Differentially Private Vertical Federated Learning With Adaptive Constraints and Dynamic Noise

Vertical Federated Learning (VFL) has gained widespread attention due to its ability of enabling collaborative model training among participants with diverse data features. Differential Privacy (DP) offers provable privacy guarantees for VFL, but existing DP-based methods typically compromise accuracy for privacy protection. To address this issue, we propose a novel scheme, called Adaptive Differential Privacy-based Vertical Federated Learning (Ada-VFed), that enhances privacy of data features and labels by adding Gaussian noise separately to the transmitted intermediate results and gradients. To improve model accuracy, we incorporate adaptive constraints through regularization terms in the objective function to mitigate the impact of clipping operations. In addition, we propose a dynamic noise injection mechanism that adjusts noise according to the importance of each dimension, thereby balancing privacy protection and model accuracy. Our theoretical analysis provides privacy guarantees and convergence insights. Extensive experiments demonstrated that our scheme significantly outperforms state-of-the-art DP-based VFL methods in terms of accuracy. Even with a small privacy budget (e.g., ϵ = 0.5 ), our method improves the accuracy on MNIST, FashionMNIST, and CIFAR-10 by 13.01%, 10.08%, and 3.40%, respectively, compared to traditional DP-based VFL methods.