期刊文献+

联邦学习的隐私保护与安全防御研究综述 被引量:24

A Survey on Privacy and Security Issues in Federated Learning
下载PDF
导出
摘要 联邦学习作为人工智能领域的新兴技术,它兼顾处理“数据孤岛”和隐私保护问题,将分散的数据方联合起来训练全局模型同时保持每一方的数据留在本地.联邦学习在很大程度上给需要将数据融合处理的数据敏感型应用带来了希望,但它仍然存在一些潜在的隐私泄露隐患和数据安全问题.为了进一步探究基于联邦学习的隐私保护和安全防御技术研究现状,本文对联邦学习的隐私和安全问题在现有最前沿的研究成果上进行了更清晰的分类,并对威胁隐私和安全的手段进行了威胁强度的划分.本文首先介绍了涉及联邦学习隐私和安全问题的威胁根源,并从多个方面罗列了其在联邦学习中的破坏手段及威胁性.其次,本文总结了关于联邦学习隐私和安全问题所面临的挑战.对于隐私保护而言,本文同时分析了包括单个恶意参与方或中央服务器的攻击和多方恶意合谋泄露隐私的场景,并探讨了相应的最先进保护技术.对于安全问题而言,本文着重分析了影响全局模型性能的多种恶意攻击手段,并系统性地阐述了先进的安全防御方案,以帮助规避构建安全的大规模分布式联邦学习计算环境中潜在的风险.同时与其他联邦学习相关综述论文相比,本文还介绍了联邦学习的多方恶意合谋问题,对比分析了现有的联邦安全聚合算法及安全开源框架,致力于为研究人员提供该领域更清晰的视野.最后,本文讨论了联邦学习技术面临的挑战和未来研究方向,以期望进一步推进联邦学习在人工智能场景下的安全应用. As an emerging technology of artificial intelligence,federated learning takes into account the issues of“isolated data islands”and data privacy protection.Federated learning can assist data fusion processing for data-sensitive applications by allowing distributed data participants to train a global model while keeping each participant’s data locally.However,Federated learning encounters data privacy leak risks and various attacks.In order to explore the current research status on privacy protection and security attacks in federated learning,this paper makes a clear classification of the state-of-the-art methods.In this paper,we first introduce the threats to privacy and security in federated learning from many aspects.For privacy protection,we analyze the root causes of privacy threats from multiple scenarios,including single malicious participant attacks,central server attacks,and multiple participants malicious collusion attacks to leak privacy.At the same time,we describe the specific attack process and the attack effect of these privacy stealing methods in detail.Moreover,we show the current defense methods as how to enhance privacy protection,including differential privacy,homomorphic encryption,secure multi-party computation,verification network frameworks and collaborative training schemes.These methods are widely used in privacy protection and have shown good effectiveness.The protection effect of the system needs to be balanced on some performance issues such as model accuracy and calculation efficiency.For security issues,we focus on analyzing a variety of malicious attack methods that affect the performance of the global federated learning model,including independent attacks where malicious participants use multiple methods to poison data or models,and malicious participants colluding to launch the attack.Meanwhile,we introduce the attack process and attack threat in detail.Subsequently,we systematically elaborate and summarize the advanced security defense solutions,which can better maintain the security of the model in solving attacks from single or multiple malicious adversaries,while also alleviating communication bottlenecks and helping the model to converge faster.Compared with the existing related state-of-the-art surveys,our work summarizes the recent progress on the multiple participants malicious collusion problem in federated learning,including multiple participants malicious parameter collusion and multiple participants malicious ownership collusion.The two methods both have strong attack destructiveness while maintaining high attack concealment.This is a novel research direction,and there is not much current research work.In addition,we also carefully analyze the existing federated learning secure aggregation algorithms and secure open-source frameworks.For federated learning secure aggregation algorithms,we list the vulnerabilities of traditional methods on privacy and security issues,and explain the advantages of the technology proposed by the existing reliable security aggregation method.For secure open-source frameworks,we analyze the work done by several mainstream security frameworks in privacy protection and security defense.We compare their applicable federated modes,federated scenarios,and defects that need to be improved,providing researchers with a clear vision for privacy and security design.Finally,we discuss the challenges and future research directions on the privacy protection and security defense of federated learning,which aims to improve the design of privacy protection and security defense methods in future research work.We expect to promote further that federated learning can be safely applied in artificial intelligence scenarios.
作者 肖雄 唐卓 肖斌 李肯立 XIAO Xiong;TANG Zhuo;XIAO Bin;LI Ken-Li(College of Computer Science and Electronic Engineering,Hunan University,Changsha 410082;National Supercomputing Center in Changsha(Hunan University),Changsha 410082;Department of Computing,The Hong Kong Polytechnic University,Hong Kong)
出处 《计算机学报》 EI CAS CSCD 北大核心 2023年第5期1019-1044,共26页 Chinese Journal of Computers
基金 国家重点研发计划(2018YFB1701400) 湖南省自然科学基金青年项目(2021JJ40612) 国家自然科学基金(61873090,L1824034,L1924056)资助.
关键词 联邦学习 数据隐私 数据安全 大规模分布式学习 人工智能 federated learning data privacy data security large-scale distributed learning artificial intelligence
  • 相关文献

参考文献3

二级参考文献10

共引文献57

同被引文献186

引证文献24

二级引证文献17

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部