Secure and Private Over-The-Air Federated Learning: Biased and Unbiased Aggregation Design

Over-The-Air federated learning (OTA-FL) presents a promising paradigm that improves the efficiency of local update aggregation by leveraging the superposition property of wireless multiple access channels (MACs). However, it faces significant security and privacy concerns that demand careful consideration. To address these threats associated with OTA-FL, we develop a secure and private over-The-Air federated learning (SP-OTA-FL) framework, which can realize the secure and private aggregation for both OTA-FL with unbiased aggregation (UB-OTA-FL) and OTA-FL with biased aggregation (B-OTA-FL). In this framework, a subset of devices participate in training, while another subset functions as jammers, emitting jamming signals to enhance the security and privacy of the OTA-FL process. In particular, we measure the privacy leakage of users' data using differential privacy (DP) and introduce an innovative application of mean squared error security (MSE-security) to evaluate the security of the OTA-FL system. We conduct convergence analyses for both convex and non-convex loss functions. Building on these analytical results, we separately formulate optimization problems for UB-OTA-FL and B-OTA-FL to enhance the learning performance of SP-OTA-FL by strategically optimizing the scheduling of training participants and jammers. The effectiveness of the proposed schemes is verified through simulations.