关键词: 联邦学习, 隐私保护, 攻击与防御, 机器学习, 鲁棒性与隐私性

Abstract: Federated learning is a distributed learning approach for solving the data sharing problem and privacy protection problem in machine learning, aiming at multiple parties to jointly train a machine learning model and protect the privacy of data. However, there are security threats inherent in federated learning, which makes federated learning face great challenges in practical applications. Therefore, analyzing the attacks faced by federation learning and the corresponding defensive measures are crucial for the development and application of federation learning. First, the definition, process and classification of federated learning were introduced, and the attacker model in federated learning was introduced. Then, the possible attacks in terms of both robustness and privacy of federated learning systems were introduced, and the corresponding defense measures for different attacks were introduced as well. Furthermore, the shortcomings of the defense schemes were also pointed out. Finally, a secure federated learning system was envisioned.

Key words: federated learning, privacy protection, attack and defense, machine learning, Robustness and privacy