RaSA: Robust and Adaptive Secure Aggregation for Edge-Assisted Hierarchical Federated Learning

Abstract

Secure Aggregation (SA), in the Federated Learning (FL) setting, enables distributed clients to collaboratively learn a shared global model while keeping their raw data and local gradients private. However, when SA is implemented in edge-intelligence-driven FL, the open and heterogeneous environments will hinder model aggregation, slow down model convergence speed, and decrease model generalization ability. To address these issues, we present a Robust and adaptive Secure Aggregation (RaSA) protocol to guarantee robustness and privacy in the presence of non-IID data, heterogeneous system, and malicious edge servers. Specifically, we first design an adaptive weights updating strategy to address the non-IID data issue by considering the impact of both gradient similarity and gradient diversity on the model aggregation. Meanwhile, we enhance privacy protection by preventing privacy leakage from both gradients and aggregation weights. Different from previous work, we address system heterogeneity in the case of malicious attacks, and the malicious behavior from edge servers can be detected by the proposed verifiable approach. Moreover, we eliminate the influence of straggling communication links and dropouts on the model convergence by combining efficient product-coded computing with repetition-based secret sharing. Finally, we perform a theoretical analysis that proves the security of RaSA. Extensive experimental results show that RaSA can ensure model convergence without affecting the generalization ability under non-IID scenarios. Moreover, the decoding efficiency of RaSA achieves $1.33\times $ and $6.4\times $ faster than the state-of-the-art product-coded and one-dimensional coded computing schemes.