[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content

Advertisement

Springer Nature Link
Log in

Trustworthy federated learning: privacy, security, and beyond

  • Regular Paper
  • Published:
Knowledge and Information Systems Aims and scope Submit manuscript

Abstract

While recent years have witnessed the advancement in big data and artificial intelligence, it is of much importance to safeguard data privacy and security. As an innovative approach, federated learning (FL) addresses these concerns by facilitating collaborative model training across distributed data sources without transferring raw data. However, the challenges of robust security and privacy across decentralized networks catch significant attention in dealing with the distributed data in FL. In this paper, we conduct an extensive survey of the security and privacy issues prevalent in FL, underscoring the vulnerability of communication links and the potential for cyber threats. We delve into various defensive strategies to mitigate these risks, explore the applications of FL across different sectors, and propose research directions. We identify the intricate security challenges that arise within the FL frameworks, aiming to contribute to the development of secure and efficient FL systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Abdulrahman S, Tout H, Ould-Slimane H, Mourad A, Talhi C, Guizani M (2021) A survey on federated learning: the journey from centralized to distributed on-site learning and beyond. IEEE Internet Things J 8(7):5476–5497

    Article  Google Scholar 

  2. Akhtar N, Mian A (2018) Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6:14410–14430

    Article  Google Scholar 

  3. Al-Huthaifi R, Li T, Huang W, Gu J, Li C (2023) Federated learning in smart cities: privacy and security survey. Inf Sci 632:833–857

    Article  Google Scholar 

  4. Aledhari M, Razzak R, Parizi Reza M, Saeed F (2020) Federated learning: a survey on enabling technologies, protocols, and applications. IEEE Access 8:140699–140725

    Article  Google Scholar 

  5. Ammad-Ud-Din M, Ivannikova E, Khan SA, Oyomno W, Fu Q, Tan KE, Flanagan A (2019) Federated collaborative filtering for privacy-preserving personalized recommendation system. arXiv preprintarXiv:1901.09888

  6. Asoodeh S, Liao J, Calmon Flavio P, Kosut O, Sankar L (2021) Three variants of differential privacy: lossless conversion and applications. IEEE J Sel Areas Inf Theor 2(1):208–222

    Article  Google Scholar 

  7. Awan S, Li F, Luo B, Liu M (2019) Poster: a reliable and accountable privacy-preserving federated learning framework using the blockchain. In: ACM SIGSAC conference on computer and communications security, pp 2561–2563

  8. Awan S, Luo B, Li F (2021) Contra: defending against poisoning attacks in federated learning. In: European symposium on research in computer security. Springer, Berlin, pp 455–475

  9. Bagdasaryan E, Veit A, Hua Y, Estrin D, Shmatikov V (2020) How to backdoor federated learning. In: International conference on artificial intelligence and statistics. PMLR, pp 2938–2948

  10. Bai T, Luo J, Zhao J, Wen B, Wang Q (2021) Recent advances in adversarial training for adversarial robustness. arXiv preprint arXiv:2102.01356

  11. Baidu. Federated deep learning in paddlepaddle. https://github.com/PaddlePaddle/PaddleFL. Accessed 16 Feb 2021

  12. Bao X, Su C, Xiong Y, Huang W, Hu Y (2019) Flchain: a blockchain for auditable federated learning with trust and incentive. In: International conference on big data computing and communications (BIGCOM). IEEE, pp 151–159

  13. Basu P, Roy TS, Naidu R, Muftuoglu Z (2021) Privacy enabled financial text classification using differential privacy and federated learning. arXiv preprint arXiv:2110.01643

  14. Berman Daniel S, Buczak Anna L, Chavis Jeffrey S, Corbett Cherita L (2019) A survey of deep learning methods for cyber security. Information 10(4):122

    Article  Google Scholar 

  15. Bhagoji AN, Chakraborty S, Mittal P, Calo S (2019) Analyzing federated learning through an adversarial lens. In: International conference on machine learning. PMLR, pp 634–643

  16. Blanchard P, El Mhamdi EM, Guerraoui R, Stainer J (2017) Machine learning with adversaries: byzantine tolerant gradient descent. Neural Inf Process Syst (NIPS) 30

  17. Blanco-Justicia A, Domingo-Ferrer J, Martínez S, Sánchez D, Flanagan A, Kuan ET (2021) Achieving security and privacy in federated learning systems: survey, research challenges and future directions. Eng Appl Artif Intell 106:104468

    Article  Google Scholar 

  18. Bonawitz K, Ivanov V, Kreuter B, Marcedone A, McMahan HB, Patel S, Ramage D, Segal A, Seth K (2017) Practical secure aggregation for privacy-preserving machine learning. In: ACM SIGSAC conference on computer and communications security, pp 1175–1191

  19. Boulemtafes A, Derhab A, Challal Y (2020) A review of privacy-preserving techniques for deep learning. Neurocomputing 384:21–45

    Article  Google Scholar 

  20. Boutet A, Lebrun T, Aalmoes J, Baud A (2021) Mixnn: protection of federated learning against inference attacks by mixing neural network layers. arXiv preprint arXiv:2109.12550

  21. Brown T, Mann B, Ryder N, Subbiah M, Kaplan Jared D, Dhariwal P, Neelakantan A, Shyam P, Sastry G, Askell A et al (2020) Language models are few-shot learners. Adv Neural Inf Process Syst 33:1877–1901

    Google Scholar 

  22. Burkhalter L, Lycklama H, Viand A, Küchler N, Hithnawi A (2021) Rofl: attestable robustness for secure federated learning. arXiv preprint arXiv:2107.03311

  23. Byrd D, Polychroniadou A (2020) Differentially private secure multi-party computation for federated learning in financial applications. In: ACM international conference on AI in finance (ICAIF)

  24. California State Legislature, USA. California consumer privacy act home page. https://www.caprivacy.org/. Accessed 14 Feb 2021

  25. Cao D, Chang S, Lin Z, Liu G, Sun D (2019) Understanding distributed poisoning attack in federated learning. In: IEEE international conference on parallel and distributed systems (ICPADS). IEEE, pp 233–239

  26. Carlini N, Jagielski M, Papernot N, Terzis A, Tramer F, Zhang C (2022) The privacy onion effect: memorization is relative. arXiv preprint arXiv:2206.10469

  27. Carlini N, Liu C, Erlingsson Ú, Kos J, Song D (2019) The secret sharer: evaluating and testing unintended memorization in neural networks. In: 28th USENIX security symposium (USENIX Security 19), pp 267–284

  28. Carlini N, Liu C, Kos J, Erlingsson Ú, Song D (2018) The secret sharer: measuring unintended neural network memorization extracting secrets. arXiv preprint arXiv:1802.08232

  29. Carlini N, Tramer F, Wallace E, Jagielski M, Herbert-Voss A, Lee K, Roberts A, Brown T, Song D, Erlingsson U, et al (2021) Extracting training data from large language models. In: USENIX security symposium, pp 2633–2650

  30. Che T, Liu J, Zhou Y, Ren J, Zhou J, Sheng VS, Dai H, Dou D (2023) Federated learning of large language models with parameter-efficient prompt tuning and adaptive optimization. In: Empirical methods in natural language processing (EMNLP), pp 1–18

  31. Che T, Zhang Z, Zhou Y, Zhao X, Liu J, Jiang Z, Yan D, Jin R, Dou D (2022) Federated fingerprint learning with heterogeneous architectures. In: 2022 IEEE international conference on data mining (ICDM). IEEE, pp 31–40

  32. Che T, Zhou Y, Zhang Z, Lyu L, Liu J, Yan D, Dou D, Huan J (2023) Fast federated machine unlearning with nonlinear functional theory. In: International conference on machine learning. PMLR, pp 4241–4268

  33. Chen B, Carvalho W, Baracaldo N, Ludwig H, Edwards B, Lee T, Molloy I, Srivastava B (2018) Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728

  34. Chen J-H, Chen M-R, Zeng G-Q, Weng J-S (2021) BDFL: a byzantine-fault-tolerance decentralized federated learning method for autonomous vehicle. IEEE Trans Veh Technol 70(9):8639–8652

    Article  Google Scholar 

  35. Chen L, Wang H, Charles Z, Papailiopoulos D (2018) Draco: byzantine-resilient distributed training via redundant gradients. In: International conference on machine learning. PMLR, pp 903–912

  36. Chen M, Gündüz D, Huang K, Saad W, Bennis M, Feljan AV, Vincent PH (2021) Distributed learning in wireless networks: recent progress and future challenges. IEEE J Sel Areas Commun J-SAC 39(12):3579–3605

    Article  Google Scholar 

  37. Chen P-Y, Zhang H, Sharma Y, Yi J, Hsieh C-J (2017) Zoo: zeroth order optimization based black-box attacks to deep neural networks without training substitute models. In: ACM workshop on artificial intelligence and security, pp 15–26

  38. Chen Y, Sun X, Jin Y (2020) Communication-efficient federated deep learning with layerwise asynchronous model update and temporally weighted aggregation. IEEE Trans Neural Netw Learn Syst (TNNLS) 31(10):4229–4238

    Article  Google Scholar 

  39. Chen Yu, Fang L, Tong L, Tao X, Zheli L, Jin L (2020) A training-integrity privacy-preserving federated learning scheme with trusted execution environment. Inf Sci 522:69–79

    Article  Google Scholar 

  40. Chen Z, Hu C-H, Larsson EG (2021) Anomaly-aware federated learning with heterogeneous data. In: IEEE international conference on autonomous systems (ICAS)

  41. Chen PuZ, Weixian LT, Yu W (2021) Zero knowledge clustering based adversarial mitigation in heterogeneous federated learning. IEEE Trans Netw Sci Eng (TNSE) 8(2):1070–1083

    Article  MathSciNet  Google Scholar 

  42. Chiu T-C, Shih Y-Y, Pang A-C, Wang C-S, Weng W, Chou C-T (2020) Semisupervised distributed learning with non-IID data for AIoT service platform. IEEE Internet Things J 7(10):9266–9277

    Article  Google Scholar 

  43. Choi J, Lee J, Shin C, Kim S, Kim H, Yoon S (2022) Perception prioritized training of diffusion models. In: IEEE/CVF conference on computer vision and pattern recognition, pp 11472–11481

  44. Clark K, Luong M-T, Le QV, Manning CD (2020) Electra: pre-training text encoders as discriminators rather than generators. arXiv preprint arXiv:2003.10555

  45. Cook S (2012) CUDA programming: a developer’s guide to parallel computing with GPUs. Newnes

  46. de Mello FL (2020) A survey on machine learning adversarial attacks. J Inf Secur Cryptogr (Enigma) 7(1):1–7

    Article  MathSciNet  Google Scholar 

  47. De Oliveira Daniel CM, Ji L, Esther P (2019) Data-intensive workflow management: for clouds and data-intensive and scalable computing environments. Synth Lectures Data Manag 14(4):1–179

    Article  Google Scholar 

  48. Dong D, Liu J, Wang X, Gong W, Qin A, Li X, Yu D, Valduriez P, Dou D (2022) Elastic deep learning using knowledge distillation with heterogeneous computing resources. In: European conference on parallel processing workshop, European conference on parallel processing workshop, pp 116–128

  49. Du J, Zhang H, Zhou JT, Yang Y, Feng J (2019) Query-efficient meta attack to deep neural networks. arXiv preprint arXiv:1906.02398

  50. Duan M, Liu D, Chen X, Liu R, Tan Y, Liang L (2021) Self-balancing federated learning with global imbalanced data in mobile systems. IEEE Trans Parallel Distrib Syst (TPDS) 32(1):59–71

    Article  Google Scholar 

  51. El Houda ZA, Moudoud H, Brik B, Khoukhi L (2023) Securing federated learning through blockchain and explainable AI for robust intrusion detection in IoT networks. In: IEEE INFOCOM 2023—IEEE conference on computer communications workshops (INFOCOM WKSHPS), pp 1–6

  52. Elgabli A, Park J, Issaid CB, Bennis M (2021) Harnessing wireless channels for scalable and privacy-preserving federated learning. IEEE Trans Commun 69(8):5194–5208

    Article  Google Scholar 

  53. Fang H, Qian Q (2021) Privacy preserving machine learning with homomorphic encryption and federated learning. Future Internet 13(4):94

    Article  Google Scholar 

  54. Fang M, Cao X, Jia J, Gong N (2020) Local model poisoning attacks to \(\{\)Byzantine-Robust\(\}\) federated learning. In: USENIX security symposium, pp 1605–1622

  55. Fung C, Yoon CJM, Beschastnikh I (2018) Mitigating sybils in federated learning poisoning. arXiv preprint arXiv:1808.04866

  56. Fung C, Yoon CJM, Beschastnikh I (2020) The limitations of federated learning in sybil settings. In: International symposium on research in attacks, intrusions and defenses (RAID), pp 301–316

  57. Gabrielli E, Pica G, Tolomei G (2023) A survey on decentralized federated learning. arXiv preprint arXiv:2308.04604

  58. Gaff BM, Sussman HE, Geetter J (2014) Privacy and big data. Computer 47(6):7–9

    Article  Google Scholar 

  59. Geyer RC, Klein T, Nabi M (2017) Differentially private federated learning: a client level perspective. arXiv preprint arXiv:1712.07557

  60. Girgis AM, Data D, Diggavi S, Kairouz P, Suresh AT (2021) Shuffled model of federated learning: privacy, accuracy and communication trade-offs. IEEE J Sel Areas Inf Theory (J-SAIT) 2(1):464–478

  61. Goodfellow IJ, Shlens J, Szegedy C (2014) Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572

  62. Google. Tensorflow federated: Machine learning on decentralized data. https://www.tensorflow.org/federated. Accessed 16 Feb 2021

  63. Gowal S, Rebuffi S-A, Wiles O, Stimberg F, Calian DA, Mann TA (2021) Improving robustness using generated data. Neural Inf Process Syst (NIPS) 34:4218–4233

    Google Scholar 

  64. Gu T, Dolan-Gavitt B, Garg S (2017) Badnets: identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733

  65. Guerraoui R, Rouault S, et al (2018) The hidden vulnerability of distributed learning in byzantium. In: International conference on machine learning. PMLR, pp 3521–3530

  66. Ha T, Dang TK, Dang TT, Truong TA, Nguyen MT (2019) Differential privacy in deep learning: an overview. In: International conference on advanced computing and applications (ACOMP). IEEE, pp 97–102

  67. Han R, Li D, Ouyang J, Liu CH, Wang G, Wu D, Chen LY (2021) Accurate differentially private deep learning on the edge. IEEE Trans Parallel Distrib Syst (TPDS) 32(9):2231–2247

    Article  Google Scholar 

  68. Hanjri ME, Kabbaj H, Kobbane A, Abouaomar A (2023) Federated learning for water consumption forecasting in smart cities

  69. Hao M, Li H, Luo X, Xu G, Yang H, Liu S (2020) Efficient and privacy-enhanced federated learning for industrial artificial intelligence. IEEE Trans Ind Inf 16(10):6532–6542

    Article  Google Scholar 

  70. Hao M, Li H, Xu G, Liu S, Yang H (2019) Towards efficient and privacy-preserving federated deep learning. In: IEEE international conference on communications (ICC). IEEE, pp 1–6

  71. Hardy S, Henecka W, Ivey-Law H, Nock R, Patrini G, Smith G, Thorne B (2017) Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. arXiv preprint arXiv:1711.10677

  72. He C, Li S, So J, Zeng X, Zhang M, Wang H, Wang X, Vepakomma P, Singh A, Qiu H et al (2020) Fedml: a research library and benchmark for federated machine learning. arXiv preprint arXiv:2007.13518

  73. Hitaj B, Ateniese G, Perez-Cruz F (2017) Deep models under the gan: information leakage from collaborative deep learning. In: ACM SIGSAC conference on computer and communications security, pp 603–618

  74. Houda ZAE, Moudoud H, Brik B (2024) Federated deep reinforcement learning for efficient jamming attack mitigation in o-ran. IEEE Trans Veh Technol 73(7):9334–9343

    Article  Google Scholar 

  75. Huang Q, Katsman I, He H, Gu Z, Belongie S, Lim S-N (2019) Enhancing adversarial example transferability with an intermediate level attack. In: IEEE/CVF international conference on computer vision (ICCV), pp 4733–4742

  76. Hunt T, Zhu Z, Xu Y, Peter S, Witche E (2018) Ryoan: a distributed sandbox for untrusted computation on secret data. ACM Trans Comput Syst (TOCS) 35(4):1–32

    Article  Google Scholar 

  77. IEEE (2020) IEEE approved draft guide for architectural framework and application of federated machine learning. https://ieeexplore.ieee.org/document/9154804

  78. Imteaj A, Amini MH (2022) Leveraging asynchronous federated learning to predict customers financial distress. Intell Syst Appl 14:200064

  79. Jahani-Nezhad T, Maddah-Ali MA, Li S, Caire G (2022) Swiftagg: communication-efficient and dropout-resistant secure aggregation for federated learning with worst-case security guarantees. arXiv preprint arXiv:2202.04169

  80. Jeong E, Oh S, Kim H, Park J, Bennis M, Kim S-L (2018) Communication-efficient on-device machine learning: federated distillation and augmentation under non-iid private data. arXiv preprint arXiv:1811.11479

  81. Jia J, Salem A, Backes M, Zhang Y, Gong NZ (2019) Memguard: defending against black-box membership inference attacks via adversarial examples. In: ACM SIGSAC conference on computer and communications security, pp 259–274

  82. Juncheng J, Ji L, Chendi Z, Hao T, Mianxiong D, Dejing D (2024) Efficient asynchronous federated learning with sparsification and quantization. Concurr Comput Pract Exp 36(9):e8002

    Article  Google Scholar 

  83. Jiang JC, Kantarci B, Oktug S, Soyata T (2020) Federated learning in smart city sensing: challenges and opportunities. Sensors 20(21):6230

    Article  Google Scholar 

  84. Jiayin J, Jiaxiang R, Yang Z, Lingjuan L, Ji L, Dejing D (2022) Accelerated federated learning with decoupled adaptive optimization. Int Conf Mach Learn (ICML) 162:10298–10322

    Google Scholar 

  85. Jin Y, Wei X, Liu Y, Yang Q (2020) Towards utilizing unlabeled data in federated learning: a survey and prospective. arXiv preprint arXiv:2002.11545

  86. Jouppi NP, Young C, Patil N, Patterson D, Agrawal G, Bajwa R, Bates S, Bhatia S, Boden N, Borchers A, et al (2017) In-datacenter performance analysis of a tensor processing unit. In: International symposium on computer architecture (ISCA), pp 1–12

  87. Kairouz P, Brendan McMahan H, Avent B, Bellet A, Bennis M, Arjun NB, Bonawitz K, Charles Z, Cormode G, Cummings R et al (2021) Advances and open problems in federated learning. Found Trends Mach Learn 14(1–2):1–210

    Article  Google Scholar 

  88. Kaissis Georgios A, Makowski Marcus R, Rückert D, Braren Rickmer F (2020) Secure, privacy-preserving and federated machine learning in medical imaging. Nat Mach Intell 2(6):305–311

    Article  Google Scholar 

  89. Kalapaaking AP, Khalil I, Rahman MS, Atiquzzaman M, Yi X, Almashor M (2022) Blockchain-based federated learning with secure aggregation in trusted execution environment for internet-of-things. IEEE Transactions on Industrial Informatics

  90. Kariyappa S, Qureshi MK (2021) Gradient inversion attack: leaking private labels in two-party split learning. arXiv preprint arXiv:2112.01299

  91. Konečnỳ J, McMahan HB, Yu FX, Richtárik P, Suresh AT, Bacon D (2016) Federated learning: Strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492

  92. Kulkarni V, Kulkarni M, Pant A (2020) Survey of personalization techniques for federated learning. In: World conference on smart trends in systems, security and sustainability (WorldS4). IEEE, pp 794–797

  93. Kurakin A, Goodfellow I, Bengio S (2016) Adversarial examples in the physical world. Learning

  94. Laykaviriyakul P, Phaisangittisagul E (2023) Collaborative defense-gan for protecting adversarial attacks on classification system. Expert Syst Appl 214:118957

    Article  Google Scholar 

  95. Lee H, Kim J, Ahn S (2021) Digestive neural networks: a novel defense strategy against inference attacks in federated learning. Comput Secur 109:102378

    Article  Google Scholar 

  96. Li A, Zhang L, Wang J, Han F, Li X-Y (2022) Privacy-preserving efficient federated-learning model debugging. IEEE Trans Parallel Distrib Syst (TPDS) 33(10):2291–2303

    Article  Google Scholar 

  97. Li D, Han D, Weng T-H, Zheng Z, Li H, Liu H, Castiglione A, Li K-C (2022) Blockchain for federated learning toward secure distributed machine learning systems: a systemic survey. Soft Comput 26(9):4423–4440

    Article  Google Scholar 

  98. Li G, Hu Y, Zhang M, Liu J, Yin Q, Peng Y, Dou D (2022) Fedhisyn: a hierarchical synchronous federated learning framework for resource and data heterogeneity. In: International conference on Parallel Processing (ICPP). To appear, pp 1–10 To appear

  99. Li J, Meng Y, Ma L, Du S, Zhu H, Pei Q, Shen X (2022) A federated learning based privacy-preserving smart healthcare system. IEEE Trans Ind Inf 18(3):2021–2031

    Article  Google Scholar 

  100. Li Q, Wen Z, He B (2019) Federated learning systems: Vision, hype and reality for data privacy and protection. arXiv preprint arXiv:1907.09693

  101. Li Q, Wen Z, Wu Z, Hu S, Wang N, Li Y, Liu X, He B (2021) A survey on federated learning systems: vision, hype and reality for data privacy and protection. IEEE Trans Knowl Data Eng 35(4):3347–66

    Article  Google Scholar 

  102. Li T, Anit KS, Talwalkar A, Smith V (2020) Federated learning: challenges, methods, and future directions. IEEE Signal Process Mag 37(3):50–60

    Article  Google Scholar 

  103. Li T, Sahu AK, Zaheer M, Sanjabi M, Talwalkar A, Smith V (2020) Federated optimization in heterogeneous networks. Mach Learn Syst (MLSys) 2:429–450

    Google Scholar 

  104. Li Y, Bao Y, Xiang L, Liu J, Chen C, Wang L, Wang X (2021) Privacy threats analysis to secure federated learning. arXiv preprint arXiv:2106.13076

  105. Li Z, Sharma V, Mohanty SP (2020) Preserving data privacy via federated learning: challenges and solutions. IEEE Consum Electron Mag 9(3):8–16

    Article  Google Scholar 

  106. Li Z, Huang Z, Chen C, Hong C (2019) Quantification of the leakage in federated learning. arXiv preprint arXiv:1910.05467

  107. Lian X, Zhang C, Zhang H, Hsieh C-J, Zhang W, Liu J (2017) Can decentralized algorithms outperform centralized algorithms? a case study for decentralized parallel stochastic gradient descent. Neural Inf Process Syst (NIPS), 30

  108. Liang F, Pan W, Ming Z (2021) Fedrec++: lossless federated recommendation with explicit feedback. In: AAAI conference on artificial intelligence, pp 4224–4231

  109. Liang Z, Wang B, Gu Q, Osher S, Yao Y (2020) Differentially private federated learning with laplacian smoothing. arXiv preprint arXiv:2005.00218

  110. Liao F, Liang M, Dong Y, Pang T, Hu X, Zhu J (2018) Defense against adversarial attacks using high-level representation guided denoiser. In: IEEE conference on computer vision and pattern recognition, pp 1778–1787

  111. Lin G, Liang F, Pan W, Ming Z (2020) Fedrec: federated recommendation with explicit feedback. IEEE Intell Syst 36(5):21–30

    Article  Google Scholar 

  112. Lin Y, Ren P, Chen Z, Ren Z, Yu D, Ma J, Rijke MD, Cheng X (2020) Meta matrix factorization for federated rating predictions. In: ACM SIGIR conference on research and development in information retrieval, pp 981–990

  113. Liu J, Che T, Zhou Y, Jin R, Dai H, Dou D, Valduriez P (2024) Aedfl: efficient asynchronous decentralized federated learning with heterogeneous devices. In: SIAM international conference on data mining (SDM). SIAM, pp 833–841

  114. Liu J, Chen C, Li Y, Sun L, Song Y, Zhou J, Jing B, Dou D (2024) Enhancing trust and privacy in distributed networks: a comprehensive survey on blockchain-based federated learning. Knowl Inf Syst 1–27

  115. Liu J, Dong D, Wang X, Qin A, Li X, Valduriez P, Dou D, Yu D (2022) Large-scale knowledge distillation with elastic heterogeneous computing resources. Pract Exp Concurr Comput 35(26):e7272

    Article  Google Scholar 

  116. Liu J, Dong D, Wang X, Qin A, Li X, Valduriez P, Dou D, Yu D (2023) Large-scale knowledge distillation with elastic heterogeneous computing resources. Concurr Comput Pract Exp 35(26):e7272

    Article  Google Scholar 

  117. Liu J, Huang J, Zhou Y, Li X, Ji S, Xiong H, Dou D (2022) From distributed machine learning to federated learning: a survey. Knowl Inf Syst 64(4):885–917

    Article  Google Scholar 

  118. Liu J, Jia J, Che T, Huo C, Ren J, Zhou Y, Dai H, Dou D (2024) Fedasmu: efficient asynchronous federated learning with dynamic staleness-aware model update. AAAI Conf Artif Intell 38:13900–13908

    Google Scholar 

  119. Liu J, Jia J, Ma B, Zhou C, Zhou J, Zhou Y, Dai H, Dou D (2022) Multi-job intelligent scheduling with cross-device federated learning. IEEE Trans Parallel Distrib Syst (TPDS) 34(2):535–51

    Article  Google Scholar 

  120. Liu J, Jia J, Ma B, Zhou C, Zhou J, Zhou Y, Dai H, Dou D (2022) Multi-job intelligent scheduling with cross-device federated learning. IEEE Trans Parallel Distrib Syst 34(2):535–551

    Article  Google Scholar 

  121. Liu J, Jia J, Zhang H, Yun Y, Wang L, Zhou Y, Dai H, Dou D (2024) Efficient federated learning using dynamic update and adaptive pruning with momentum on shared server data. ACM Trans Intell Syst Technol (TIST)

  122. Liu J, Pacitti E, Valduriez P, De Oliveira D, Mattoso M (2016) Multi-objective scheduling of scientific workflows in multisite clouds. Futur Gener Comput Syst 63:76–95

    Article  Google Scholar 

  123. Liu J, Pacitti E, Valduriez P, Mattoso M (2015) A survey of data-intensive scientific workflow management. J Grid Comput 13(4):457–493

    Article  Google Scholar 

  124. Liu J, Pineda L, Pacitti E, Costan A, Valduriez P, Antoniu G, Mattoso M (2018) Efficient scheduling of scientific workflows using hot metadata in a multisite cloud. IEEE Trans Knowl Data Eng (TKDE) 31(10):1940–1953

    Article  Google Scholar 

  125. Liu J, Ren J, Jin R, Zhang Z, Zhou Y, Valduriez P, Dou D (2024) Fisher information-based efficient curriculum federated learning with large language models. In: Empirical methods in natural language processing (EMNLP), pp 1–27

  126. Liu J, Zhou X, Mo L, Ji S, Liao Y, Li Z, Gu Q, Dou D (2023) Distributed and deep vertical federated learning with big data. Concurr Comput Pract Exp 35(21):e7697

    Article  Google Scholar 

  127. Liu Q, Jiang Y (2022) Dive into big model training. arXiv preprint arXiv:2207.11912

  128. Liu S, Zheng C, Huang Y, Quek TQ (2022) Distributed reinforcement learning for privacy-preserving dynamic edge caching. IEEE J Sel Areas Commun J-SAC 40(3):749–760

    Article  Google Scholar 

  129. Liu X, Li H, Xu G, Chen Z, Huang X, Lu R (2021) Privacy-enhanced federated learning against poisoning adversaries. IEEE Trans Inf Forensics Secur 16:4574–4588

    Article  Google Scholar 

  130. Liu Y, Yi Z, Kang Y, He Y, Liu W, Zou T, Yang Q (2021) Defending label inference and backdoor attacks in vertical federated learning. arXiv preprint arXiv:2112.05409

  131. Lo SK, Lu Q, Wang C, Paik H-Y, Zhu L (2021) A systematic literature review on federated machine learning: from a software engineering perspective. ACM Comput Surv (CSUR) 54(5):1–39

    Article  Google Scholar 

  132. Lu J, Issaranon T, Forsyth D (2017) Safetynet: Detecting and rejecting adversarial examples robustly. In: IEEE/CVF international conference on computer vision (ICCV), pp 446–454

  133. Lu S, Zhang Y, Wang Y (2020) Decentralized federated learning for electronic health records. In: Annual conference on information sciences and systems (CISS). IEEE, pp 1–5

  134. Lu Y, De Sa C (2021) Optimal complexity in decentralized training. In: International conference on machine learning. PMLR, pp 7111–7123

  135. Lu Y, Huang X, Zhang K, Maharjan S, Zhang Y (2020) Blockchain empowered asynchronous federated learning for secure data sharing in internet of vehicles. IEEE Trans Veh Technol 69(4):4298–4311

    Article  Google Scholar 

  136. Lyu L, Yu H, Yang Q (2020) Threats to federated learning: a survey. arXiv Cryptography and Security

  137. Ma C, Li J, Ding M, Yang HH, Shu F, Quek TQ, Poor HV (2020) On safeguarding privacy and security in the framework of federated learning. IEEE Netw 34(4):242–248

    Article  Google Scholar 

  138. Ma J, Naas SA, Sigg S, Lyu X (2022) Privacy-preserving federated learning based on multi-key homomorphic encryption. Int J Intell Syst 37(9):5880–901

    Article  Google Scholar 

  139. Ma Z, Ma J, Miao Y, Li Y, Deng RH (2022) Shieldfl: mitigating model poisoning attacks in privacy-preserving federated learning. IEEE Trans Inf Forensic Secur 17:1639–1654

    Article  Google Scholar 

  140. Ma Z, Ma J, Miao Y, Liu X, Choo KK, Deng RH (2021) Pocket diagnosis: secure federated learning against poisoning attack in the cloud. IEEE Trans Serv Comput 15(6):3429–42

    Article  Google Scholar 

  141. Malekzadeh M, Borovykh A, Gündüz D (2021) Honest-but-curious nets: sensitive attributes of private inputs can be secretly coded into the classifiers’ outputs. In: ACM SIGSAC conference on computer and communications security, pp 825–844

  142. Malekzadeh M, Hasircioglu B, Mital N, Katarya K, Ozfatura M E, Gunduz D (2021) Dopamine: differentially private federated learning on medical data. arXiv: Learning

  143. MatrixElements. Rosetta. https://github.com/LatticeX-Foundation/Rosetta. Accessed 30 Jul 2021

  144. McMahan B, Moore E, Ramage D, Hampson S, y Arcas BA (2017) Communication-efficient learning of deep networks from decentralized data. In: International conference on artificial intelligence and statistics (AISTATS), pp 1273–1282

  145. Melis L, Song C, De Cristofaro E, Shmatikov V (2019) Exploiting unintended feature leakage in collaborative learning. In: IEEE symposium on security and privacy. IEEE, pp 691–706

  146. Meng D, Li H, Zhu F, Li X (2020) Fedmonn: Meta operation neural network for secure federated aggregation. In: IEEE international conference on high performance computing and communications; IEEE international conference on smart city; IEEE international conference on data science and systems (HPCC/SmartCity/DSS), pp 579–584

  147. Meng D, Chen H (2017) Magnet: a two-pronged defense against adversarial examples. In: ACM SIGSAC conference on computer and communications security, pp 135–147

  148. Meunier L, Atif J, Teytaud O (2019) Yet another but more efficient black-box adversarial attack: tiling and evolution strategies. arXiv preprint arXiv:1910.02244

  149. Mo F, Haddadi H, Katevas K, Marin E, Perino D, Kourtellis N (2021) Ppfl: privacy-preserving federated learning with trusted execution environments. In: Annual international conference on mobile systems, applications, and services, pp 94–108

  150. Mohamed MS, Chang WT, Tandon R (2021) Privacy amplification for federated learning via user sampling and wireless aggregation. IEEE J Sel Areas Commun (J-SAC) 39(12):3821–3835

    Article  Google Scholar 

  151. Mondal A, More Y, Rooparaghunath R H, Gupta D (2021) Poster: flatee: federated learning across trusted execution environments. In: IEEE European symposium on security and privacy (EuroSP), pp. 707–709

  152. Moosavi-Dezfooli SM, Fawzi A, Frossard P (2016) Deepfool: a simple and accurate method to fool deep neural networks. In: IEEE conference on computer vision and pattern recognition, pp 2574–2582

  153. Moriai S (2019) Privacy-preserving deep learning via additively homomorphic encryption. In: IEEE symposium on computer arithmetic (ARITH). IEEE, pp 198–198

  154. Mothukuri V, Parizi Reza M, Pouriyeh S, Huang Y, Dehghantanha A, Srivastava G (2021) A survey on security and privacy of federated learning. Futur Gener Comput Syst 115:619–640

    Article  Google Scholar 

  155. Moudoud H, Cherkaoui S, Khoukhi L (2021) Towards a secure and reliable federated learning using blockchain. In: 2021 IEEE global communications conference (GLOBECOM), pp 01–06

  156. Mehran M-K, Susmita S-K, Anand R, Jha Niraj K (2014) Systematic poisoning attacks on and defenses for machine learning in healthcare. IEEE J Biomed Health Inform 19(6):1893–1905

    Google Scholar 

  157. Myllyaho L, Raatikainen M, Männistö T, Nurminen Jukka K, Mikkonen T (2022) On misbehaviour and fault tolerance in machine learning systems. J Syst Softw 183:111096

    Article  Google Scholar 

  158. Narayanan A, Shmatikov V (2008) Robust de-anonymization of large sparse datasets. In: IEEE symposium on security and privacy. IEEE, pp 111–125

  159. Nguyen Dinh C, Ding M, Pathirana Pubudu N, Seneviratne A, Li J, Vincent Poor H (2021) Federated learning for internet of things: a comprehensive survey. IEEE Commun Surv Tutor 23(3):1622–1658

    Article  Google Scholar 

  160. Nguyen Dinh C, Ming D, Quoc-Viet P, Pathirana Pubudu N, Bao LL, Aruna S, Jun L, Dusit N, Vincent Poor H (2021) Federated learning meets blockchain in edge computing: opportunities and challenges. IEEE Internet Things J 8(16):12806–12825

    Article  Google Scholar 

  161. Nie W, Guo B, Huang Y, Xiao C, Vahdat A, Anandkumar A (2022) Diffusion models for adversarial purification. arXiv preprint arXiv:2205.07460

  162. Niknam S, Dhillon HS, Reed JH (2020) Federated learning for wireless communications: motivation, opportunities, and challenges. IEEE Commun Mag 58(6):46–51

    Article  Google Scholar 

  163. Official Journal of the European Union. General data protection regulation (2016 ). https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679. Accessed 12 Feb 2021

  164. OpenMined. Pysyft. https://github.com/OpenMined/PySyft. Accessed 22 Feb 2021

  165. Panda A, Mahloujifar S, Bhagoji A N, Chakraborty S, Mittal P (2022) Sparsefed: mitigating model poisoning attacks in federated learning with sparsification. In: International conference on artificial intelligence and statistics. PMLR, pp 7587–7624

  166. Papernot N, McDaniel P, Goodfellow I (2016) Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277

  167. Papernot N, McDaniel P, Jha S, Fredrikson M, Celik ZB, Swami A (2016) The limitations of deep learning in adversarial settings. In: IEEE European symposium on security and privacy (EuroSP). IEEE, pp 372–387

  168. Pham QV, Dev K, Maddikunta PK, Gadekallu TR, Huynh-The T (2021) Fusion of federated learning and industrial internet of things: a survey. arXiv: Networking and Internet Architecture

  169. Pettai M, Laud P (2015) Combining differential privacy and secure multiparty computation. In: Annual computer security applications conference, pp 421–430

  170. Phong LT, Aono Y, Hayashi T, Wang L, Moriai S (2017) Privacy-preserving deep learning: Revisited and enhanced. In: International conference on applications and techniques in information security. Springer, pp 100–110

  171. Pokhrel SR, Choi J (2020) Federated learning with blockchain for autonomous vehicles: analysis and design challenges. IEEE Trans Commun 68(8):4734–4746

    Article  Google Scholar 

  172. Prakash S, Hashemi H, Wang Y, Annavaram M, Avestimehr S (2020) Secure and fault tolerant decentralized learning. arXiv preprint arXiv:2010.07541

  173. Psychogyios K, Velivassaki T-H, Bourou S, Voulkidis A, Skias D, Zahariadis T (2023) Gandriven data poisoning attacks and their mitigation in federated learning systems. Electronics 12(8):1805

  174. Qammar A, Karim A, Ning H, Ding J (2023) Securing federated learning with blockchain: a systematic literature review. Artif Intell Rev 56(5):3951–3985

    Article  Google Scholar 

  175. Qu Y, Gao L, Luan TM, Xiang Y, Yu S, Li B, Zheng G (2020) Decentralized privacy using blockchain-enabled federated learning in fog computing. IEEE Internet Things J 7(6):5171–5183

    Article  Google Scholar 

  176. Ramesh A, Dhariwal P, Nichol A, Chu C, Chen M (2022) Hierarchical text-conditional image generation with clip latents. arXiv preprint arXiv:2204.06125

  177. Ramesh A, Pavlov M, Goh G, Gray S, Voss C, Radford A, Chen M, Sutskever I (2021) Zero-shot text-to-image generation. In: International conference on machine learning. PMLR, pp 8821–8831

  178. Ratnayake H, Chen L, Ding X (2023) A review of federated learning: taxonomy, privacy and future directions. JIntell Inf Syst 1–27

  179. Ren H, Deng J, Xie X (2022) Grnn: generative regression neural network-a data leakage attack for federated learning. ACM Trans Intell Syst Technol (TIST) 13(4):1–24

    Google Scholar 

  180. Rieke N, Hancox J, Li W, Milletari F, Roth HR, Albarqouni S, Bakas S, Galtier MN, Landman BA, Maier-Hein K et al (2020) The future of digital health with federated learning. NPJ Digit Med 3(1):1–7

    Article  Google Scholar 

  181. Ro JH, Breiner T, McConnaughey L, Chen M, Suresh AT, Kumar S, Mathews R (2022) Scaling language model size in cross-device federated learning. arXiv preprint arXiv:2204.09715

  182. Rodríguez-Barroso N, Daniel Jiménez-López M, Luzón V, Herrera F, Martínez-Cámara E (2023) Survey on federated learning threats: concepts, taxonomy on attacks and defences, experimental study and challenges. Inf Fusion 90:148–173

    Article  Google Scholar 

  183. Ru B, Cobb A, Blaas A, Gal Y (2019) Bayesopt adversarial attack. In: International conference on learning representations (ICLR)

  184. Sumudu S, Mehdi B, Walid S, Mérouane D (2019) Distributed federated learning for ultra-reliable low-latency vehicular communications. IEEE Trans Commun 68(2):1146–1159

    Google Scholar 

  185. Sattler F, Müller K-R, Samek W (2021) Clustered federated learning: model-agnostic distributed multitask optimization under privacy constraints. IEEE Trans Neural Netw Learn Syst (TNNLS) 32(8):3710–3722

    Article  MathSciNet  Google Scholar 

  186. Sattler F, Wiedemann S, Müller K-R, Samek W (2020) Robust and communication-efficient federated learning from non-i.i.d. data. IEEE Trans Neural Netw Learn Syst (TNNLS) 31(9):3400–3413

    Article  MathSciNet  Google Scholar 

  187. Schreyer M, Sattarov T, Borth D (2022) Federated and privacy-preserving learning of accounting data in financial statement audits. arXiv preprint arXiv:2208.12708

  188. Schulth L, Berghoff C, Neu M (2022) Detecting backdoor poisoning attacks on deep neural networks by heatmap clustering. arXiv preprint arXiv:2204.12848

  189. Shayan M, Fung C, Yoon CJM, Beschastnikh I (2021) Biscotti: a blockchain system for private and secure federated learning. IEEE Trans Parallel Distrib Syst (TPDS) 32(7):1513–1525

    Article  Google Scholar 

  190. Sheng S, Tianqing Z, Di W, Wei W, Wanlei Z (2022) From distributed machine learning to federated learning: in the view of data privacy and security. Concurr Comput Pract Exp 34(16):e6002

    Article  Google Scholar 

  191. Shen S, Tople S, Saxena P (2016) Auror: defending against poisoning attacks in collaborative deep learning systems. In: Annual computer security applications conference (ACSAC), pp 508–519

  192. Shi N, Lai F, Kontar RA, Chowdhury M (2021) Fed-ensemble: improving generalization through model ensembling in federated learning. arXiv preprint arXiv:2107.10663

  193. Smith V, Chiang CK, Sanjabi M, Talwalkar AS (2017) Federated multi-task learning. Neural Inf Process Syst (NIPS)

  194. So J, Güler BŞ, Salman Avestimehr A (2021) Byzantine-resilient secure federated learning. IEEE J Sel Areas Commun (J-SAC) 39(7):2168–2181

    Article  Google Scholar 

  195. So J, Güler BŞ, Salman Avestimehr A (2021) Turbo-aggregate: breaking the quadratic aggregation barrier in secure federated learning. IEEE J Sel Areas Inf Theory (J-SAIT) 2(1):479–489

    Article  Google Scholar 

  196. Song M, Wang Z, Zhang Z, Song Y, Wang Q, Ren J, Qi H (2020) Analyzing user-level privacy attack against federated learning. IEEE J Sel Areas Commun J-SAC 38(10):2430–2444

    Article  Google Scholar 

  197. Song T, Tong Y, Wei S (2019) Profit allocation for federated learning. In: IEEE International conference on big data. IEEE, pp 2577–2586

  198. Song Y, Liu T, Wei T, Wang X, Tao Z, Chen M (2020) \(\text{Fda}^{3}\): federated defense against adversarial attacks for cloud-based iiot applications. IEEE Trans Ind Inf 17(11):7830–7838

  199. Standing Committee of the National People’s Congress. Cybersecurity law of the people’s republic of china. https://www.newamerica.org/cybersecurity-initiative/digichina/blog/translation-cybersecurity-law-peoples-republic-china/. Accessed 22 Feb 2021

  200. Su T, Wang M, Wang Z (2021) Federated regularization learning: an accurate and safe method for federated learning. In: IEEE international conference on artificial intelligence circuits and systems (AICAS), pp 1–4

  201. Supriya Y, Gadekallu TR (2023) A survey on soft computing techniques for federated learning-applications, challenges and future directions. ACM J Data Inf Qual 15(2):1–28

    Article  Google Scholar 

  202. Szegedy C, Zaremba W, Sutskever I, Bruna J, Erhan D, Goodfellow I, Fergus R (2013) Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199

  203. Taylor LP (2013) FISMA compliance handbook. Newnes

  204. Tirumala K, Markosyan AH, Zettlemoyer L, Aghajanyan A (2022)Memorization without overfitting: analyzing the training dynamics of large language models. arXiv preprint arXiv:2205.10770

  205. Truex S, Baracaldo N, Anwar A, Steinke T, Ludwig H, Zhang R, Zhou Y (2019) A hybrid approach to privacy-preserving federated learning. In: ACM workshop on artificial intelligence and security, pp 1–11

  206. Truex S, Liu L, Gursoy ME, Lei Yu, Wei W (2021) Demystifying membership inference attacks in machine learning as a service. IEEE Trans Serv Comput 14(6):2073–2089

    Article  Google Scholar 

  207. Vargas DV, Kotyan S (2019) Robustness assessment for adversarial machine learning: problems, solutions and a survey of current neural networks and defenses. arXiv preprint arXiv:1906.06026

  208. Wang F, Li B, Li B (2023) Federated unlearning and its privacy threats. IEEE Netw 38(2):294–300

    Article  Google Scholar 

  209. Wang H, Niu D, Li B (2019) Distributed machine learning with a serverless architecture. In: IEEE international conference on computer communications (IEEE INFOCOM), pp 1288–1296

  210. Wang H, Deng Y, Yoo S, Ling H, Lin Y (2021) Agkd-bml: defense against adversarial attack by attention guided knowledge distillation and bi-directional metric learning. In: IEEE/CVF international conference on computer vision, pp 7658–7667

  211. Wang J, Lyu Z, Lin D, Dai B, Fu H (2022) Guided diffusion model for adversarial purification. arXiv preprint arXiv:2205.14969

  212. Wang M, Cui Y, Wang X, Xiao S, Jiang J (2017) Machine learning for networking: workflow, advances and opportunities. IEEE Netw 32(2):92–99

    Article  Google Scholar 

  213. Wang Y, Mianjy P, Arora R (2021) Robust learning for data poisoning attacks. In: International conference on machine learning. PMLR, pp 10859–10869

  214. Wang Z, Song M, Zhang Z, Song Y, Wang Q, Qi H (2019) Beyond inferring class representatives: User-level privacy leakage from federated learning. In: IEEE International conference on computer communications (IEEE INFOCOM), pp 2512–2520

  215. WeBank. Federated ai technology enabler (FATE). https://github.com/FederatedAI/FATE. Accessed 16 Feb 2021

  216. Wei K, Li J, Ding M, Ma C, Yang HH, Farokhi F, Jin S, Quek TQ, Poor HV (2020) Federated learning with differential privacy: algorithms and performance analysis. IEEE Trans Inf Forensics Secur 17(15):3454–69

    Article  Google Scholar 

  217. Wen J, Zhang Z, Lan Y, Cui Z, Cai J, Zhang W (2023) A survey on federated learning: challenges and applications. Int J Mach Learn Cybern 14(2):513–535

    Article  Google Scholar 

  218. Weng J, Weng J, Zhang J, Li M, Zhang Y, Luo W (2019) Deepchain: auditable and privacy-preserving deep learning with blockchain-based incentive. IEEE Trans Dependable Secure Comput 18(5):2438–2455

    Google Scholar 

  219. Willemsen B (2021) Hype cycle for privacy. https://www.gartner.com/en/documents/4003504

  220. Wu J, Liu Q, Huang Z, Ning Y, Wang H, Chen E, Yi J, Zhou B (2021) Hierarchical personalized federated learning for user modeling. In: The web conference, pp 957–968

  221. Wu Q, Ye H, Gu Y (2022) Guided diffusion model for adversarial purification from random noise. arXiv preprint arXiv:2206.10875

  222. Wu X, Yao X, Wang C-L (2021) Fedscr: structure-based communication reduction for federated learning. IEEE Trans Parallel Distrib Syst (TPDS) 32(7):1565–1577

    Google Scholar 

  223. Xia Q, Ye W, Tao Z, Wu J, Li Q (2021) A survey of federated learning for edge computing: research problems and solutions. High Confid Comput 1(1):100008

  224. Xiao H, Biggio B, Nelson B, Xiao H, Eckert C, Rol F (2015) Support vector machines under adversarial label contamination. Neurocomputing 160:53–62

    Article  Google Scholar 

  225. Xie C, Wu Y, Maaten LV, Yuille AL, He K (2019) Feature denoising for improving adversarial robustness. In: IEEE/CVF conference on computer vision and pattern recognition, pp 501–509

  226. Xie C, Wu Y, Maaten LV, Yuille AL, He K (2019) Feature denoising for improving adversarial robustness. In: IEEE/CVF conference on computer vision and pattern recognition, pp 501–509

  227. Xie Y, Chen B, Zhang J, Wu D (2021) Defending against membership inference attacks in federated learning via adversarial example. In: International conference on mobility, sensing and networking (MSN). IEEE, pp 153–160

  228. Xin B, Yang W, Geng Y, Chen S, Wang S, Huang L (2020) Private fl-gan: differential privacy synthetic data generation based on federated learning. In: IEEE international conference on acoustics, speech and signal processing (ICASSP). IEEE, pp 2927–2931

  229. Xiong Z, Cai Z, Takabi D, Li W (2022) Privacy threat and defense for federated learning with non-i.i.d. data in aiot. IEEE Trans Ind Inf 18(2):1310–1321

    Article  Google Scholar 

  230. Xu G, Li H, Liu S, Yang K, Lin X (2020) Verifynet: secure and verifiable federated learning. IEEE Trans Inf Forensics Secur 15:911–926

  231. Xu J, Glicksberg BS, Su C, Walker P, Bian J, Wang F (2021) Federated learning for healthcare informatics. J Healthc Inform Res 5(1):1–19

    Article  Google Scholar 

  232. Xu R, Baracaldo N, Zhou Y, Anwar A, Ludwig H (2019) Hybridalpha: an efficient approach for privacy-preserving federated learning. In: ACM workshop on artificial intelligence and security, pp 13–23

  233. Xu W, Evans D, Qi Y (2017) Feature squeezing: detecting adversarial examples in deep neural networks. arXiv preprint arXiv:1704.01155

  234. Yang L, Zhang Z, Song Y, Hong S, Xu R, Zhao Y, Zhang W, Cui B, Yang MH (2022) Diffusion models: a comprehensive survey of methods and applications. arXiv preprint arXiv:2209.00796

  235. Yang X, Dong Y, Xiang W, Pang T, Su H, Zhu J (2021) Model-agnostic meta-attack: towards reliable evaluation of adversarial robustness. arXiv: Learning

  236. Yang Z, Dai Z, Yang Y, Carbonell J, Salakhutdinov RR, Le QV(2019) Xlnet: generalized autoregressive pretraining for language understanding. Adv Neural Inf Process Syst 32

  237. Yin X, Zhu Y, Jiankun H (2021) A taxonomy, review, and future directions. ACM computing surveys, a comprehensive survey of privacy-preserving federated learning

  238. Yu H, Liu Z, Liu Y, Chen T, Cong M, Weng X, Niyato D, Yang Q (2020) A sustainable incentive scheme for federated learning. IEEE Intell Syst 35(4):58–69

    Article  Google Scholar 

  239. Yuan S, Shuai Z, Jiahong L, Zhao X, Hanyu Z, Jie T (2022) Wudaomm: a large-scale multi-modal dataset for pre-training models. arXiv preprint arXiv:2203.11480

  240. Yuan S, Zhao H, Zhao S, Leng J, Liang Y, Wang X, Yu J, Lv X, Shao Z, He J, et al (2022) A roadmap for big model. arXiv preprint arXiv:2203.14101

  241. Yuan S, Cao B, Sun Y, Peng M (2021) Secure and efficient federated learning through layering and sharding blockchain. arXiv preprint arXiv:2104.13130

  242. Yuan X, Chen J, Zhang N, Fang X, Liu D (2021) A federated bidirectional connection broad learning scheme for secure data sharing in internet of vehicles. China Commun 18(7):117–133

  243. Zhang C, Xie Y, Bai H, Yu B, Li W, Gao Y (2021) A survey on federated learning. Knowl Based Syst 216:106775

    Article  Google Scholar 

  244. Zhang C, Li S, Xia J, Wang W, Yan F, Liu Y (2020) \(\{\)BatchCrypt\(\}\): efficient homomorphic encryption for \(\{\)Cross-Silo\(\}\) federated learning. In: USENIX annual technical conference, pp 493–506

  245. Zhang H, Liu J, Jia J, Zhou Y, Dai H, Dou D (2022) Fedduap: Federated learning with dynamic update and adaptive pruning using shared data on the server. In: International joint conference on artificial intelligence (IJCAI), pp 1–7

  246. Zhang J, Chen B, Cheng X, Binh HTT, Yu S (2021) Poisongan: generative poisoning attacks against federated learning in edge computing systems. IEEE Internet Things J 8(5):3310–3322

    Article  Google Scholar 

  247. Zhang K, Song X, Zhang C, Yu S (2021) Challenges and future directions of secure federated learning: a survey. Front Comput Sci 16(5)

  248. Zhang X, Luo X (2020) Exploiting defenses against gan-based feature inference attacks in federated learning. arXiv preprint arXiv:2004.12571

  249. Zhang X, Zhao L, Li J, Zhu X (2020) Hashgraph based federated learning for secure data sharing. In: International conference on wireless and satellite systems. Springer, pp 556–565

  250. Zhang Y, Zeng D, Luo J, Xu Z, King I (2023) A survey of trustworthy federated learning with perspectives on security, robustness, and privacy. arXiv preprint arXiv:2302.10637

  251. Zhang Y, Wang Z, Cao J, Hou R, Meng D (2021) Shufflefl: gradient-preserving federated learning using trusted execution environment. In: ACM international conference on computing frontiers, pp 161–168

  252. Zhang Z, Li J, Yu S, Makaya C (2021) Safelearning: enable backdoor detectability in federated learning with secure aggregation. arXiv preprint arXiv:2102.02402

  253. Zhao L, Tang X, You Z, Pang Y, Xue H, Zhu L (2020) Operation and security considerations of federated learning platform based on compute first network. In: IEEE/CIC international conference on communications in China (ICCC Workshops), pp 117–121

  254. Zhao L, Hu S, Wang Q, Jiang J, Shen C, Luo X, Hu P (2021) Shielding collaborative learning: mitigating poisoning attacks through client-side detection. IEEE Trans Dependable Secure Comput 18(5):2029–2041

    Google Scholar 

  255. Zhao L, Jiang J, Feng B, Wang Q, Shen C, Li Q (2021) Sear: secure and efficient aggregation for byzantine-robust federated learning. IEEE Trans Dependable Secure Comput

  256. Zhao Y, Li M, Lai L, Suda N, Civin D, Chandra V (2018) Federated learning with non-iid data. arXiv preprint arXiv:1806.00582

  257. Zheng Y, Lai S, Liu Y, Yuan X, Yi X, Wang C (2022) Aggregation service for federated learning: an efficient, secure, and more resilient realization. IEEE Trans Dependable Secure Comput

  258. Zhou C, Liu J, Jia J, Zhou J, Zhou Y, Dai H, Dou D (2022) Efficient device scheduling with multi-job federated learning. In: AAAI conference on artificial intelligence, pp 9971–9979

  259. Zhou J, Zhang S, Lu Q, Dai W, Chen M, Liu X, Pirttikangas S, Shi Y, Zhang W, Herrera-Viedma E (2021) A survey on federated learning and its applications for accelerating industrial internet of things. arXiv Distributed, Parallel, and Cluster Computing

  260. Zhou P, Wang K, Guo L, Gong S, Zheng B (2021) A privacy-preserving distributed contextual federated online learning framework with big data support in social recommender systems. IEEE Trans Knowl Data Eng 33(3):824–838

    Google Scholar 

  261. Zhou Y, Zheng X, Hsieh C-J, Chang K-w, Huang X (2020) Defense against adversarial attacks in nlp via dirichlet neighborhood ensemble. arXiv preprint arXiv:2006.11627

  262. Zhu L, Liu Z, Han S (2019) Deep leakage from gradients. In: Neural information processing systems (NIPS), 32

  263. Zhu X, Li G, Wei H (2023) Heterogeneous federated knowledge graph embedding learning and unlearning. In: Proceedings of the ACM web conference, pp 2444–2454

  264. Zi B, Zhao S, Ma X, Jiang Y-G (2021) Revisiting adversarial robustness distillation: robust soft labels make student better. In: IEEE/CVF international confernce on computer vision (ICCV), pp 16443–16452

Download references

Author information

Author notes

  1. Chunlu Chen and Ji Liu have contributed equally to this work.

Authors and Affiliations

  1. Information Science and Electrical Engineering Department, Kyushu University, Fukuoka, Japan

    Chunlu Chen & Kouichi Sakurai

  2. HiThink Research, Hangzhou, China

    Ji Liu

  3. Information Science and Technology Department, Zhejiang Sci-Tech University, Hangzhou, China

    Haowen Tan

  4. Carnegie Mellon University, Pittsburgh, USA

    Xingjian Li

  5. Electrical, Computer and Software Engineering Department, The University of Auckland, Auckland, New Zealand

    Kevin I-Kai Wang

  6. Computer Science and Engineering Department, The University of Aizu, Aizuwakamatsu, Japan

    Peng Li

  7. Fudan University, Shanghai and BEDI Cloud, Beijing, China

    Dejing Dou

Authors
  1. Chunlu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ji Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Haowen Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xingjian Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kevin I-Kai Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Peng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Kouichi Sakurai
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Dejing Dou
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

C. Chen and J. Liu drafted the manuscript. J. Liu formulated the research problems. H. Tan, X. Li, K. I-K. Wang, P. Li, K. Sakurai and D. Dou revised the whole paper. J. Liu proposed the research, coordinated the research efforts, and oversaw the whole research process.

Corresponding author

Correspondence to Ji Liu.

Ethics declarations

Heading

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chen, C., Liu, J., Tan, H. et al. Trustworthy federated learning: privacy, security, and beyond. Knowl Inf Syst (2024). https://doi.org/10.1007/s10115-024-02285-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10115-024-02285-2

Keywords

Search

Navigation