Security of Federated Learning: Attacks, Defensive Mechanisms, and Challenges

Benmalek, Mourad; Benrekia, Mohamed Ali; Challal, Yacine

doi:10.18280/ria.360106

Cited by 18 publications

(14 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Non-split VFL Non-split VFL with coordinator [10], [21], [22] Non-split VFL without coordinator [11], [23], [24] Split VFL [25]- [27] Customized VFL [28]- [30] Figure 2: Taxonomy of VFL algorithms.…”

Section: Vfl Algorithmsmentioning

confidence: 99%

“…In the non-split VFL, each participant has a full model, and it computes the gradient according to (i) the local data it owns and (ii) the intermediate information (i.e., softmax) provisioned by other participants. According to the different organizing means of participants, the non-split VFL can be further divided into non-split VFL with coordinator [10], [21], [22] and non-split VFL without coordinator [11], [23], [24].…”

Section: A Non-split Vflmentioning

confidence: 99%

See 1 more Smart Citation

Vertical Federated Learning: Taxonomies, Threats, and Prospects

Li¹,

Thapa²,

Ong³

et al. 2023

Preprint

View full text Add to dashboard Cite

Federated learning (FL) is the most popular distributed machine learning technique. FL allows machine-learning models to be trained without acquiring raw data to a single point for processing. Instead, local models are trained with local data; the models are then shared and combined. This approach preserves data privacy as locally trained models are shared instead of the raw data themselves. Broadly, FL can be divided into horizontal federated learning (HFL) and vertical federated learning (VFL). For the former, different parties hold different samples over the same set of features; for the latter, different parties hold different feature data belonging to the same set of samples. In a number of practical scenarios, VFL is more relevant than HFL as different companies (e.g., bank and retailer) hold different features (e.g., credit history and shopping history) for the same set of customers. Although VFL is an emerging area of research, it is not well-established compared to HFL. Besides, VFL-related studies are dispersed, and their connections are not intuitive. Thus, this survey aims to bring these VFL-related studies to one place. Firstly, we classify existing VFL structures and algorithms. Secondly, we present the threats from security and privacy perspectives to VFL. Thirdly, for the benefit of future researchers, we discussed the challenges and prospects of VFL in detail.

show abstract

Section: Vfl Algorithmsmentioning

confidence: 99%

Section: A Non-split Vflmentioning

confidence: 99%

Vertical Federated Learning: Taxonomies, Threats, and Prospects

Li¹,

Thapa²,

Ong³

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The authors suggested a technology stack and valuable directions to mitigate those vulnerabilities. Benmalek et al [307] provided a holistic view of the security concerns in the FL paradigm. The authors have discussed various attacks and vulnerabilities in FL and recently developed promising defense mechanisms against them.…”

Section: B Potential Opportunities For Future Research In Privacy Domainmentioning

confidence: 99%

Toward Privacy Preservation Using Clustering Based Anonymization: Recent Advances and Future Research Outlook

2022

View full text Add to dashboard Cite

With the continuous increase in avenues of personal data generation, privacy protection has become a hot research topic resulting in various proposed mechanisms to address this social issue. The main technical solutions for guaranteeing a user's privacy are encryption, pseudonymization, anonymization, differential privacy (DP), and obfuscation. Despite the success of other solutions, anonymization has been widely used in commercial settings for privacy preservation because of its algorithmic simplicity and low computing overhead. It facilitates unconstrained analysis of published data that DP and the other latest techniques cannot offer, and it is a mainstream solution for responsible data science. In this paper, we present a comprehensive analysis of clustering-based anonymization mechanisms (CAMs) that have been recently proposed to preserve both privacy and utility in data publishing. We systematically categorize the existing CAMs based on heterogeneous types of data (tables, graphs, matrixes, etc.), and we present an up-to-date, extensive review of existing CAMs and the metrics used for their evaluation. We discuss the superiority and effectiveness of CAMs over traditional anonymization mechanisms. We highlight the significance of CAMs in different computing paradigms, such as social networks, the internet of things, cloud computing, AI, and location-based systems with regard to privacy preservation. Furthermore, we present various proposed representative CAMs that compromise individual privacy, rather than safeguarding it. Finally, we discuss the technical challenges of applying CAMs, and we suggest promising opportunities for future research. To the best of our knowledge, this is the first work to systematically cover current CAMs involving different data types and computing paradigms.

show abstract

“…However, methods such as advanced Byzantine actor detection and ML using model distillation were proposed. (Benmalek, M., Benrekia, M. A., & Challal, Y. ,2022)( Hayes, J., & Ohrimenko, O. ,2018),(Li, D., & Wang, J. ,2019…”

Section: Defensesmentioning

confidence: 99%

A Survey on Challenges of Federated Learning

Aliyev¹

2022

AzJHPC

View full text Add to dashboard Cite

Federated Learning is a new paradigm of Machine Learning. The main idea behind FL is to provide a decentralized approach to Machine Learning. Traditional ML algorithms are trained in servers with data collected by clients, but data privacy is the primary concern. This is where FL comes into play: all clients train their model locally and then share it with a global model in the server and receive it back. However, FL has problems, such as possible cyberattacks, aggregating most appropriately, scaling the non-IID data, etc. This paper highlights current attacks, defenses, pros and cons of aggregating methods, and types of non-IID data based on publications in this field.

show abstract

Security of Federated Learning: Attacks, Defensive Mechanisms, and Challenges

Cited by 18 publications

References 57 publications

Vertical Federated Learning: Taxonomies, Threats, and Prospects

Vertical Federated Learning: Taxonomies, Threats, and Prospects

Toward Privacy Preservation Using Clustering Based Anonymization: Recent Advances and Future Research Outlook

A Survey on Challenges of Federated Learning

Contact Info

Product

Resources

About