摘要
随着数据孤岛现象的出现和个人隐私保护的重视,集中学习的应用模式受到制约,而联邦学习作为一个分布式机器学习框架,可以在不泄露用户数据的前提下完成模型训练,从诞生之初就备受关注.伴随着联邦学习应用的推广,其安全性和隐私保护能力也开始受到质疑.对近年来国内外学者在联邦学习模型安全与隐私的研究成果进行了系统总结与分析.首先,介绍联邦学习的背景知识,明确其定义和工作流程,并分析存在的脆弱点.其次,分别对联邦学习存在的安全威胁和隐私风险进行系统分析和对比,并归纳总结现有的防护手段.最后,展望未来的研究挑战和方向.
As data silos emerge and importance is attached to personal privacy protection,the application modes of centralized learning are restricted,whereas federated learning has attracted great attention since it appeared owing to the fact that it,as a distributed machine learning framework,can accomplish model training without leaking users’data.As federated learning is increasingly widely applied,its security and privacy protection capability have also begun to be questioned.This study offers a systematic summary and analysis of the research achievements domestic and foreign researchers have made in recent years in the security and privacy of federated learning models.Specifically,this study outlines the background of federated learning,clarifies its definition and workflow,and analyzes its vulnerabilities.Then,the security threats and privacy risks against federated learning are systematically analyzed and compared respectively,and the existing defense methods are summarized.Finally,the prospects of this research area and the challenges ahead are presented.
作者
顾育豪
白跃彬
GU Yu-Hao;BAI Yue-Bin(School of Computer Science and Engineering,Beihang University,Beijing 100191,China)
出处
《软件学报》
EI
CSCD
北大核心
2023年第6期2833-2864,共32页
Journal of Software
基金
国家自然科学基金(61732002,61572062)。
关键词
联邦学习
安全和隐私
投毒攻击
推断攻击
防护方法
federated learning
security and privacy
poisoning attack
inference attack
defense method
