Federated Learning
Security and Privacy
1st Edition
Published on 11. December 2025
120 pages
978-1-040-76037-6 (ISBN)
Description
As data becomes more abundant and widespread across personal devices, the need for secure, privacy-aware machine learning is growing. Federated Learning (FL) offers a promising solution, enabling smart devices to collaboratively train models without sharing raw data. Yet, despite its benefits, FL faces serious risks from poisoning and inference attacks.
This book begins by introducing the fundamentals of machine learning, along with core deep learning architectures. Based on this foundation, it introduces the concept of Federated Learning (FL), which is a decentralised approach that enables collaborative model training without sharing raw data. The book provides an in-depth exploration of FL's various forms, system architectures, and practical applications. A significant emphasis is placed on the growing security and privacy concerns in FL, particularly poisoning (both data poisoning and model poisoning) and inference attacks. It discusses state-of-the-art mitigation strategies, such as Byzantine-robust aggregation and inference-resistant techniques, supported with practical implementation insights.
This book uniquely bridges foundational concepts with advanced topics in Federated Learning, offering a comprehensive view of its vulnerabilities and their mitigation. By combining theory with practical implementation of attacks and mitigation techniques, it serves as a valuable resource for researchers, practitioners, and students aiming to build secure, privacy-preserving collaborative machine learning systems.
This book is unique due to its end-to-end coverage of Federated Learning (FL), from foundational machine and deep learning concepts to real-time deployment of FL along with security and privacy challenges associated. It both explains theory and offers hands-on implementation of attacks and defenses. This practical approach, combined with a clear structure and real-world relevance, makes it ideal for both academic and industry audiences. Promotional emphasis should highlight the book's focus on actionable insights, its relevance to privacy-preserving and secure AI, and its utility as a learning and reference tool for building secure collaborative learning systems.
This book begins by introducing the fundamentals of machine learning, along with core deep learning architectures. Based on this foundation, it introduces the concept of Federated Learning (FL), which is a decentralised approach that enables collaborative model training without sharing raw data. The book provides an in-depth exploration of FL's various forms, system architectures, and practical applications. A significant emphasis is placed on the growing security and privacy concerns in FL, particularly poisoning (both data poisoning and model poisoning) and inference attacks. It discusses state-of-the-art mitigation strategies, such as Byzantine-robust aggregation and inference-resistant techniques, supported with practical implementation insights.
This book uniquely bridges foundational concepts with advanced topics in Federated Learning, offering a comprehensive view of its vulnerabilities and their mitigation. By combining theory with practical implementation of attacks and mitigation techniques, it serves as a valuable resource for researchers, practitioners, and students aiming to build secure, privacy-preserving collaborative machine learning systems.
This book is unique due to its end-to-end coverage of Federated Learning (FL), from foundational machine and deep learning concepts to real-time deployment of FL along with security and privacy challenges associated. It both explains theory and offers hands-on implementation of attacks and defenses. This practical approach, combined with a clear structure and real-world relevance, makes it ideal for both academic and industry audiences. Promotional emphasis should highlight the book's focus on actionable insights, its relevance to privacy-preserving and secure AI, and its utility as a learning and reference tool for building secure collaborative learning systems.
More details
Edition
1. Auflage
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
College/higher education
Professional and scholarly
Product notice
Reflowable
Illustrations
13 Line drawings, black and white; 1 Halftones, black and white; 14 Illustrations, black and white
File size
2,12 MB
ISBN-13
978-1-040-76037-6 (9781040760376)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Book
approx. 12/2025
1st Edition
CRC Press
€73.40
Not yet published
Persons
Somanath Tripathy received his PhD from IIT Guwahati in 2007. Currently, he is a professor in the Department of Computer Science and Engineering at the Indian Institute of Technology, Patna, where he has been a faculty member since December 2008. Prof. Tripathy has held significant administrative positions at IIT Patna, including Associate Dean of Academics (January 2016 - March 2017), Head, Computer Centre (November 2022-November 2023) and Associate Dean of Administration (July 2021 - November 2023). His research interests encompass Cybersecurity, Malware Detection, Secure Machine Learning, Lightweight Cryptography, and Blockchain. Tripathy holds two patents and has published over 130 research papers in reputed journals and conferences. He has led several projects as Principal Investigator, notably his team developed a malware detection app presented to the Bureau of Police Research and Development (BPRD) and the Ministry of Home Affairs (MHA) as part of a sponsored project. Tripathy is currently an editor of the IETE Technical Review and an associate editor of the journal Multimedia Tools and Applications.
Harsh Kasyap is an Assistant Professor in the Department of Computer Science and Engineering at the Indian Institute of Technology (BHU), Varanasi, India. He is also an honorary research fellow at WMG, University of Warwick, UK. Prior to that, Harsh was a Research Associate, working in the Alan Turing Institute London, where he established significant research collaborations with the HSBC, Bank of Italy and TNO, advancing the fields of data privacy, AI security and fairness. He obtained his Ph.D. from the IIT Patna, India. His Ph.D. thesis title was "Security and Privacy Preserving Techniques for Federated Learning". His research interests are Federated Learning, Machine Learning Security, Trustworthy AI, Privacy and Data Security.
Minghong Fang is a tenure-track Assistant Professor in the Department of Computer Science and Engineering at the University of Louisville. He was a Postdoctoral Associate in the Department of Electrical and Computer Engineering at Duke University from 2022 to 2024. He received his Ph.D. degree from the Department of Electrical and Computer Engineering at The Ohio State University in August 2022. He has published several high-impact research papers in top-tier security conferences, including the USENIX Security Symposium, the ACM Conference on Computer and Communications Security (CCS), and the Network and Distributed System Security (NDSS) Symposium. Notably, his USENIX Security 2020 paper was selected as one of the "Normalized Top-100 Security Papers Since 1981". His research interests broadly span various aspects of AI safety and security.
Harsh Kasyap is an Assistant Professor in the Department of Computer Science and Engineering at the Indian Institute of Technology (BHU), Varanasi, India. He is also an honorary research fellow at WMG, University of Warwick, UK. Prior to that, Harsh was a Research Associate, working in the Alan Turing Institute London, where he established significant research collaborations with the HSBC, Bank of Italy and TNO, advancing the fields of data privacy, AI security and fairness. He obtained his Ph.D. from the IIT Patna, India. His Ph.D. thesis title was "Security and Privacy Preserving Techniques for Federated Learning". His research interests are Federated Learning, Machine Learning Security, Trustworthy AI, Privacy and Data Security.
Minghong Fang is a tenure-track Assistant Professor in the Department of Computer Science and Engineering at the University of Louisville. He was a Postdoctoral Associate in the Department of Electrical and Computer Engineering at Duke University from 2022 to 2024. He received his Ph.D. degree from the Department of Electrical and Computer Engineering at The Ohio State University in August 2022. He has published several high-impact research papers in top-tier security conferences, including the USENIX Security Symposium, the ACM Conference on Computer and Communications Security (CCS), and the Network and Distributed System Security (NDSS) Symposium. Notably, his USENIX Security 2020 paper was selected as one of the "Normalized Top-100 Security Papers Since 1981". His research interests broadly span various aspects of AI safety and security.
Content
1. Introduction to Machine Learning
a. Types of Learning
b. Learning Tasks
c. Cost Function
d. Optimization
e. Evaluation Metrics
f. Artificial Neural Network
g. Implementation
2. Federated Learning
a. Importance of FL
b. Types of FL
c. Applications in FL
d. Challenges in FL
e. Security and Privacy Issues
f. Defense Techniques
g. Privacy-Preserving Byzantine-Robust FL
h. Implementation
3. Poisoning Attacks in FL
a. Attacker
b. Label flipping attack
c. Gaussian attack
d. LIE attack
e. Krum attack
f. Trim attack
g. Shejwalkar attack
h. Scaling attack
i. Edge attack
j. Vulnerabilities in Cosine Similarity-based Defenses
k. Implementation
4. Inference Attacks in FL
a. Attacker goal
b. Data reconstruction attacks
c. Membership inference attacks
d. Property inference attacks
e. Implementation
5. Byzantine Robust Defenses
a. Design goals
b. Krum
c. Median and Trimmed Mean
d. Bulyan
e. FoolsGold
f. FLTrust
g. Moat
h. DeFL
i. RDFL
j. FLTC
k. Implementation
6. Privacy-Preserving FL
a. Differential Privacy
b. DPFL: A Client Level
c. Homomorphic
d. BatchCrypt: HE-based Scheme
e. Threshold Multi-key HE Scheme
f. Secure Multi-Party Computation
g. Practical Secure Aggregation
h. Summary
i. Implementation
a. Types of Learning
b. Learning Tasks
c. Cost Function
d. Optimization
e. Evaluation Metrics
f. Artificial Neural Network
g. Implementation
2. Federated Learning
a. Importance of FL
b. Types of FL
c. Applications in FL
d. Challenges in FL
e. Security and Privacy Issues
f. Defense Techniques
g. Privacy-Preserving Byzantine-Robust FL
h. Implementation
3. Poisoning Attacks in FL
a. Attacker
b. Label flipping attack
c. Gaussian attack
d. LIE attack
e. Krum attack
f. Trim attack
g. Shejwalkar attack
h. Scaling attack
i. Edge attack
j. Vulnerabilities in Cosine Similarity-based Defenses
k. Implementation
4. Inference Attacks in FL
a. Attacker goal
b. Data reconstruction attacks
c. Membership inference attacks
d. Property inference attacks
e. Implementation
5. Byzantine Robust Defenses
a. Design goals
b. Krum
c. Median and Trimmed Mean
d. Bulyan
e. FoolsGold
f. FLTrust
g. Moat
h. DeFL
i. RDFL
j. FLTC
k. Implementation
6. Privacy-Preserving FL
a. Differential Privacy
b. DPFL: A Client Level
c. Homomorphic
d. BatchCrypt: HE-based Scheme
e. Threshold Multi-key HE Scheme
f. Secure Multi-Party Computation
g. Practical Secure Aggregation
h. Summary
i. Implementation
