Backdoor Attacks and Defenses in Federated Learning: Survey, Challenges and Future Research Directions
It tackles the security problem of backdoor attacks in federated learning for researchers and practitioners, but is incremental as it surveys existing work rather than introducing new methods.
This survey addresses the vulnerability of federated learning to backdoor attacks, which insert malicious functionality through poisoned updates, and provides a comprehensive analysis of current attack strategies and defenses.
Federated learning (FL) is a machine learning (ML) approach that allows the use of distributed data without compromising personal privacy. However, the heterogeneous distribution of data among clients in FL can make it difficult for the orchestration server to validate the integrity of local model updates, making FL vulnerable to various threats, including backdoor attacks. Backdoor attacks involve the insertion of malicious functionality into a targeted model through poisoned updates from malicious clients. These attacks can cause the global model to misbehave on specific inputs while appearing normal in other cases. Backdoor attacks have received significant attention in the literature due to their potential to impact real-world deep learning applications. However, they have not been thoroughly studied in the context of FL. In this survey, we provide a comprehensive survey of current backdoor attack strategies and defenses in FL, including a comprehensive analysis of different approaches. We also discuss the challenges and potential future directions for attacks and defenses in the context of FL.