Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Backdoor attacks and defenses in federated learning: survey, challenges and future research directions
Nguyen T., Nguyen T., Nguyen P., Pham H., Doan K., Wong K. Engineering Applications of Artificial Intelligence127 2024.Type:Article
Date Reviewed: Jun 17 2024

Machine learning (ML) technologies are becoming mainstream, particularly for the analysis of bulk data. The success of ML systems, however, hinges on the input of high-quality data and the ability to train balanced, fair, and high integrity ML models. Federated learning (FL) was originally described by Google, in 2016, as an approach that allows the use of distributed data to train ML models without the need to copy that potentially private data and concentrate it on a centralized server for processing. While this approach avoids issues with data ownership and privacy, and also improves efficiency, its decentralized nature introduces challenges in verifying the trustworthiness of the data being accessed as well as increasing vulnerabilities in the generated models. Nguyen et al. consider multiple ways for cyber criminals to potentially insert malicious functionality into targeted ML models through poisoning the data or by corrupting the models.

The authors begin by describing the benefits of using FL in training ML models using data spread across different entities with an orchestration server collecting and aggregating model updates. The increased cyberattack surface exposure that results from this approach is examined. Backdoor attacks that poison the data or alter the model directly, along with proposed FL defenses against them, are discussed. Nguyen et al. then categorize the main attack types, examining and summarizing earlier FL backdoor attack survey results and discussing the main steps in FL and potential attack vectors and attack techniques at each step. Backdoor defense methodologies are then described in significant detail. Final remarks look at the challenges and potential future research. The authors then provide a succinct conclusion and thorough references.

The paper is well supported by relevant illustrations and tables. It is an excellent discussion on a topical subject, highlighting that new advances in technology may also come with associated increased risks of cyberattack.

Reviewer:  David B. Henderson Review #: CR147779
Bookmark and Share
  Reviewer Selected
Featured Reviewer
Security (K.4.4 ... )
Security (K.6.m ... )
Security and Protection (C.2.0 ... )
Security Kernels (D.4.6 ... )
Security, Integrity, And Protection (H.2.0 ... )
Security, Integrity, And Protection (H.2.7 ... )
Would you recommend this review?
Other reviews under "Security": Date
Security fundamentals for e-commerce
Hassler V., Artech House, Inc., Norwood, MA, 2000.  409, Type: Book (9781580531085)
May 20 2002
Building firm trust online
Schoder D., Yin P. Communications of the ACM 43(12): 73-79, 2000. Type: Article
Oct 1 2001
Electronic commerce relationships: trust by design
Keen P., Ballance G., Chan S., Schrump S., Prentice Hall PTR, Upper Saddle River, NJ, 2000.  249, Type: Book (9780130170378)
Feb 1 2000

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy