Application-Driven Taxonomy of Security and Privacy Threats in Federated Learning

Federated Learning (FL) is a decentralized machine learning (ML) paradigm that enables collaborative model training across clients while preserving data privacy, making it particularly important for critical domains such as healthcare and finance. However, the distributed nature of FL introduces security and privacy vulnerabilities across different application domains. This survey presents a domain-driven classification of security and privacy threats in FL. Contrasting existing surveys that focus on studying FL threats in a generic manner, we systematically analyze the different FL threats for each specific domain and discuss their impacts. First, we provide a structured taxonomy of attacks targeting FL systems, identifying vulnerabilities and threats specific to critical application domains. Second, we explore the various application domains of FL and the specific threats targeting these domains while also discussing existing defense mechanisms in these domains. Lastly, we identify key open research challenges and future directions to enhance the security and robustness of FL systems.