Oops!... They Stole it Again: Attacks on Split Learning

TL;DR

This paper systematically reviews security vulnerabilities in Split Learning, analyzing various attacks and defenses, highlighting gaps, and proposing future research directions to enhance privacy.

Contribution

It offers a comprehensive classification of attacks and defenses in Split Learning, identifying security gaps and guiding future research to improve privacy protections.

Findings

Security gaps in existing defenses

Effectiveness of cryptographic and hybrid methods

Open challenges for future research

Abstract

Split Learning (SL) is a collaborative learning approach that improves privacy by keeping data on the client-side while sharing only the intermediate output with a server. However, the distributed nature of SL introduces new security challenges, necessitating a comprehensive exploration of potential attacks. This paper systematically reviews various attacks on SL, classifying them based on factors such as the attacker's role, the type of privacy risks, when data leaks occur, and where vulnerabilities exist. We also analyze existing defense methods, including cryptographic methods, data modification approaches, distributed techniques, and hybrid solutions. Our findings reveal security gaps, highlighting the effectiveness and limitations of existing defenses. By identifying open challenges and future directions, this work provides valuable information to improve SL privacy issues and guide further research.