Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
41 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
41 tokens/sec
o3 Pro
7 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Differentially Private Low-Rank Adaptation of Large Language Model Using Federated Learning (2312.17493v2)

Published 29 Dec 2023 in cs.LG and cs.CR

Abstract: The surge in interest and application of LLMs has sparked a drive to fine-tune these models to suit specific applications, such as finance and medical science. However, concerns regarding data privacy have emerged, especially when multiple stakeholders aim to collaboratively enhance LLMs using sensitive data. In this scenario, federated learning becomes a natural choice, allowing decentralized fine-tuning without exposing raw data to central servers. Motivated by this, we investigate how data privacy can be ensured in LLM fine-tuning through practical federated learning approaches, enabling secure contributions from multiple parties to enhance LLMs. Yet, challenges arise: 1) despite avoiding raw data exposure, there is a risk of inferring sensitive information from model outputs, and 2) federated learning for LLMs incurs notable communication overhead. To address these challenges, this article introduces DP-LoRA, a novel federated learning algorithm tailored for LLMs. DP-LoRA preserves data privacy by employing a Gaussian mechanism that adds noise in weight updates, maintaining individual data privacy while facilitating collaborative model training. Moreover, DP-LoRA optimizes communication efficiency via low-rank adaptation, minimizing the transmission of updated weights during distributed training. The experimental results across medical, financial, and general datasets using various LLMs demonstrate that DP-LoRA effectively ensures strict privacy constraints while minimizing communication overhead.

PDF HTML Abstract
Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Bookmark Chat Bubble Oval Streamline Icon: https://streamlinehq.com Chat (Pro)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (60)
  1. Training language models to follow instructions with human feedback. Advances in Neural Information Processing Systems, 35:27730–27744, 2022.
  2. OpenAI. GPT-4 technical report. ArXiv, abs/2303.08774, 2023.
  3. BloombergGPT: A large language model for finance. arXiv preprint arXiv:2303.17564, 2023.
  4. FinGPT: Democratizing internet-scale data for financial large language models. orkshop on Instruction Tuning and Instruction Following, NeurIPS, 2023a.
  5. FinGPT: Open-source financial large language models. FinLLM at IJCAI, 2023.
  6. Dynamic datasets and market environments for financial reinforcement learning. Machine Learning Journal, Springer Nature, 2023b.
  7. Pixiu: A large language model, instruction data and evaluation benchmark for finance. arXiv preprint arXiv:2306.05443, 2023.
  8. Large language models encode clinical knowledge. Nature, pages 1–9, 2023.
  9. Ha-Thanh Nguyen. A brief report on lawgpt 1.0: A virtual legal assistant based on gpt-3. arXiv preprint arXiv:2302.05729, 2023.
  10. BioGPT: generative pre-trained transformer for biomedical text generation and mining. Briefings in Bioinformatics, 23(6):bbac409, 2022.
  11. Data-centric artificial intelligence: A survey. arXiv preprint arXiv:2303.10158, 2023a.
  12. Data-centric AI: Perspectives and challenges. In SDM, 2023b.
  13. LoRA: Low-rank adaptation of large language models. In International Conference on Learning Representations, 2021.
  14. Fine-tuning pretrained language models: Weight initializations, data orders, and early stopping. arXiv preprint arXiv:2002.06305, 2020.
  15. Differentially private fine-tuning of language models. International Conference on Learning Representations, 2021.
  16. Parameter-efficient fine-tuning of large-scale pre-trained language models. Nature Machine Intelligence, 5(3):220–235, 2023.
  17. Privacy-preserving prompt tuning for large language model services. arXiv preprint arXiv:2305.06212, 2023a.
  18. Glorin Sebastian. Privacy and data protection in chatgpt and other ai chatbots: Strategies for securing user information. Available at SSRN 4454761, 2023.
  19. A review of applications in federated learning. Computers & Industrial Engineering, 149:106854, 2020a.
  20. A survey on federated learning. Knowledge-Based Systems, 216:106775, 2021.
  21. Extracting training data from large language models. In 30th USENIX Security Symposium (USENIX Security 21), pages 2633–2650, 2021.
  22. Propile: Probing privacy leakage in large language models. arXiv preprint arXiv:2307.01881, 2023.
  23. Multi-step jailbreaking privacy attacks on chatgpt. arXiv preprint arXiv:2304.05197, 2023b.
  24. Federated learning: Strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492, 2016.
  25. Fedboost: A communication-efficient algorithm for federated learning. In International Conference on Machine Learning, pages 3973–3983. PMLR, 2020.
  26. Communication-efficient federated learning for resource-constrained edge devices. IEEE Transactions on Machine Learning in Communications and Networking, 2023.
  27. The secret sharer: Evaluating and testing unintended memorization in neural networks. In 28th USENIX Security Symposium (USENIX Security 19), pages 267–284, 2019.
  28. Selective differential privacy for language modeling. arXiv preprint arXiv:2108.12944, 2021.
  29. Large-scale differentially private bert. arXiv preprint arXiv:2108.01624, 2021.
  30. Learning and evaluating a differentially private pre-trained language model. In Findings of the Association for Computational Linguistics: EMNLP 2021, pages 1178–1189, 2021.
  31. Large language models can be strong differentially private learners. arXiv preprint arXiv:2110.05679, 2021.
  32. A survey of large language models. arXiv preprint arXiv:2303.18223, 2023.
  33. Language models are unsupervised multitask learners. OpenAI blog, 1(8):9, 2019.
  34. Language models are few-shot learners. Advances in neural information processing systems, 33:1877–1901, 2020.
  35. GPT-NEOX-20B: An open-source autoregressive language model. arXiv preprint arXiv:2204.06745, 2022.
  36. Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805, 2018.
  37. PaLM: Scaling language modeling with pathways. arXiv preprint arXiv:2204.02311, 2022.
  38. BLOOM: A 176B-parameter open-access multilingual language model. arXiv preprint arXiv:2211.05100, 2022.
  39. OPT: Open pre-trained transformer language models. arXiv preprint arXiv:2205.01068, 2022.
  40. Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288, 2023.
  41. QLoRA: Efficient finetuning of quantized llms. arXiv preprint arXiv:2305.14314, 2023.
  42. The power of scale for parameter-efficient prompt tuning. arXiv preprint arXiv:2104.08691, 2021.
  43. Lst: Ladder side-tuning for parameter and memory efficient transfer learning. Advances in Neural Information Processing Systems, 35:12991–13005, 2022.
  44. Winner-take-all column row sampling for memory efficient adaptation of language model. arXiv preprint arXiv:2305.15265, 2023c.
  45. Bitfit: Simple parameter-efficient fine-tuning for transformer-based masked language-models. arXiv preprint arXiv:2106.10199, 2021.
  46. Compacter: Efficient low-rank hypercomplex adapter layers. Advances in Neural Information Processing Systems, 34:1022–1035, 2021.
  47. Parameter-efficient transfer learning for nlp. In International Conference on Machine Learning, pages 2790–2799. PMLR, 2019.
  48. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics, pages 1273–1282. PMLR, 2017.
  49. Faster non-convex federated learning via global and local momentum. In Uncertainty in Artificial Intelligence, pages 496–506. PMLR, 2022.
  50. Federated optimization in heterogeneous networks. Proceedings of Machine learning and systems, 2:429–450, 2020b.
  51. Is local sgd better than minibatch sgd? In International Conference on Machine Learning, pages 10334–10343. PMLR, 2020.
  52. Scaffold: Stochastic controlled averaging for federated learning. In International conference on machine learning, pages 5132–5143. PMLR, 2020.
  53. Federated learning with differential privacy: Algorithms and performance analysis. IEEE Transactions on Information Forensics and Security, 15:3454–3469, 2020.
  54. Deep learning with differential privacy. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pages 308–318, 2016.
  55. Frank D McSherry. Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, pages 19–30, 2009.
  56. Intrinsic dimensionality explains the effectiveness of language model fine-tuning. arXiv preprint arXiv:2012.13255, 2020.
  57. Bounds on the sample complexity for private learning and private data release. Machine Learning, 94:401–437, 2014.
  58. The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, 9(3–4):211–407, 2014.
  59. Together Computer. Redpajama: An open source recipe to reproduce llama training dataset, 2023. URL https://github.com/togethercomputer/RedPajama-Data.
  60. Glm-130b: An open bilingual pre-trained model. arXiv preprint arXiv:2210.02414, 2022.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (7)
  1. Xiao-Yang Liu (62 papers)
  2. Rongyi Zhu (10 papers)
  3. Daochen Zha (56 papers)
  4. Jiechao Gao (21 papers)
  5. Shan Zhong (18 papers)
  6. Meikang Qiu (23 papers)
  7. Matt White (5 papers)
Citations (8)
View on Semantic Scholar
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets