This paper introduces ZIP-DL, a novel privacy-aware decentralized learning (DL) algorithm that relies on adding correlated noise to each model update during the model training process. This technique ensures that the added noise almost neutralizes itself during the aggregation process due to its correlation, thus minimizing the impact on model accuracy. In addition, ZIP-DL does not require multiple communication rounds for noise cancellation, addressing the common trade-off between privacy protection and communication overhead. We provide theoretical guarantees for both convergence speed and privacy guarantees, thereby making ZIP-DL applicable to practical scenarios. Our extensive experimental study shows that ZIP-DL achieves the best trade-off between vulnerability and accuracy. In particular, ZIP-DL (i) reduces the effectiveness of a linkability attack by up to 52 points compared to baseline DL, and (ii) achieves up to 37 more accuracy points for the same vulnerability under membership inference attacks against a privacy-preserving competitor

翻译：本文提出ZIP-DL，一种新颖的隐私感知去中心化学习算法，其核心在于模型训练过程中向每个模型更新添加相关噪声。该技术通过噪声间的相关性，确保在聚合过程中添加的噪声几乎相互抵消，从而最大限度地降低对模型精度的影响。此外，ZIP-DL无需多轮通信进行噪声消除，解决了隐私保护与通信开销之间的常见权衡问题。我们为收敛速度和隐私保障提供了理论保证，使ZIP-DL适用于实际场景。广泛的实验研究表明，ZIP-DL在脆弱性与精度之间实现了最佳平衡。具体而言，与基线DL相比，ZIP-DL（i）将链接攻击的有效性降低了最多52个百分点，且（ii）在针对隐私保护竞争对手的成员推断攻击下，相同脆弱性水平下实现了最多37个百分点的精度提升。