Saved in:
Bibliographic Details
Main Authors: Zhao, Joshua C., Bagchi, Saurabh, Avestimehr, Salman, Chan, Kevin S., Chaterji, Somali, Dimitriadis, Dimitris, Li, Jiacheng, Li, Ninghui, Nourian, Arash, Roth, Holger R.
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2405.03636
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912286566776832
author Zhao, Joshua C.
Bagchi, Saurabh
Avestimehr, Salman
Chan, Kevin S.
Chaterji, Somali
Dimitriadis, Dimitris
Li, Jiacheng
Li, Ninghui
Nourian, Arash
Roth, Holger R.
author_facet Zhao, Joshua C.
Bagchi, Saurabh
Avestimehr, Salman
Chan, Kevin S.
Chaterji, Somali
Dimitriadis, Dimitris
Li, Jiacheng
Li, Ninghui
Nourian, Arash
Roth, Holger R.
contents Deep learning has shown incredible potential across a wide array of tasks, and accompanied by this growth has been an insatiable appetite for data. However, a large amount of data needed for enabling deep learning is stored on personal devices, and recent concerns on privacy have further highlighted challenges for accessing such data. As a result, federated learning (FL) has emerged as an important privacy-preserving technology that enables collaborative training of machine learning models without the need to send the raw, potentially sensitive, data to a central server. However, the fundamental premise that sending model updates to a server is privacy-preserving only holds if the updates cannot be "reverse engineered" to infer information about the private training data. It has been shown under a wide variety of settings that this privacy premise does not hold. In this survey paper, we provide a comprehensive literature review of the different privacy attacks and defense methods in FL. We identify the current limitations of these attacks and highlight the settings in which the privacy of an FL client can be broken. We further dissect some of the successful industry applications of FL and draw lessons for future successful adoption. We survey the emerging landscape of privacy regulation for FL and conclude with future directions for taking FL toward the cherished goal of generating accurate models while preserving the privacy of the data from its participants.
format Preprint
id arxiv_https___arxiv_org_abs_2405_03636
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle The Federation Strikes Back: A Survey of Federated Learning Privacy Attacks, Defenses, Applications, and Policy Landscape
Zhao, Joshua C.
Bagchi, Saurabh
Avestimehr, Salman
Chan, Kevin S.
Chaterji, Somali
Dimitriadis, Dimitris
Li, Jiacheng
Li, Ninghui
Nourian, Arash
Roth, Holger R.
Cryptography and Security
Machine Learning
I.2; H.4; I.5
Deep learning has shown incredible potential across a wide array of tasks, and accompanied by this growth has been an insatiable appetite for data. However, a large amount of data needed for enabling deep learning is stored on personal devices, and recent concerns on privacy have further highlighted challenges for accessing such data. As a result, federated learning (FL) has emerged as an important privacy-preserving technology that enables collaborative training of machine learning models without the need to send the raw, potentially sensitive, data to a central server. However, the fundamental premise that sending model updates to a server is privacy-preserving only holds if the updates cannot be "reverse engineered" to infer information about the private training data. It has been shown under a wide variety of settings that this privacy premise does not hold. In this survey paper, we provide a comprehensive literature review of the different privacy attacks and defense methods in FL. We identify the current limitations of these attacks and highlight the settings in which the privacy of an FL client can be broken. We further dissect some of the successful industry applications of FL and draw lessons for future successful adoption. We survey the emerging landscape of privacy regulation for FL and conclude with future directions for taking FL toward the cherished goal of generating accurate models while preserving the privacy of the data from its participants.
title The Federation Strikes Back: A Survey of Federated Learning Privacy Attacks, Defenses, Applications, and Policy Landscape
topic Cryptography and Security
Machine Learning
I.2; H.4; I.5
url https://arxiv.org/abs/2405.03636