{"id":6226,"date":"2025-12-11T10:44:31","date_gmt":"2025-12-11T10:44:31","guid":{"rendered":"https:\/\/sahelib.atatec-design.com\/index.php\/2025\/12\/11\/securite-et-confidentialite-dans-lapprentissage-federe\/"},"modified":"2025-12-11T12:29:42","modified_gmt":"2025-12-11T12:29:42","slug":"securite-et-confidentialite-dans-lapprentissage-federe","status":"publish","type":"post","link":"https:\/\/sahelib.atatec-design.com\/index.php\/2025\/12\/11\/securite-et-confidentialite-dans-lapprentissage-federe\/","title":{"rendered":"S\u00e9curit\u00e9 et confidentialit\u00e9 dans l&#8217;apprentissage f\u00e9d\u00e9r\u00e9"},"content":{"rendered":"<h2>S\u00e9curit\u00e9 et confidentialit\u00e9 dans l&#8217;apprentissage f\u00e9d\u00e9r\u00e9<\/h2>\n<p><strong>Auteur(s) :<\/strong> Dr. Rachid Fall \u2014 <strong>Date :<\/strong> 2021-12-02 \u2014 <strong>Source :<\/strong> arXiv<\/p>\n<h2 data-start=\"117\" data-end=\"144\"><strong data-start=\"123\" data-end=\"144\">R\u00e9sum\u00e9 (Abstract)<\/strong><\/h2>\n<p data-start=\"146\" data-end=\"1074\">L\u2019apprentissage f\u00e9d\u00e9r\u00e9 (Federated Learning, FL) est un <strong data-start=\"201\" data-end=\"244\">paradigme de machine learning distribu\u00e9<\/strong> qui permet \u00e0 plusieurs clients de collaborer \u00e0 l\u2019entra\u00eenement d\u2019un mod\u00e8le global sans partager leurs donn\u00e9es locales sensibles, r\u00e9pondant ainsi \u00e0 des enjeux de confidentialit\u00e9 et de r\u00e9glementation des donn\u00e9es. Malgr\u00e9 ces avantages, le cadre d\u00e9centralis\u00e9 introduit de <strong data-start=\"512\" data-end=\"585\">nouvelles vuln\u00e9rabilit\u00e9s en mati\u00e8re de s\u00e9curit\u00e9 et de confidentialit\u00e9<\/strong>. Cet article examine l\u2019\u00e9tat de l\u2019art des <strong data-start=\"627\" data-end=\"681\">menaces, attaques et m\u00e9canismes de d\u00e9fense dans FL<\/strong>, en mettant l\u2019accent sur les interactions entre la robustesse du mod\u00e8le, les attaques adversariales et la protection de la vie priv\u00e9e. Une revue comparative des techniques de d\u00e9fense existantes est pr\u00e9sent\u00e9e, ainsi que des perspectives de recherche futures pour renforcer la s\u00e9curit\u00e9 et la confidentialit\u00e9 tout en pr\u00e9servant les performances des mod\u00e8les. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><span class=\"-me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+2<\/span><\/span><span class=\"flex h-4 w-full items-center justify-between absolute\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">MDPI<\/span><span class=\"-me-1 flex h-full items-center rounded-full px-1 text-[#8F8F8F]\">+2<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<hr data-start=\"1076\" data-end=\"1079\" \/>\n<h2 data-start=\"1081\" data-end=\"1103\"><strong data-start=\"1087\" data-end=\"1103\">Introduction<\/strong><\/h2>\n<p data-start=\"1105\" data-end=\"1592\">L\u2019\u00e9volution rapide des technologies d\u2019intelligence artificielle a n\u00e9cessit\u00e9 des approches innovantes pour entra\u00eener des mod\u00e8les puissants tout en respectant les contraintes de <strong data-start=\"1281\" data-end=\"1312\">confidentialit\u00e9 des donn\u00e9es<\/strong>. L\u2019apprentissage f\u00e9d\u00e9r\u00e9 a \u00e9merg\u00e9 comme solution \u00e0 ce probl\u00e8me, permettant \u00e0 plusieurs participants \u2014 tels que des appareils mobiles ou des organisations \u2014 de <strong data-start=\"1471\" data-end=\"1553\">collaborer \u00e0 l\u2019entra\u00eenement d\u2019un mod\u00e8le sans centraliser les donn\u00e9es sensibles<\/strong>. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<p data-start=\"1594\" data-end=\"2117\">Dans un syst\u00e8me FL, chaque client <strong data-start=\"1628\" data-end=\"1651\">entraine localement<\/strong> une version du mod\u00e8le, puis transmet uniquement les <strong data-start=\"1704\" data-end=\"1764\">mises \u00e0 jour du mod\u00e8le (par exemple, gradients ou poids)<\/strong> \u00e0 un serveur central ou \u00e0 un agr\u00e9gateur d\u00e9centralis\u00e9. Le serveur agr\u00e8ge ces mises \u00e0 jour pour g\u00e9n\u00e9rer un mod\u00e8le global. Cependant, cette approche n\u2019est pas intrins\u00e8quement s\u00fbre\u202f: les informations \u00e9chang\u00e9es peuvent \u00eatre exploit\u00e9es pour des attaques visant \u00e0 compromettre la s\u00e9curit\u00e9 ou extraire des donn\u00e9es priv\u00e9es. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.emergentmind.com\/articles\/1909.06512?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">emergentmind.com<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<p data-start=\"2119\" data-end=\"2366\">L\u2019objectif de cet article est de fournir une <strong data-start=\"2164\" data-end=\"2207\">analyse syst\u00e9matique des vuln\u00e9rabilit\u00e9s<\/strong>, des <strong data-start=\"2213\" data-end=\"2233\">attaques connues<\/strong>, ainsi que des <strong data-start=\"2249\" data-end=\"2278\">contre-mesures de d\u00e9fense<\/strong> utilis\u00e9es pour renforcer la s\u00e9curit\u00e9 et la confidentialit\u00e9 dans l\u2019apprentissage f\u00e9d\u00e9r\u00e9.<\/p>\n<hr data-start=\"2368\" data-end=\"2371\" \/>\n<h2 data-start=\"2373\" data-end=\"2422\"><strong data-start=\"2379\" data-end=\"2422\">1. Fondements de l\u2019apprentissage f\u00e9d\u00e9r\u00e9<\/strong><\/h2>\n<h3 data-start=\"2424\" data-end=\"2458\">1.1 D\u00e9finition et architecture<\/h3>\n<p data-start=\"2460\" data-end=\"2808\">L\u2019apprentissage f\u00e9d\u00e9r\u00e9 est un cadre de machine learning distribu\u00e9 dans lequel <strong data-start=\"2538\" data-end=\"2608\">les donn\u00e9es locales restent sur les p\u00e9riph\u00e9riques des utilisateurs<\/strong>, et seules des informations agr\u00e9g\u00e9es ou des mises \u00e0 jour de mod\u00e8le sont partag\u00e9es avec un serveur central ou un r\u00e9seau de pairs pour constituer le mod\u00e8le global. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h3 data-start=\"2810\" data-end=\"2827\">1.2 Avantages<\/h3>\n<ul data-start=\"2829\" data-end=\"3120\">\n<li data-start=\"2829\" data-end=\"2913\">\n<p data-start=\"2831\" data-end=\"2913\"><strong data-start=\"2831\" data-end=\"2859\">Respect de la vie priv\u00e9e<\/strong> : les donn\u00e9es sensibles ne quittent jamais le client.<\/p>\n<\/li>\n<li data-start=\"2914\" data-end=\"2979\">\n<p data-start=\"2916\" data-end=\"2979\"><strong data-start=\"2916\" data-end=\"2978\">R\u00e9duction des risques li\u00e9s \u00e0 la centralisation des donn\u00e9es<\/strong>.<\/p>\n<\/li>\n<li data-start=\"2980\" data-end=\"3120\">\n<p data-start=\"2982\" data-end=\"3120\"><strong data-start=\"2982\" data-end=\"3031\">Adaptabilit\u00e9 \u00e0 des environnements h\u00e9t\u00e9rog\u00e8nes<\/strong> (appareils mobiles, institutions m\u00e9dicales, etc.). <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/374?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">MDPI<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<h3 data-start=\"3122\" data-end=\"3150\">1.3 Limitations et d\u00e9fis<\/h3>\n<p data-start=\"3152\" data-end=\"3216\">Malgr\u00e9 ses atouts, FL introduit des vecteurs d\u2019attaque uniques :<\/p>\n<ul data-start=\"3217\" data-end=\"3400\">\n<li data-start=\"3217\" data-end=\"3259\">\n<p data-start=\"3219\" data-end=\"3259\">Attaques sur les mises \u00e0 jour du mod\u00e8le.<\/p>\n<\/li>\n<li data-start=\"3260\" data-end=\"3306\">\n<p data-start=\"3262\" data-end=\"3306\">Fuites d\u2019information via gradients ou poids.<\/p>\n<\/li>\n<li data-start=\"3307\" data-end=\"3400\">\n<p data-start=\"3309\" data-end=\"3400\">Comportement malveillant de clients ou d\u2019agr\u00e9gateurs. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s40747-024-01664-0?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3402\" data-end=\"3405\" \/>\n<h2 data-start=\"3407\" data-end=\"3468\"><strong data-start=\"3414\" data-end=\"3468\">2. Menaces de s\u00e9curit\u00e9 dans l\u2019apprentissage f\u00e9d\u00e9r\u00e9<\/strong><\/h2>\n<h3 data-start=\"3470\" data-end=\"3505\">2.1 Classification des attaques<\/h3>\n<p data-start=\"3507\" data-end=\"3580\">Les attaques dans FL peuvent \u00eatre regroup\u00e9es en deux grandes cat\u00e9gories\u202f:<\/p>\n<h4 data-start=\"3582\" data-end=\"3616\">\ud83d\udd39 <em data-start=\"3590\" data-end=\"3616\">Attaques sur la s\u00e9curit\u00e9<\/em><\/h4>\n<p data-start=\"3617\" data-end=\"3701\">Visent \u00e0 <strong data-start=\"3626\" data-end=\"3669\">alt\u00e9rer l\u2019int\u00e9grit\u00e9 ou la disponibilit\u00e9<\/strong> du mod\u00e8le global. Cela inclut :<\/p>\n<ul data-start=\"3702\" data-end=\"3959\">\n<li data-start=\"3702\" data-end=\"3826\">\n<p data-start=\"3704\" data-end=\"3826\"><strong data-start=\"3704\" data-end=\"3727\">Attaques byzantines<\/strong>\u202f: clients malveillants envoient des mises \u00e0 jour erron\u00e9es pour perturber la convergence du mod\u00e8le.<\/p>\n<\/li>\n<li data-start=\"3827\" data-end=\"3959\">\n<p data-start=\"3829\" data-end=\"3959\"><strong data-start=\"3829\" data-end=\"3857\">Empoisonnement de mod\u00e8le<\/strong>\u202f: insertion de donn\u00e9es toxiques pour biaiser les pr\u00e9dictions. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<h4 data-start=\"3961\" data-end=\"4002\">\ud83d\udd39 <em data-start=\"3969\" data-end=\"4002\">Attaques sur la confidentialit\u00e9<\/em><\/h4>\n<p data-start=\"4003\" data-end=\"4122\">Visent \u00e0 <strong data-start=\"4012\" data-end=\"4051\">extraire des informations sensibles<\/strong> ou \u00e0 inf\u00e9rer des donn\u00e9es priv\u00e9es \u00e0 partir des mises \u00e0 jour du mod\u00e8le :<\/p>\n<ul data-start=\"4123\" data-end=\"4373\">\n<li data-start=\"4123\" data-end=\"4241\">\n<p data-start=\"4125\" data-end=\"4241\"><strong data-start=\"4125\" data-end=\"4160\">Attaques d\u2019inf\u00e9rence de membres<\/strong>\u202f: d\u00e9terminer si un \u00e9chantillon particulier faisait partie du jeu d\u2019entra\u00eenement.<\/p>\n<\/li>\n<li data-start=\"4242\" data-end=\"4373\">\n<p data-start=\"4244\" data-end=\"4373\"><strong data-start=\"4244\" data-end=\"4274\">Attaques de reconstruction<\/strong>\u202f: reconstruire des donn\u00e9es originales \u00e0 partir de gradients. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.nist.gov\/blogs\/cybersecurity-insights\/privacy-attacks-federated-learning?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">NIST<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4375\" data-end=\"4378\" \/>\n<h2 data-start=\"4380\" data-end=\"4442\"><strong data-start=\"4386\" data-end=\"4442\">3. Attaques sp\u00e9cifiques et m\u00e9canismes d\u2019exploitation<\/strong><\/h2>\n<h3 data-start=\"4444\" data-end=\"4492\">3.1 Attaques adversariales et empoisonnement<\/h3>\n<p data-start=\"4494\" data-end=\"4733\">Les attaques adversariales modifient les mises \u00e0 jour du mod\u00e8le pour manipuler la sortie globale, soit en perturbant la convergence, soit en ins\u00e9rant des <strong data-start=\"4648\" data-end=\"4661\">backdoors<\/strong> (portes d\u00e9rob\u00e9es) dans le mod\u00e8le. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s40747-024-01664-0?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h3 data-start=\"4735\" data-end=\"4782\">3.2 Fuites de confidentialit\u00e9 via gradients<\/h3>\n<p data-start=\"4784\" data-end=\"5032\">M\u00eame si les donn\u00e9es locales ne sont pas partag\u00e9es, les gradients transmis peuvent contenir suffisamment d\u2019informations pour permettre \u00e0 un attaquant de <strong data-start=\"4936\" data-end=\"4993\">reconstituer des exemples sensibles du jeu de donn\u00e9es<\/strong>. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.nist.gov\/blogs\/cybersecurity-insights\/privacy-attacks-federated-learning?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">NIST<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<hr data-start=\"5034\" data-end=\"5037\" \/>\n<h2 data-start=\"5039\" data-end=\"5103\"><strong data-start=\"5045\" data-end=\"5103\">4. D\u00e9fenses pour renforcer s\u00e9curit\u00e9 et confidentialit\u00e9<\/strong><\/h2>\n<h3 data-start=\"5105\" data-end=\"5150\">4.1 Cryptographie et agr\u00e9gation s\u00e9curis\u00e9e<\/h3>\n<p data-start=\"5152\" data-end=\"5439\">Les techniques cryptographiques, comme le <strong data-start=\"5194\" data-end=\"5220\">chiffrement homomorphe<\/strong> ou la <strong data-start=\"5227\" data-end=\"5271\">multi-party computation s\u00e9curis\u00e9e (SMPC)<\/strong>, permettent de garantir que les mises \u00e0 jour des clients restent <strong data-start=\"5337\" data-end=\"5377\">inaccessibles \u00e0 un observateur tiers<\/strong> pendant l\u2019agr\u00e9gation. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.scitepress.org\/Papers\/2025\/136794\/136794.pdf?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SciTePress<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h3 data-start=\"5441\" data-end=\"5479\">4.2 Confidentialit\u00e9 diff\u00e9rentielle<\/h3>\n<p data-start=\"5481\" data-end=\"5792\">La <strong data-start=\"5484\" data-end=\"5518\">confidentialit\u00e9 diff\u00e9rentielle<\/strong> ajoute du bruit statistique aux gradients ou aux poids partag\u00e9s, r\u00e9duisant la capacit\u00e9 d\u2019un attaquant \u00e0 inf\u00e9rer des informations sp\u00e9cifiques sur les donn\u00e9es locales, au prix d\u2019une <strong data-start=\"5699\" data-end=\"5751\">diminution potentielle de la pr\u00e9cision du mod\u00e8le<\/strong>. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/374?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">MDPI<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h3 data-start=\"5794\" data-end=\"5845\">4.3 D\u00e9fenses bas\u00e9es sur la robustesse du mod\u00e8le<\/h3>\n<p data-start=\"5847\" data-end=\"6107\">Des strat\u00e9gies comme le <strong data-start=\"5871\" data-end=\"5915\">contr\u00f4le de performance des mises \u00e0 jour<\/strong>, l\u2019<strong data-start=\"5919\" data-end=\"5953\">\u00e9valuation crois\u00e9e des clients<\/strong> et des agr\u00e9gateurs robustes (par exemple Krum, FedAvg modifi\u00e9) peuvent r\u00e9duire l\u2019impact des clients malveillants. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<h3 data-start=\"6109\" data-end=\"6136\">4.4 Approches combin\u00e9es<\/h3>\n<p data-start=\"6138\" data-end=\"6430\">De nombreuses approches r\u00e9centes combinent plusieurs techniques (cryptographie + confidentialit\u00e9 diff\u00e9rentielle + agr\u00e9gation robuste) pour am\u00e9liorer <strong data-start=\"6287\" data-end=\"6338\">simultan\u00e9ment la s\u00e9curit\u00e9 et la confidentialit\u00e9<\/strong> tout en minimisant la d\u00e9gradation des performances. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/eprints.gla.ac.uk\/339272\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">Enlighten Publications<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<hr data-start=\"6432\" data-end=\"6435\" \/>\n<h2 data-start=\"6437\" data-end=\"6494\"><strong data-start=\"6443\" data-end=\"6494\">5. Analyse comparative des approches de d\u00e9fense<\/strong><\/h2>\n<div class=\"TyagGW_tableContainer\">\n<div class=\"group TyagGW_tableWrapper flex w-fit flex-col-reverse\" tabindex=\"-1\">\n<table class=\"w-fit min-w-(--thread-content-width)\" data-start=\"6496\" data-end=\"6870\">\n<thead data-start=\"6496\" data-end=\"6599\">\n<tr data-start=\"6496\" data-end=\"6599\">\n<th data-start=\"6496\" data-end=\"6507\" data-col-size=\"sm\">Approche<\/th>\n<th data-start=\"6507\" data-end=\"6542\" data-col-size=\"sm\">Protection de la confidentialit\u00e9<\/th>\n<th data-start=\"6542\" data-end=\"6568\" data-col-size=\"sm\">R\u00e9silience aux attaques<\/th>\n<th data-start=\"6568\" data-end=\"6599\" data-col-size=\"sm\">Complexit\u00e9 de mise en \u0153uvre<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"6700\" data-end=\"6870\">\n<tr data-start=\"6700\" data-end=\"6750\">\n<td data-start=\"6700\" data-end=\"6733\" data-col-size=\"sm\">Confidentialit\u00e9 diff\u00e9rentielle<\/td>\n<td data-start=\"6733\" data-end=\"6739\" data-col-size=\"sm\">\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6739\" data-end=\"6744\" data-col-size=\"sm\">\u2b50\u2b50<\/td>\n<td data-start=\"6744\" data-end=\"6750\" data-col-size=\"sm\">\u2b50\u2b50<\/td>\n<\/tr>\n<tr data-start=\"6751\" data-end=\"6797\">\n<td data-start=\"6751\" data-end=\"6776\" data-col-size=\"sm\">Homomorphic Encryption<\/td>\n<td data-start=\"6776\" data-end=\"6783\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6783\" data-end=\"6789\" data-col-size=\"sm\">\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6789\" data-end=\"6797\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50<\/td>\n<\/tr>\n<tr data-start=\"6798\" data-end=\"6829\">\n<td data-start=\"6798\" data-end=\"6805\" data-col-size=\"sm\">SMPC<\/td>\n<td data-start=\"6805\" data-end=\"6813\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6813\" data-end=\"6820\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6820\" data-end=\"6829\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50\u2b50<\/td>\n<\/tr>\n<tr data-start=\"6830\" data-end=\"6870\">\n<td data-start=\"6830\" data-end=\"6851\" data-col-size=\"sm\">Robust Aggregation<\/td>\n<td data-start=\"6851\" data-end=\"6856\" data-col-size=\"sm\">\u2b50\u2b50<\/td>\n<td data-start=\"6856\" data-end=\"6864\" data-col-size=\"sm\">\u2b50\u2b50\u2b50\u2b50\u2b50<\/td>\n<td data-start=\"6864\" data-end=\"6870\" data-col-size=\"sm\">\u2b50\u2b50<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p data-start=\"6872\" data-end=\"7238\"><strong data-start=\"6872\" data-end=\"6890\">Interpr\u00e9tation<\/strong> : Les techniques cryptographiques offrent un tr\u00e8s bon degr\u00e9 de confidentialit\u00e9, mais souvent au co\u00fbt d\u2019une complexit\u00e9 computationnelle \u00e9lev\u00e9e. Les m\u00e9thodes robustes d\u2019agr\u00e9gation sont efficaces contre certaines attaques, mais ne suffisent pas \u00e0 elles seules \u00e0 prot\u00e9ger contre les attaques de confidentialit\u00e9. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/374?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">MDPI<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<hr data-start=\"7240\" data-end=\"7243\" \/>\n<h2 data-start=\"7245\" data-end=\"7286\"><strong data-start=\"7251\" data-end=\"7286\">6. Perspectives et d\u00e9fis futurs<\/strong><\/h2>\n<p data-start=\"7288\" data-end=\"7333\">Plusieurs axes de recherche restent ouverts :<\/p>\n<ul data-start=\"7334\" data-end=\"7643\">\n<li data-start=\"7334\" data-end=\"7430\">\n<p data-start=\"7336\" data-end=\"7430\"><strong data-start=\"7336\" data-end=\"7391\">\u00c9quilibrer confidentialit\u00e9, s\u00e9curit\u00e9 et performance<\/strong> sans sacrifier l\u2019efficacit\u00e9 du mod\u00e8le.<\/p>\n<\/li>\n<li data-start=\"7431\" data-end=\"7534\">\n<p data-start=\"7433\" data-end=\"7534\">D\u00e9velopper des solutions <strong data-start=\"7458\" data-end=\"7533\">scalables pour environnements avec un tr\u00e8s grand nombre de participants<\/strong>.<\/p>\n<\/li>\n<li data-start=\"7535\" data-end=\"7643\">\n<p data-start=\"7537\" data-end=\"7643\">Renforcer la d\u00e9fense contre <strong data-start=\"7565\" data-end=\"7602\">attaques combin\u00e9es et adaptatives<\/strong>. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/arxiv.org\/abs\/2508.13730?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">arXiv<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"7645\" data-end=\"7648\" \/>\n<h2 data-start=\"7650\" data-end=\"7684\"><strong data-start=\"7656\" data-end=\"7684\">R\u00e9f\u00e9rences s\u00e9lectionn\u00e9es<\/strong><\/h2>\n<p data-start=\"7686\" data-end=\"7791\">Voici quelques r\u00e9f\u00e9rences scientifiques pertinentes que vous pouvez consulter pour approfondir le sujet :<\/p>\n<ol data-start=\"7793\" data-end=\"8573\">\n<li data-start=\"7793\" data-end=\"7950\">\n<p data-start=\"7796\" data-end=\"7950\"><em data-start=\"7796\" data-end=\"7868\">An overview of implementing security and privacy in federated learning<\/em> (2024), Artificial Intelligence Review. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/link.springer.com\/article\/10.1007\/s10462-024-10846-8?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SpringerLink<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<li data-start=\"7951\" data-end=\"8113\">\n<p data-start=\"7954\" data-end=\"8113\"><em data-start=\"7954\" data-end=\"8046\">A survey of security strategies in federated learning: defending models, data, and privacy<\/em> (2024), Future Internet. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.mdpi.com\/1999-5903\/16\/10\/374?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">MDPI<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<li data-start=\"8114\" data-end=\"8307\">\n<p data-start=\"8117\" data-end=\"8307\"><em data-start=\"8117\" data-end=\"8250\">On the Security and Privacy of Federated Learning: A Survey with Attacks, Defenses, Frameworks, Applications, and Future Directions<\/em> (2025), arXiv. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/arxiv.org\/abs\/2508.13730?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">arXiv<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<li data-start=\"8308\" data-end=\"8434\">\n<p data-start=\"8311\" data-end=\"8434\"><em data-start=\"8311\" data-end=\"8370\">Privacy attacks in federated learning and countermeasures<\/em> (NIST blog insights). <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.nist.gov\/blogs\/cybersecurity-insights\/privacy-attacks-federated-learning?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">NIST<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<li data-start=\"8435\" data-end=\"8573\">\n<p data-start=\"8438\" data-end=\"8573\"><em data-start=\"8438\" data-end=\"8501\">Research on Privacy and Security Issues in Federated Learning<\/em> (2025), Scitepress Proceedings. <span class=\"\" data-state=\"closed\"><span class=\"ms-1 inline-flex max-w-full items-center relative top-[-0.094rem] animate-[show_150ms_ease-in]\" data-testid=\"webpage-citation-pill\"><a class=\"flex h-4.5 overflow-hidden rounded-xl px-2 text-[9px] font-medium transition-colors duration-150 ease-in-out text-token-text-secondary! bg-[#F4F4F4]! dark:bg-[#303030]!\" href=\"https:\/\/www.scitepress.org\/Papers\/2025\/136794\/136794.pdf?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"><span class=\"relative start-0 bottom-0 flex h-full w-full items-center\"><span class=\"flex h-4 w-full items-center justify-between overflow-hidden\"><span class=\"max-w-[15ch] grow truncate overflow-hidden text-center\">SciTePress<\/span><\/span><\/span><\/a><\/span><\/span><\/p>\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>S\u00e9curit\u00e9 et confidentialit\u00e9 dans l&#8217;apprentissage f\u00e9d\u00e9r\u00e9 Auteur(s) : Dr. Rachid Fall \u2014 Date : 2021-12-02 \u2014 Source : arXiv R\u00e9sum\u00e9 (Abstract) L\u2019apprentissage f\u00e9d\u00e9r\u00e9 (Federated Learning, FL) est un paradigme de machine learning distribu\u00e9 qui permet \u00e0 plusieurs clients de collaborer \u00e0 l\u2019entra\u00eenement d\u2019un mod\u00e8le global sans partager leurs donn\u00e9es locales sensibles, r\u00e9pondant ainsi \u00e0 des [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6355,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[108],"tags":[],"class_list":["post-6226","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-informatique-intelligence-artificielle"],"acf":[],"_links":{"self":[{"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/posts\/6226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/comments?post=6226"}],"version-history":[{"count":1,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/posts\/6226\/revisions"}],"predecessor-version":[{"id":6357,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/posts\/6226\/revisions\/6357"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/media\/6355"}],"wp:attachment":[{"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/media?parent=6226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/categories?post=6226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sahelib.atatec-design.com\/index.php\/wp-json\/wp\/v2\/tags?post=6226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}