As one kind of distributed machine learning technique, federated learning enables multiple clients to build a model across decentralized data collaboratively without explicitly aggregating the data. Due to its ability to break data silos, federated learning has received increasing attention in many fields, including finance, healthcare, and education. However, the invisibility of clients' training data and the local training process result in some security issues. Recently, many works have been proposed to research the security attacks and defenses in federated learning, but there has been no special survey on poisoning attacks on federated learning and the corresponding defenses. In this paper, we investigate the most advanced schemes of federated learning poisoning attacks and defenses and point out the future directions in these areas.

翻译：作为一种分布式机器学习技术，联邦学习使多个客户端能够在去中心化数据上协同构建模型，而无需显式聚合数据。由于具备打破数据孤岛的能力，联邦学习在金融、医疗和教育等多个领域受到日益广泛的关注。然而，客户端训练数据的不可见性以及本地训练过程引发了一些安全问题。近期，已有诸多研究工作探讨联邦学习中的安全攻击与防御，但尚未有专门针对联邦学习投毒攻击及其对应防御的综述。本文对联邦学习投毒攻击与防御的最新方案进行了调研，并指出了这些领域的未来发展方向。