作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2024, Vol. 50 ›› Issue (5): 1-15. doi: 10.19678/j.issn.1000-3428.0067782

• 热点与综述 • 上一篇    下一篇

联邦学习及其安全与隐私保护研究综述

熊世强1, 何道敬2, 王振东1, 杜润萌3   

  1. 1. 江西理工大学信息工程学院, 江西 赣州 341000;
    2. 哈尔滨工业大学(深圳)计算机科学与技术学院, 广东 深圳 518055;
    3. 华东师范大学计算机科学与技术学院, 上海 200062
  • 收稿日期:2023-06-02 修回日期:2023-10-16 出版日期:2024-05-15 发布日期:2024-05-24
  • 通讯作者: 熊世强,E-mail:xiongsqiang@qq.com E-mail:xiongsqiang@qq.com
  • 基金资助:
    国家自然科学基金(62062037);江西省自然科学基金(20212BAB202014)。

Review of Federated Learning and Its Security and Privacy Protection

XIONG Shiqiang1, HE Daojing2, WANG Zhendong1, DU Runmeng3   

  1. 1. School of Information Engineering, Jiangxi University of Technology, Ganzhou 341000, Jiangxi, China;
    2. School of Computer Science and Technology, Harbin Institute of Technology(Shenzhen), Shenzhen 518055, Guangdong, China;
    3. School of Computer Science and Technology, East China Normal University, Shanghai 200062, China
  • Received:2023-06-02 Revised:2023-10-16 Online:2024-05-15 Published:2024-05-24
  • Contact: 熊世强,E-mail:xiongsqiang@qq.com E-mail:xiongsqiang@qq.com

摘要: 联邦学习(FL)是一种新兴的分布式机器学习技术,只需将数据留在本地即可通过各方协作训练一个共有模型,解决了传统机器学习中数据难以采集和隐私安全的问题。随着联邦学习技术的应用和发展,相关研究发现联邦学习仍可能受到各类攻击。为了确保联邦学习的安全性,研究联邦学习中的攻击方式及相应的隐私保护技术显得尤为重要。首先介绍了联邦学习的背景知识及相关定义,总结概括了联邦学习的发展历程及分类;接着阐述了联邦学习的安全三要素,从基于安全来源和基于安全三要素2个角度分类概述了联邦学习中的安全问题及研究进展;然后对隐私保护技术进行分类,结合相关研究应用综述了联邦学习中安全多方计算(SMC)、同态加密(HE)、差分隐私(DP)、可信执行环境(TEE)4种常用隐私保护技术;最后对联邦学习的未来研究方向进行展望。

关键词: 联邦学习, 数据安全, 攻击方式, 隐私保护, 安全三要素

Abstract: Federated Learning (FL) is a new distributed machine earning technology that only requires local maintenance of data and can train a common model through the cooperation of all parties, which mitigates issues pertaining to data collection and privacy security in conventional machine learning. However, with the application and development of FL, it is still exposed to various attacks. To ensure the security of FL, the attack mode in FL and the corresponding privacy protection technology must be investigated. Herein, first, the background knowledge and relevant definitions of FL are introduced, and the development process and classification of FL are summarized. Second, the security three elements of FL are expounded, and the security issues and research progress of FL are summarized from two perspectives based on security sources and the security three elements. Subsequently, privacy protection technologies are classified. This paper summarizes four common privacy protection technologies used in FL: Secure Multiparty Computing (SMC), Homomorphic Encryption (HE), Differential Privacy (DP), and Trusted Execution Environment (TEE). Finally, the future research direction for FL is discussed.

Key words: Federated Learning(FL), data security, attack mode, privacy protection, security three elements

中图分类号: