A Comprehensive Survey of Privacy-preserving Federated Learning: A Taxonomy, Review, and Future Directions

Authors:
Xuefei Yin

School of Engineering and Information Technology, University of New South Wales, Canberra, ACT, Australia

School of Engineering and Information Technology, University of New South Wales, Canberra, ACT, Australia
View Profile

,
Yanming Zhu

School of Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia

School of Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia
View Profile

,
Jiankun Hu

School of Engineering and Information Technology, University of New South Wales, Canberra, ACT, Australia

School of Engineering and Information Technology, University of New South Wales, Canberra, ACT, Australia
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 54 Issue 6Article No.: 131pp 1–36https://doi.org/10.1145/3460427

Published:13 July 2021Publication History

ACM Computing Surveys

Abstract

The past four years have witnessed the rapid development of federated learning (FL). However, new privacy concerns have also emerged during the aggregation of the distributed intermediate results. The emerging privacy-preserving FL (PPFL) has been heralded as a solution to generic privacy-preserving machine learning. However, the challenge of protecting data privacy while maintaining the data utility through machine learning still remains. In this article, we present a comprehensive and systematic survey on the PPFL based on our proposed 5W-scenario-based taxonomy. We analyze the privacy leakage risks in the FL from five aspects, summarize existing methods, and identify future research directions.

References

M. Abadi, A. Chu, I. Goodfellow, H. B. McMahan, I. Mironov, K. Talwar, and L. Zhang. 2016. Deep learning with differential privacy. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 308--318.Google Scholar
N. Abbas, Y. Zhang, A. Taherkordi, and T. Skeie. 2018. Mobile edge computing: A survey. IEEE IoT J. 5, 1 (2018), 450--465.Google Scholar
N. Agarwal, A. T. Suresh, F. X. Yu, S. Kumar, and B. McMahan. 2018. cpSGD: Communication-efficient and differentially-private distributed SGD. In Advances in Neural Information Processing Systems, Vol. 31. 7564--7575.Google Scholar
D. Agrawal and C. Aggarwal. 2001. On the design and quantification of privacy preserving data mining algorithms. In Proceedings of the ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems. 247--255.Google Scholar
A. Ahmed and E. Ahmed. 2016. A survey on mobile edge computing. In Proceedings of the International Conference on Intelligent Systems and Control. 1--8.Google Scholar
K. Amin, A. Kulesza, A. Munoz, and S. Vassilvtiskii. 2019. Bounding user contributions: A bias-variance trade-off in differential privacy. In Proceedings of the International Conference on Machine Learning, Vol. 97. 263--271.Google Scholar
Muhammad Asad, Ahmed Moustafa, and Takayuki Ito. 2020. FedOpt: Towards communication efficiency and privacy preservation in federated learning. Appl. Sci. 10, 8 (2020), 2864.Google ScholarCross Ref
G. Ateniese, L. Mancini, A. Spognardi, et al. 2015. Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers. Int. J. Secur. Netw. 10, 3 (2015), 137--150.Google ScholarDigital Library
A. N. Bhagoji, S. Chakraborty, P. Mittal, and S. Calo. 2019. Analyzing federated learning through an adversarial lens. In Proceedings of the International Conference on Machine Learning, Vol. 97. 634--643.Google Scholar
A. Bhowmick, J. Duchi, J. Freudiger, G. Kapoor, and R. Rogers. 2019. Protection against reconstruction and its applications in private federated learning. arxiv:1812.00984. Retrieved from https://arxiv.org/abs/1812.00984.Google Scholar
S. Bickel, M. Brückner, and T. Scheffer. 2007. Discriminative learning for differing training and test distributions. In Proceedings of the International Conference on Machine Learning. 81--88.Google Scholar
G. R. Blakley. 1979. Safeguarding cryptographic keys. In Proceedings of the International Workshop on Managing Requirements Knowledge. 313--318.Google ScholarCross Ref
K. Bonawitz, V. Ivanov, B. Kreuter, et al. 2017. Practical secure aggregation for privacy-preserving machine learning. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 1175--1191.Google ScholarDigital Library
Z. Brakerski, C. Gentry, and V. Vaikuntanathan. 2014. (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory 6, 3 (2014), 1--36.Google ScholarDigital Library
Alon Brutzkus, Ran Gilad-Bachrach, and Oren Elisha. 2019. Low latency privacy preserving inference. In Proceedings of the International Conference on Machine Learning, Vol. 97. 812--821.Google Scholar
H. Cao, S. Liu, R. Zhao, and X. Xiong. 2020. IFed: A novel federated learning framework for local differential privacy in power internet of things. Int. J. Distrib. Sens. Netw. 16, 5 (2020), 1550147720919698.Google ScholarCross Ref
N. Carlini, C. Liu, Ú. Erlingsson, J. Kos, and D. Song. 2019. The secret sharer: Evaluating and testing unintended memorization in neural networks. In Proceedings of the USENIX Security Symposium. 267--284.Google Scholar
H. Chabanne, A. De Wargny, J. Milgram, C. Morel, and E. Prouff. 2017. Privacy-preserving classification on deep neural network. IACR Cryptol. ePrint Arch. 2017, 35 (2017).Google Scholar
M. Chamikara, P. Bertok, I. Khalil, D. Liu, and S. Camtepe. 2021. Privacy preserving distributed machine learning with federated learning. Computer Communications 171, 1 (2021), 112--125.Google ScholarCross Ref
H. Chang, V. Shejwalkar, R. Shokri, and A. Houmansadr. 2019. Cronus: Robust and heterogeneous collaborative learning with black-box knowledge transfer. arxiv:1912.11279. Retrieved from https://arxiv.org/abs/1912.11279.Google Scholar
K. Chaudhuri and C. Monteleoni. 2009. Privacy-preserving logistic regression. In Advances in Neural Information Processing Systems, Vol. 22. 289--296.Google Scholar
K. Chaudhuri, A. Sarwate, and K. Sinha. 2012. Near-optimal differentially private principal components. In Advances in Neural Information Processing Systems, Vol. 25. 989--997.Google Scholar
S. Chawla, C. Dwork, F. McSherry, A. Smith, and H. Wee. 2005. Toward privacy in public databases. In Theory of Cryptography. 363--385.Google Scholar
Hong-You Chen and Wei-Lun Chao. 2021. FedBE: Making bayesian model ensemble applicable to federated learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
K. Chen and L. Liu. 2008. A Survey of Multiplicative Perturbation for Privacy-Preserving Data Mining. Springer, 157--181.Google Scholar
Y. Chen, X. Qin, J. Wang, C. Yu, and W. Gao. 2020. Fedhealth: A Federated Transfer Learning Framework for Wearable Healthcare. IEEE Intell. Syst. 4 (2020).Google Scholar
K. Cheng, T. Fan, Y. Jin, et al. 2021. Secureboost: A lossless federated learning framework. IEEE Intelligent Systems (2021). DOI:10.1109/MIS.2021.3082561Google ScholarDigital Library
W. Chik. 2013. The singapore personal data protection act and an assessment of future trends in data privacy reform. Comput. Law Secur. Rev. 29 (2013), 554--575.Google ScholarCross Ref
Beongjun Choi, Jy yong Sohn, Dong-Jun Han, and Jaekyun Moon. 2020. Communication-computation efficient secure aggregation for federated learning. arxiv:2012.05433. Retrieved from https://arxiv.org/abs/2012.05433.Google Scholar
C. Choquette-Choo, N. Dullerud, A. Dziedzic, et al. 2021. CaPC learning: Confidential and private collaborative learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
Olivia Choudhury, Aris Gkoulalas-Divanis, Theodoros Salonidis, et al. 2019. Differential privacy-enabled federated learning for sensitive health data. In Proceedings of the NeurIPS Workshop on Machine Learning for Health.Google Scholar
O. Choudhury, A. Gkoulalas-Divanis, T. Salonidis, I. Sylla, Y. Park, G. Hsu, and A. Das. 2020. A syntactic approach for privacy-preserving federated learning. In Proceedings of the European Conference on Artificial Intelligence.Google Scholar
V. Ciriani, S. Di Vimercati, S. Foresti, and P. Samarati. 2008. K-Anonymous Data Mining: A Survey. Springer, 105--136.Google Scholar
G. Cormode, S. Jha, T. Kulkarni, N. Li, D. Srivastava, and T. Wang. 2018. Privacy at Scale: Local differential privacy in practice. In Proceedings of the International Conference on Management of Data. 1655--1658.Google Scholar
W. Dai, Q. Yang, G. Xue, and Y. Yu. 2007. Boosting for transfer learning. In Proceedings of the International Conference on Machine Learning. 193--200.Google Scholar
J. Devlin, M. Chang, K. Lee, and K. Toutanova. 2019. BERT: Pre-training of deep bidirectional transformers for language understanding. arxiv:1810.04805. Retrieved from https://arxiv.org/abs/1810.04805.Google Scholar
W. Diffie and M. Hellman. 1976. New directions in cryptography. IEEE Trans. Inf. Theory 22, 6 (1976), 644--654.Google ScholarDigital Library
Y. Dong, X. Chen, L. Shen, and D. Wang. 2019. Privacy-preserving distributed machine learning based on secret sharing. In Proceedings of the International Conference on Information and Communications Security. 684--702.Google Scholar
Ye Dong, Xiaojun Chen, Liyan Shen, and Dakui Wang. 2020. EaSTFLy: Efficient and secure ternary federated learning. Comput. Secur. 94, 1 (2020), 101824.Google ScholarCross Ref
Abhimanyu Dubey and Alex Pentland. 2020. Differentially-private federated linear bandits. In Advances in Neural Information Processing Systems, Vol. 33. 6003--6014.Google Scholar
C. Dwork. 2011. A firm foundation for private data analysis. Commun. ACM 54, 1 (2011), 86--95.Google ScholarDigital Library
C. Dwork and M. Naor. 2010. On the difficulties of disclosure prevention in statistical databases or the case for differential privacy. J. Priv. Confident. 2, 1 (2010).Google Scholar
C. Dwork and A. Roth. 2014. The Algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci. 9, 3--4 (2014), 211--407.Google ScholarDigital Library
C. Dwork, G. N. Rothblum, and S. Vadhan. 2010. Boosting and differential privacy. In Proceedings of the IEEE Annual Symposium on Foundations of Computer Science. 51--60.Google Scholar
A. Elgabli, J. Park, C. Ben Issaid, and M. Bennis. 2021. Harnessing wireless channels for scalable and privacy-preserving federated learning. IEEE Transactions on Communications (2021).Google Scholar
T. ElGamal. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31, 4 (1985), 469--472.Google ScholarDigital Library
D. Enthoven and Z. Al-Ars. 2020. An overview of federated deep learning privacy attacks and eefensive strategies. arxiv:2004.04676. Retrieved from https://arxiv.org/abs/2004.04676.Google Scholar
A. Fallah, A. Mokhtari, and A. Ozdaglar. 2020. Personalized federated learning with theoretical guarantees: A model-agnostic meta-learning approach. In Advances in Neural Information Processing Systems, Vol. 33. 3557--3568.Google Scholar
R. Fantacci and B. Picano. 2020. Federated learning framework for mobile edge computing networks. CAAI Trans. Intell. Technol. 5, 1 (2020), 15--21.Google ScholarDigital Library
Aamir Farooq and Mahvish Samar. 2020. Multiplicative perturbation bounds for the block cholesky downdating problem. Int. J. Comput. Math. 97, 12 (2020), 2421--2435.Google ScholarCross Ref
S. Feng and H. Yu. 2020. Multi-participant multi-class vertical federated learning. arxiv:2001.11154. Retrieved from https://arxiv.org/abs/2001.11154.Google Scholar
Y. Feng, X. Yang, W. Fang, S. Xia, and X. Tang. 2020. Practical and bilateral privacy-preserving federated learning. arxiv:2002.09843. Retrieved from https://arxiv.org/abs/2002.09843.Google Scholar
M. Fredrikson, S. Jha, and T. Ristenpart. 2015. Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 1322--1333.Google Scholar
M. Fredrikson, E. Lantz, S. Jha, S. Lin, D. Page, and T. Ristenpart. 2014. Privacy in Pharmacogenetics: an end-to-end case study of personalized warfarin dosing. In Proceedings of the USENIX Security Symposium. 17--32.Google Scholar
B. C. Fung, K. Wang, R. Chen, and P. Yu. 2010. Privacy-preserving data publishing: a survey of recent developments. Comput. Surv. 42, 4 (2010), 1--53.Google ScholarDigital Library
Clement Fung, Jamie Koerner, Stewart Grant, and Ivan Beschastnikh. 2019. Dancing in the dark: Private multi-party machine learning in an untrusted setting. arxiv:1811.09712. Retrieved from https://arxiv.org/abs/1811.09712.Google Scholar
S. Gade and N. Vaidya. 2018. Privacy-Preserving distributed learning via obfuscated stochastic gradients. In Proceedings of the IEEE Conference on Decision and Control. 184--191.Google Scholar
A. Galakatos, A. Crotty, and T. Kraska. 2018. Distributed Machine Learning. Springer, New York, 1196--1201.Google Scholar
D. Gao, Y. Liu, A. Huang, C. Ju, H. Yu, and Q. Yang. 2019. Privacy-preserving heterogeneous federated transfer learning. In Proceedings of the IEEE International Conference on Big Data. 2552--2559.Google Scholar
J. Gao, W. Fan, J. Jiang, and J. Han. 2008. Knowledge transfer via multiple model local structure mapping. In Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 283--291.Google Scholar
Jonas Geiping, Hartmut Bauermeister, Hannah Dröge, and Michael Moeller. 2020. Inverting gradients-how easy is it to break privacy in federated learning. In Advances in Neural Information Processing Systems, Vol. 33. 16937--16947.Google Scholar
C. Gentry, A. Sahai, and B. Waters. 2013. Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based. In Proceedings of the Annual Cryptology Conference. 75--92.Google Scholar
Robin C. Geyer, Tassilo Klein, and Moin Nabi. 2018. Differentially private federated learning: A client level perspective. arxiv:1712.07557. Retrieved from https://arxiv.org/abs/1712.07557.Google Scholar
R. Gilad-Bachrach, N. Dowlin, K. Laine, et al. 2016. CryptoNets: Applying neural networks to encrypted data with high throughput and accuracy. In Proceedings of the International Conference on Machine Learning. 201--210.Google Scholar
O. Goldreich, S. Micali, and A. Wigderson. 1987. How to play any mental game. In Proceedings of the ACM Symposium on Theory of Computing. 218--229.Google Scholar
M. Gong, Y. Xie, K. Pan, K. Feng, and A. K. Qin. 2020. A survey on differentially private machine learning. IEEE Comput. Intell. Mag. 15, 2 (2020), 49--64.Google ScholarCross Ref
O. Gupta and R. Raskar. 2018. Distributed learning of deep neural network over multiple agents. J. Netw. Comput. Appl. 116, 1 (2018), 1--8.Google ScholarCross Ref
Jenny Hamer, Mehryar Mohri, and Ananda Theertha Suresh. 2020. FedBoost: A communication-efficient algorithm for federated learning. In Proceedings of the International Conference on Machine Learning, Vol. 119. 3973--3983.Google Scholar
M. Hao, H. Li, X. Luo, G. Xu, H. Yang, and S. Liu. 2020. Efficient and privacy-enhanced federated learning for industrial artificial intelligence. IEEE Trans. Industr. Inf. 16, 10 (2020), 6532--6542.Google ScholarCross Ref
M. Hao, H. Li, G. Xu, S. Liu, and H. Yang. 2019. Towards efficient and privacy-preserving federated deep learning. In Proceedings of the IEEE International Conference on Communications. 1--6.Google Scholar
S. Hardy, W. Henecka, H. Ivey-Law, R. Nock, G. Patrini, G. Smith, and B. Thorne. 2017. Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. arxiv:1711.10677. Retrieved from https://arxiv.org/abs/1711.10677.Google Scholar
Lein Harn and Changlu Lin. 2010. Strong (n, t, n) verifiable secret sharing scheme. Inf. Sci. 180, 16 (2010), 3059--3064.Google ScholarDigital Library
J. Hayes, L. Melis, G. Danezis, and E. De Cristofaro. 2019. LOGAN: Membership inference attacks against generative models. In Proceedings of the Conference on Privacy Enhancing Technologies. 133--152.Google Scholar
Chaoyang He, Murali Annavaram, and Salman Avestimehr. 2020. Group knowledge transfer: Federated learning of large cnns at the edge. In Advances in Neural Information Processing Systems, Vol. 33. 14068--14080.Google Scholar
B. Hitaj, G. Ateniese, and F. Perez-Cruz. 2017. Deep Models under the GAN: Information leakage from collaborative deep learning. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 603--618.Google Scholar
Q. Ho, J. Cipar, H. Cui, et al. 2013. More effective distributed ml via a stale synchronous parallel parameter server. In Advances in Neural Information Processing Systems, Vol. 26. 1223--1231.Google Scholar
J. Hu and A. V. Vasilakos. 2016. Energy big data analytics and security: Challenges and opportunities. IEEE Trans. Smart Grid 7, 5 (2016), 2423--2436.Google ScholarCross Ref
R. Hu, Y. Guo, H. Li, Q. Pei, and Y. Gong. 2020. Personalized federated learning with differential privacy. IEEE IoT J. 10 (2020), 9530--9539.Google Scholar
S. Janbaz, R. Asghari, B. Bagherpour, and A. Zaghian. 2020. A fast non-interactive publicly verifiable secret sharing scheme. In Proceedings of the International ISC Conference on Information Security and Cryptology. 7--13.Google Scholar
B. Jayaraman, L. Wang, D. Evans, and Q. Gu. 2018. Distributed learning without distress: Privacy-preserving empirical risk minimization. In Advances in Neural Information Processing Systems, Vol. 32. 6346--6357.Google Scholar
L. Jiang, R. Tan, X. Lou, and G. Lin. 2019. On lightweight privacy-preserving collaborative learning for internet-of-things objects. In Proceedings of the International Conference on Internet of Things Design and Implementation. 70--81.Google Scholar
P. Kairouz, H. B. McMahan, B. Avent, et al. 2019. Advances and open problems in federated learning. Foundations and Trends in Machine Learning 14, 1 (2021).Google Scholar
P. Kairouz, S. Oh, and P. Viswanath. 2017. The composition theorem for differential privacy. IEEE Trans. Inf. Theory 63, 6 (2017), 4037--4049.Google ScholarDigital Library
G. A. Kaissis, M. R. Makowski, D. Rückert, and R. F. Braren. 2020. Secure, privacy-preserving and federated machine learning in medical imaging. Nat. Mach. Intell. 2, 6 (2020), 305--311.Google ScholarCross Ref
M. Kapralov and K. Talwar. 2013. On differentially private low rank approximation. In Proceedings of the ACM-SIAM Symposium on Discrete Algorithms. 1395--1414.Google Scholar
H. Kargupta, S. Datta, Q. Wang, and K. Sivakumar. 2003. On the privacy preserving properties of random data perturbation techniques. In Proceedings of the IEEE International Conference on Data Mining. 99--106.Google Scholar
S. P. Karimireddy, S. Kale, M. Mohri, S. Reddi, S. Stich, and A. T. Suresh. 2020. SCAFFOLD: Stochastic controlled averaging for federated learning. In Proceedings of the International Conference on Machine Learning, Vol. 119. 5132--5143.Google Scholar
A. Kawachi, K. Tanaka, and K. Xagawa. 2007. Multi-bit cryptosystems based on lattice problems. In Proceedings of the International Workshop on Public Key Cryptography. 315--329.Google Scholar
A. Lalitha, O. C. Kilinc, T. Javidi, and F. Koushanfar. 2019. Peer-to-Peer federated learning on graphs. arxiv:1901.11173. Retrieved from https://arxiv.org/abs/1901.11173.Google Scholar
S. Lee, V. Chatalbashev, D. Vickrey, and D. Koller. 2007. Learning a meta-level prior for feature relevance from multiple related tasks. In Proceedings of the International Conference on Machine Learning. 489--496.Google Scholar
H. Li and T. Han. 2019. An end-to-end encrypted neural network for gradient updates transmission in federated learning. In Proceedings of the Data Compression Conference. 589--589.Google Scholar
H. Li, D. Liu, Y. Dai, T. Luan, and X. Shen. 2014. Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Trans. Emerg. Top. Comput. 3, 1 (2014), 127--138.Google ScholarCross Ref
J. Li. 2018. Cyber security meets artificial intelligence: A survey. Front. Inf. Technol. Electr. Eng. 19, 12 (2018), 1462--1474.Google ScholarCross Ref
J. Li, M. Khodak, S. Caldas, and A. Talwalkar. 2019. Differentially private meta-learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
N. Li, T. Li, and S. Venkatasubramanian. 2007. -closeness: Privacy Beyond -anonymity and -diversity. In Proceedings of the IEEE International Conference on Data Engineering. 106--115.Google Scholar
Q. Li, Z. Wen, and B. He. 2020. Practical federated gradient boosting decision trees. In Proceedings of the AAAI Conference on Artificial Intelligence. 4642--4649.Google Scholar
Q. Li, Z. Wen, Z. Wu, S. Hu, N. Wang, and B. He. 2021. A survey on federated learning systems: Vision, hype and reality for data privacy and protection. arxiv:1907.09693. Retrieved from https://arxiv.org/abs/1907.09693.Google Scholar
R. Li, Y. Xiao, C. Zhang, T. Song, and C. Hu. 2018. Cryptographic algorithms for privacy-preserving online applications. Math. Found. Comput. 1, 4 (2018), 311.Google ScholarCross Ref
T. Li, A. K. Sahu, A. Talwalkar, and V. Smith. 2020. Federated Learning: Challenges, methods, and future directions. IEEE Sign. Process. Mag. 37, 3 (2020), 50--60.Google ScholarCross Ref
Xiaoxiao Li, Meirui Jiang, Xiaofei Zhang, Michael Kamp, and Qi Dou. 2021. FedBN: Federated learning on non-iid features via local batch normalization. In Proceedings of the International Conference on Learning Representations.Google Scholar
Z. Li, V. Sharma, and S. P. Mohanty. 2020. Preserving data privacy via federated learning: Challenges and solutions. IEEE Cons. Electr. Mag. 9, 6 (2020), 8--16.Google ScholarCross Ref
Z. Li, T. Wang, M. Lopuhaä-Zwakenberg, N. Li, and B. Škoric. 2020. Estimating numerical distributions under local differential privacy. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 621--635.Google ScholarDigital Library
Z. Li and Y. Zhang. 2021. Label-leaks: Membership inference attack with label. arxiv:2007.15528. Retrieved from https://arxiv.org/abs/2007.15528.Google Scholar
G. Liang and S. Chawathe. 2004. Privacy-preserving inter-database operations. In Proceedings of the International Conference on Intelligence and Security Informatics. 66--82.Google Scholar
W. Y. B. Lim, N. C. Luong, D. T. Hoang, Y. Jiao, Y. C. Liang, Q. Yang, D. Niyato, and C. Miao. 2020. Federated learning in mobile edge networks: A comprehensive survey. IEEE Commun. Surv. Tutor. 3 (2020), 2031--2063.Google ScholarCross Ref
Tao Lin, Lingjing Kong, Sebastian U. Stich, and Martin Jaggi. 2020. Ensemble distillation for robust model fusion in federated learning. In Advances in Neural Information Processing Systems, Vol. 33. 2351--2363.Google Scholar
D. Liu, T. Miller, R. Sayeed, and K. Mandl. 2018. FADL: Federated-autonomous deep learning for distributed electronic health record. arxiv:1811.11400. Retrieved from https://arxiv.org/abs/1811.11400.Google Scholar
Na Liu, Wei Luo, and Qingxiang Xu. 2018. New multiplicative perturbation bounds for the generalized polar decomposition. Appl. Math. Comput. 339, C (2018), 259--271.Google Scholar
R. Liu, Y. Cao, M. Yoshikawa, and H. Chen. 2020. FedSel: Federated SGD under Local Differential privacy with top-k dimension selection. In Proceedings of the International Conference on Database Systems for Advanced Applications.Google Scholar
X. Liu, H. Li, G. Xu, R. Lu, and M. He. 2020. Adaptive privacy-preserving federated learning. Peer-to-Peer Netw. Appl. 6 (2020), 2356--2366.Google ScholarCross Ref
Y. Liu, Y. Kang, C. P. Xing, T. J. Chen, and Q. Yang. 2020. A secure federated transfer learning framework. IEEE Intell. Syst. 35, 4 (2020), 70--82.Google ScholarCross Ref
Y. Liu, Y. Kang, X. Zhang, et al. 2019. A communication efficient vertical federated learning framework. arxiv:1912.11187. Retrieved from https://arxiv.org/abs/1912.11187.Google Scholar
Y. Liu, Z. Ma, Z. Yan, Z. Wang, X. Liu, and J. Ma. 2020. Privacy-preserving federated k-means for proactive caching in next generation cellular networks. Inf. Sci. 521, C (2020), 14--31.Google Scholar
H. Lu, C. Liu, T. He, S. Wang, and K. Chan. 2020. Sharing models or coresets: A study based on membership inference attack. In Proceedings of the International Workshop on Federated Learning for User Privacy and Data Confidentiality.Google Scholar
S. Lu, Y. Zhang, and Y. Wang. 2020. Decentralized federated learning for electronic health records. In Proceedings of the Annual Conference on Information Sciences and Systems. 1--5.Google Scholar
Y. Lu, X. Huang, Y. Dai, S. Maharjan, and Y. Zhang. 2019. Differentially private asynchronous federated learning for mobile edge computing in urban informatics. IEEE Trans. Industr. Inf. 16, 3 (2019), 2134--2143.Google ScholarCross Ref
L. Lyu, H. Yu, and Q. Yang. 2020. Threats to federated learning: A survey. arxiv:2003.02133. Retrieved from https://arxiv.org/abs/2003.02133.Google Scholar
A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam. 2007. -Diversity: Privacy beyond -anonymity. ACM Trans. Knowl. Discov. Data 1, 1 (2007), Article 3.Google ScholarDigital Library
M. S. Mahmud, J. Z. Huang, S. Salloum, T. Z. Emara, and K. Sadatdiynov. 2020. A survey of data partitioning and sampling methods to support big data analysis. Big Data Min. Analyt. 3, 2 (2020), 85--101.Google ScholarCross Ref
G. Malinovskiy, D. Kovalev, E. Gasanov, L. Condat, and P. Richtarik. 2020. From local sgd to local fixed-point methods for federated learning. In Proceedings of the International Conference on Machine Learning, Vol. 119. 6692--6701.Google Scholar
B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial Intelligence and Statistics. 1273--1282.Google Scholar
H. B. McMahan, D. Ramage, K. Talwar, and L. Zhang. 2018. Learning differentially private recurrent language models. In Proceedings of the International Conference on Learning Representations.Google Scholar
L. Melis, C. Song, E. De Cristofaro, and V. Shmatikov. 2019. Exploiting unintended feature leakage in collaborative learning. In Proceedings of the IEEE Symposium on Security and Privacy. 691--706.Google Scholar
P. Mohassel and P. Rindal. 2018. ABY: A mixed protocol framework for machine learning. In Proceedings of the ACM Conference on Computer and Communications Security. 35--52.Google Scholar
P. Mohassel and Y. Zhang. 2017. SecureML: A system for scalable privacy-preserving machine learning. In Proceedings of the IEEE Symposium on Security and Privacy. 19--38.Google Scholar
Vaikkunth Mugunthan, Anton Peraire-Bueno, and Lalana Kagal. 2020. PrivacyFL: A simulator for privacy-preserving and secure federated learning. In Proceedings of the ACM International Conference on Information & Knowledge Management. 3085--3092.Google ScholarDigital Library
Vaikkunth Mugunthan, Antigoni Polychroniadou, David Byrd, and Tucker Hybinette Balch. 2019. Smpai: Secure multi-party computation for federated learning. In Proceedings of the NeurIPS 2019 Workshop on Robust AI in Financial Services.Google Scholar
M. Naseri, J. Hayes, and E. De Cristofaro. 2021. Toward robustness and privacy in federated learning: Experimenting with local and central differential privacy. arxiv:2009.03561. Retrieved from https://arxiv.org/abs/2009.03561.Google Scholar
M. Nasr, R. Shokri, et al. 2019. Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning. In Proceedings of the IEEE Symposium on Security and Privacy. 739--753.Google ScholarCross Ref
M. Nasr, R. Shokri, and A. Houmansadr. 2018. Machine learning with membership privacy using adversarial regularization. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 634--646.Google Scholar
Kang Loon Ng, Zichen Chen, Zelei Liu, Han Yu, Yang Liu, and Qiang Yang. 2020. A multi-player game for studying federated learning incentive schemes. In Proceedings of the International Joint Conference on Artificial Intelligence. 5279--5281.Google ScholarCross Ref
S. Niknam, H. Dhillon, and J. Reed. 2020. Federated learning for wireless communications: Motivation, opportunities, and challenges. IEEE Commun. Mag. 58, 6 (2020), 46--51.Google ScholarCross Ref
T. Orekondy, S. Oh, Y. Zhang, et al. 2019. Gradient-leaks: Understanding and controlling deanonymization in federated learning. In Proceedings of the NeurIPS Workshop on Federated Learning for Data Privacy and Confidentiality.Google Scholar
P. Paillier. 1999. Public-Key cryptosystems based on composite degree residuosity classes. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. 223--238.Google ScholarCross Ref
S. J. Pan, I. Tsang, J. Kwok, and Q. Yang. 2010. Domain adaptation via transfer component analysis. IEEE Trans. Neur. Netw. 22, 2 (2010), 199--210.Google ScholarDigital Library
S. J. Pan and Q. A. Yang. 2010. A survey on transfer learning. IEEE Trans. Knowl. Data Eng. 22, 10 (2010), 1345--1359.Google ScholarDigital Library
L. T. Phong, Y. Aono, T. Hayashi, L. H. Wang, and S. Moriai. 2018. Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forens. Secur. 13, 5 (2018), 1333--1345.Google ScholarDigital Library
L. T. Phong and T. T. Phuong. 2019. Privacy-preserving deep learning via weight transmission. IEEE Trans. Inf. Forens. Secur. 14, 11 (2019), 3003--3015.Google ScholarDigital Library
Anastasia Pustozerova and Rudolf Mayer. 2020. Information leaks in federated learning. In Proceedings of the Workshop on Decentralized IoT Systems and Security.Google Scholar
Y. Qian, L. Hu, J. Chen, X. Guan, M. M. Hassan, and A. Alelaiwi. 2019. Privacy-aware service placement for mobile edge computing via federated learning. Inf. Sci. 505, 1 (2019), 562--570.Google ScholarDigital Library
J. Qiu, Z. Tian, C. Du, Q. Zuo, S. Su, and B. Fang. 2020. A survey on access control in the age of internet of things. IEEE IoT J. 7 (2020), 4682--4696.Google Scholar
Y. Qu, L. Gao, T. H. Luan, Y. Xiang, S. Yu, B. Li, and G. Zheng. 2020. Decentralized privacy using blockchain-enabled federated learning in fog computing. IEEE IoT J. 7, 6 (2020), 5171--5183.Google Scholar
J. Quionero-Candela, M. Sugiyama, A. Schwaighofer, and N. Lawrence. 2009. Dataset Shift in Machine Learning. The MIT Press.Google Scholar
D. Reich, A. Todoki, R. Dowsley, et al. 2019. Privacy-preserving classification of personal text messages with secure multi-party computation. In Advances in Neural Information Processing Systems, Vol. 32. 3757--3769.Google Scholar
Amirhossein Reisizadeh, Farzan Farnia, Ramtin Pedarsani, and Ali Jadbabaie. 2020. Robust federated learning: The case of affine distribution shifts. In Advances in Neural Information Processing Systems, Vol. 33. 21554--21565.Google Scholar
X. Ren, C. Yu, W. Yu, et al. 2018. LoPub: High-dimensional crowdsourced data publication with local differential privacy. IEEE Trans. Inf. Forens. Secur. 13, 9 (2018), 2151--2166.Google ScholarCross Ref
M. S. Riazi, K. Laine, B. Pelton, and W. Dai. 2020. HEAX: An architecture for computing on encrypted data. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems. 1295--1309.Google Scholar
R. L. Rivest, L. Adleman, and M. L. Dertouzos. 1978. On data banks and privacy homomorphisms. Found. Sec. Comput. 11, 4 (1978), 169--179.Google Scholar
N. Rodríguez-Barroso et al. 2020. Federated learning and differential privacy: Software tools analysis, the sherpa.ai fl framework and methodological guidelines for preserving data privacy. Inf. Fus. 1 (2020), 270--292.Google Scholar
D. Rothchild, A. Panda, E. Ullah, et al. 2020. FetchSGD: Communication-efficient federated learning with sketching. In Proceedings of the International Conference on Machine Learning, Vol. 119. 8253--8265.Google Scholar
A. G. Roy, S. Siddiqui, et al. 2019. Braintorrent: A peer-to-peer environment for decentralized federated learning. arxiv:1905.06731. Retrieved from https://arxiv.org/abs/1905.06731.Google Scholar
P. Samarati and L. Sweeney. 1998. Protecting Privacy when Disclosing Information: -Anonymity and its Enforcement through Generalization and Suppression. Technical Report. SRI International Computer Science Laboratory.Google Scholar
A. Sannai. 2018. Reconstruction of training samples from loss functions. arxiv:1805.07337. Retrieved from https://arxiv.org/abs/1805.07337.Google Scholar
M. Scannapieco, I. Figotin, E. Bertino, and A. K. Elmagarmid. 2007. Privacy preserving schema and data matching. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 653--664.Google Scholar
Mohamed Seif, Ravi Tandon, and Ming Li. 2020. Wireless federated learning with local differential privacy. In Proceedings of the IEEE International Symposium on Information Theory. DOI:https://doi.org/10.1109/ISIT44484.2020.9174426Google ScholarCross Ref
A. Shamir. 1979. How to share a secret. Commun. ACM 22, 11 (1979), 612--613.Google ScholarDigital Library
S. Sharma, C. Xing, Y. Liu, and Y. Kang. 2019. Secure and efficient federated transfer learning. In Proceedings of the IEEE International Conference on Big Data. 2569--2576.Google Scholar
M. Shen, H. Wang, B. Zhang, et al. 2021. Exploiting unintended property leakage in blockchain-assisted federated learning for intelligent edge computing. IEEE IoT J. 8, 4 (2021), 2265--2275.Google Scholar
R. Shirey. 2007. Internet Security Glossary, Version 2. Technical Report. RFC 4949, August.Google Scholar
R. Shokri, M. Stronati, C. Song, and V. Shmatikov. 2017. Membership inference attacks against machine learning models. In Proceedings of the IEEE Symposium on Security and Privacy. 3--18.Google Scholar
David Silver, Julian Schrittwieser, Karen Simonyan, et al. 2017. Mastering the Game of Go without human knowledge. Nature 550, 7676 (2017), 354--359.Google Scholar
A. Singh, P. Vepakomma, O. Gupta, and R. Raskar. 2019. Detailed comparison of communication efficiency of split learning and federated learning. arxiv:1909.09145. Retrieved from https://arxiv.org/abs/1909.09145.Google Scholar
V. Smith, C. K. Chiang, M. Sanjabi, and A. Talwalkar. 2017. Federated multi-task learning. In Advances in Neural Information Processing Systems, Vol. 30. 4424--4434.Google Scholar
Jinhyun So, Basak Guler, and A. Salman Avestimehr. 2020. A scalable approach for privacy-preserving collaborative machine learning. In Advances in Neural Information Processing Systems, Vol. 33. 8054--8066.Google Scholar
M. Song, Z. Wang, Z. Zhang, Y. Song, Q. Wang, J. Ren, and H. Qi. 2020. Analyzing user-level privacy attack against federated learning. IEEE J. Select. Areas Commun. 10 (2020), 2430--2444.Google ScholarCross Ref
W. Stallings. 2017. Cryptography and Network Security Principles and Practices (7th ed.). Pearson Education, Inc.Google Scholar
Lili Su and Jiaming Xu. 2019. Securing distributed gradient descent in high dimensional statistical learning. ACM Meas. Anal. Comput. Syst. 3, 1 (2019), Article 12.Google Scholar
L. Sun, J. Qian, X. Chen, and P. Yu. 2020. LDP-FL: Practical private aggregation in federated learning with local differential privacy. arxiv:2007.15789. Retrieved from https://arxiv.org/abs/2007.15789.Google Scholar
T. Szatmari, M. Petersen, M. Korzepa, and T. Giannetsos. 2020. Modelling audiological preferences using federated learning. In Proceedings of the ACM Conference on User Modeling, Adaptation and Personalization. 187--190.Google Scholar
H. Tanuwidjaja, R. Choi, and K. Kim. 2019. A survey on deep learning techniques for privacy-preserving. In Proceedings of the International Conference on Machine Learning for Cyber Security. 29--46.Google Scholar
H. Tran and J. Hu. 2019. Privacy-preserving big data analytics a comprehensive survey. J. Parallel Distrib. Comput. 134, 1 (2019), 207--218.Google ScholarCross Ref
A. Triastcyn and B. Faltings. 2019. Federated learning with bayesian differential privacy. In Proceedings of the IEEE International Conference on Big Data. 2587--2596.Google Scholar
S. Truex, N. Baracaldo, A. Anwar, T. Steinke, H. Ludwig, R. Zhang, and Y. Zhou. 2019. A hybrid approach to privacy-preserving federated learning. In Proceedings of the ACM Workshop on Artificial Intelligence and Security. 1--11.Google Scholar
S. Truex, L. Liu, K. Chow, M. Gursoy, and W. Wei. 2020. LDP-Fed: Federated learning with local differential privacy. In Proceedings of the ACM International Workshop on Edge Systems, Analytics and Networking. 61--66.Google Scholar
S. Truex, L. Liu, M. E. Gursoy, L. Yu, and W. Wei. 2019. Demystifying Membership Inference Attacks in Machine Learning as a Service. IEEE Trans. Serv. Comput. (2019). DOI:https://doi.org/10.1109/TSC.2019.2897554Google Scholar
M. Van Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan. 2010. Fully homomorphic encryption over the integers. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. 24--43.Google Scholar
P. Vepakomma, O. Gupta, T. Swedish, and R. Raskar. 2018. Split learning for health: Distributed deep learning without sharing raw patient data. arxiv:1812.00564. Retrieved from https://arxiv.org/abs/1812.00564.Google Scholar
J. Verbraeken, M. Wolting, J. Katzy, J. Kloppenburg, T. Verbelen, and J. S. Rellermeyer. 2020. A survey on distributed machine learning. Comput. Surv. 53, 2 (2020), 1--33.Google ScholarDigital Library
P. Voigt and A. Von dem Bussche. 2017. The EU General Data Protection Regulation (GDPR). Springer International Publishing. DOI:https://doi.org/10.1007/978-3-319-57959-7Google Scholar
Isabel Wagner. 2017. Evaluating the strength of genomic privacy metrics. ACM Trans. Priv. Secur. 20, 1 (2017), Article 2.Google ScholarDigital Library
I. Wagner and D. Eckhoff. 2018. Technical privacy metrics: A systematic survey. ACM Comput. Surv. 51, 3 (2018), Article 57.Google Scholar
A. Wang, C. Wang, M. Bi, and J. Xu. 2018. A Review of privacy-preserving machine learning classification. In Cloud Computing and Security. 671--682.Google Scholar
C. Wang and S. Mahadevan. 2008. manifold alignment using procrustes analysis. In Proceedings of the International Conference on Machine Learning. 1120--1127.Google Scholar
G. Wang, C. X. Dang, and Z. Zhou. 2019. Measure contribution of participants in federated learning. In Proceedings of the IEEE International Conference on Big Data. 2597--2604.Google Scholar
H. Wang, K. Sreenivasan, S. Rajput, et al. 2020. Attack of the tails: Yes, you really can backdoor federated learning. In Advances in Neural Information Processing Systems, Vol. 33. 16070--16084.Google Scholar
J. Wang, Z. Cai, and J. Yu. 2020. Achieving personalized -anonymity-based content privacy for autonomous vehicles in CPS. IEEE Trans. Industr. Inf. 16, 6 (2020), 4242--4251.Google ScholarCross Ref
Lixu Wang, Shichao Xu, Xiao Wang, and Qi Zhu. 2019. Eavesdrop the composition proportion of training labels in federated learning. arxiv:1910.06044. Retrieved from https://arxiv.org/abs/1910.06044.Google Scholar
Rong Wang, Yan Zhu, Tung-Shou Chen, and Chin-Chen Chang. 2018. Privacy-preserving algorithms for multiple sensitive attributes satisfying t-closeness. J. Comput. Sci. Technol. 33, 6 (2018), 1231--1242.Google ScholarCross Ref
S. Wang, T. Tuor, T. Salonidis, et al. 2019. Adaptive federated learning in resource constrained edge computing systems. IEEE J. Select. Areas Commun. 37, 6 (2019), 1205--1221.Google ScholarCross Ref
X. Wang, Y. Han, C. Wang, Q. Zhao, X. Chen, and M. Chen. 2019. In-Edge AI: Intelligentizing mobile edge computing, caching and communication by federated learning. IEEE Netw. 33, 5 (2019), 156--165.Google ScholarDigital Library
Y. Wang, Y. Tong, and D. Shi. 2020. Federated latent dirichlet allocation: A local differential privacy based framework. In Proceedings of the AAAI Conference on Artificial Intelligence. 6283--6290.Google Scholar
Z. Wang, M. Song, Z. Zhang, Y. Song, Q. Wang, and H. Qi. 2019. Beyond inferring class representatives: User-level privacy leakage from federated learning. In Proceedings of the IEEE Conference on Computer Communications. 2512--2520.Google Scholar
Kang Wei, Jun Li, Ming Ding, et al. 2020. Federated learning with differential privacy: Algorithms and performance analysis. IEEE Trans. Inf. Forens. Secur. 15, 1 (2020), 3454--3469.Google ScholarDigital Library
W. Wei, L. Liu, M. Loper, K. Chow, M. Gursoy, S. Truex, and Y. Wu. 2020. A framework for evaluating client privacy leakages in federated learning. In Proceedings of the European Symposium on Research in Computer Security. 545--566.Google Scholar
M. Wu, D. Ye, J. Ding, et al. 2021. Incentivizing differentially private federated learning: A multi-dimensional contract approach. IEEE IoT J. (2021). DOI:https://doi.org/10.1109/JIOT.2021.3050163Google Scholar
Chulin Xie, Keli Huang, Pin-Yu Chen, and Bo Li. 2020. DBA: Distributed backdoor attacks against federated learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
Cong Xie, Oluwasanmi Koyejo, and Indranil Gupta. 2020. SLSGD: Secure and efficient distributed on-device machine learning. In Proceedings of the Joint European Conference on Machine Learning and Knowledge Discovery in Databases. 213--228.Google ScholarCross Ref
G. Xu, H. Li, S. Liu, K. Yang, and X. Lin. 2020. Verifynet: Secure and verifiable federated learning. IEEE Trans. Inf. Forens. Secur. 15, 1 (2020), 911--926.Google ScholarDigital Library
R. Xu, N. Baracaldo, Y. Zhou, A. Anwar, and H. Ludwig. 2019. Hybridalpha: An efficient approach for privacy-preserving federated learning. In Proceedings of the ACM Workshop on Artificial Intelligence and Security. 13--23.Google Scholar
X. Xu, J. Wu, M. Yang, et al. 2020. Information leakage by model weights on federated learning. In Proceedings of the Workshop on Privacy-Preserving Machine Learning in Practice. 31--36.Google ScholarDigital Library
H. Yang, A. Arafa, T. Quek, and H. Poor. 2020. Age-based scheduling policy for federated learning in mobile edge networks. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing. 8743--8747.Google Scholar
H. Yang, H. He, W. Zhang, and X. Cao. 2020. FedSteg: A federated transfer learning framework for secure image steganalysis. IEEE Trans. Netw. Sci. Eng. (2020). DOI:https://doi.org/10.1109/TNSE.2020.2996612Google Scholar
K. Yang, T. Fan, T. Chen, Y. Shi, and Q. Yang. 2019. A quasi-Newton method based vertical federated learning framework for logistic regression. arxiv:1912.00513. Retrieved from https://arxiv.org/abs/1912.00513.Google Scholar
Q. Yang, Y. Liu, T. Chen, and Y. Tong. 2019. Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. 10, 2 (2019), 1--19.Google ScholarDigital Library
Q. Yang, Y. Liu, Y. Cheng, Y. Kang, T. Chen, and H. Yu. 2019. Federated learning. Synth. Lect. Artif. Intell. Mach. Learn. 13 (2019), 1--207.Google ScholarCross Ref
S. Yang et al. 2019. Parallel distributed logistic regression for vertical federated learning without third-party coordinator. In Proceedings of the IJCAI’19 Workshop on Federated Machine Learning for User Privacy and Data Confidentiality.Google Scholar
A. C. Yao. 1982. Protocols for secure computations. In Proceedings of the Annual Symposium on Foundations of Computer Science. 160--164.Google ScholarCross Ref
X. Yin et al. 2021. 3D fingerprint recognition based on ridge-valley-guided 3D reconstruction and 3D topology polymer feature extraction. IEEE Trans. Pattern Anal. Mach. Intell. 43, 3 (2021), 1085--1091.Google ScholarCross Ref
Tehrim Yoon, Sumin Shin, Sung Ju Hwang, and Eunho Yang. 2021. Fedmix: Approximation of mixup under mean augmented federated learning. In Proceedings of the International Conference on Learning Representations.Google Scholar
Chen Yu, Hanlin Tang, Cedric Renggli, Simon Kassing, Ankit Singla, Dan Alistarh, Ce Zhang, and Ji Liu. 2019. Distributed learning over unreliable networks. In Proceedings of the International Conference on Machine Learning. 7202--7212.Google Scholar
Felix Yu, Ankit Singh Rawat, Aditya Menon, and Sanjiv Kumar. 2020. Federated learning with only positive labels. In Proceedings of the International Conference on Machine Learning. 10946--10956.Google Scholar
H. Yu et al. 2019. Parallel restarted sgd with faster convergence and less communication: demystifying why model averaging works for deep learning. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 33. 5693--5700.Google Scholar
Honglin Yuan and Tengyu Ma. 2020. Federated accelerated stochastic gradient descent. In Advances in Neural Information Processing Systems, Vol. 33. 5332--5344.Google Scholar
V. Zantedeschi, A. Bellet, and M. Tommasi. 2020. Fully Decentralized joint learning of personalized models and collaboration graphs. In Proceedings of the International Conference on Artificial Intelligence and Statistics. 864--874.Google Scholar
C. Zhang, S. Li, J. Xia, W. Wang, F. Yan, and Y. Liu. 2020. Batchcrypt: Efficient homomorphic encryption for cross-silo federated learning. In Proceedings of the USENIX Annual Technical Conference. 493--506.Google Scholar
Chi Zhang, Yu Liu, Le Wang, Yuehu Liu, Li Li, and Nanning Zheng. 2020. Joint intelligence ranking by federated multiplicative update. IEEE Intell. Syst. 35, 4 (2020), 15--24.Google ScholarCross Ref
D. Zhang, X. Chen, D. Wang, and J. Shi. 2018. A survey on collaborative deep learning and privacy-preserving. In Proceedings of the IEEE 3rd International Conference on Data Science in Cyberspace. 652--658.Google Scholar
J. Zhang, B. Chen, S. Yu, and H. Deng. 2019. PEFL: A privacy-enhanced federated learning scheme for big data analytics. In Proceedings of the IEEE Global Communications Conference. 1--6.Google Scholar
J. Zhang, Z. Zhang, X. Xiao, Y. Yang, and M. Winslett. 2012. Functional mechanism: Regression analysis under differential privacy. In Proceedings of the International Conference on Very Large Data Bases. 1364--1375.Google Scholar
J. Zhang, Y. Zhao, J. Wang, and B. Chen. 2020. Fedmec: Improving efficiency of differentially private federated learning via mobile edge computing. Mobile Netw. Appl. 6 (2020), 1--13.Google Scholar
X. Zhang, A. Fu, H. Wang, C. Zhou, and Z. Chen. 2020. A privacy-preserving and verifiable federated learning scheme. In Proceedings of the IEEE International Conference on Communications. 1--6.Google Scholar
B. Zhao, K. Fan, K. Yang, Z. Wang, H. Li, and Y. Yang. 2021. Anonymous and privacy-preserving federated learning with industrial big data. IEEE Trans. Industr. Inf. (2021). DOI:https://doi.org/10.1109/TII.2021.3052183Google Scholar
B. Zhao, K. R. Mopuri, and H. Bilen. 2020. iDLG: Improved deep leakage from gradients. arxiv:2001.02610. Retrieved from https://arxiv.org/abs/2001.02610.Google Scholar
K. Zhao, W. Xi, Z. Wang, R. Wang, Z. Jiang, and J. Zhao. 2020. SMSS: Secure member selection strategy in federated learning. IEEE Intell. Syst. 35, 4 (2020), 37--49.Google ScholarCross Ref
Yang Zhao, Jun Zhao, Mengmeng Yang, et al. 2020. Local differential privacy based federated learning for internet of things. IEEE IoT J. 11, 8 (2020), 8836--8853. DOI:https://doi.org/10.1109/JIOT.2020.3037194Google Scholar
H. D. Zheng, H. B. Hu, and Z. Y. Han. 2020. Preserving user privacy for machine learning: Local differential privacy or federated machine learning. IEEE Intell. Syst. 35, 4 (2020), 5--14.Google ScholarCross Ref
H. Zhu, Z. Li, M. Cheah, and M. Goh. 2020. Privacy-preserving weighted federated learning within oracle-aided MPC framework. arxiv:2003.07630. Retrieved from https://arxiv.org/abs/2003.07630.Google Scholar
L. Zhu, Z. Liu, and S. Han. 2019. Deep leakage from gradients. In Advances in Neural Information Processing Systems, Vol. 32. 14774--14784.Google Scholar
Y. Zhu and E. Meijering. 2020. neural architecture search for microscopy cell segmentation. In Proceedings of the International Workshop on Machine Learning in Medical Imaging. 542--551.Google Scholar

Index Terms

A Comprehensive Survey of Privacy-preserving Federated Learning: A Taxonomy, Review, and Future Directions

Recommendations

Survey on Privacy-Preserving Techniques for Microdata Publication
The exponential growth of collected, processed, and shared microdata has given rise to concerns about individuals’ privacy. As a result, laws and regulations have emerged to control what organisations do with microdata and how they protect it. Statistical ...
Read More
Fairness and privacy preserving in federated learning: A survey
Abstract
Federated Learning (FL) is an increasingly popular form of distributed machine learning that addresses privacy concerns by allowing participants to collaboratively train machine learning models without exchanging their private data. Although FL ...
Highlights
- First comprehensive survey reviewing privacy-preserving and fairness in federated learning (FL) together.
- Broad outline of recent privacy and fairness methods, challenges, and relevant works in FL.
- Investigation of privacy concerns ...
Read More
Privacy-Preserving Verifiable Asynchronous Federated Learning
ICSED '21: Proceedings of the 2021 3rd International Conference on Software Engineering and Development

Federated learning (FL) is a recently proposed technique to cope with growing data and break the barriers among datasets, which enables nodes to train machine learning models without sharing their local datasets. However, the data privacy and model ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 54, Issue 6
Invited Tutorial
July 2022
799 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3475936
Editor:
Albert Zomaya
University of Sydney, Australia
Issue’s Table of Contents
Copyright © 2021 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 July 2021
- Accepted: 1 April 2021
- Revised: 1 March 2021
- Received: 1 August 2020
Published in csur Volume 54, Issue 6

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Privacy-preserving federated learning
anonymization techniques
cryptographic encryption
data privacy
federated transfer learning
horizontal federated learning
perturbation techniques
vertical federated learning
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 108
  Total Citations
  View Citations
- 16,443
  Total Downloads
- Downloads (Last 12 months)5,305
- Downloads (Last 6 weeks)654
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

A Comprehensive Survey of Privacy-preserving Federated Learning: A Taxonomy, Review, and Future Directions

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Survey on Privacy-Preserving Techniques for Microdata Publication

Fairness and privacy preserving in federated learning: A survey

Privacy-Preserving Verifiable Asynchronous Federated Learning