| 引用本文: |
-
王恺楠,张玉会,侯锐,杨芸.联邦学习中隐私攻击与防御综述[J].信息安全学报,已采用 [点击复制]
- wangkainan,zhangyuhui,hourui,yangyun.Survey of privacy attack and defense in federated learning[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 联邦学习是一种新的分布式机器学习框架。在共享参数且无需交换原始数据的情况下,多个数据提供方共同训练算法模型。尽管联邦学习很好推动了隐私数据保护的发展,但近期学术界仍然提出了许多泄露隐私数据的攻击方法。本文根据现有联邦学习中攻击方法的不同属性提出了不同的分类策略,基于提出的分类策略对现有攻击方法进行了总结、分类及介绍。此外,针对已有的攻击模型,多种防御模型被提出,本文按照防御原理对常见的防御模型进行了总结概述。并在此基础上,分析了未来可能的研究方向。 |
| 关键词: 联邦学习 隐私攻击 机器学习 |
| DOI: |
| 投稿时间:2021-02-10修订日期:2021-03-09 |
| 基金项目: |
|
| Survey of privacy attack and defense in federated learning |
|
wangkainan, zhangyuhui, hourui, yangyun
|
| (Institute of Information EngineeringChinese Academy of Sciences) |
| Abstract: |
| Federated learning is a new distributed machine learning framework. In the case of sharing parameters and no need to exchange original data, multiple data providers jointly train the algorithm model. Although federated learning promotes the development of privacy data protection, there are still many privacy leaking attack methods being proposed by research community recently. This paper proposes different classification strategies according to the different attributes of the existing attack methods in federated learning, and summarizes, classifies and introduces the existing attack methods based on the proposed classification strategies. In addition, for the existing attack models, a variety of
defense models have been proposed. This paper summarizes the common defense models according to the defense principle. On this basis, the possible research directions in the future are analyzed. |
| Key words: federated learning privacy attack machine learning |
