Federated learning (FL), a novel branch of distributed machine learning (ML), develops global models through a private procedure without direct access to local datasets. However, it is still possible to access the model updates (gradient updates of deep neural networks) transferred between clients and servers, potentially revealing sensitive local information to adversaries using model inversion attacks. Differential privacy (DP) offers a promising approach to addressing this issue by adding noise to the parameters. On the other hand, heterogeneities in data structure, storage, communication, and computational capabilities of devices can cause convergence problems and delays in developing the global model. A personalized weighted averaging of local parameters based on the resources of each device can yield a better aggregated model in each round. In this paper, to efficiently preserve privacy, we propose a personalized DP framework that injects noise based on clients' relative impact factors and aggregates parameters while considering heterogeneities and adjusting properties. To fulfill the DP requirements, we first analyze the convergence boundary of the FL algorithm when impact factors are personalized and fixed throughout the learning process. We then further study the convergence property considering time-varying (adaptive) impact factors.

翻译：联邦学习（FL）作为分布式机器学习（ML）的一个新兴分支，通过不直接访问本地数据集的私有流程来开发全局模型。然而，攻击者仍可能访问在客户端与服务器之间传输的模型更新（深度神经网络的梯度更新），并可能通过模型反转攻击泄露敏感的本地信息。差分隐私（DP）通过向参数添加噪声，为解决此问题提供了一种有前景的方法。另一方面，设备在数据结构、存储、通信和计算能力方面的异构性可能导致收敛问题并延迟全局模型的开发。基于每个设备的资源对本地参数进行个性化的加权平均，可以在每一轮产生更好的聚合模型。本文为有效保护隐私，提出了一种个性化DP框架，该框架基于客户的相对影响因子注入噪声，并在考虑异构性和调整属性的同时聚合参数。为满足DP要求，我们首先分析了当影响因子在整个学习过程中个性化和固定时FL算法的收敛边界。随后，我们进一步研究了考虑时变（自适应）影响因子的收敛特性。