Federated Learning (FL) has emerged as a promising approach to address data privacy and confidentiality concerns by allowing multiple participants to construct a shared model without centralizing sensitive data. However, this decentralized paradigm introduces new security challenges, necessitating a comprehensive identification and classification of potential risks to ensure FL's security guarantees. This paper presents a comprehensive taxonomy of security and privacy challenges in Federated Learning (FL) across various machine learning models, including large language models. We specifically categorize attacks performed by the aggregator and participants, focusing on poisoning attacks, backdoor attacks, membership inference attacks, generative adversarial network (GAN) based attacks, and differential privacy attacks. Additionally, we propose new directions for future research, seeking innovative solutions to fortify FL systems against emerging security risks and uphold sensitive data confidentiality in distributed learning environments.

翻译：联邦学习（FL）已成为一种有前景的方法，通过允许多个参与方在不集中存储敏感数据的情况下构建共享模型，来解决数据隐私和保密性问题。然而，这种去中心化范式引入了新的安全挑战，需要全面识别和分类潜在风险，以确保FL的安全保障。本文对联邦学习（FL）在不同机器学习模型（包括大型语言模型）中的安全与隐私挑战进行了全面的分类。我们特别对聚合器和参与方发起的攻击进行了分类，重点关注投毒攻击、后门攻击、成员推断攻击、基于生成对抗网络（GAN）的攻击和差分隐私攻击。此外，我们提出了未来研究的新方向，寻求创新解决方案以加强FL系统应对新兴安全风险的能力，并在分布式学习环境中维护敏感数据的机密性。