Privacy and Fault-Tolerance in Distributed Optimization Nitin - PowerPoint PPT Presentation

Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at Urbana-Champaign

Acknowledgements Shripad Gade Lili Su

S X f i ( x ) ∈ argmin x ∈ X i =1 i

Applications f 1 (x) g fi(x) = cost for robot i x to go to location x x 1 g Minimize total cost of rendezvous x 2 S f 2 (x) X f i ( x ) ∈ argmin x ∈ X i =1 i

Applications f 1 (x) f 2 (x) Learning Minimize cost Σ f i (x) i f 3 (x) f 4 (x) 5

Outline S X f i ( x ) ∈ argmin x ∈ X i =1 i 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 & & & " " " 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 # # # % % % 𝑔 𝑔 𝑔 $ $ $ Distributed Privacy Fault-tolerance Optimization

Distributed Optimization Server 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 𝑔 𝑔 𝑔 & # " $ 7

Client-Server Architecture Server f 1 (x) f 2 (x) 𝑔 𝑔 𝑔 & # " 8 f 3 (x) f 4 (x)

Client-Server Architecture g Server maintains estimate 𝑦 ( 𝑦 ( g Client i knows 𝑔 ) (𝑦) Server 𝑔 𝑔 𝑔 & # "

Client-Server Architecture g Server maintains estimate 𝑦 ( 𝑦 ( g Client i knows 𝑔 ) (𝑦) Server 𝛼𝑔 ) (𝑦 ( ) In iteration k+1 g Client i 𝑔 𝑔 𝑔 & # " i Download 𝑦 ( from server i Upload gradient 𝛼𝑔 ) (𝑦 ( )

� Client-Server Architecture g Server maintains estimate 𝑦 ( g Client i knows 𝑔 ) (𝑦) Server 𝛼𝑔 ) (𝑦 ( ) In iteration k+1 g Client i 𝑔 𝑔 𝑔 & # " i Download 𝑦 ( from server i Upload gradient 𝛼𝑔 ) (𝑦 ( ) g Server 𝑦 (-& ⟵ 𝑦 ( − 𝛽 ( 2 𝛼𝑔 ) 𝑦 ( )

Variations g Stochastic g Asynchronous g … 12

Peer-to-Peer Architecture f 1 (x) f 2 (x) 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $ f 3 (x) f 4 (x)

Peer-to-Peer Architecture g Each agent maintains local estimate x g Consensus step with neighbors g Apply own gradient to own estimate 𝑦 (-& ⟵ 𝑦 ( − 𝛽 ( 𝛼𝑔 ) 𝑦 ( 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $

Outline S X f i ( x ) ∈ argmin x ∈ X i =1 i 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 & & & " " " 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 # # # % % % 𝑔 𝑔 𝑔 $ $ $ Distributed Privacy Fault-tolerance Optimization

Server 𝛼𝑔 ) (𝑦 ( ) 𝑔 𝑔 𝑔 & # "

Server 𝛼𝑔 ) (𝑦 ( ) 𝑔 𝑔 𝑔 & # " Server observes gradients è privacy compromised

Server 𝛼𝑔 ) (𝑦 ( ) 𝑔 𝑔 𝑔 & # " Server observes gradients è privacy compromised Achieve privacy and yet collaboratively optimize

Related Work g Cryptographic methods (homomorphic encryption) g Function transformation g Differential privacy 19

Differential Privacy Server 𝛼𝑔 ) 𝑦 ( + 𝜻 𝒍 𝑔 𝑔 𝑔 & # " 20

Differential Privacy Server 𝛼𝑔 ) 𝑦 ( + 𝜻 𝒍 𝑔 𝑔 𝑔 & # " Trade-off privacy with accuracy 21

Proposed Approach g Motivated by secret sharing g Exploit diversity … Multiple servers / neighbors 22

Proposed Approach Server 2 Server 1 𝑔 𝑔 𝑔 & # " Privacy if subset of servers adversarial 23

Proposed Approach 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $ Privacy if subset of neighbors adversarial 24

Proposed Approach g Structured noise that “cancels” over servers/neighbors 25

Intuition x 2 x 1 Server 2 Server 1 𝑔 𝑔 𝑔 " & # 26

Intuition x 2 x 1 Server 2 Server 1 𝑔 𝑔 𝑔 #& 𝑔 𝑔 "& 𝑔 && &# ## "# Each client simulates multiple clients 27

Intuition x 2 x 1 Server 2 Server 1 𝑔 𝑔 𝑔 #& 𝑔 𝑔 "& 𝑔 && &# ## "# 𝑔 && (𝑦) + 𝑔 &# 𝑦 = 𝑔 & 𝑦 𝑔 )8 (𝑦) not necessarily convex 28

Algorithm g Each server maintains an estimate In each iteration g Client i i Download estimates from corresponding server i Upload gradient of 𝑔 ) g Each server updates estimate using received gradients

Algorithm g Each server maintains an estimate In each iteration g Client i i Download estimates from corresponding server i Upload gradient of 𝑔 ) g Each server updates estimate using received gradients g Servers periodically exchange estimates to perform a consensus step

Claim g Under suitable assumptions, servers eventually reach consensus in S X f i ( x ) ∈ argmin x ∈ X i =1 i 31

Privacy 𝑔 && + 𝑔 #& + 𝑔 𝑔 #& + 𝑔 ## + 𝑔 "& "# Server 2 Server 1 𝑔 𝑔 𝑔 #& 𝑔 𝑔 "& 𝑔 && &# ## "# 32

Privacy 𝑔 && + 𝑔 #& + 𝑔 𝑔 #& + 𝑔 ## + 𝑔 "& "# Server 2 Server 1 𝑔 𝑔 𝑔 #& 𝑔 𝑔 "& 𝑔 && &# ## "# g Server 1 may learn 𝑔 && , 𝑔 #& , 𝑔 "& , 𝑔 #& + 𝑔 ## + 𝑔 "# g Not sufficient to learn 𝑔 ) 33

𝑔 && (𝑦) + 𝑔 &# 𝑦 = 𝑔 & 𝑦 g Function splitting not necessarily practical g Structured randomization as an alternative 34

Structured Randomization g Multiplicative or additive noise in gradients g Noise cancels over servers 35

Multiplicative Noise x 2 x 1 Server 2 Server 1 𝑔 𝑔 𝑔 " & # 36

Multiplicative Noise x 2 x 1 Server 2 Server 1 𝑔 𝑔 𝑔 " & # 37

Multiplicative Noise x 2 x 1 Server 2 Server 1 𝛽𝛼𝑔 𝛾𝛼𝑔 & (𝑦 2 ) & (x 1 ) 𝑔 𝑔 𝑔 " & # 𝛽 + 𝛾 =1 38

Multiplicative Noise x 2 x 1 Server 2 Server 1 𝛽𝛼𝑔 𝛾𝛼𝑔 & (𝑦 2 ) & (x 1 ) 𝑔 𝑔 𝑔 " & # Suffices for this invariant to hold 𝛽 + 𝛾 =1 over a larger number of iterations

Multiplicative Noise x 2 x 1 Server 2 Server 1 𝛽𝛼𝑔 𝛾𝛼𝑔 & (𝑦 2 ) & (x 1 ) 𝑔 𝑔 𝑔 " & # Noise from client i to server j 𝛽 + 𝛾 =1 not zero-mean

Claim g Under suitable assumptions, servers eventually reach consensus in S X f i ( x ) ∈ argmin x ∈ X i =1 i 41

Peer-to-Peer Architecture 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $

Reminder … g Each agent maintains local estimate x g Consensus step with neighbors g Apply own gradient to own estimate 𝑦 (-& ⟵ 𝑦 ( − 𝛽 ( 𝛼𝑔 ) 𝑦 ( 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $

Proposed Approach g Each agent shares noisy estimate with neighbors • Scheme 1 – Noise cancels over neighbors • Scheme 2 – Noise cancels network-wide 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $

Proposed Approach g Each agent shares noisy estimate with neighbors • Scheme 1 – Noise cancels over neighbors • Scheme 2 – Noise cancels network-wide x + ε 1 ε 1 + ε 2 = 0 (over iterations) 𝑔 𝑔 & " x + ε 2 𝑔 𝑔 # % 𝑔 $

Peer-to-Peer Architecture g Poster today Shripad Gade

Outline S X f i ( x ) ∈ argmin x ∈ X i =1 i 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 & & & " " " 𝑔 𝑔 𝑔 𝑔 𝑔 𝑔 # # # % % % 𝑔 𝑔 𝑔 $ $ $ Distributed Privacy Fault-tolerance Optimization

Fault-Tolerance g Some agents may be faulty g Need to produce “correct” output despite the faults 48

Byzantine Fault Model g No constraint on misbehavior of a faulty agent g May send bogus messages g Faulty agents can collude 49

Peer-to-Peer Architecture f 1 (x) g fi(x) = cost for robot i x to go to location x x 1 g Faulty agent may choose arbitrary cost function x 2 f 2 (x)

Peer-to-Peer Architecture 𝑔 𝑔 & " 𝑔 𝑔 # % 𝑔 $ 51

Client-Server Architecture Server 𝛼𝑔 ) (𝑦 ( ) 𝑔 𝑔 𝑔 & # "

Fault-Tolerant Optimization g The original problem is not meaningful S X f i ( x ) ∈ argmin x ∈ X i =1 i 53

Fault-Tolerant Optimization g The original problem is not meaningful S X f i ( x ) ∈ argmin x ∈ X i =1 i g Optimize cost over only non-faulty agents S X f i ( x ) ∈ argmin x ∈ X i =1 i good

Fault-Tolerant Optimization g The original problem is not meaningful S X f i ( x ) ∈ argmin x ∈ X i =1 i g Optimize cost over only non-faulty agents S X f i ( x ) ∈ argmin Impossible! x ∈ X i =1 i good

Fault-Tolerant Optimization g Optimize weighted cost over only non-faulty agents S X 𝛃 i f i ( x ) ∈ argmin x ∈ X i =1 i good g With 𝛃 i as close to 1/ good as possible

Fault-Tolerant Optimization g Optimize weighted cost over only non-faulty agents S X 𝛃 i f i ( x ) ∈ argmin x ∈ X i =1 i good With t Byzantine faulty agents: t weights may be 0

Fault-Tolerant Optimization g Optimize weighted cost over only non-faulty agents S X 𝛃 i f i ( x ) ∈ argmin x ∈ X i =1 i good t Byzantine agents, n total agents At least n-2t weights guaranteed to be > 1/2(n-t)