Federated Learning (FL) offers innovative solutions for privacy-preserving collaborative machine learning (ML). Despite its promising potential, FL is vulnerable to various attacks due to its distributed nature, affecting the entire life cycle of FL services. These threats can harm the model's utility or compromise participants' privacy, either directly or indirectly. In response, numerous defense frameworks have been proposed, demonstrating effectiveness in specific settings and scenarios. To provide a clear understanding of the current research landscape, this paper reviews the most representative and state-of-the-art threats and defense frameworks throughout the FL service life cycle. We start by identifying FL threats that harm utility and privacy, including those with potential or direct impacts. Then, we dive into the defense frameworks, analyze the relationship between threats and defenses, and compare the trade-offs among different defense strategies. Finally, we summarize current research bottlenecks and offer insights into future research directions to conclude this survey. We hope this survey sheds light on trustworthy FL research and contributes to the FL community.
翻译:联邦学习(FL)为隐私保护的协作机器学习(ML)提供了创新解决方案。尽管潜力巨大,但由于其分布式特性,FL在整个服务生命周期中易受多种攻击影响。这些威胁可能直接或间接损害模型效用或危害参与者隐私。为此,研究者提出了众多防御框架,并在特定设置和场景中证明了其有效性。为清晰展现当前研究图景,本文系统回顾了FL服务生命周期中最具代表性及最前沿的威胁与防御框架。我们首先识别损害效用与隐私的FL威胁,包括具有潜在或直接影响的安全风险。随后深入剖析防御框架,分析威胁与防御之间的关联,并比较不同防御策略间的权衡关系。最后,我们总结了当前研究瓶颈,并对未来研究方向提出见解以作结。本综述旨在为可信联邦学习研究提供指引,并为FL社区的发展贡献力量。