Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy as Commodity: MFG-RegretNet for Large-Scale Privacy Trading in Federated Learning

Kangkang Sun, Jianhua Li, Xiuzhen Chen, Weizhi Meng, Minyi Guo

Abstract

Federated Learning (FL) has emerged as a prominent paradigm for privacy-preserving distributed machine learning, yet two fundamental challenges hinder its large-scale adoption. First, gradient inversion attacks can reconstruct sensitive training data from uploaded model updates, so privacy risk persists even when raw data remain local. Second, without adequate monetary compensation, rational clients have little incentive to contribute high-quality gradients, limiting participation at scale. To address these challenges, a privacy trading market is developed in which clients sell their differential privacy budgets as a commodity and receive explicit economic compensation for privacy sacrifice. This market is formalized as a Privacy Auction Game (PAG), and the existence of a Bayesian Nash Equilibrium is established under dominant-strategy incentive compatibility (DSIC), individual rationality (IR), and budget feasibility. To overcome the NP-hard, high-dimensional Nash Equilibrium computation at scale, \textit{MFG-RegretNet} is introduced as a deep-learning-based auction mechanism that combines mean-field game (MFG) approximation with differentiable mechanism design. The MFG reduction lowers per-round computational complexity from $\mathcal{O}(N^2 \log N)$ to $\mathcal{O}(N)$ while incurring only an $\mathcal{O}(N^{-1/2})$ equilibrium approximation gap. Extensive experiments on MNIST and CIFAR-10 demonstrate that MFG-RegretNet outperforms state-of-the-art baselines in incentive compatibility, auction revenue, and social welfare, while maintaining competitive downstream FL model accuracy.

Privacy as Commodity: MFG-RegretNet for Large-Scale Privacy Trading in Federated Learning

Abstract

Federated Learning (FL) has emerged as a prominent paradigm for privacy-preserving distributed machine learning, yet two fundamental challenges hinder its large-scale adoption. First, gradient inversion attacks can reconstruct sensitive training data from uploaded model updates, so privacy risk persists even when raw data remain local. Second, without adequate monetary compensation, rational clients have little incentive to contribute high-quality gradients, limiting participation at scale. To address these challenges, a privacy trading market is developed in which clients sell their differential privacy budgets as a commodity and receive explicit economic compensation for privacy sacrifice. This market is formalized as a Privacy Auction Game (PAG), and the existence of a Bayesian Nash Equilibrium is established under dominant-strategy incentive compatibility (DSIC), individual rationality (IR), and budget feasibility. To overcome the NP-hard, high-dimensional Nash Equilibrium computation at scale, \textit{MFG-RegretNet} is introduced as a deep-learning-based auction mechanism that combines mean-field game (MFG) approximation with differentiable mechanism design. The MFG reduction lowers per-round computational complexity from to while incurring only an equilibrium approximation gap. Extensive experiments on MNIST and CIFAR-10 demonstrate that MFG-RegretNet outperforms state-of-the-art baselines in incentive compatibility, auction revenue, and social welfare, while maintaining competitive downstream FL model accuracy.

Paper Structure

This paper contains 52 sections, 9 theorems, 47 equations, 7 figures, 5 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Preliminaries
  4. Differential Privacy
  5. Federated Learning
  6. Privacy Trading Market and Privacy Auction Game
  7. Privacy Trading Market
  8. Privacy Auction Game (PAG)
  9. Privacy Auction Equilibrium
  10. Privacy-Aware Auction Federated Learning Mechanism
  11. PAG-FL Framework
  12. FL Privacy Auction Model
  13. Valuation Function of FLC
  14. Bidding Information
  15. FL Aggregation Mechanism
  16. ...and 37 more sections

Key Result

Theorem 1

In a PAG where privacy valuations $v_i$ of DOs are drawn from joint distribution $\mathcal{W}$, the cost function is linear $c(v_i,\epsilon_i)=\epsilon_i\cdot v_i$, and the mechanism $\mathcal{M}=(q,p)$ satisfies DSIC, IR, DT, and BF, there exists a Bayesian-Nash Equilibrium in which all rational bi

Figures (7)

  • Figure 1: Privacy Trading Market: the six-step auction process among DOs, the Auction Broker (AB), and DBs.
  • Figure 2: The PAG-FL framework showing six operational steps between the FL Server (FLS), FL Broker (FLB), and FL Clients (FLC).
  • Figure 3: MFG-RegretNet (Sec. \ref{['subsec:arch-fwd']}): forward map with $b_{\mathrm{MFG}}$; Sec. \ref{['subsec:train-mfg']}: training objective.
  • Figure 4: RQ1: Aggregate and distributional regret evaluation. In (a), lower mean/std indicates stronger approximate DSIC on average. In (b), a tighter box and lighter upper tail indicate fewer severely mis-incentivised clients.
  • Figure 5: RQ2: Scalability evaluation. ($a$) MFG-RegretNet achieves near-linear latency scaling, remaining close to the $\mathcal{O}(N)$ reference, while PAC/VCG/CSRA increase steeply with $N$. ($b$) Peak GPU memory remains low for MFG-RegretNet in the auction step, confirming the memory efficiency of the MFG reduction.
  • ...and 2 more figures

Theorems & Definitions (26)

  • Definition 1: PLDP jorgensen2015conservative
  • Remark 1: Threat Model and Trust Assumptions
  • Definition 2: Privacy Procurement Mechanism
  • Definition 3: Privacy Auction Equilibrium
  • Theorem 1: Privacy Auction Game Equilibrium
  • Remark 2: Scope of DSIC/DT Guarantees
  • Remark 3: PAC Formal Allocation Rule and DSIC Verification
  • Remark 4: Privacy Cost Is Not $\epsilon_i$-Invariant
  • Definition 4: Mean-Field Equilibrium (MFE)
  • Theorem 2: Existence of MFE
  • ...and 16 more