In federated learning (FL), differential privacy (DP) noise severely degrades model accuracy, creating a fundamental tension between privacy and utility. To address this, we propose a novel framework integrating structured model partitioning with statistical privacy amplification: the model is decomposed into locally private submodules and globally shared submodules, with Gaussian noise injected only into the latter. We theoretically characterize the combined privacy amplification arising from both stochastic client participation and local data subsampling, enabling substantial reduction in the required noise magnitude to achieve a target $(varepsilon,delta)$-DP guarantee. Our approach thus preserves strict DP while significantly improving convergence speed and final model accuracy. Experiments on CIFAR-10 and CIFAR-100 demonstrate absolute accuracy gains of 3.2–7.8 percentage points over state-of-the-art DP-FL baselines, achieving a markedly superior privacy–utility trade-off.

Federated Learning (FL) often adopts differential privacy (DP) to protect client data, but the added noise required for privacy guarantees can substantially degrade model accuracy. To resolve this challenge, we propose model-splitting privacy-amplified federated learning (MS-PAFL), a novel framework that combines structural model splitting with statistical privacy amplification. In this framework, each client's model is partitioned into a private submodel, retained locally, and a public submodel, shared for global aggregation. The calibrated Gaussian noise is injected only into the public submodel, thereby confining its adverse impact while preserving the utility of the local model. We further present a rigorous theoretical analysis that characterizes the joint privacy amplification achieved through random client participation and local data subsampling under this architecture. The analysis provides tight bounds on both single-round and total privacy loss, demonstrating that MS-PAFL significantly reduces the noise necessary to satisfy a target privacy protection level. Extensive experiments validate our theoretical findings, showing that MS-PAFL consistently attains a superior privacy-utility trade-off and enables the training of highly accurate models under strong privacy guarantees.