Security and Privacy Issues and Solutions in Federated Learning for Digital Healthcare
Hyejun Jeong, Tai-Myoung Chung
TL;DR
This survey addresses the privacy and security challenges of federated learning in digital healthcare. It systematically catalogs vulnerabilities, attack types (poisoning, inference, backdoor, communication bottlenecks, etc.), and defense strategies (anomaly detection, robust aggregation, DP, MTD, TEEs, encryption, and FD). It discusses limitations such as non-IID data and high overhead, and outlines future research directions including standardization, multi-type data evaluation, incentive mechanisms, and integrated defense frameworks. The findings aim to guide practitioners toward deploying robust, privacy-preserving FL in healthcare settings.
Abstract
The advent of Federated Learning has enabled the creation of a high-performing model as if it had been trained on a considerable amount of data. A multitude of participants and a server cooperatively train a model without the need for data disclosure or collection. The healthcare industry, where security and privacy are paramount, can substantially benefit from this new learning paradigm, as data collection is no longer feasible due to stringent data policies. Nonetheless, unaddressed challenges and insufficient attack mitigation are hampering its adoption. Attack surfaces differ from traditional centralized learning in that the server and clients communicate between each round of training. In this paper, we thus present vulnerabilities, attacks, and defenses based on the widened attack surfaces, as well as suggest promising new research directions toward a more robust FL.