A Security-Oriented Overview of Federated Learning Utilizing Layered Reference Model

With the continuous development of Artificial Intelligence (AI), AI services are becoming increasingly influential in society, affecting both individual lives and enterprise production. However, the field of AI model training grapples with a conflict between the desire to maximize the utilization of private and external data, and the necessity to limit collaborative data sharing for privacy protection. Strict regulations on sensitive data give rise to data silos, impeding the smooth flow of information as well. In response to these challenges, Federated Learning (FL) emerges as a promising solution, enabling collaborative machine learning model training across isolated data silos. Despite its potential, securing FL systems is still challenging, primarily due to the absence of a canonical reference model that hierarchically summarizes existing works in this field. This lack complicates users' understanding of federated learning in the context of data flow and impedes their ability to pinpoint specific security issues and corresponding solutions when utilizing an FL system. To address this gap, we propose a layered reference model for federated learning through a comprehensive survey. The model encompasses five layers: the data interaction layer, client management layer, local model layer, network transmission layer, and remote management layer. Prioritizing the promotion of system security awareness, we conduct a threat analysis for each layer and explore corresponding defense strategies drawn from existing techniques. As a result, readers can gain insights into the federated learning system from the perspective of data flow, comprehend the security risks their private and sensitive data might encounter at each step, and explore relevant solutions to safeguard their information.