach, J.: A generic framework for privacy preserving deep learning. rXiv:1811.04017 (2018)

  64. Smith, V., Chiang, C.K., Sanjabi, M., Talwalkar, A.S.: Federated multi-task learning. Neurips 30, 4424–4434 (2017)

    Google Scholar 

  65. Song, S., Chaudhuri, K., Sarwate, A.D.: Stochastic gradient descent with differentially private updates. In: IEEE Global Conference on Signal and Information Processing, pp. 245–248 (2013)

  66. Sun, K., Qian, T., Chen, T., Liang, Y., Nguyen, Q.V.H., Yin, H.: Where to go next: modeling long-and short-term user preferences for point-of-interest recommendation. AAAI 34, 214–221 (2020)

    Article  Google Scholar 

  67. Thakkar, O., Andrew, G., McMahan, H.B.: Differentially private learning with adaptive clipping. arXiv:1905.03871 (2019)

  68. Truex, S., Liu, L., Gursoy, M.E., Wei, W., Yu, L.: Effects of differential privacy and data skewness on membership inference vulnerability. In: 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), pp. 82–91. IEEE (2019)

  69. Uhlerop, C., Slavković, A., Fienberg, S.E.: Privacy-preserving data sharing for genome-wide association studies. J. Privacy Confidentiality 5(1), 137 (2013)

    Google Scholar 

  70. Vanschoren, J.: Meta-learning: A survey. arXiv:1810.03548 (2018)

  71. Vilalta, R., Drissi, Y.: A perspective view and survey of meta-learning. Artif. Intell. Rev. 18(2), 77–95 (2002)

    Article  Google Scholar 

  72. Wang, H., Kaplan, Z., Niu, D., Li, B.: Optimizing federated learning on non-iid data with reinforcement learning. In: INFOCOM, pp. 1698–1707. IEEE (2020)

  73. Wang, M., Ren, P., Mei, L., Chen, Z., Ma, J., de Rijke, M.: A collaborative session-based recommendation approach with parallel memory modules. In: SIGIR, pp. 345–354 (2019)

  74. Wang, Q., Yin, H., Chen, T., Huang, Z., Wang, H., Zhao, Y., Viet Hung, N.Q.: Next point-of-interest recommendation on resource-constrained mobile devices. In: TheWebConf, pp. 906–916 (2020)

  75. Wang, Q., Yin, H., Hu, Z., Lian, D., Wang, H., Huang, Z.: Neural memory streaming recommender networks with adversarial training. In: KDD, pp. 2467–2475 (2018)

  76. Wang, S., Cao, L., Wang, Y., Sheng, Q.Z., Orgun, M., Lian, D.: A survey on session-based recommender systems. arXiv:1902.04864 (2019)

  77. Wang, S., Tuor, T., Salonidis, T., Leung, K.K., Makaya, C., He, T., Chan, K.: Adaptive federated learning in resource constrained edge computing systems. IEEE J. Sel. Areas Commun. 37(6), 1205–1221 (2019)

    Article  Google Scholar 

  78. Wang, Y., Yin, H., Chen, H., Wo, T., Xu, J., Zheng, K.: Origin-destination matrix prediction via graph convolution: a new perspective of passenger demand modeling. In: KDD, pp. 1227–1235 (2019)

  79. Wang, Y.X., Balle, B., Kasiviswanathan, S.P.: Subsampled rényi differential privacy and analytical moments accountant. In: International Conference on Artificial Intelligence and Statistics, pp. 1226–1235 (2019)

  80. Wang, Z., Song, M., Zhang, Z., Song, Y., Wang, Q., Qi, H.: Beyond inferring class representatives: User-level privacy leakage from federated learning. In: INFOCOM, pp. 2512–2520. IEEE (2019)

  81. Wang, Z., Wei, W., Cong, G., Li, X.L., Mao, X.L., Qiu, M.: Global context enhanced graph neural networks for session-based recommendation. In: SIGIR, pp. 169–178 (2020)

  82. Wu, C., Wu, F., Cao, Y., Huang, Y., Xie, X.: Fedgnn: Federated graph neural network for privacy-preserving recommendation. KDD (2021)

  83. Xia, X., Yin, H., Yu, J., Wang, Q., Cui, L., Zhang, X.: Self-supervised hypergraph convolutional networks for session-based recommendation. arXiv:2012.06852 (2020)

  84. Xu, J., Glicksberg, B.S., Su, C., Walker, P., Bian, J., Wang, F.: Federated learning for healthcare informatics. J. Healthcare Inform. Res. 5(1), 1–19 (2021)

    Article  Google Scholar 

  85. Yang, Q., Liu, Y., Chen, T., Tong, Y.: Federated machine learning: concept and applications. TIST 10(2), 1–19 (2019)

    Article  Google Scholar 

  86. Yin, H., Wang, Q., Zheng, K., Li, Z., Yang, J., Zhou, X.: Social influence-based group representation learning for group recommendation. In: ICDE, pp. 566–577 (2019)

  87. Zhang, J., Wang, J., Zhao, Y., Chen, B.: An efficient federated learning scheme with differential privacy in mobile edge computing. In: International Conference on Machine Learning and Intelligent Communications, pp. 538–550. Springer (2019)

  88. Zhang, S., Yao, L., Sun, A., Tay, Y.: Deep learning based recommender system: a survey and new perspectives. ACM Comput. Surv. 52(1), 1–38 (2019)

    Article  Google Scholar 

  89. Zhang, S., Yin, H., Chen, T., Huang, Z., Cui, L., Zhang, X.: Graph embedding for recommendation against attribute inference attacks. In: WWW, pp. 3002–3014 (2021)

  90. Zhang, S., Yin, H., Chen, T., Hung, Q.V.N., Huang, Z., Cui, L.: Gcn-based user representation learning for unifying robust recommendation and fraudster detection. In: SIGIR, pp. 689–698 (2020)

  91. Zhang, Y., Yang, Q.: A survey on multi-task learning. arXiv:1707.08114 (2017)

  92. Zhang, Y., Yin, H., Huang, Z., Du, X., Yang, G., Lian, D.: Discrete deep learning for fast content-aware recommendation. In: WSDM, pp. 717–726 (2018)

  93. Zhao, Y., Li, M., Lai, L., Suda, N., Civin, D., Chandra, V.: Federated learning with non-iid data. arXiv:1806.00582 (2018)

Download references

Acknowledgements

This work was supported by ARC Discovery Project (Grant No. DP190101985) and ARC Future Fellowship (FT210100624).

Author information

Authors and Affiliations

  1. School of Information Technology and Electrical Engineering, The University of Queensland, St Lucia, Australia

    Qinyong Wang, Hongzhi Yin, Tong Chen & Junliang Yu

  2. Hong Kong University of Science and Technology, Clear Water Bay, Hong Kong

    Alexander Zhou

  3. King Abdullah University of Science and Technology, Thuwal, Saudi Arabia

    Xiangliang Zhang

Authors
  1. Qinyong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hongzhi Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Junliang Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Alexander Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xiangliang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hongzhi Yin.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, Q., Yin, H., Chen, T. et al. Fast-adapting and privacy-preserving federated recommender system. The VLDB Journal 31, 877–896 (2022). https://doi.org/10.1007/s00778-021-00700-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00778-021-00700-6

Keywords

Search

Navigation