What is federated learning and what security concerns accompany it?

Federated learning trains models locally on user devices and only sends the resulting updates to a central aggregator, so raw data stays on the device. This reduces direct data exposure, but security concerns arise from the updates themselves. One risk is poisoning of local updates: a participant could send manipulated gradients to steer the global model or implant a backdoor. Another risk is privacy leakage from the updates: even though the data isn’t shared, the model updates can reveal information about the training data, enabling reconstruction or membership inference. To mitigate these risks, secure aggregation protocols are used so the server only sees the combined update rather than individual contributions, and additional techniques like differential privacy or cryptographic methods can be applied to strengthen privacy. These points capture why federated learning has both privacy advantages and important security considerations, making the described understanding the best fit.