Abstract

While federated learning (FL) enables training a shared machine learning model over scattered and private data from diverse clients, its distributed nature increases the vulnerability as the clients may not be trustworthy. This chapter summarizes and provides a taxonomy of common attacks and defenses in federated learning. The attack section includes methods for corrupting the local models with data poisoning and model poisoning. The defenses are summarized accordingly, including robust statistic-based methods and smoothing-based methods, and we discuss their effectiveness against multiple ...