We propose a general learning framework for the protection mechanisms that protects privacy via distorting model parameters, which facilitates the trade-off between privacy and utility. The algorithm is applicable to arbitrary privacy measurements that maps from the distortion to a real value. It can achieve personalized utility-privacy trade-off for each model parameter, on each client, at each communication round in federated learning. Such adaptive and fine-grained protection can improve the effectiveness of privacy-preserved federated learning. Theoretically, we show that gap between the utility loss of the protection hyperparameter output by our algorithm and that of the optimal protection hyperparameter is sub-linear in the total number of iterations. The sublinearity of our algorithm indicates that the average gap between the performance of our algorithm and that of the optimal performance goes to zero when the number of iterations goes to infinity. Further, we provide the convergence rate of our proposed algorithm. We conduct empirical results on benchmark datasets to verify that our method achieves better utility than the baseline methods under the same privacy budget.

翻译：我们提出了一种通用的保护机制学习框架，通过扭曲模型参数来保护隐私，从而促进隐私与效用之间的权衡。该算法适用于任意将扭曲映射为实值的隐私度量方法。它能够在联邦学习的每一轮通信中，为每个客户端上的每个模型参数实现个性化的隐私-效用权衡。这种自适应且细粒度的保护机制能够提升隐私保护联邦学习的有效性。理论上，我们证明了由算法输出的保护超参数导致的效用损失与最优保护超参数导致的效用损失之间的差距，在总迭代次数上是次线性的。算法的次线性特性表明，当迭代次数趋于无穷时，算法性能与最优性能之间的平均差距趋近于零。此外，我们给出了所提算法的收敛速率。我们在基准数据集上进行了实验验证，结果表明在相同隐私预算下，我们的方法比基线方法实现了更好的效用。