EPS
← All batches·2605.09232

Privacy-Preserving Distributed Learning in IoT Systems: A Unified Threat Model and Evaluation Framework

topic: othertop score: 100released: 2026-05-12first surfaced: 2026-05-12arXivPDFthreats2026-05-12

Authors: John Cartmell, Alexander Williams

arXiv · PDF

Summary

This survey builds a unified threat model and evaluation framework for privacy-preserving distributed learning in IoT settings, where devices share model updates rather than raw data but still risk leaking information through gradients or activations. The authors compare techniques like differential privacy, homomorphic encryption, and lightweight Bloom-filter encodings on both privacy robustness (resistance to gradient leakage, membership inference, etc.) and system efficiency (compute, memory, communication overhead). They highlight the fundamental trade-off: strong cryptographic methods are expensive, while lightweight methods (e.g., Bloom filters) offer weaker privacy through collision-induced ambiguity but stay practical on resource-constrained devices.

Main takeaways:

  • Defines a unified threat model covering gradient leakage, model inversion, membership inference, and communication-based attacks.
  • Compares differential privacy, homomorphic encryption, secure multi-party computation, and Bloom-filter encodings under realistic IoT resource constraints.
  • Bloom-filter methods provide lightweight privacy via collision ambiguity with low computational and communication overhead.
  • Strong privacy guarantees come at high system cost; practical deployments must navigate the privacy-efficiency trade-off.

Relevance

Tangential to my persona work — only relevant if I ever explore federated or distributed fine-tuning setups where gradient or activation privacy matters during behavior installation.

Threat model

Potential threat/caveat for clean result "Fine-tuning one persona on a two-marker chunk and another on the start marker plants the end marker at every donor answer's end, not chained to the start (LOW confidence)": this item discusses robustness, evaluation.

Abstract

arXiv:2605.09232v1 Announce Type: new Abstract: The increasing deployment of Internet-of-Things (IoT) devices has accelerated the use of distributed learning frameworks, where data remains local while model updates are shared across decentralized systems. Although this reduces centralized data collection, it introduces privacy risks through the exchange of gradients, model parameters, and intermediate representations. A variety of privacy-preserving techniques have been proposed to address these risks, including differential privacy, cryptographic methods, and lightweight system-level approaches. However, existing surveys often evaluate these methods in isolation and lack a unified framework for comparing their effectiveness under realistic attack models and IoT resource constraints. This paper presents a structured analysis of privacy-preserving techniques for distributed learning in IoT environments. A unified threat model is introduced that captures model inversion, membership inference, gradient leakage, and communication-based attacks. Building on this model, an evaluation framework is developed to compare methods in terms of both privacy robustness and system-level efficiency, including computational, memory, and communication overhead. Using this framework, representative approaches including differential privacy, homomorphic encryption, secure multi-party computation, distributed selective stochastic gradient descent, and Bloom Filter-based methods are analyzed. The results highlight a fundamental trade-off between privacy strength and system efficiency. In particular, Bloom Filter-based encodings are shown to provide lightweight privacy through collision-induced ambiguity while maintaining low computational and communication overhead. The paper provides a unified perspective on privacy-preserving design choices for distributed learning in IoT systems.