Federated Edge Learning With Differential Privacy: An Active Reconfigurable Intelligent Surface Approach

Abstract

Federated edge learning (FL) has become an unprecedented machine learning paradigm that enables distributed training across multiple edge devices without sharing their private data. Nevertheless, recent privacy eavesdropping attacks have raised severe privacy concerns, which make FL untrustworsthy and thus hinder the wide deployment of FL in emerging high-stake applications, such as vehicular networks and healthcare industry. Fortunately, differential privacy (DP) provides a flexible approach by introducing additional randomness to the released model updates so that the eavesdroppers cannot divulge any private information. However, the injected perturbation ensures privacy at the expense of learning accuracy and communication cost, yielding an accuracy-privacy-communication dilemma. In this article, we propose an active reconfigurable intelligent surface (RIS) approach to tackle the dilemma in differentially private FL, which is achieved by exploiting the reconfigurability of active RIS to address the heterogeneous wireless links and privacy concerns, as well as the waveform superposition property with over-the-air computation (AirComp) for low-latency model aggregation. We comprehensively analyze the convergence behavior and systematic privacy guarantee of the active RIS-enabled differentially private FL system, followed by proposing a two-step online power adaptation scheme to minimize the learning optimality gap while satisfying the systematic privacy and power constraints by jointly designing the transmit scalar and artificial noise at the edge devices and the reflection beamforming pattern at the active RIS. Simulation results validate our theoretical achievements and demonstrate the advancements of active RIS in addressing the accuracy-privacy-communication dilemma in differentially private FL.