Federated learning (McMahan 2017): train ML models across decentralized devices without sharing raw data. FedAvg: aggregate gradients, not data. Privacy: differential privacy (DP-SGD), secure aggregation (SecAgg). Attacks: gradient inversion (reconstruct training data from gradients), model poisoning, backdoor injection. Defenses: gradient clipping, noise injection, Byzantine-robust aggregation (Krum, coordinate-wise median). Cross-silo vs cross-device FL. Heterogeneous data: non-IID...
- federated-learning
- ml
- privacy