联邦学习及其安全与隐私保护研究综述
Review of Federated Learning and Its Security and Privacy Protection
熊世强 1何道敬 2王振东 1杜润萌3
作者信息
- 1. 江西理工大学信息工程学院,江西赣州 341000
- 2. 哈尔滨工业大学(深圳)计算机科学与技术学院,广东深圳 518055
- 3. 华东师范大学计算机科学与技术学院,上海 200062
- 折叠
摘要
联邦学习(FL)是一种新兴的分布式机器学习技术,只需将数据留在本地即可通过各方协作训练一个共有模型,解决了传统机器学习中数据难以采集和隐私安全的问题.随着联邦学习技术的应用和发展,相关研究发现联邦学习仍可能受到各类攻击.为了确保联邦学习的安全性,研究联邦学习中的攻击方式及相应的隐私保护技术显得尤为重要.首先介绍了联邦学习的背景知识及相关定义,总结概括了联邦学习的发展历程及分类;接着阐述了联邦学习的安全三要素,从基于安全来源和基于安全三要素2个角度分类概述了联邦学习中的安全问题及研究进展;然后对隐私保护技术进行分类,结合相关研究应用综述了联邦学习中安全多方计算(SMC)、同态加密(HE)、差分隐私(DP)、可信执行环境(TEE)4种常用隐私保护技术;最后对联邦学习的未来研究方向进行展望.
Abstract
Federated Learning(FL)is a new distributed machine earning technology that only requires local maintenance of data and can train a common model through the cooperation of all parties,which mitigates issues pertaining to data collection and privacy security in conventional machine learning.However,with the application and development of FL,it is still exposed to various attacks.To ensure the security of FL,the attack mode in FL and the corresponding privacy protection technology must be investigated.Herein,first,the background knowledge and relevant definitions of FL are introduced,and the development process and classification of FL are summarized.Second,the security three elements of FL are expounded,and the security issues and research progress of FL are summarized from two perspectives based on security sources and the security three elements.Subsequently,privacy protection technologies are classified.This paper summarizes four common privacy protection technologies used in FL:Secure Multiparty Computing(SMC),Homomorphic Encryption(HE),Differential Privacy(DP),and Trusted Execution Environment(TEE).Finally,the future research direction for FL is discussed.
关键词
联邦学习/数据安全/攻击方式/隐私保护/安全三要素Key words
Federated Learning(FL)/data security/attack mode/privacy protection/security three elements引用本文复制引用
基金项目
国家自然科学基金(62062037)
江西省自然科学基金(20212BAB202014)
出版年
2024
国家科技期刊平台
NSTL
万方数据