Introduction

Recently, enormous volumes of data have been generated by a large number of linked devices (big data). Because of the quickly increasing computational power and privacy issues, there is an increasing requirement to process and store data locally [1, 2]. Artificial intelligence (AI) is required to maximize the potential of big data, where AI is one of the main factors that drive the evolving context based on machine intelligence and infrastructure efficiency that is forming an imminent future. Machine learning (ML) is a branch of AI that relies on computing systems to detect patterns, fit data to functions, and classify data. ML systems can learn and improve based on historical data, time, and experience. Data in machine learning algorithms must be combined in one location, generally a central cloud data center [3, 4]. So, this may violate user privacy and data confidentiality rules such as The European Union’s General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA) [5]. Security and preserving data privacy are the most crucial factors that affect the performance of technology applications. Therefore, decentralization is applied to central data collection and processing operations. Federated learning is an innovative approach to ensuring privacy when building a machine learning model with data from multiple clients. Federated machine learning provides a solution for data privacy and security concerns by combining distributed machine learning, encryption, security, and integration with incentive mechanisms. Therefore, FL could act as the foundation for the next generation of ML that satisfies the technological, sociological, and legal prerequisites for the creation and application of ethical AI [6].

Motivation

The rapid advancements in artificial intelligence and data-driven technologies have revolutionized various industries. However, these innovations also raise significant concerns about data privacy, security, and governance. Federated Learning has emerged as a promising paradigm to address these concerns by enabling collaborative model training without compromising sensitive data. Despite its potential, FL faces several challenges, such as communication overhead, model security, and trust among participants. Simultaneously, blockchain technology has proven its effectiveness in enhancing transparency, security, and decentralization across multiple domains. Its integration with FL introduces a novel approach to resolving the inherent limitations of FL, particularly in trust and data integrity. To further explore these intersections, this paper delves into the fundamental concepts, benefits, and classifications of FL while analyzing the issues it faces. Additionally, the study emphasizes the role of blockchain technology as a transformative enabler in FL, highlighting its potential to address key challenges and propel the field forward. This paper aims to provide a comprehensive understanding of the synergies between federated learning and blockchain technology, focusing on their combined potential to enhance data privacy, improve trust and security, and address critical challenges in decentralized AI systems. By presenting a detailed analysis of the state-of-the-art advancements and identifying open research gaps, this study seeks to guide future developments and foster innovative solutions in the integration of these transformative technologies. The main contributions of this paper are:

  • Identify and analyze the potential security and privacy vulnerabilities in traditional federated learning that can be addressed using blockchain technology.

  • Identify key blockchain features that enhance security in federated learning.

  • Review advanced blockchain-based federated learning methods for improving security, privacy, record-keeping, and accountability.

  • Investigate the challenges of implementing blockchain in federated learning and potential new issues.

  • Propose future research directions for integrating blockchain into federated learning effectively.

Paper structure

The paper is organized into seven clearly defined sections to provide a clear exploration of federated learning and directions of integrating blockchain technology to improve the usage of the federated learning model in a secure network. The ‘Introduction’ section introduces the research contributions and motivations. The ‘Machine Learning’ section provides foundational context, ensuring a clear understanding of how federated learning builds on machine learning concepts. The ‘Federated Learning’ section provides all detailed aspects of FL. The ‘Blockchain’ section explains blockchain’s distributed nature and describes its key components and advantages. The ‘Blockchain and Federated Learning Integration’ section aims to discuss how blockchain enhances federated learning by improving privacy, transparency, and security while addressing regulatory and ethical challenges. The ‘State-of-Art’ section, reviews related literature. Finally, the ‘Conclusion’ section summarizes the entire text.

Machine learning

Machine learning (ML) is a field of AI, which allows machines to learn from previous data or experiences without the need for explicit programming. It has been applied in every field and profoundly changed human life. Massive amounts of end users’ daily generated data can be collected and used to train ML models, which increases the quality of accessing better services [7]. ML can be described as the capability of a machine to emulate human behavior based on a specific process cycle including collecting reliable data where the machine learning model can find the correct pattern, data preprocessing, training model, evaluating the model by testing it using unknown data then hyperparameter tuning and finally deploy the model to make a prediction [8]. ML techniques can be broadly categorized into four categories that are supervised learning, unsupervised learning, semi-supervised learning, and reinforcement learning. These techniques allow computers to learn and make predictions and discover hidden insights autonomously [9]. Due to the ML concept often requires the end connected machines to give the gathered data to the main server for model training, it has two challenges and issues: (i) the transmission of data may use up a lot of communication resources, and (ii) data owners are less likely to upload data to the central server out of security concerns because the input of raw data raises the potential of privacy breach [10]. The most crucial elements for a machine learning model are security and data privacy to get a good performance and be useful for future prediction [9].

Federated learning

Federated Learning is considered a successful safeguard for user privacy while enabling many end nodes to work together in training a machine learning model, to address machine learning concerns. Federated learning is a modern distributed machine learning approach in a way that safeguards privacy and minimizes bias in model training proposed by Google [6]. Figure 1 shows the progression of ML structures from centralized to FL. In centralized learning, data is transferred to the cloud, where an ML model is created. A user uses the model via an API, sending a request to access one of the offered services. For distributed on-site learning, each device creates its own model from its local dataset. Following the initial interaction with the cloud to distribute a model to the devices, no further communication with the cloud is required [11].

Fig. 1
figure 1

The evolution from ML to FL adopted from [11]

Full size image

Federated Learning diverges from classical machine learning by sharing the learning process over multiple devices, ensuring privacy by keeping raw data localized. Unlike the centralized approach of classical ML, federated Learning enables continual learning with collaborative updates from individual devices, fostering adaptability in distributed environments. The emphasis on decentralized training and data privacy sets FL apart as a more dynamic and secure methodology for machine learning. Table 1 shows the main differences between federated and classical ML in terms of data distribution, continual learning, aggregation of datasets, and data privacy.

Table 1 Classical ML vs FL
Full size table

In FL, each machine trains the model and sends its updates to the server for the process of aggregation as shown in Fig. 2. The key advantage of FL is keeping the data on devices and sharing the knowledge through an aggregated global model with others [12, 13].

Fig. 2
figure 2

Workflow of Federated learning

Full size image

The workflow of FL involves the following steps [13, 14]:

Initialization

A global model is Initially created, typically by training a model on a central server using a large dataset. This global model is shared among all participating client devices.

Client training

Model training occurs independently on each client device using its local data. The training process can involve multiple epochs, mini-batches, or other variations. The local model on client i at iteration t is denoted as Mi, t.

Model update

In this step, each client defines the difference or update between its local model and the updated global model. This update is denoted as ΔMi, t = Mi, t - Mglobal, where Mglobal represents the current global model.

Model aggregation

The most popular aggregation algorithm in FL is federated averaging (FedAvg) to get a trained global model based on decentralized trained models. It enables numerous clients to collaboratively learn the model without exchanging their raw data. The basic idea behind FedAvg is to perform model training iterations locally on each client device and then aggregate the model updates to create a global model [15]. The server collects the model and gets its update from all participating clients. The global model is then updated by aggregating these updates. The aggregation process typically takes a weighted average of the updates, where the weights are determined by the number of samples or other factors related to the client’s data.

The formula for FedAvg’s model aggregation step is as follows:

$$\:Mglobal(t+1)\:=\:\varSigma\:\:\left(wi\:*\:\varDelta\:Mi\right(t\left)\right)\:/\:\varSigma\:\left(wi\right)$$
(1)

Here, Mglobal(t + 1) represents the updated global model at iteration t + 1, ΔMi(t) is the model update from client i at iteration t, and wi represents the weight assigned to the client i’s update. The summation is taken over by all participating clients.

The weights wi can be chosen based on several factors, such as the number of samples on each client, the client’s computing capability, or other considerations. Commonly, equal weights (wi = 1) are used to give each client an equal say in the aggregation process.

By repeating the client training, update, and aggregation steps iteratively, the global model gradually improves and incorporates knowledge from diverse client devices while preserving data privacy. In federated learning settings, the FedAvg algorithm balances the accuracy of the model and preserves data without sharing [6, 16].

There are some difficulties in ML to reach high quality and effective model including difficulties in data sharing regarding privacy regulation, data localization, competition, and other difficulties related to the model such as direct data leakage and the privacy of the model’s architecture [7]. In FL, multiple clients collaborate to solve the traditional distributed ML problems under the coordination of the central server without sharing their local private data with others and it solves some difficulties and issues related to data sharing but still faces challenges related to indirect data leakage where the model privacy can be compromised as each client has the full version of the model and can use reverse engineering to get the full architecture of the model [17]. Figure 3 summarizes the main pros and cons of machine learning and federated Learning.

Fig. 3
figure 3

Pros and Cons of Federated Learning Vs Machine Learning

Full size image

The primary goal of FL is to develop a machine learning model based on datasets spread across several devices while preventing data leakage. Recent enhancements concentrated on overcoming issues and strengthening security in federated learning [12]. The emergence of federated learning will resolve the conflict between data privacy and data sharing. As the data is not provided to a central server, FL is suitable for applications when data is privacy sensitive. These include cases in industry applications or mobile devices where data are not available to be aggregated with legal concerns [18].

Federated learning is a machine learning environment where different number of clients such as mobile devices work together to train a model, and the trained models are aggregated in a centralized server while the annotated training data is maintained in a decentralized way. As a result, various local datasets included in local edge nodes are used to train machine learning techniques like deep neural networks. Federated learning trains a shared model on the server by aggregating locally computed updates rather than aggregating the raw data to a centralized data center (Cloud). The raw data is left on the client devices. So, federated learning can reduce the number of systemic privacy issues and expenses brought on by conventional, centralized machine learning [17].

Federated learning classifications

Different factors affect federated learning classification aspects which are architecture alternatives, data partitioning, machine learning model, scale of federation, and privacy mechanism. Figure 4 represents these aspects which are pivotal factors influencing the effectiveness, scalability, and privacy-preserving aspects of federated learning.

Fig. 4
figure 4

The main aspects of FL

Full size image
  1. i.

    Architecture alternatives for FL are centralized, hierarchical, regional, and decentralized architecture. The functionality of all alternatives of architecture remains the but the difference depends on client-server communication. In a centralized federated learning system, all clients are connected to the central server aggregation node to update local weights and distribute models. In the hierarchical architecture, consider adding several coordinators to reduce data exchange and be able to manage local devices. In the regional architecture, the central management point is removed to eliminate the risk of a single point of failure. In a decentralized architecture, the aggregation function is moved to the edge nodes. Each edge node can be a dual function, working as local training and model aggregation [19].

  2. ii.

    The federation scale is divided into two categories: cross-silo and cross-device. Cross-silo deals with organizations and cross-devices deal with mobiles. Cross-silo clients typically have a modest number of clients but great computing capability. When it comes to cross-device, the client count is enormous, but the computer capability is limited. Another consideration is dependability– while depending on organizations (cross-silo) to always be available to train, the same cannot be said for mobile phones (cross-devices) [20].

  3. iii.

    The most contentious part of FL is its approach to privacy. The primary goal is to avoid client data leaking. In the FL system, privacy concerns are often addressed by utilizing differential privacy, secret sharing mechanisms, and cryptographic approaches [21].

  4. iv.

    Federated learning can be classified according to how data is partitioned in the sample spaces which are client devices that provide the data set to the central server and feature spaces which are the key characteristics used to categorize the available data set in the system into three categories which are horizontal data partitioning, vertical data partitioning and hybrid data partitioning or federated transfer learning [22]. Table 2 summarizes and illustrates the main aspects influencing federated learning.

Table 2 Key classifications and aspects of federated learning
Full size table

Figure 5 presents the three categories of FL which are horizontal federated learning, vertical federated learning, and federated transfer learning [23].

Fig. 5
figure 5

Data partitioning categories for FL adopted from [22]

Full size image

Horizontal federated learning

Horizontal federated learning (HFL) is a type of data partitioning in federated learning where the participant’s datasets share the same features but with little intersection of sample space such as a dataset for medical conditions from a particular hospital. It can be expressed as follows:

$$\:Ax\:=\:AY,\:BX\:=\:BY,\:Sx\:\ne\:\:SY,\:\forall\:\:(DX,\:DY),\:X\:\ne\:\:Y\:\:\:)$$
(2)

Where the clients are X and Y, and the training dataset D (S, A, B) consists of feature A, label B, and sample Ids S.

The majority of FL architectures use horizontal partitioning. A common global model can be used for all clients making aggregation at the server side easier, the most used aggregation method is FedAvg. The training process in this architecture is composed of the following steps presented in Fig. 6 [16, 24]:

  1. i.

    Participants compute training gradients locally; use encryption, differential privacy, or secret sharing mechanisms to mask a subset of gradients; and submit masked results to the server.

  2. ii.

    The aggregator server executes secure aggregation without sharing any participant information.

  3. iii.

    The aggregator returns the aggregated model to participants.

  4. iv.

    Participants update their model with the decrypted gradients.

Fig. 6
figure 6

Horizontal federated learning architecture

Full size image

Vertical federated learning

Vertical federated learning is a type of data partitioning in federated learning where the participant’s datasets share the same sample space with different feature spaces such as a dataset for student’s GPAs from different universities in different formats and accumulative features. Using entity alignment approaches, overlapping samples are discovered in the client data, and this overlapping data is then used for training [12]. It can be expressed as follows:

$$\:Ax\:\ne\:\:AY,\:BX\:\ne\:\:BY,\:Sx\:=\:SY,\:\forall\:\:(DX,\:DY),\:X\:\ne\:\:Y$$
(3)

The training process in this architecture is composed of the following steps presented in Fig. 7 [16, 24]:

  1. i.

    The authorized aggregator creates encryption pairs and sends a public key to entities x and y.

  2. ii.

    X and Y encrypt and exchange the intermediate values for gradient and loss calculations.

  3. iii.

    X and Y compute encrypted gradients and add an additional mask, respectively. Y also computes encrypted loss. X and Y send encrypted values to the aggregator.

  4. iv.

    The aggregator decrypts and sends the decrypted gradients and loss back to X and Y. Then X and Y unmask the gradients and update the model.

Fig. 7
figure 7

Vertical federated learning architecture

Full size image

Federated transfer learning

Federated transfer learning (FTL) can be used when there is a feature and sample overlap between participants, such as the federation of banks and supermarkets in different regions, and as a group of universities interested in building federated learning to measure student performance across branches [17].

It can be expressed as follows:

$$\:Ax\:\ne\:\:AY,\:BX\:\ne\:\:BY,\:Sx\:\ne\:\:SY,\:\forall\:\:(DX,\:DY),\:X\:\ne\:\:Y$$
(4)

The transfer learning architecture is comparable to vertical federated learning. The architecture has undergone minor adjustments, with clients exchanging intermediate results. Transfer learning entails learning the common grounds between client X and Y’s features. Also, using labels from the source domain client to reduce errors in predicting target-domain client labels. As a result, the gradient computation for transfer learning differs from that for vertical federated learning [25].

So, the federated learning categories can be summarized according to data partitioning as shown in Table 3.

Table 3 Federated learning categories
Full size table

There are some challenges faced federated learning mechanism regarding system heterogeneity including network, devices, and storage that may cause a violation of the independent and identically distributed (IID) concept and difficulty in analyzing the model [26]. Security and privacy are also major challenges in FL, where can be exposed to different types of attacks such as poisoning and backdoor through injecting malicious and uncorrupted data to corrupt the output model and implanting backdoor control models that violate security concepts such as confidentiality, integrity, and availability in client, server, and communication networks [27].

Blockchain

Blockchain (BC) is a distributed network that works based on algorithms to verify transactions by a set of nodes [28]. It provides a ledger that is distributed, immutable, transparent, secure, and auditable [29]. The distributed network is the best way to avoid a single point of failure which distinguishes the blockchain network and federated learning mechanism. In the centralized network, all nodes are connected to a single authority that causes a single point of failure and makes the network vulnerable and easily targeted attack. In a decentralized network, the authority is spread across many nodes. In a distributed network, each node is independent and interconnects with each other [29, 30].

A blockchain platform operates within a peer-to-peer (P2P) network, where transaction records and their associated parameters (such as value and state) are managed through automated business rules implemented as smart contracts. It employs Elliptic Curve Cryptography (ECC) alongside hashing algorithms like SHA-256 to ensure robust cryptographic security, providing strong data authentication and maintaining the integrity of the system [31]. Table 4 shows the comparison between centralized, decentralized, and distributed networks.

Table 4 Different types of networks
Full size table

As shown in Fig. 8, a blockchain is a chain of many blocks where each block contains data that are cryptography by an irreversible process using hashing function algorithms and each block has a cryptographic hash that has the sender, recipient, transaction data, and timestamp information [32].

Fig. 8
figure 8

Blockchain network

Full size image

A blockchain architecture’s major components are nodes, transactions, blocks, chains, miners, and consensus methods [33]. A node is a computer in the blockchain architecture (each node has its copy of the complete blockchain ledger). The Transaction is a data record validated by blockchain participants that acts as an irreversible validation of the legitimacy of a financial transaction or contract. Block is a sealed data compartment containing the block’s hash code, the hash code from the preceding block in the sequence of blocks, and timestamped transactions. The chain is a block sequence that is ordered. Nodes that validate blocks before adding them to the blockchain structure are known as miners. The consensus algorithm is a set of rules and agreements that control how blockchain operations are executed [34].

Blockchain and federated learning integration

Blockchain is currently used in federated learning to guarantee data integrity and incentivize attracting enough client data and computation resources for training. However, there is a lack of systematic and holistic architecture design to support performance and efficient methods to deal with the challenges of data diversity, user identification, flow, and failure detection [6, 35].

Blockchain provides a robust solution to address the security challenges inherent in federated learning by leveraging its decentralized and immutable architecture [36]. By addressing key vulnerabilities like reliance on a centralized server, which risks Single Point of Failure (SPoF) and Distributed Denial of Service (DDoS) attacks. Its decentralized and immutable structure ensures resilience by distributing model storage and operations across nodes, preventing system compromise from node failures. To combat data and model poisoning attacks, blockchain uses Merkle Trees and consensus algorithms (e.g., Proof of Work or Proof of Stake) to validate and secure updates, ensuring data integrity. Encryption and decentralized validation further protect against Man-in-the-Middle (MitM) and eavesdropping attacks, safeguarding communication confidentiality. Blockchain also integrates smart contracts to enforce transparent processes like model aggregation, update verification, and incentive distribution. These mechanisms ensure fairness, reward meaningful contributions, and prevent free-riding attacks, fostering a secure and collaborative FL ecosystem [36, 37].

Blockchain features such as smart contracts and consensus algorithms enhance FL in several ways [38, 39]:

  • Data Privacy: Smart contracts could enforce data privacy agreements between participants. Data could remain encrypted on individual devices, with smart contracts regulating access and usage permissions [40].

  • Transparent Transactions: Blockchain’s transparent ledger ensures that all transactions related to model updates, data contributions, and rewards are recorded, providing transparency and accountability to FL participants.

  • Incentive Mechanisms: Incentives can be managed by smart contracts to encourage participation in FL. Participants can be rewarded with tokens or other benefits for contributing quality data or computational resources.

  • Consensus Protocols: Consensus protocols ensure agreement among FL participants on the validity of model updates and data contributions. This helps maintain the integrity of the federated model and prevents malicious attacks [39].

  • Immutable Model History: Blockchain’s immutable ledger can store the history of model updates, enabling auditing and reproducibility of the training process. This can be particularly useful in regulated industries where transparency and accountability are crucial [41].

  • Decentralized Governance: Blockchain-based FL systems can implement decentralized governance mechanisms, allowing participants to have a say in protocol upgrades, incentive structures, and other important decisions.

  • Secure Model Aggregation: Smart contracts can facilitate secure model aggregation by ensuring that the valid and authenticated updates are included in the federated global model, thus protecting against model poisoning attacks.

  • Interoperability and Standards: Blockchain can facilitate interoperability and the establishment of standards for FL protocols, enabling different FL systems to communicate and collaborate seamlessly.

Table 5 highlights the key differences between federated learning and FL-based blockchain.

Table 5 Characteristics of federated learning over FL-based blockchain
Full size table

Scalability in federated learning is a critical challenge as the approach involves decentralized model training across numerous devices or clients while preserving data privacy. Key issues include communication bottlenecks, especially when aggregating updates from many participants, and resource limitations on edge devices. Techniques to improve scalability include reducing communication overhead through model compression, asynchronous updates, and hierarchical federated architectures. Decentralized FL approaches, such as blockchain-based solutions, also offer scalability by distributing trust and computational loads, though they introduce new complexities like synchronization and increased computational costs. Additionally, addressing data and system heterogeneity is vital for maintaining robust and efficient scalability in dynamic and diverse environments [42, 43].

Figure 9 illustrates the generalized blockchain-based federated learning instance, demonstrating how blockchain technology integrates with FL processes across edge devices and the cloud environment. The process begins by initializing and distributing the global model to edge devices. These devices train local models using confidential data without sharing it. The trained models are uploaded to the blockchain, ensuring only model parameters are shared. Updates are cross verified for accuracy, stored in blocks, and propagated across the network for consistency. The blockchain updates are then aggregated to create a new global model, which is downloaded by edge devices for further training, completing the FL cycle [44].

Fig. 9
figure 9

Federated learning based blockchain paradigm [44]

Full size image

Blockchain integration with federated learning in resource-constrained environments faces some challenges that should be considered, including scalability, transaction speed, consensus mechanisms, storage, and communication overhead. As the number of participants and model updates increases, blockchain networks can become congested, slowing down the training process. Traditional consensus mechanisms like Proof of Work require substantial computational resources, which are impractical for devices with limited capabilities. Furthermore, the growing size of the blockchain ledger can burden devices with storage constraints. Privacy concerns also arise, as blockchain’s transparency may conflict with the need for data privacy in federated learning. To address these, lightweight consensus mechanisms, off-chain solutions, sharding, and privacy-preserving techniques can help improve efficiency and reduce the strain on resource-constrained environments [44, 45].

The following basic pseudocode simplified the illustration of the basic concept for integrating a blockchain network with federated learning without considering additional complexities such as security, privacy-preserving techniques, and consensus mechanisms.

figure a

Using blockchain for federated learning brings about various regulatory and ethical considerations that need careful examination [46]. Concerning data privacy and security, adherence to stringent regulations such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) is imperative to safeguard personal data collected, processed, and shared during FL processes leveraging blockchain [5, 46]. From an ethical standpoint, ensuring user autonomy, consent, and control over their data is paramount to upholding individual rights and privacy [47]. Additionally, transparency facilitated by blockchain’s immutable record-keeping capabilities enhances accountability in FL, although a delicate balance must be maintained between transparency and privacy to protect sensitive user information. Furthermore, regulatory bodies may advocate for interoperability standards to ensure seamless compatibility and data exchangeability across various FL platforms, fostering fair competition and preventing vendor lock-in. Ethical considerations underscore the importance of promoting inclusivity and accessibility across FL platforms, ensuring participation from diverse stakeholders regardless of technical infrastructure [48].

In the realm of decentralization and governance, decentralized FL networks pose governance and jurisdictional challenges, necessitating the establishment of legal frameworks to address disputes, enforce contracts, and manage liability in decentralized FL ecosystems. Ethically, decentralization can empower users by decentralizing decision-making and reducing reliance on centralized authorities, although governance mechanisms must be carefully designed to avoid power concentration and guarantee the representation of various interests within the FL network. Moreover, regulatory perspectives advocate for algorithmic fairness assessments to mitigate biases and discrimination in FL models, emphasizing compliance with fairness regulations to ensure equitable benefits for all participants. Ethically, addressing biases in data sources and algorithms is crucial to prevent perpetuating systemic inequalities, necessitating the design and training of FL algorithms with diversity and inclusivity in mind [49].

Finally, legal compliance is indispensable to mitigate risks and liabilities associated with FL, particularly concerning data breaches, intellectual property rights, and regulatory violations. Smart contracts deployed on the blockchain can automate compliance and enforce contractual obligations, ensuring accountability for errors or misuse of FL models and data [50]. In summary, the regulatory and ethical implications of utilizing blockchain for federated learning are multifaceted, spanning data privacy, transparency, interoperability, governance, fairness, legal compliance, and liability. Addressing these implications necessitates collaborative efforts among regulators, industry stakeholders, researchers, and ethicists to develop robust frameworks that promote responsible and ethical implementation of FL technology.

Integrating blockchain with federated learning raises ethical and regulatory challenges, including balancing data control, user consent, and privacy with the transparency and accountability that blockchain offers. Emerging laws emphasize data protection but conflict with blockchain’s immutability, necessitating innovative solutions for compliance. Ethical concerns include ensuring inclusivity, addressing algorithmic biases, and promoting fairness in model training while avoiding concentration of power in decentralized systems. Additionally, interoperability standards and governance frameworks are critical to managing disputes and fostering collaboration across authorities. Addressing these complexities requires coordinated efforts among regulators, industry, and researchers to develop equitable and compliant systems [51, 52]. Table 6 outlines the regulatory and ethical implications of using blockchain for FL.

Table 6 Regulatory and ethical considerations in the integration of BC and FL
Full size table

Stat-of-art

Federated learning has emerged as a promising research field with a growing interest due to its potential to revolutionize various technologies and fields. It enables the training of machine learning models across decentralized machines, such as smartphones, edge devices, and Internet of Things (IoT) devices, with no need for sharing raw data centrally. This unique mechanism addresses privacy concerns while unlocking big data sets that were previously unused [53]. Beyond privacy, federated learning intersects with various technologies and fields, including healthcare, finance, and autonomous systems. In healthcare, it allows for collaborative model training on patient data from different hospitals, leading to improved diagnostic accuracy and personalized treatment recommendations [54, 55]. It plays a pivotal role in enhancing autonomous systems by enabling distributed learning among connected vehicles and edge devices, enhancing overall safety and performance [56].

Federated learning applications and challenges

It is expected that there will be many more studies and improvements on merging federated learning with other technologies and fields to yield groundbreaking advancements. The following part presents a study of the recent studies in the field of federated learning. Figure 10 presents the key related fields to federated learning applications.

Fig. 10
figure 10

Related fields to FL

Full size image

The choice of the appropriate type of federated learning in each field between horizontal and vertical federated learning according to the nature of the data distribution, use cases, and the scope of the model application. The majority of extant federated learning approaches concentrate on the horizontal federated learning context, in which a big dataset is partitioned among several parties who share the same feature space.

Healthcare is the most popular application that fits all types of federated learning according to the scenario that could be horizontal federated learning if hospitals and healthcare providers collaborate using horizontal federated learning to build predictive models while keeping patient data localized [57]. Each hospital might have similar features and could be vertical federated learning while sharing different features for the same sample space from different medical organizations. Some other applications of horizontal federated learning are (i) mobile keyboard prediction that can use horizontal federated learning to improve the predictive text and autocorrect suggestions. Each user’s typing data can remain on their device and the aggregated model benefits from a wide range of user behaviors [58], (ii) recommendation systems can use horizontal federated learning to train recommendation models [59].

User interaction data can be used to improve recommendations without centralizing sensitive user preferences. Some of the applications for vertical federated learning are (i) banks and financial institutions can use vertical federated learning to collaborate on financial fraud detection. One institution might have a transaction history while another has customer profiles. Vertical federated learning enables them to jointly build a more accurate fraud detection model [60], (ii) supply chain optimization where companies involved in different parts of a supply chain can utilize vertical federated learning to optimize inventory management and demand forecasting. Each company shares relevant data without revealing proprietary details [61], (iii) IOT data analytics where IoT devices generate data with different characteristics that vertical federated learning allows various device owners to cooperate on model training without sharing sensor data and enhancing collective insights [62].

Li et al. [63] provided an overview of FL strategies, challenges, and future directions. It highlighted the main drawbacks, including communication efficiency as Federated learning requires regular communication between the central server and the participating machines. The communication overhead can be significant, especially when dealing with a large number of devices or limited bandwidth connections. Privacy and security, as sharing models and updates between devices, raise concerns about the privacy and security of sensitive data. Adversarial attacks, data leakage, and model poisoning are potential risks that need to be addressed. Heterogeneity and non-IID Data as the presence of non-IID data across devices complicates the training process.

Hard et al. [58] presented a Coupled Input-Forget Gates (CIFG) is a mobile keyboard next-word prediction, a language model trained via federated learning that can outperform a baseline n-gram model and an identical server-trained CIFG model. Federated learning was also investigated with mobile keyboard prediction. It discussed the device heterogeneity as mobile devices may vary in terms of computational power, battery life, and network connectivity, training models across such heterogeneous devices pose challenges due to resource limitations potential communication constraints, and unbalanced participation as in federated learning, not all devices may participate equally or consistently. Some devices may have limited availability or unreliable connections, leading to imbalanced contributions and potential bias in the trained models. It also discussed the aggregating model updates from multiple machines that may cause network overhead and require synchronization so inefficient or inaccurate aggregation methods can lead to suboptimal global models and slower convergence.

Mothukuri et al. [64], presented a thorough analysis of FL’s security and privacy features and concluded that inference-based attacks pose the greatest threat to FL’s privacy, while communication bottlenecks, poisoning, and backdoor assaults pose the most specific security risks.

Y. Lu et al. [65], presented a privacy-preserving FL mechanism and demonstrated that federated learning can be used to train a machine learning model to detect cyber-attacks while preserving the privacy of the data used to train the model. The main drawback of the proposed approach is that it requires a central server to coordinate the federated learning process. This could make the system vulnerable to attack if the central server is compromised.

Privacy and security challenges

These studies still lack security factors in the process of federated learning data exchange, direct data leakage, and fear of compromising model privacy. Regarding many clients participating in a federated learning model, this opens a channel to diverse types of attacks on the client, server, and communication channel. so, the development of models must follow the main concepts of information security (CIA) which are confidentiality, integrity, and availability [66].

Some studies investigate vulnerabilities and propose defensive techniques for securing FL models. Kurniawan et al. [67], presented a list of source vulnerabilities that can be exploited in FL such as communication, gradient leakage, compromised clients and servers, aggregation algorithm, non-malicious failure, and distributed concept of FL, and proposed a privacy-preservation scheme for active learning using homomorphic encryption-based FL that enables to mitigate attacks regarding gradient leakage and aggregation algorithm but still vulnerable to an insecure communication channel, compromised clients and compromised server. Liu et al. [68], showed the risks, attacks, and defenses to FL across the whole FL process, which is organized into three stages: data and behavior auditing, training, and prediction.

Blockchain integration with federated learning

Some studies started to highlight that blockchain technology can improve security and mitigate vulnerabilities in federated learning. Blockchain, a distributed ledger technology offered a decentralized solution that was a workable technique to protect the security of federal learning data, assisting FL in mitigating the issues related to a central server and enhancing security [69].

Blockchain-based Federated Learning (BCFL) is transforming industries by combining decentralized machine learning with Blockchain’s privacy and security features. In healthcare, it protects sensitive data while enabling collaborative analysis. For network and IoT security, BCFL ensures anomaly detection and secure data sharing. It supports robust data processing in edge and fog computing, addressing challenges like heterogeneity and privacy. In transportation, BCFL enhances vehicle data sharing and trust. It also secures 5G/6G communication networks, facilitates cognitive computing advancements, and strengthens defense systems by ensuring data integrity and privacy in distributed frameworks [70].

There are some studies to address FL’s security problems by combining blockchain technology and FL [71]. Moudoud et al. [72], proposes a blockchain-based multi-task federated learning framework to enhance security and trust in the Metaverse by leveraging blockchain sharding. This approach enables parallel training of FL models, improves throughput, and ensures data privacy without centralized control. It introduces algorithms for device selection based on reputation and data diversity, alongside a scheduling mechanism to optimize resource allocation. Despite its contributions, challenges like shared security, privacy concerns, and dynamic trust evaluation remain open for further research.

Liu et al. [73], proposed a secured federated learning framework specifically designed for 5G networks. This paper may not thoroughly address the scalability challenges associated with federated learning in 5G networks.

Y. Lu et al. [74], proposed an approach that combines blockchain technology with asynchronous federated learning to enable secure data sharing in the Internet of Vehicles without giving attention to latency and communication overhead, access authentication, and access control.

Li et al. [75] presented a framework that aims to enhance the security, privacy, and reliability of the federated learning process. By combining decentralized computing, federated learning, and blockchain, the proposed framework tried to address the challenges of data privacy. But could not address the challenges of committee selection, trust establishment among the participants, and ensuring the reliability and trustworthiness of committee members.

  1. a.

    Z. Mahmood et al. [76], explained the possibility of federated system vulnerability to poisoning attacks, either data or model poisoning attacks that affect the accuracy of the global model. They proposed a blockchain-enabled FL system that gathers local model weights and transfers them as data-sharing transactions to the global model and proposed a multi-layered security approach to protect data privacy in the federated learning platform based on the blockchain network and differential privacy technique.

  2. b.

    D. Nguyen et al. [77], explained the problems with traditional federated learning, such as data attacks, single-point failures, communication delays, model aggregation transparency, and a lack of incentive mechanisms. They presented a general integration of blockchain, and federated learning based on their key concepts and analyzed the benefits, use cases, and key considerations when integrating federated learning with blockchain in the edge computing paradigm.

  3. c.

    K. Li et al. [78] proposed a blockchain-enabled federated learning to establish a framework to improve security monitoring and malicious behavior control in 6G networks and introduced the improvement in the field of network security in the context of 6G networks by leveraging the capabilities of federated learning and blockchain. Table 7 presents a summary of some illustrative studies focusing on the methodologies, main advantages, and challenges.

Table 7 Summary for some studies
Full size table

Most studies presented only a theoretical integration of blockchain with federated learning, without achieving a model/framework to be applied in real scenarios to obtain the benefits and effects of the practical integration between them to guarantee trust establishment among the participants and ensure reliability. Some studies introduced the integration between blockchain and federated learning but still lack too many performance factors such as the scalability of the FL model, access control and authentication, user identification, and flow detection.

Conclusion

Despite the recent improvements in the federated learning field, there is still insufficient progress in handling security and privacy risks. This paper presents an extensive overview of FL with its privacy and security issues. In addition, the effect of integrating blockchain with federated learning as integration is a promising approach to enable secure and intelligent data sharing. Also, it expands on the regulatory and ethical implications of using blockchain for FL. However, how to properly ensure data privacy by utilizing blockchain technology remains an open question that must be further investigated by analyzing additional security concerns and establishing more effective solutions. Furthermore, how to improve the utility of data models mapped from raw data, regardless of the specific computing jobs and machine learning techniques, is a crucial topic in data sharing. New intelligent procedures are necessary to increase data utility. Since malicious attacks deteriorate the reliability of BCFL, there is a pivotal focus on combining these two technologies to relieve the risk of potential attacks.

Blockchain enhances Federated Learning systems by enabling decentralization, improving data privacy, ensuring transparency, and increasing robustness. Its tamper-proof and secure structure mitigates single points of failure, resists adversarial attacks, and boosts the security, scalability, and trustworthiness of FL systems. Consequently, the design of a suitable integrated framework of federated learning and blockchain with attention to user and data selection mechanisms becomes imperative, serving as a protective measure against security breaches. Future work should focus on optimizing blockchain mechanisms for FL, improving privacy through advanced cryptography, and evaluating performance in real-world applications. Additionally, addressing regulatory compliance and interoperability challenges is essential.