Papers
Topics
Authors
Recent
2000 character limit reached

A Fast, Performant, Secure Distributed Training Framework For Large Language Model (2401.09796v2)

Published 18 Jan 2024 in cs.LG and cs.CR

Abstract: The distributed (federated) LLM is an important method for co-training the domain-specific LLM using siloed data. However, maliciously stealing model parameters and data from the server or client side has become an urgent problem to be solved. In this paper, we propose a secure distributed LLM based on model slicing. In this case, we deploy the Trusted Execution Environment (TEE) on both the client and server side, and put the fine-tuned structure (LoRA or embedding of P-tuning v2) into the TEE. Then, secure communication is executed in the TEE and general environments through lightweight encryption. In order to further reduce the equipment cost as well as increase the model performance and accuracy, we propose a split fine-tuning scheme. In particular, we split the LLM by layers and place the latter layers in a server-side TEE (the client does not need a TEE). We then combine the proposed Sparsification Parameter Fine-tuning (SPF) with the LoRA part to improve the accuracy of the downstream task. Numerous experiments have shown that our method guarantees accuracy while maintaining security.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (20)
  1. “Peft: State-of-the-art parameter-efficient fine-tuning methods,” https://github.com/huggingface/peft, 2022.
  2. “LoRA: Low-rank adaptation of large language models,” in International Conference on Learning Representations, 2022.
  3. “P-tuning v2: Prompt tuning can be comparable to fine-tuning universally across scales and tasks,” arXiv preprint arXiv:2110.07602, 2021.
  4. “Federatedscope-llm: A comprehensive package for fine-tuning large language models in federated learning,” 2023.
  5. “Towards building the federated gpt: Federated instruction tuning,” arXiv preprint arXiv:2305.05644, 2023.
  6. “A survey on security and privacy of federated learning,” Future Generation Computer Systems, vol. 115, pp. 619–640, 2021.
  7. “Beyond inferring class representatives: User-level privacy leakage from federated learning,” in IEEE INFOCOM 2019-IEEE conference on computer communications. IEEE, 2019, pp. 2512–2520.
  8. “Privacy-preserving deep learning via additively homomorphic encryption,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 5, pp. 1333–1345, 2018.
  9. “Slalom: Fast, verifiable and private execution of neural networks in trusted hardware,” arXiv preprint arXiv:1806.03287, 2018.
  10. “Intel® software guard extensions (intel® sgx) support for dynamic memory management inside an enclave,” in Proceedings of the Hardware and Architectural Support for Security and Privacy 2016, pp. 1–9. 2016.
  11. “Intel. intel trust domain extensions,” https://www.intel.com/content/www/us/en/developer/tools/trust-domain-extensions/documentation.html.
  12. “cpsgd: Communication-efficient and differentially-private distributed sgd,” Advances in Neural Information Processing Systems, vol. 31, 2018.
  13. “Securenn: 3-party secure computation for neural network training.,” Proc. Priv. Enhancing Technol., vol. 2019, no. 3, pp. 26–49, 2019.
  14. “Amd memory encryption,” White paper, p. 13, 2016.
  15. Tiago Alves, “Trustzone: Integrated hardware and software security,” Information Quarterly, vol. 3, pp. 18–24, 2004.
  16. “Model protection: Real-time privacy-preserving inference service for model privacy at the edge,” IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 6, pp. 4270–4284, 2021.
  17. “Model stealing attacks against inductive graph neural networks,” in 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 2022, pp. 1175–1192.
  18. “Cblue: A chinese biomedical language understanding evaluation benchmark,” arXiv preprint arXiv:2106.08087, 2021.
  19. “Promptcblue,” https://github.com/michael-wzhu/PromptCBLUE, 2023.
  20. “GLM-130b: An open bilingual pre-trained model,” in The Eleventh International Conference on Learning Representations (ICLR), 2023.
Citations (10)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Dice Question Streamline Icon: https://streamlinehq.com

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

This paper has been mentioned in 1 tweet and received 1 like.

Upgrade to Pro to view all of the tweets about this paper:

Start a free 7-day Pro trial