# 🛡️ Solutions — Differential Privacy in Federated Learning

Built by **Stu** 🚀

## Solutions to Exercises 1–10

In [1]:
federated_learning_definition = "Training machine learning models across multiple decentralized devices while keeping data local."

In [2]:
dp_in_fl_sketch = "Even without raw data upload, model updates can leak sensitive information; DP guards against this."

In [3]:
import numpy as np
np.random.seed(42)
client_gradients = np.random.normal(0, 1, size=(100, 5))
client_gradients[:5]

In [4]:
def clip_gradients(gradients, clip_norm=1.0):
    norms = np.linalg.norm(gradients, axis=1, keepdims=True)
    factors = np.minimum(1, clip_norm / (norms + 1e-6))
    return gradients * factors

clipped_gradients = clip_gradients(client_gradients)
clipped_gradients[:5]

In [5]:
def add_noise(gradients, noise_multiplier=1.0, clip_norm=1.0):
    noise = np.random.normal(0, noise_multiplier * clip_norm, size=gradients.shape)
    return gradients + noise

noisy_gradients = add_noise(clipped_gradients)
noisy_gradients[:5]

In [6]:
global_update = np.mean(noisy_gradients, axis=0)
global_update

In [7]:
noise_levels = [0.1, 0.5, 1.0, 2.0]
update_norms = []
for noise in noise_levels:
    noisy = add_noise(clipped_gradients, noise_multiplier=noise)
    update = np.mean(noisy, axis=0)
    update_norms.append(np.linalg.norm(update))

import matplotlib.pyplot as plt
plt.plot(noise_levels, update_norms)
plt.xlabel('Noise Multiplier')
plt.ylabel('Norm of Aggregated Update')
plt.title('Noise vs Update Norm')
plt.show()

In [8]:
fl_privacy_accuracy_reflection = "More noise → more privacy but slower or worse model convergence."

In [9]:
real_world_fl_apps = "Next-word prediction (Gboard), on-device personalization (recommendations), health data models."

In [10]:
future_fl_research = "Adaptive clipping, secure aggregation, DP accounting improvements for long training sessions."