Federated Learning (FL) has emerged as a promising approach to address data
privacy and confidentiality concerns by allowing multiple participants to
construct a shared model without centralizing sensitive data. However, this
decentralized paradigm introduces new security challenges, necessitating a
comprehensive identification and classification of potential risks to ensure
FL's security guarantees. This paper presents a comprehensive taxonomy of
security and privacy challenges in Federated Learning (FL) across various
machine learning models, including large language models. We specifically
categorize attacks performed by the aggregator and participants, focusing on
poisoning attacks, backdoor attacks, membership inference attacks, generative
adversarial network (GAN) based attacks, and differential privacy attacks.
Additionally, we propose new directions for future research, seeking innovative
solutions to fortify FL systems against emerging security risks and uphold
sensitive data confidentiality in distributed learning environments.

分布式学习中的联邦学习存在安全和隐私挑战，本研究针对各类机器学习模型，包括大型语言模型，提出了安全和隐私挑战的综合分类，重点关注聚合器和参与者的攻击，包括投毒攻击、后门攻击、成员推断攻击、生成对抗网络攻击和差分隐私攻击，同时提出了未来研究的新方向，旨在强化联邦学习系统以应对新兴安全风险并保护分布式学习环境中的敏感数据隐私。