Federated Learning (FL) is a distributed machine learning framework that inherently allows edge devices to maintain their local training data, thus providing some level of privacy. However, FL's model updates still pose a risk of privacy leakage, which must be mitigated. Over-the-air FL (OTA-FL) is an adapted FL design for wireless edge networks that leverages the natural superposition property of the wireless medium. We propose a wireless physical layer (PHY) design for OTA-FL which improves differential privacy (DP) through a decentralized, dynamic power control that utilizes both inherent Gaussian noise in the wireless channel and a cooperative jammer (CJ) for additional artificial noise generation when higher privacy levels are required. Although primarily implemented within the Upcycled-FL framework, where a resource-efficient method with first-order approximations is used at every even iteration to decrease the required information from clients, our power control strategy is applicable to any FL framework, including FedAvg and FedProx as shown in the paper. This adaptation showcases the flexibility and effectiveness of our design across different learning algorithms while maintaining a strong emphasis on privacy. Our design removes the need for client-side artificial noise injection for DP, utilizing a cooperative jammer to enhance privacy without affecting transmission efficiency for higher privacy demands. Privacy analysis is provided using the Moments Accountant method. We perform a convergence analysis for non-convex objectives to tackle heterogeneous data distributions, highlighting the inherent trade-offs between privacy and accuracy. Numerical results show that our approach with various FL algorithms outperforms the state-of-the-art under the same DP conditions on the non-i.i.d. FEMNIST dataset, and highlight the cooperative jammer's effectiveness in ensuring strict privacy.

翻译：联邦学习（FL）是一种分布式机器学习框架，其固有特性允许边缘设备保持其本地训练数据，从而提供一定程度的隐私保护。然而，FL的模型更新仍存在隐私泄露风险，必须加以缓解。空中联邦学习（OTA-FL）是一种适用于无线边缘网络的改进FL设计，它利用了无线介质的自然叠加特性。我们提出了一种用于OTA-FL的无线物理层（PHY）设计，通过去中心化的动态功率控制来提升差分隐私（DP）水平。该设计利用无线信道固有的高斯噪声，并在需要更高隐私级别时，借助协作干扰器（CJ）产生额外的人工噪声。尽管主要在Upcycled-FL框架中实现（该框架在每次偶数迭代时使用一阶近似的资源高效方法以减少客户端所需信息），但我们的功率控制策略适用于包括FedAvg和FedProx在内的任何FL框架，如本文所示。这一适应性展示了我们设计在不同学习算法中的灵活性和有效性，同时保持了对隐私的高度重视。我们的设计无需客户端为DP注入人工噪声，而是利用协作干扰器来增强隐私，且不影响高隐私需求下的传输效率。我们使用矩会计方法进行了隐私分析。针对非凸目标进行了收敛性分析以处理异构数据分布，突出了隐私与准确性之间固有的权衡关系。数值结果表明，在非独立同分布的FEMNIST数据集上，采用多种FL算法的我们的方法在相同DP条件下优于现有最优方案，并凸显了协作干扰器在确保严格隐私方面的有效性。