In this paper, we study distributed training by majority vote with the sign stochastic gradient descent (signSGD) along with over-the-air computation (OAC) under local differential privacy constraints. In our approach, the users first clip the local stochastic gradients and inject a certain amount of noise as a privacy enhancement strategy. Subsequently, they activate the indices of OFDM subcarriers based on the signs of the perturbed local stochastic gradients to realize a frequency-shift-keying-based majority vote computation at the parameter server. We evaluate the privacy benefits of the proposed approach and characterize the per-user privacy leakage theoretically. Our results show that the proposed technique improves the privacy guarantees and limits the leakage to a scaling factor of <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$\mathcal{O}(1/\sqrt{K})$</tex>, where <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$K$</tex> is the number of users, thanks to the superposition property of the wireless channel. With numerical experiments, we show that the proposed non-coherent aggregation is superior to quadrature-phase-shift-keying-based coherent aggregation, namely, one-bit digital aggregation (OBDA), in learning accuracy under time synchronization errors when the same privacy enhancement strategy is introduced to both methods.
Discussion(0)
No comments yet. Be the first to comment.