Federated learning allows AI models to train on data from multiple sources, such as smartphones or hospitals, without sharing sensitive information directly. However, adding privacy protections often degrades model performance, limiting real-world applications. Researchers have developed DP-FedPGN, an algorithm that addresses this by finding flatter optima in the model's loss landscape, significantly improving generalization under differential privacy constraints.
The key finding is that DP-FedPGN reduces the sharpness of loss landscapes, which are typically exacerbated by noise injection and gradient clipping in private federated learning. This approach penalizes the gradient norm during local training, guiding models toward flatter minima that are more robust to data heterogeneity and privacy noise. For example, on CIFAR-100 with high data heterogeneity, DP-FedPGN achieved a test accuracy of 61.80%, compared to 45.53% for baseline methods like DP-FedAvg.
Methodologically, the algorithm integrates a gradient penalty term into the local loss function, encouraging optimizers to converge to regions with lower curvature. It uses momentum-based updates and Laplacian smoothing (in DP-FedPGN-LS) to align local and global model objectives, reducing divergence between clients. The researchers provided theoretical convergence guarantees and sensitivity analysis, showing faster convergence and lower noise impact compared to existing methods like DP-FedSAM.
Results from extensive experiments on ResNet and Transformer models across six vision and natural language processing tasks demonstrate consistent improvements. DP-FedPGN-LS, for instance, reached 70.72% accuracy on CIFAR-10 with ResNet-18 under Dirichlet-0.1 heterogeneity, requiring only 21 communication rounds to achieve 10% accuracy—a 3.4× acceleration over baselines. Visualization of loss landscapes in Figures 1-3 and 8 confirms flatter surfaces, and analysis in Figure 6 shows reduced gradient norms, minimizing information loss during clipping.
This advancement matters because it enables more reliable AI in privacy-sensitive domains like healthcare and finance, where data cannot be centralized. By balancing privacy and performance, DP-FedPGN supports scalable federated learning without compromising on accuracy, potentially accelerating deployments in regulated industries.
Limitations include the need for careful hyperparameter tuning, such as perturbation radius and Laplacian coefficients, and the algorithm's performance may vary with extreme data imbalances. The paper notes that while DP-FedPGN mitigates degradation, it does not eliminate all privacy-utility trade-offs, and further research is needed for non-convex optimization in highly heterogeneous settings.
About the Author
Guilherme A.
Former dentist (MD) from Brazil, 41 years old, husband, and AI enthusiast. In 2020, he transitioned from a decade-long career in dentistry to pursue his passion for technology, entrepreneurship, and helping others grow.
Connect on LinkedIn