A Survey of Privacy Threats and Defense in Vertical Federated Learning: From Model Life Cycle Perspective

TL;DR

This survey comprehensively reviews privacy threats and defenses in vertical federated learning, focusing on the entire model life cycle, and provides taxonomies, challenges, and future directions for safeguarding data privacy.

Contribution

It is the first extensive survey analyzing privacy attacks and defenses in VFL from a model life cycle perspective, offering structured taxonomies and practical insights.

Findings

Taxonomies for privacy attacks and defenses in VFL

Identification of open challenges and future research directions

Guidance for practitioners on privacy preservation throughout the model life cycle

Abstract

Vertical Federated Learning (VFL) is a federated learning paradigm where multiple participants, who share the same set of samples but hold different features, jointly train machine learning models. Although VFL enables collaborative machine learning without sharing raw data, it is still susceptible to various privacy threats. In this paper, we conduct the first comprehensive survey of the state-of-the-art in privacy attacks and defenses in VFL. We provide taxonomies for both attacks and defenses, based on their characterizations, and discuss open challenges and future research directions. Specifically, our discussion is structured around the model's life cycle, by delving into the privacy threats encountered during different stages of machine learning and their corresponding countermeasures. This survey not only serves as a resource for the research community but also offers clear guidance and actionable insights for practitioners to safeguard data privacy throughout the model's life cycle.