A Taxonomy of Attacks and Defenses in Split Learning
This work addresses security issues in distributed deep learning for resource-constrained clients, but it is incremental as it systematizes existing knowledge rather than introducing new methods.
The paper tackles the problem of privacy and security vulnerabilities in Split Learning by presenting a comprehensive taxonomy of attacks and defenses, categorizing them along key dimensions and identifying open challenges for future research.
Split Learning (SL) has emerged as a promising paradigm for distributed deep learning, allowing resource-constrained clients to offload portions of their model computation to servers while maintaining collaborative learning. However, recent research has demonstrated that SL remains vulnerable to a range of privacy and security threats, including information leakage, model inversion, and adversarial attacks. While various defense mechanisms have been proposed, a systematic understanding of the attack landscape and corresponding countermeasures is still lacking. In this study, we present a comprehensive taxonomy of attacks and defenses in SL, categorizing them along three key dimensions: employed strategies, constraints, and effectiveness. Furthermore, we identify key open challenges and research gaps in SL based on our systematization, highlighting potential future directions.