计算机工程与应用 ›› 2024, Vol. 60 ›› Issue (5): 1-16.DOI: 10.3778/j.issn.1002-8331.2306-0243

• 热点与综述 • 上一篇    下一篇

联邦学习中的攻击手段与防御机制研究综述

张世文,陈双,梁伟,李仁发   

  1. 1.湖南科技大学 计算机科学与工程学院,湖南 湘潭 411201
    2.湖南大学 信息科学与工程学院,长沙 410082
  • 出版日期:2024-03-01 发布日期:2024-03-01

Survey on Attack Methods and Defense Mechanisms in Federated Learning

ZHANG Shiwen, CHEN Shuang, LIANG Wei, LI Renfa   

  1. 1.School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, Hunan 411201, China
    2.School of Computer Science and Electronic Engineering, Hunan University, Changsha 410082, China
  • Online:2024-03-01 Published:2024-03-01

摘要: 联邦学习的攻防技术是联邦学习系统安全的核心问题。联邦学习的攻防技术能大幅降低联邦学习系统被攻击的风险,明显提升联邦学习系统的安全性。深入了解联邦学习的攻防技术,可以推进联邦学习领域的研究,实现联邦学习的广泛应用。因此,对联邦学习的攻防技术进行研究具有十分重要的意义。简要地介绍了联邦学习的概念、基本工作流程、类型及可能存在的安全问题;介绍联邦学习系统可能遭受到的攻击,梳理了相关研究;从联邦学习系统有无目标性的防御措施出发,将防御措施分为通用性防御措施及针对性防御措施两类,并对其进行了针对性的总结;对联邦学习安全性未来的研究方向进行了梳理与分析,为相关研究者在联邦学习安全性方面的研究工作提供了参考。

关键词: 联邦学习, 攻击手段, 防御措施, 隐私保护

Abstract: The attack and defense techniques of federated learning are the core issue of federated learning system security. The attack and defense techniques of federated learning can significantly reduce the risk of being attacked and greatly enhance the security of federated learning systems. Deeply understanding the attack and defense techniques of federated learning can advance research in the field and achieve its widespread application of federated learning. Therefore, it is of great significance to study the attack and defense techniques of federated learning. Firstly, this paper briefly introduces the concept, basic workflow, types, and potential existing security issues of federated learning. Subsequently, the paper introduces the attacks that the federated learning system may encounter, and relevant research is summarized during the introduction. Then, starting from whether the federated learning system has targeted defense measures, the defense measures are divided into two categories:universal defense measures and targeted defense measures, and targeted summary are made. Finally, it reviews and analyzes the future research directions for the security of federated learning, providing reference for relevant researchers in their research work on the security of federated learning.

Key words: federated learning, attack method, defense mechanism, privacy protection