Privacy-preserving Techniques in Federated Learning

被引:0
|
作者
Liu Y.-X. [1 ,2 ]
Chen H. [1 ,2 ]
Liu Y.-H. [1 ,2 ]
Li C.-P. [1 ,2 ]
机构
[1] School of Information, Renmin University of China, Beijing
[2] Key Laboratory of Data Engineering and Knowledge Engineering, Renmin University of China, Ministry of Education, Beijing
来源
Ruan Jian Xue Bao/Journal of Software | 2022年 / 33卷 / 03期
关键词
Differential privacy; Federated learning; Homomorphic encryption; Privacy attack; Privacy-preserving; Secure computation;
D O I
10.13328/j.cnki.jos.006446
中图分类号
学科分类号
摘要
With the era of big data and the development of artificial intelligence, Federated learning (FL) emerges as a distributed machine learning approach. It allows multiple participants to train a global model collaboratively while keeping each of their training datasets in local devices. FL is created to break up data silos and preserve the privacy and security of data. However, there are still a large number of privacy risks during data exchange steps, where local data is threatened not only by model users as in centralized training but also by any dishonest participants. It is necessary to study technologies to achieve rigorous privacy-preserving approaches. The research progress and trend of privacy-preserving techniques for FL are surveyed in this paper. At first, the architecture and type of FL are introduced, then privacy risks and attacks are illustrated, including reconstruction and inference strategies. According to the mechanism of privacy preservation, the main privacy protection technologies are introduced. By applying these technologies, privacy defense strategies are presented and they are abstracted as 3 levels: local, central, local & central. Challenges and future directions of privacy-preserving in federated learning are discussed at last. © Copyright 2022, Institute of Software, the Chinese Academy of Sciences. All rights reserved.
引用
收藏
页码:1057 / 1092
页数:35
相关论文
共 133 条
  • [1] McMahan HB, Moore E, Ramage D, Hampson S, Arcas BA., Communication-efficient learning of deep networks from decentralized data, Proc. of the 20th Int’l Conf. on Artificial Intelligence and Statistics, pp. 1273-1282, (2017)
  • [2] Li T, Sahu AK, Talwalkar A, Smith V., Federated learning: Challenges, methods, and future directions, IEEE Signal Processing Magazine, 37, 3, pp. 50-60, (2020)
  • [3] Zhu L, Liu ZJ, Han S., Deep leakage from gradients, Advances in Neural Information Processing Systems, pp. 14774-14784, (2019)
  • [4] Song C, Ristenpart T, Shmatikov V., Machine learning models that remember too much, Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security, pp. 587-601, (2017)
  • [5] Liu RX, Chen H, Guo RY, Zhao D, Liang WJ, Li CP., Survey on privacy attacks and defenses in machine learning, Ruan Jian Xue Bao/Journal of Software, 31, 3, pp. 866-892, (2020)
  • [6] Lyu L, Yu H, Yang Q., Threats to federated learning: A survey, (2020)
  • [7] Wang JZ, Kong LW, Huang ZC, Chen LJ, Liu Y, Lu CX, Xiao J., Research advances on privacy protection of federated learning, Journal of Big Data, 7, 3, pp. 130-149, (2021)
  • [8] Li Q, Wen Z, He B., A survey on federated learning systems: Vision, hype and reality for data privacy and protection, (2019)
  • [9] Vepakomma P, Swedish T, Raskar R, Gupta O, Dubey A., No peek: A survey of private distributed deep learning, (2018)
  • [10] Zhang D, Chen X, Wang D, Shi J., A survey on collaborative deep learning and privacy-preserving, Proc. of the 3rd IEEE Int’l Conf. on Data Science in Cyberspace (DSC), pp. 652-658, (2018)
12345678910