信息安全研究2024,Vol.10Issue(3):194-201,8.DOI:10.12379/j.issn.2096-1057.2024.03.01
联邦学习中的隐私保护技术研究
Research on Privacy Protection Technology in Federated Learning
摘要
Abstract
In federated learning,multiple models are trained through parameter coordination without sharing raw data.However,the extensive parameter exchange in this process renders the model vulnerable to threats not only from external users but also from internal participants.Therefore,research on privacy protection techniques in federated learning is crucial.This paper introduces the current research status on privacy protection in federated learning.It classifies the security threats of federated learning into external attacks and internal attacks.Based on this classification,it summarizes external attack techniques such as model inversion attacks,external reconstruction attacks,and external inference attacks,as well as internal attack techniques such as poisoning attacks,internal reconstruction attacks,and internal inference attacks.From the perspective of attack and defense correspondence,this paper summarizes data perturbation techniques such as central differential privacy,local differential privacy,and distributed differential privacy,as well as process encryption techniques such as homomorphic encryption,secret sharing,and trusted execution environment.Finally,the paper analyzes the difficulties of federated learning privacy protection technology and identifies the key directions for its improvement.关键词
联邦学习/隐私攻击/差分隐私/同态加密/隐私保护Key words
federated learning/privacy attack/differential privacy/homomorphic encryption/privacy protection分类
信息技术与安全科学引用本文复制引用
刘晓迁,许飞,马卓,袁明,钱汉伟..联邦学习中的隐私保护技术研究[J].信息安全研究,2024,10(3):194-201,8.基金项目
国家自然科学基金项目(62202209) (62202209)
2023年江苏高校"青蓝工程"优秀青年骨干教师项目 ()
江苏省高等教育教改研究项目(2023JSJG364) (2023JSJG364)
"十四五"江苏省重点学科"网络空间安全"建设项目 ()
江苏省高校哲学社会科学研究项目(2023SJYB0468) (2023SJYB0468)
