Backdoor Attacks and Defenses in Federated Learning: Survey, Challenges and Future Research Directions

TL;DR

This paper surveys backdoor attacks and defenses in federated learning, highlighting current strategies, challenges, and future research directions to improve security and robustness.

Contribution

It provides a comprehensive overview of backdoor attack methods and defense mechanisms specifically in federated learning, an area with limited prior focus.

Findings

Various backdoor attack strategies identified in FL

Defense approaches analyzed for effectiveness and limitations

Future research directions proposed for enhancing FL security

Abstract

Federated learning (FL) is a machine learning (ML) approach that allows the use of distributed data without compromising personal privacy. However, the heterogeneous distribution of data among clients in FL can make it difficult for the orchestration server to validate the integrity of local model updates, making FL vulnerable to various threats, including backdoor attacks. Backdoor attacks involve the insertion of malicious functionality into a targeted model through poisoned updates from malicious clients. These attacks can cause the global model to misbehave on specific inputs while appearing normal in other cases. Backdoor attacks have received significant attention in the literature due to their potential to impact real-world deep learning applications. However, they have not been thoroughly studied in the context of FL. In this survey, we provide a comprehensive survey of current backdoor attack strategies and defenses in FL, including a comprehensive analysis of different approaches. We also discuss the challenges and potential future directions for attacks and defenses in the context of FL.