[Paper Review] Towards Privacy-Preserving Medical Imaging: Federated Learning with Differential Privacy and Secure Aggregation Using a Modified ResNet Architecture
The paper proposes a privacy-preserving federated learning framework for medical imaging that combines local differential privacy, Secure Multi-Party Computation-based secure aggregation, and a DP-optimized ResNet (DPResNet), evaluated on BloodMNIST with non-IID data across multiple hospitals.
With increasing concerns over privacy in healthcare, especially for sensitive medical data, this research introduces a federated learning framework that combines local differential privacy and secure aggregation using Secure Multi-Party Computation for medical image classification. Further, we propose DPResNet, a modified ResNet architecture optimized for differential privacy. Leveraging the BloodMNIST benchmark dataset, we simulate a realistic data-sharing environment across different hospitals, addressing the distinct privacy challenges posed by federated healthcare data. Experimental results indicate that our privacy-preserving federated model achieves accuracy levels close to non-private models, surpassing traditional approaches while maintaining strict data confidentiality. By enhancing the privacy, efficiency, and reliability of healthcare data management, our approach offers substantial benefits to patients, healthcare providers, and the broader healthcare ecosystem.
Motivation & Objective
- Motivate privacy concerns in medical imaging and enable collaborative learning without raw data sharing.
- Develop a federated learning framework that integrates differential privacy and secure aggregation for medical image classification.
- Design and evaluate a DP-optimized ResNet architecture (DPResNet) suited for privacy-preserving settings.
- Simulate realistic multi-institutional data-sharing using BloodMNIST to assess privacy-utility trade-offs.
Proposed method
- Integrate Federated Averaging (FedAvg) with local differential privacy and gradient clipping, followed by Gaussian noise addition to updates.
- Apply Secure Multi-Party Computation-based Secure Aggregation (SecAgg) to privately aggregate DP-protected updates.
- Propose DPResNet, a modified ResNet-9 architecture with GroupNormalization and no max-pooling to improve compatibility with DP.
- Evaluate the framework on BloodMNIST under non-IID partitioning across 5–10–20 clients, with fixed clipping norm C=7 and DP budget (ε=6.0, δ=1.9e-4).
- Use SecAgg+ with a reconstruction threshold of four shares to handle client dropouts and maintain robustness.
Experimental results
Research questions
- RQ1Can a privacy-preserving federated learning framework achieve competitive accuracy in medical imaging while providing strong privacy guarantees?
- RQ2How does integrating differential privacy with secure aggregation affect model performance under non-IID hospital data?
- RQ3Does the DPResNet architecture improve performance and privacy compatibility compared to standard ResNet in federated, private settings?
- RQ4What are the trade-offs between privacy budget parameters and model accuracy in a realistic BloodMNIST simulation?
- RQ5How does the framework compare to PriMIA and FEDMIC in accuracy under privacy-preserving constraints?
Key findings
- The privacy-preserving FL framework achieves competitive accuracy close to non-private models under DP and SecAgg (e.g., BloodMNIST with 10 clients yields 98.11 with DP-/SecAgg+ and 97.78 with DP+/SecAgg+).
- With 20 clients, DP-/SecAgg+ yields 97.01 accuracy and DP+/SecAgg+ yields 96.89, illustrating privacy-utility trade-offs.
- Compared to PriMIA, the proposed approach attains higher accuracy under similar privacy settings (PriMIA: 10 clients show 89.00–90.00 across configurations).
- In the 20-client setting, FEDMIC achieves 96.33 under DP+/SecAgg+, indicating competitive performance against privacy-preserving baselines.
- The DPResNet architecture (GroupNormalization, removal of max-pooling) contributes to better privacy-utility balance in DP-FL.
- The framework demonstrates robust secure aggregation and privacy guarantees suitable for multi-institution medical imaging tasks.
Better researchstarts right now
From paper design to paper writing, dramatically reduce your research time.
No credit card · Free plan available
This review was created by AI and reviewed by human editors.