AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Exploring the Vulnerabilities of Federated Learning: A Deep Dive Into Gradient Inversion Attacks

inforesearchPeer-Reviewed

securityresearch

Source: IEEE Xplore (Security & AI Journals)December 22, 2025

Summary

Federated Learning (FL, a method where multiple computers train an AI model together without sharing raw data) can leak private information through gradient inversion attacks (GIA, techniques that reconstruct sensitive data from the mathematical updates used in training). This paper reviews three types of GIA methods and finds that while optimization-based GIA is most practical, generation-based and analytics-based GIA have significant limitations, and proposes a three-stage defense pipeline for FL frameworks.

Solution / Mitigation

The source mentions 'a three-stage defense pipeline to users when designing FL frameworks and protocols for better privacy protection,' but does not explicitly describe what this pipeline contains or how to implement it.

Classification

Attack Type

Data ExtractionModel Poisoning

Attack SophisticationAdvanced

Impact (CIA+S)

confidentiality

Related Issues

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

Similar attackNVD/CVE Database

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

First tracked: March 9, 2026 at 08:01 PM

Classified by LLM (prompt v3) · confidence: 92%