A Taxonomy of Attacks and Defenses in Split Learning

TL;DR

This paper provides a comprehensive taxonomy of security threats and defenses in Split Learning, categorizing attack types and countermeasures to advance understanding and guide future research in secure distributed deep learning.

Contribution

It introduces the first systematic taxonomy of attacks and defenses in Split Learning, analyzing their strategies, constraints, and effectiveness.

Findings

Identifies key attack categories and defense mechanisms in SL.

Highlights open challenges and research gaps in SL security.

Provides a structured framework for future security research in SL.

Abstract

Split Learning (SL) has emerged as a promising paradigm for distributed deep learning, allowing resource-constrained clients to offload portions of their model computation to servers while maintaining collaborative learning. However, recent research has demonstrated that SL remains vulnerable to a range of privacy and security threats, including information leakage, model inversion, and adversarial attacks. While various defense mechanisms have been proposed, a systematic understanding of the attack landscape and corresponding countermeasures is still lacking. In this study, we present a comprehensive taxonomy of attacks and defenses in SL, categorizing them along three key dimensions: employed strategies, constraints, and effectiveness. Furthermore, we identify key open challenges and research gaps in SL based on our systematization, highlighting potential future directions.