Journal of Reliable and Secure Computing Home About Editors Current Issue
A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge
Review Article  ·  Published: 17 June 2026
Issue cover
Journal of Reliable and Secure Computing
Volume 2, Issue 2, 2026: 111-155
Review Article Open Access

A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge

by
Deepak Adhikari Deepak Adhikari 1 ORCID
Inam Ullah Inam Ullah 2 ORCID
Mustafa Khadim Mustafa Khadim 3
Negalign Wake Hundera Negalign Wake Hundera 1 ORCID
Rajab Ssemwogerere Rajab Ssemwogerere 1 ORCID
Lemessa Bona Debela Lemessa Bona Debela 1
Wei Jiang Wei Jiang 1 ORCID
Hu Xiong Hu Xiong 1 * ORCID
1 School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu 610054, China
2 Department of Computer Engineering, Gachon University, Seongnam 13120, Republic of Korea
3 Xiamen University, Xiamen 361005, China
* Corresponding Author: Hu Xiong, [email protected]
Volume 2, Issue 2
Volume 2, Issue 2 2026
Received: 10 April 2026 Accepted: 08 June 2026 Published: 17 June 2026 CrossMark
Download PDF 1.30 MB Cite Metrics
DOI: 10.62762/JRSC.2026.942513
ARK: ark:/57805/jrsc.2026.942513

Article Information

Published in Journal of Reliable and Secure Computing
Volume/Issue Volume 2, Issue 2, 2026
Pages 111-155

Abstract

Large Language Models (LLMs) have revolutionized natural language processing, yet their deployment is hindered by data, computation, and privacy constraints. Federated Learning (FL) offers a promising solution by enabling collaborative, privacy-preserving training across distributed devices, while the push for low-latency on-device intelligence further drives LLM integration into FL and edge settings—posing new challenges in heterogeneity and resource limits. This survey comprehensively reviews the integration of LLMs with federated learning, termed FLM, and its deployment at the edge, with particular emphasis on the robustness, privacy, and trustworthiness challenges that emerge across the LLM lifecycle from pre-training to deployment. We analyze core challenges including communication cost, system heterogeneity, privacy risks, and scalability, with a focus on edge-oriented efficiency techniques such as pruning and quantization. Security vulnerabilities and defenses are also discussed, alongside trade-offs among privacy, robustness, and performance. We further examine demographic, contribution-related, and performance-related biases that can emerge in FLM systems. Finally, we outline open research directions, underscoring the potential of federated and edge intelligence to enable scalable, privacy-aware LLM ecosystems, and aim to offer a unified perspective to guide future research in this fast-moving field.

Graphical Abstract

A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge

Keywords

federated learning large language model privacy preserving

Data Availability Statement

Not applicable.

Funding

This work was supported in part by the National Foreign Expert Program under Grant Y20250133 and Grant Y20250135; in part by the National Natural Science Foundation of China under Grant 62572103 and Grant 62372087.

Conflicts of Interest

Deepak Adhikari and Negalign Wake Hundera served as Editorial Board Members, and Hu Xiong served as a Co-Editor-in-Chief of Journal of Reliable and Secure Computing at the time of manuscript submission. To ensure the integrity of the peer-review process, none of these authors was involved in the editorial handling, peer review, or decision-making process for this manuscript. The manuscript was handled independently by another editor. The remaining authors declare no conflicts of interest.

AI Use Statement

The authors declare that no generative AI was used in the preparation of this manuscript.

Ethical Approval and Consent to Participate

Not applicable.

References

  1. Li, S., Ngai, E. C.-H., & Voigt, T. (2024). Byzantine-Robust Aggregation in Federated Learning Empowered Industrial IoT. IEEE Transactions on Industrial Informatics, 19(2), 1165-1175.
    [CrossRef] [Google Scholar]
  2. Ullah, I., Adhikari, D., Su, X., Palmieri, F., Wu, C., & Choi, C. (2025). Integration of data science with the intelligent IoT (IIoT): current challenges and future perspectives. Digital Communications and Networks, 11(2), 280-298.
    [CrossRef] [Google Scholar]
  3. Imteaj, A., Thakker, U., Wang, S., Li, J., & Amini, M. H. (2022). A survey on federated learning for resource-constrained IoT devices. IEEE Internet of Things Journal, 9(1), 1-24.
    [CrossRef] [Google Scholar]
  4. Adhikari, D., Jiang, W., Zhan, J., Rawat, D. B., & Bhattarai, A. (2024). Recent advances in anomaly detection in Internet of Things: Status, challenges, and perspectives. Computer Science Review, 54, 100665.
    [CrossRef] [Google Scholar]
  5. Ullah, I., Singh, S. K., Adhikari, D., Khan, H., Jiang, W., & Bai, X. (2025). Multi-Agent Reinforcement Learning for task allocation in the Internet of Vehicles: Exploring benefits and paving the future. Swarm and Evolutionary Computation, 94, 101878.
    [CrossRef] [Google Scholar]
  6. Jiang, W., He, Z., Zhan, J., Pan, W., & Adhikari, D. (2021). Research progress and challenges on application-driven adversarial examples: A survey. ACM Transactions on Cyber-Physical Systems (TCPS), 5(4), 1-25.
    [CrossRef] [Google Scholar]
  7. Cheng, Y., Zhang, W., Zhang, Z., Zhang, C., Wang, S., & Mao, S. (2024). Toward federated large language models: Motivations, methods, and future directions. IEEE Communications Surveys & Tutorials, 27(4), 2733-2764.
    [CrossRef] [Google Scholar]
  8. Mali, S., Zeng, F., Adhikari, D., Ullah, I., Al-Khasawneh, M. A., Alfarraj, O., & Alblehai, F. (2025). Federated reinforcement learning-based dynamic resource allocation and task scheduling in edge for IoT applications. Sensors, 25(7), 2197.
    [CrossRef] [Google Scholar]
  9. Lim, W. Y. B., Luong, N. C., Hoang, D. T., Jiao, Y., Liang, Y. C., Yang, Q., ... & Miao, C. (2020). Federated learning in mobile edge networks: A comprehensive survey. IEEE communications surveys & tutorials, 22(3), 2031-2063.
    [CrossRef] [Google Scholar]
  10. Alwis, C. D., Aouedi, O., Xu, J., Wang, S., Siriwardhana, Y., Hewa, T., ... & Liyanage, M. (2026). Federated Learning for 6G Security: A Survey on Threats, Solutions and Research Directions.
    [CrossRef] [Google Scholar]
  11. Zhang, Z., Rath, S., Xu, J., & Xiao, T. (2026). Federated learning for smart grid: A survey on applications and potential vulnerabilities. ACM transactions on cyber-physical systems, 10(1), 1-26.
    [CrossRef] [Google Scholar]
  12. Lu, J., Zhang, H., Zhou, P., Wang, X., Wang, C., & Wu, D. O. (2024). Fedlaw: Value-aware federated learning with individual fairness and coalition stability. IEEE Transactions on Emerging Topics in Computational Intelligence, 9(1), 1049-1062.
    [CrossRef] [Google Scholar]
  13. Mei, Q., Guo, W., Zhao, Y., Nie, L., & Adhikari, D. (2025). Blockchain-based privacy-preserving incentive scheme for internet of electric vehicle. Information Fusion, 115, 102732.
    [CrossRef] [Google Scholar]
  14. Touvron, H., Martin, L., Stone, K., Albert, P., Almahairi, A., Babaei, Y., ... & Scialom, T. (2023). Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288.
    [CrossRef] [Google Scholar]
  15. Chowdhery, A., Narang, S., Devlin, J., Bosma, M., Mishra, G., Roberts, A., ... & Fiedel, N. (2023). Palm: Scaling language modeling with pathways. Journal of machine learning research, 24(240), 1-113. https://www.jmlr.org/papers/v24/22-1144.html
    [Google Scholar]
  16. Devlin, J., Chang, M. W., Lee, K., & Toutanova, K. (2019, June). Bert: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the 2019 conference of the North American chapter of the association for computational linguistics: human language technologies, volume 1 (long and short papers) (pp. 4171-4186).
    [CrossRef] [Google Scholar]
  17. Team, G., Anil, R., Borgeaud, S., Alayrac, J. B., Yu, J., Soricut, R., ... & Blanco, L. (2023). Gemini: a family of highly capable multimodal models. arXiv preprint arXiv:2312.11805.
    [CrossRef] [Google Scholar]
  18. Achiam, J., Adler, S., Agarwal, S., Ahmad, L., Akkaya, I., Aleman, F. L., ... & McGrew, B. (2023). Gpt-4 technical report. arXiv preprint arXiv:2303.08774.
    [CrossRef] [Google Scholar]
  19. Zhang, H., Song, H., Li, S., Zhou, M., & Song, D. (2023). A survey of controllable text generation using transformer-based pre-trained language models. ACM Computing Surveys, 56(3), 1-37.
    [CrossRef] [Google Scholar]
  20. Liu, H., Peng, P., Chen, T., Wang, Q., Yao, Y., & Hua, X. S. (2023). Fecanet: Boosting few-shot semantic segmentation with feature-enhanced context-aware network. IEEE Transactions on Multimedia, 25, 8580-8592.
    [CrossRef] [Google Scholar]
  21. Valmeekam, K., Marquez, M., Olmo, A., Sreedharan, S., & Kambhampati, S. (2023). Planbench: An extensible benchmark for evaluating large language models on planning and reasoning about change. Advances in Neural Information Processing Systems, 36, 38975-38987.
    [Google Scholar]
  22. Liu, J., Xia, C. S., Wang, Y., & Zhang, L. (2023). Is your code generated by chatgpt really correct? rigorous evaluation of large language models for code generation. Advances in neural information processing systems, 36, 21558-21572.
    [Google Scholar]
  23. Liu, S., Zhang, R., Ma, R., Deng, Y., Zhu, L., Li, J., ... & Du, M. (2026). LLM Agents in Law: Taxonomy, Applications, and Challenges. arXiv preprint arXiv:2601.06216.
    [CrossRef] [Google Scholar]
  24. Zheng, L., Chiang, W. L., Sheng, Y., Zhuang, S., Wu, Z., Zhuang, Y., ... & Stoica, I. (2023). Judging llm-as-a-judge with mt-bench and chatbot arena. Advances in neural information processing systems, 36, 46595-46623.
    [Google Scholar]
  25. Lasnier, T., Zebaze, A., Seddah, D., Bawden, R., & Sagot, B. (2026). Disentangling meaning from language in LLM-based machine translation. arXiv preprint arXiv:2602.04613.
    [CrossRef] [Google Scholar]
  26. Roychowdhury, S. (2024, March). Journey of hallucination-minimized generative ai solutions for financial decision makers. In Proceedings of the 17th ACM International Conference on Web Search and Data Mining (pp. 1180-1181).
    [CrossRef] [Google Scholar]
  27. Zhang, Z., Cai, D., Zhang, Y., Xu, M., Wang, S., & Zhou, A. (2024, April). FedRDMA: Communication-efficient cross-silo federated LLM via chunked RDMA transmission. In Proceedings of the 4th Workshop on Machine Learning and Systems (pp. 126-133).
    [CrossRef] [Google Scholar]
  28. Woisetschläger, H., Erben, A., Wang, S., Mayer, R., & Jacobsen, H. A. (2024, June). Federated fine-tuning of llms on the very edge: The good, the bad, the ugly. In Proceedings of the Eighth Workshop on Data Management for End-to-End Machine Learning (pp. 39-50).
    [CrossRef] [Google Scholar]
  29. Ren, C., Yu, H., Peng, H., Tang, X., Zhao, B., Yi, L., ... & Yang, Q. (2025). Advances and Open Challenges in Federated Foundation Models. IEEE Communications Surveys and Tutorials, 28, 2087-2126.
    [CrossRef] [Google Scholar]
  30. He, A., Pan, H., Dai, Y., Si, X., Yuen, C., & Zhang, Y. (2024). ADMM for mobile edge intelligence: A survey. IEEE Communications Surveys & Tutorials, 27(5), 3020-3057.
    [CrossRef] [Google Scholar]
  31. Puppala, S., Hossain, I., Alam, J., Ahad, T., & Talukder, S. (2025). A Comprehensive Survey of Federated Learning for Edge AI: Recent Trends and Future Directions.
    [CrossRef] [Google Scholar]
  32. Evgenidis, N. G., Mitsiou, N. A., Koutsioumpa, V. I., Tegos, S. A., Diamantoulakis, P. D., & Karagiannidis, G. K. (2024). Multiple access in the era of distributed computing and edge intelligence. Proceedings of the IEEE, 112(9), 1497-1526.
    [CrossRef] [Google Scholar]
  33. Edemacu, K., & Wu, X. (2025). Privacy preserving prompt engineering: A survey. ACM Computing Surveys, 57(10), 1-36.
    [CrossRef] [Google Scholar]
  34. Li, S., Ye, F., Fang, M., Zhao, J., Chan, Y. H., Ngai, E. C., & Voigt, T. (2024). Synergizing foundation models and federated learning: A survey. arXiv preprint arXiv:2406.12844.
    [CrossRef] [Google Scholar]
  35. Wang, R., Gao, Z., Zhang, L., Yue, S., & Gao, Z. (2025). Empowering large language models to edge intelligence: A survey of edge efficient LLMs and techniques. Computer Science Review, 57, 100755.
    [CrossRef] [Google Scholar]
  36. Qu, G., Chen, Q., Wei, W., Lin, Z., Chen, X., & Huang, K. (2025). Mobile edge intelligence for large language models: A contemporary survey. IEEE Communications Surveys & Tutorials, 27(6), 3820-3860.
    [CrossRef] [Google Scholar]
  37. Li, X., Li, H., Sun, C., Fan, Q., Han, Z., & Leung, V. (2026). Edge-Enhanced Intelligence: A Comprehensive Survey of Large Language Models and Edge-Cloud Computing Synergy. IEEE Communications Surveys & Tutorials, 28, 1248-1284.
    [CrossRef] [Google Scholar]
  38. Khan, L. U., Saad, W., Han, Z., Hossain, E., & Hong, C. S. (2021). Federated learning for internet of things: Recent advances, taxonomy, and open challenges. IEEE Communications Surveys & Tutorials, 23(3), 1759-1799.
    [CrossRef] [Google Scholar]
  39. Lyu, L., Yu, H., Ma, X., Chen, C., Sun, L., Zhao, J., ... & Yu, P. S. (2022). Privacy and robustness in federated learning: Attacks and defenses. IEEE transactions on neural networks and learning systems, 35(7), 8726-8746.
    [CrossRef] [Google Scholar]
  40. Le, M., Huynh-The, T., Do-Duy, T., Vu, T. H., Hwang, W. J., & Pham, Q. V. (2024). Applications of distributed machine learning for the Internet-of-Things: A comprehensive survey. IEEE Communications Surveys & Tutorials, 27(2), 1053-1100.
    [CrossRef] [Google Scholar]
  41. Rodríguez-Barroso, N., Jiménez-López, D., Luzón, M. V., Herrera, F., & Martínez-Cámara, E. (2023). Survey on federated learning threats: Concepts, taxonomy on attacks and defences, experimental study and challenges. Information Fusion, 90, 148-173.
    [CrossRef] [Google Scholar]
  42. Ficco, M., Guerriero, A., Milite, E., Palmieri, F., Pietrantuono, R., & Russo, S. (2024). Federated learning for IoT devices: Enhancing TinyML with on-board training. Information Fusion, 104, 102189.
    [CrossRef] [Google Scholar]
  43. Ghimire, B., & Rawat, D. B. (2022). Recent advances on federated learning for cybersecurity and cybersecurity for federated learning for internet of things. IEEE Internet of Things Journal, 9(11), 8229-8249.
    [CrossRef] [Google Scholar]
  44. Rauniyar, A., Hagos, D. H., Jha, D., Håkegård, J. E., Bagci, U., Rawat, D. B., & Vlassov, V. (2023). Federated learning for medical applications: A taxonomy, current trends, challenges, and future research directions. IEEE Internet of Things Journal, 11(5), 7374-7398.
    [CrossRef] [Google Scholar]
  45. Chatterjee, P., Das, D., & Rawat, D. B. (2024). Securing financial services with federated learning and blockchain. In Secure and Smart Cyber-Physical Systems (pp. 178-207). CRC Press. https://www.taylorfrancis.com/chapters/edit/10.1201/9781003376712-9
    [Google Scholar]
  46. Das, B. C., Amini, M. H., & Wu, Y. (2025). Security and privacy challenges of large language models: A survey. ACM Computing Surveys, 57(6), 1-39.
    [CrossRef] [Google Scholar]
  47. Wang, S., Zhu, T., Liu, B., Ding, M., Ye, D., Zhou, W., & Yu, P. (2025). Unique security and privacy threats of large language models: A comprehensive survey. ACM Computing Surveys, 58(4), 1-36.
    [CrossRef] [Google Scholar]
  48. He, F., Zhu, T., Ye, D., Liu, B., Zhou, W., & Yu, P. S. (2025). The emerged security and privacy of llm agent: A survey with case studies. ACM Computing Surveys, 58(6), 1-36.
    [CrossRef] [Google Scholar]
  49. Ye, P., Ren, H., Li, Z., Yan, A., Yan, H., Wang, S., & Li, J. (2026). Securing large language models: A survey of watermarking and fingerprinting techniques. ACM Computing Surveys, 58(7), 1-35.
    [CrossRef] [Google Scholar]
  50. Wang, Y., Zhong, W., Li, L., Mi, F., Zeng, X., Huang, W., ... & Liu, Q. (2023). Aligning large language models with human: A survey. arXiv preprint arXiv:2307.12966.
    [CrossRef] [Google Scholar]
  51. Xi, Z., Chen, W., Guo, X., He, W., Ding, Y., Hong, B., ... & Gui, T. (2025). The rise and potential of large language model based agents: A survey. Science China Information Sciences, 68(2), 121101.
    [CrossRef] [Google Scholar]
  52. Krasniqi, R., Xu, D., & Vieira, M. (2025). SE Perspective on LLMs: Biases in Code Generation, Code Interpretability, and Code Security Risks. ACM Computing Surveys, 58(5), 1-16.
    [CrossRef] [Google Scholar]
  53. Kim, G. I., Hwang, S., & Jang, B. (2025). Efficient compressing and tuning methods for large language models: A systematic literature review. ACM Computing Surveys, 57(10), 1-39.
    [CrossRef] [Google Scholar]
  54. Bayer, M., Kuehn, P., Shanehsaz, R., & Reuter, C. (2024). Cysecbert: A domain-adapted language model for the cybersecurity domain. ACM Transactions on Privacy and Security, 27(2), 1-20.
    [CrossRef] [Google Scholar]
  55. Ignaczak, L., Goldschmidt, G., Costa, C. A. D., & Righi, R. D. R. (2021). Text mining in cybersecurity: A systematic literature review. ACM Computing Surveys (CSUR), 54(7), 1-36.
    [CrossRef] [Google Scholar]
  56. Sheng, Z., Chen, Z., Gu, S., Huang, H., Gu, G., & Huang, J. (2025). Llms in software security: A survey of vulnerability detection techniques and insights. ACM Computing Surveys, 58(5), 1-35.
    [CrossRef] [Google Scholar]
  57. Lin, Z., Qu, G., Chen, Q., Chen, X., Chen, Z., & Huang, K. (2025). Pushing large language models to the 6g edge: Vision, challenges, and opportunities. IEEE Communications Magazine, 63(9), 52-59.
    [CrossRef] [Google Scholar]
  58. Dong, X. L., Moon, S., Xu, Y. E., Malik, K., & Yu, Z. (2023, August). Towards next-generation intelligent assistants leveraging llm techniques. In Proceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (pp. 5792-5793).
    [CrossRef] [Google Scholar]
  59. Chen, J., Messou, F. J. A., Zhang, S., Liu, T., Yu, K., & Niyato, D. (2025, June). Federated Fine-Tuning of Large Language Models for Intelligent Automotive Systems with Low-Rank Adaptation. In 2025 IEEE 101st Vehicular Technology Conference (VTC2025-Spring) (pp. 1-6). IEEE.
    [CrossRef] [Google Scholar]
  60. Liang, C., Zuo, S., Zhang, Q., He, P., Chen, W., & Zhao, T. (2023, July). Less is more: Task-aware layer-wise distillation for language model compression. In International Conference on Machine Learning (pp. 20852-20867). PMLR.
    [Google Scholar]
  61. Piccialli, F., Chiaro, D., Qi, P., Bellandi, V., & Damiani, E. (2025). Federated and edge learning for large language models. Information fusion, 117, 102840.
    [CrossRef] [Google Scholar]
  62. Yu, S., Muñoz, J. P., & Jannesari, A. (2024, May). Federated foundation models: Privacy-preserving and collaborative learning for large models. In Proceedings of the 2024 Joint International Conference on Computational Linguistics, Language Resources and Evaluation (LREC-COLING 2024) (pp. 7174-7184). https://aclanthology.org/2024.lrec-main.630/
    [Google Scholar]
  63. Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, Ł., & Polosukhin, I. (2017). Attention is all you need. Advances in Neural Information Processing Systems, 30.
    [Google Scholar]
  64. Schramowski, P., Turan, C., Andersen, N., Rothkopf, C. A., & Kersting, K. (2022). Large pre-trained language models contain human-like biases of what is right and wrong to do. Nature Machine Intelligence, 4(3), 258-268.
    [CrossRef] [Google Scholar]
  65. Kasneci, E., Seßler, K., Küchemann, S., Bannert, M., Dementieva, D., Fischer, F., ... & Kasneci, G. (2023). ChatGPT for good? On opportunities and challenges of large language models for education. Learning and individual differences, 103, 102274.
    [CrossRef] [Google Scholar]
  66. Yang, W., Liew, Z. Q., Lim, W. Y. B., Xiong, Z., Niyato, D., Chi, X., ... & Letaief, K. B. (2022). Semantic communication meets edge intelligence. IEEE wireless communications, 29(5), 28-35.
    [CrossRef] [Google Scholar]
  67. Tu, J., Yang, L., & Cao, J. (2025). Distributed machine learning in edge computing: Challenges, solutions and future directions. ACM Computing Surveys, 57(5), 1-37.
    [CrossRef] [Google Scholar]
  68. Friha, O., Ferrag, M. A., Kantarci, B., Cakmak, B., Ozgun, A., & Ghoualmi-Zine, N. (2024). Llm-based edge intelligence: A comprehensive survey on architectures, applications, security and trustworthiness. IEEE Open Journal of the Communications Society, 5, 5799-5856.
    [CrossRef] [Google Scholar]
  69. Wang, X., Xu, Z., & Sui, X. (2025). Intelligent data analysis in edge computing with large language models: applications, challenges, and future directions. Frontiers in Computer Science, 7, 1538277.
    [CrossRef] [Google Scholar]
  70. Lu, Z., Li, X., Cai, D., Yi, R., Liu, F., Zhang, X., ... & Xu, M. (2024). Small language models: Survey, measurements, and insights. arXiv preprint arXiv:2409.15790.
    [CrossRef] [Google Scholar]
  71. Tian, C., Tam, K., Wu, Y., Zhong, S., Li, L., Lane, N. D., & Xu, C. (2026). Floe: Federated Specialization for Real-Time LLM–SLM Inference. IEEE Transactions on Parallel and Distributed Systems, 37(7), 1630-1646.
    [CrossRef] [Google Scholar]
  72. Khan, N. M., Bhattacharya, P., Roy, S., Shetty, S., Gadekallu, T. R., & Srivastava, G. (2025, December). SLM-FARL: Small Language Model Driven Federated Reinforcement Multi-Agentic Framework underlying 6G Edge Networks. In GLOBECOM 2025-2025 IEEE Global Communications Conference (pp. 2505-2510). IEEE.
    [CrossRef] [Google Scholar]
  73. Chen, H., Yuan, X., & Li, H. (2026). Edge-Assisted Federated Learning for Large Language Models in IoT Sensor Systems. IEEE Journal of Selected Areas in Sensors, 3, 125-138.
    [CrossRef] [Google Scholar]
  74. Shen, Y., Shao, J., Zhang, X., Lin, Z., Pan, H., Li, D., ... & Letaief, K. B. (2024). Large language models empowered autonomous edge AI for connected intelligence. IEEE Communications Magazine, 62(10), 140-146.
    [CrossRef] [Google Scholar]
  75. Lin, Z., Chen, Z., Chen, X., Ni, W., & Gao, Y. (2026). HASFL: Heterogeneity-aware split federated learning over edge computing systems. IEEE Transactions on Mobile Computing.
    [CrossRef] [Google Scholar]
  76. Ahad, A., Ahmed, K. I., Ullah, F., Sheikh, M. A., Tahir, M., Hayajneh, M., & Pires, I. M. (2026). Federated Learning and 5G/6G‐Based Internet of Medical Things (IoMT): Applications, Key Enabling Technologies, Open Issues and Future Research Directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 16(1), e70065.
    [CrossRef] [Google Scholar]
  77. Wei, W., Lin, Z., Liu, X., Du, H., Niyato, D., & Chen, X. (2026). Optimizing split federated learning with unstable client participation. IEEE Transactions on Mobile Computing.
    [CrossRef] [Google Scholar]
  78. Guo, P., Wang, Y., Li, W., Liu, M., Li, M., Zheng, J., & Qu, L. (2025). Exploring federated pruning for large language models. arXiv preprint arXiv:2505.13547.
    [CrossRef] [Google Scholar]
  79. Jia, Y., Zhang, X., Hu, H., Choo, K. K. R., Qi, L., Xu, X., ... & Dou, W. (2024). Dapperfl: Domain adaptive federated learning with model fusion pruning for edge devices. Advances in Neural Information Processing Systems, 37, 13099-13123.
    [Google Scholar]
  80. Hendriks, D., Spitzer, P., Kühl, N., & Satzger, G. (2026). Honey, i shrunk the language model: Impact of knowledge distillation methods on performance and explainability. IEEE Transactions on Knowledge and Data Engineering, 38(6), 3710-3721.
    [CrossRef] [Google Scholar]
  81. Fang, L., Yu, X., Cai, J., Chen, Y., Wu, S., Liu, Z., ... & Ma, P. (2026). Knowledge distillation and dataset distillation of large language models: Emerging trends, challenges, and future directions. Artificial Intelligence Review, 59(1), 17.
    [CrossRef] [Google Scholar]
  82. Song, I., & Lee, K. (2026). BitLoRA: Quantization-Compatible Adapter Tuning for 1.58-bit LLM in Federated On-Device AI-Agent. Expert Systems with Applications, 131397.
    [CrossRef] [Google Scholar]
  83. Kuzmin, A., Nagel, M., Van Baalen, M., Behboodi, A., & Blankevoort, T. (2023). Pruning vs quantization: Which is better?. Advances in neural information processing systems, 36, 62414-62427.
    [Google Scholar]
  84. Zheng, H., Shen, L., Tang, A., Luo, Y., Hu, H., Du, B., ... & Tao, D. (2025). Learning from models beyond fine-tuning. Nature Machine Intelligence, 7(1), 6-17.
    [CrossRef] [Google Scholar]
  85. Xu, L., Xie, H., Qin, S. J., Tao, X., & Wang, F. L. (2026). Parameter-efficient fine-tuning methods for pretrained language models: A critical review and assessment. IEEE Transactions on Pattern Analysis and Machine Intelligence, 48(6), 6107-6126.
    [CrossRef] [Google Scholar]
  86. Lin, M., Yu, F., Ning, R., Li, L., Chen, J., Lou, Q., ... & Wu, H. (2026). RPP: A Certified Poisoned-Sample Detection Framework for Backdoor Attacks under Dataset Imbalance. arXiv preprint arXiv:2602.00183.
    [CrossRef] [Google Scholar]
  87. Li, R., Wang, J., Chen, H., Ding, H., Zhou, J., & Tao, R. (2026, March). Dormant Backdoor: Weaponizing Model Finetuning for Feasible Backdoor Attacks Against Pretrained Models. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 27, pp. 23132-23140).
    [CrossRef] [Google Scholar]
  88. Rodríguez-Barroso, N., Luzón, M. V., & Herrera, F. (2026). RAB2-DEF: Dynamic and Explainable Defense Against Adversarial Attacks in Federated Learning to Fair Poor Clients. Machine Intelligence Research, 23(1), 133-146.
    [CrossRef] [Google Scholar]
  89. Wang, H., Yin, Z., Chen, B., Zeng, Y., Yan, X., Zhou, C., & Li, A. (2025). Rofed-llm: robust federated learning for large language models in adversarial wireless environments. IEEE Transactions on Network Science and Engineering, 13, 1084-1096.
    [CrossRef] [Google Scholar]
  90. Fang, M., Cao, X., Jia, J., & Gong, N. (2020). Local model poisoning attacks to \{Byzantine-Robust\ federated learning. In 29th USENIX security symposium (USENIX Security 20) (pp. 1605-1622). https://www.usenix.org/conference/usenixsecurity20/presentation/fang
    [Google Scholar]
  91. Yazdinejad, A., Dehghantanha, A., Karimipour, H., Srivastava, G., & Parizi, R. M. (2024). A robust privacy-preserving federated learning model against model poisoning attacks. IEEE Transactions on Information Forensics and Security, 19, 6693-6708.
    [CrossRef] [Google Scholar]
  92. Kasyap, H., & Tripathy, S. (2024). Beyond data poisoning in federated learning. Expert Systems with Applications, 235, 121192.
    [CrossRef] [Google Scholar]
  93. Oliynyk, D., Mayer, R., & Rauber, A. (2023). I know what you trained last summer: A survey on stealing machine learning models and defences. ACM Computing Surveys, 55(14s), 1-41.
    [CrossRef] [Google Scholar]
  94. Li, Y., Zhu, L., Jia, X., Jiang, Y., Xia, S. T., & Cao, X. (2022, June). Defending against model stealing via verifying embedded external features. In Proceedings of the AAAI conference on artificial intelligence (Vol. 36, No. 2, pp. 1464-1472).
    [CrossRef] [Google Scholar]
  95. Yang, W., Li, L., Zhang, Z., Ren, X., Sun, X., & He, B. (2021, June). Be careful about poisoned word embeddings: Exploring the vulnerability of the embedding layers in NLP models. In Proceedings of the 2021 conference of the North American chapter of the association for computational linguistics: human language technologies (pp. 2048-2058).
    [CrossRef] [Google Scholar]
  96. Wu, T. Y., Wu, H., Tang, M., Kumari, S., & Chen, C. M. (2025). CD-AKA-IoV: A Provably Secure Cross-Domain Authentication and Key Agreement Protocol for Internet of Vehicle. Computers, Materials & Continua, 85(1).
    [CrossRef] [Google Scholar]
  97. Wang, Z., Shen, Z., He, Y., Sun, G., Wang, H., Lyu, L., & Li, A. (2024). Flora: Federated fine-tuning large language models with heterogeneous low-rank adaptations. Advances in Neural Information Processing Systems, 37, 22513-22533.
    [Google Scholar]
  98. Vahidian, S., Morafah, M., Chen, C., Shah, M., & Lin, B. (2023). Rethinking data heterogeneity in federated learning: Introducing a new notion and standard benchmarks. IEEE Transactions on Artificial Intelligence, 5(3), 1386-1397.
    [CrossRef] [Google Scholar]
  99. Tirana, J., Tsigkari, D., Noguero, D. S., & Kourtellis, N. (2026, March). Data heterogeneity and forgotten labels in split federated learning. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 31, pp. 25940-25948).
    [CrossRef] [Google Scholar]
  100. Zhu, H., Togo, R., Ogawa, T., & Haseyama, M. (2024, April). Prompt-based personalized federated learning for medical visual question answering. In ICASSP 2024-2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 1821-1825). IEEE.
    [CrossRef] [Google Scholar]
  101. Zeng, M., Tu, W., Chen, Y., Wang, Y., Yu, M., Tang, X., & Cheng, J. (2026, March). FedPKDA: Personalized Federated Learning with Privacy-Preserving Knowledge Dynamic Alignment. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 33, pp. 28113-28121).
    [CrossRef] [Google Scholar]
  102. Yi, L., Yu, H., Wang, G., Liu, X., & Hu, Q. (2026). pFedMoE: Data-Level Personalization With Mixture of Experts in Model-Heterogeneous Personalized Federated Learning. IEEE Transactions on Knowledge and Data Engineering, 38(3), 1905-1918.
    [CrossRef] [Google Scholar]
  103. Zhang, M., Yin, R., Yang, Z., & Wang, Y. (2025). Advances and challenges of multi-task learning method in recommender systems: A survey. Neurocomputing, 132510.
    [CrossRef] [Google Scholar]
  104. Vettoruzzo, A., Bouguelia, M. R., Vanschoren, J., Rögnvaldsson, T., & Santosh, K. C. (2024). Advances and challenges in meta-learning: A technical review. IEEE transactions on pattern analysis and machine intelligence, 46(7), 4763-4779.
    [CrossRef] [Google Scholar]
  105. Asad, M., & Otoum, S. (2025, October). FLChain-LLM: A Blockchain-Enabled Framework for Training Large Language Models. In 2025 7th International Conference on Blockchain Computing and Applications (BCCA) (pp. 378-384). IEEE.
    [CrossRef] [Google Scholar]
  106. Wang, J., Yang, X., Cui, S., Che, L., Lyu, L., Xu, D. D., & Ma, F. (2023). Towards personalized federated learning via heterogeneous model reassembly. Advances in Neural Information Processing Systems, 36, 29515-29531.
    [Google Scholar]
  107. Chen, Y., Lu, W., Qin, X., Wang, J., & Xie, X. (2023). Metafed: Federated learning among federations with cyclic knowledge distillation for personalized healthcare. IEEE Transactions on Neural Networks and Learning Systems, 35(11), 16671-16682.
    [CrossRef] [Google Scholar]
  108. He, C., Li, S., So, J., Zeng, X., Zhang, M., Wang, H., ... & Avestimehr, S. (2020). Fedml: A research library and benchmark for federated machine learning. arXiv preprint arXiv:2007.13518.
    [CrossRef] [Google Scholar]
  109. Kuang, W., Qian, B., Li, Z., Chen, D., Gao, D., Pan, X., ... & Zhou, J. (2024, August). Federatedscope-llm: A comprehensive package for fine-tuning large language models in federated learning. In Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (pp. 5260-5271).
    [CrossRef] [Google Scholar]
  110. Beutel, D. J., Topal, T., Mathur, A., Qiu, X., Fernandez-Marques, J., Gao, Y., ... & Lane, N. D. (2020). Flower: A friendly federated learning research framework. arXiv preprint arXiv:2007.14390.
    [CrossRef] [Google Scholar]
  111. Ye, R., Ge, R., Zhu, X., Chai, J., Du, Y., Liu, Y., ... & Chen, S. (2024). Fedllm-bench: Realistic benchmarks for federated learning of large language models. Advances in Neural Information Processing Systems, 37, 111106-111130.
    [Google Scholar]
  112. Ye, R., Wang, W., Chai, J., Li, D., Li, Z., Xu, Y., ... & Chen, S. (2024, August). Openfedllm: Training large language models on decentralized private data via federated learning. In Proceedings of the 30th ACM SIGKDD conference on knowledge discovery and data mining (pp. 6137-6147).
    [CrossRef] [Google Scholar]
  113. Fan, T., Kang, Y., Ma, G., Chen, W., Wei, W., Fan, L., & Yang, Q. (2023). Fate-llm: A industrial grade federated learning framework for large language models. arXiv preprint arXiv:2310.10049.
    [CrossRef] [Google Scholar]
  114. Zhang, J., Vahidian, S., Kuo, M., Li, C., Zhang, R., Yu, T., ... & Chen, Y. (2024, April). Towards building the federatedgpt: Federated instruction tuning. In ICASSP 2024-2024 IEEE international conference on acoustics, speech and signal processing (ICASSP) (pp. 6915-6919). IEEE.
    [CrossRef] [Google Scholar]
  115. Zhang, Z., Yang, Y., Dai, Y., Wang, Q., Yu, Y., Qu, L., & Xu, Z. (2023, July). Fedpetuning: When federated learning meets the parameter-efficient tuning methods of pre-trained language models. In Findings of the Association for Computational Linguistics: ACL 2023 (pp. 9963-9977).
    [CrossRef] [Google Scholar]
  116. Zhang, Z., Hu, X., Zhang, J., Zhang, Y., Wang, H., Qu, L., & Xu, Z. (2023, July). Fedlegal: The first real-world federated learning benchmark for legal nlp. In Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers) (pp. 3492-3507).
    [CrossRef] [Google Scholar]
  117. Roth, H. R., Xu, Z., Hsieh, Y. T., Renduchintala, A., Yang, I. T. C., Zhang, Z., ... & Feng, A. (2025). Empowering federated learning for massive models with nvidia flare. In Federated Learning Systems: Towards Privacy-Preserving Distributed AI (pp. 1-17). Cham: Springer Nature Switzerland.
    [CrossRef] [Google Scholar]
  118. Nair, L., Bernadskiy, M., Madhavan, A., Chan, C., Basumallik, A., & Bunandar, D. (2023). INT-FP-QSim: Mixed precision and formats for large language models and vision transformers. arXiv preprint arXiv:2307.03712.
    [CrossRef] [Google Scholar]
  119. Shao, W., Chen, M., Zhang, Z., Xu, P., Zhao, L., Li, Z., ... & Luo, P. (2024, May). Omniquant: Omnidirectionally calibrated quantization for large language models. In International Conference on Learning Representations (Vol. 2024, pp. 45472-45496).
    [Google Scholar]
  120. Fan, H., Venieris, S. I., Kouris, A., & Lane, N. (2023, October). Sparse-dysta: Sparsity-aware dynamic and static scheduling for sparse multi-dnn workloads. In Proceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture (pp. 353-366).
    [CrossRef] [Google Scholar]
  121. Zhang, Y., Li, P., Hong, J., Li, J., Zhang, Y., Zheng, W., ... & Chen, T. (2024). Revisiting zeroth-order optimization for memory-efficient llm fine-tuning: A benchmark. arXiv preprint arXiv:2402.11592.
    [CrossRef] [Google Scholar]
  122. Peng, H., Wu, K., Wei, Y., Zhao, G., Yang, Y., Liu, Z., ... & Cheng, P. (2023). Fp8-lm: Training fp8 large language models. arXiv preprint arXiv:2310.18313.
    [CrossRef] [Google Scholar]
  123. Xu, M., Cai, D., Wu, Y., Li, X., & Wang, S. (2024). \{FwdLLM\: Efficient federated finetuning of large language models with perturbed inferences. In 2024 USENIX Annual Technical Conference (USENIX ATC 24) (pp. 579-596). https://www.usenix.org/conference/atc24/presentation/xu-mengwei
    [Google Scholar]
  124. Qin, R., Xia, J., Jia, Z., Jiang, M., Abbasi, A., Zhou, P., ... & Shi, Y. (2024, June). Enabling on-device large language model personalization with self-supervised data selection and synthesis. In Proceedings of the 61st ACM/IEEE design automation conference (pp. 1-6).
    [CrossRef] [Google Scholar]
  125. Han, S., Buyukates, B., Hu, Z., Jin, H., Jin, W., Sun, L., ... & He, C. (2024, August). Fedsecurity: A benchmark for attacks and defenses in federated learning and federated llms. In Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (pp. 5070-5081).
    [CrossRef] [Google Scholar]
  126. In, S. W. O. T. (2001). Wikipedia: the free encyclopedia. San Francisco (CA): Wikimedia Foundation, 2012(16.4), 2012. https://wikipedia2007.classicistranieri.com/en/h/e/u/Heuristic.html
    [Google Scholar]
  127. Patel, J. M. (2020). Getting structured data from the internet: running web crawlers/scrapers on a big data production scale. Berkeley, CA: Apress.
    [CrossRef] [Google Scholar]
  128. Du, Z., Qian, Y., Liu, X., Ding, M., Qiu, J., Yang, Z., & Tang, J. (2022, May). Glm: General language model pretraining with autoregressive blank infilling. In Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers) (pp. 320-335).
    [CrossRef] [Google Scholar]
  129. Zhu, Y., Kiros, R., Zemel, R., Salakhutdinov, R., Urtasun, R., Torralba, A., & Fidler, S. (2015). Aligning books and movies: Towards story-like visual explanations by watching movies and reading books. In Proceedings of the IEEE international conference on computer vision (pp. 19-27).
    [CrossRef] [Google Scholar]
  130. Nijkamp, E., Pang, B., Hayashi, H., Tu, L., Wang, H., Zhou, Y., ... & Xiong, C. (2022). Codegen: An open large language model for code with multi-turn program synthesis. arXiv preprint arXiv:2203.13474.
    [CrossRef] [Google Scholar]
  131. Rakkini, M. J., & Geetha, K. (2022). BigQuery Open Dataset. Soft Computing: Theories and Applications: Proceedings of SoCTA 2021, 25.
    [Google Scholar]
  132. CrossRef
    [Google Scholar]
  133. Antol, S., Agrawal, A., Lu, J., Mitchell, M., Batra, D., Zitnick, C. L., & Parikh, D. (2015, December). VQA: Visual Question Answering. In 2015 IEEE International Conference on Computer Vision (ICCV) (pp. 2425-2433). IEEE.
    [CrossRef] [Google Scholar]
  134. Zhu, L., Liu, Z., & Han, S. (2019). Deep leakage from gradients. Advances in Neural Information Processing Systems, 32.
    [Google Scholar]
  135. Sarmadi, A., Fu, H., Krishnamurthy, P., Garg, S., & Khorrami, F. (2023). Privacy-preserving collaborative learning through feature extraction. IEEE Transactions on Dependable and Secure Computing, 21(1), 486-498.
    [CrossRef] [Google Scholar]
  136. Yang, H., Ge, M., Xue, D., Xiang, K., Li, H., & Lu, R. (2023). Gradient leakage attacks in federated learning: Research frontiers, taxonomy, and future directions. IEEE Network, 38(2), 247-254.
    [CrossRef] [Google Scholar]
  137. Ramos, P., Ramos, R., & Garcia, N. (2025). Data leakage in visual datasets. In Proceedings of the IEEE/CVF International Conference on Computer Vision (pp. 6309-6319).
    [Google Scholar]
  138. Huang, Y., Gupta, S., Song, Z., Li, K., & Arora, S. (2021). Evaluating gradient inversion attacks and defenses in federated learning. Advances in neural information processing systems, 34, 7232-7241.
    [Google Scholar]
  139. Zhao, J., Zhu, H., Wang, F., Lu, R., & Li, H. (2023). Efficient and privacy-preserving tree-based inference via additive homomorphic encryption. Information Sciences, 650, 119480.
    [CrossRef] [Google Scholar]
  140. Liu, H., Li, B., Gao, C., Xie, P., & Zhao, C. (2023). Privacy-encoded federated learning against gradient-based data reconstruction attacks. IEEE Transactions on Information Forensics and Security, 18, 5860-5875.
    [CrossRef] [Google Scholar]
  141. Pan, X., Zhang, M., Ji, S., & Yang, M. (2020, May). Privacy risks of general-purpose language models. In 2020 IEEE Symposium on Security and Privacy (SP) (pp. 1314-1331). IEEE.
    [CrossRef] [Google Scholar]
  142. Sun, W., Wang, X., Liang, Z., Chen, J., Lan, W., Chen, Y., & Wang, F. (2026). FedShieldLLM: Measurement, Detection and Protection of Privacy Leakage in Federated LLMs. IEEE Transactions on Mobile Computing, 25(7), 9612-9628.
    [CrossRef] [Google Scholar]
  143. Cao, X., Jia, J., Zhang, Z., & Gong, N. Z. (2023, May). Fedrecover: Recovering from poisoning attacks in federated learning using historical information. In 2023 IEEE Symposium on Security and Privacy (SP) (pp. 1366-1383). IEEE.
    [CrossRef] [Google Scholar]
  144. Ma, Z., Deng, Y., Qiao, Z., Zhang, Q., Zhou, C., Wu, F., ... & Ren, J. (2026). A Fine-Tuning Data Recovery Attack on Generative Language Models via Backdooring. IEEE Transactions on Information Forensics and Security, 21, 3006-3021.
    [CrossRef] [Google Scholar]
  145. Yue, K., Jin, R., Wong, C. W., Baron, D., & Dai, H. (2023). Gradient obfuscation gives a false sense of security in federated learning. In 32nd USENIX security symposium (USENIX Security 23) (pp. 6381-6398). https://www.usenix.org/conference/usenixsecurity23/presentation/yue
    [Google Scholar]
  146. Gupta, S., Huang, Y., Zhong, Z., Gao, T., Li, K., & Chen, D. (2022). Recovering private text in federated learning of language models. Advances in neural information processing systems, 35, 8130-8143.
    [Google Scholar]
  147. Chen, S., Luo, Y., Deng, G., Liu, Y., Xu, M., Fu, S., & Jia, X. (2026, April). Reconstructing Training Data from Adapter-based Federated Large Language Models. In Proceedings of the ACM Web Conference 2026 (pp. 2602-2613).
    [CrossRef] [Google Scholar]
  148. Wang, F., & Li, B. (2024). Data reconstruction and protection in federated learning for fine-tuning large language models. IEEE Transactions on Big Data.
    [CrossRef] [Google Scholar]
  149. Miao, Q., Sun, W., Zhu, D., Li, J., Zhou, Y., & Alcaraz, C. (2026). Moderation is the Best Policy: Dynamic Defense Against Gradient-Based Data Reconstruction Attacks in Federated Learning. IEEE Transactions on Dependable and Secure Computing, 23(3), 6230-6245.
    [CrossRef] [Google Scholar]
  150. Bai, L., Zhang, X., Zhang, S., Ye, Q., & Hu, H. (2025). Provfl: Property inference attacks against vertical federated learning. IEEE Transactions on Information Forensics and Security, 20, 6529-6543.
    [CrossRef] [Google Scholar]
  151. Tong, M., Chen, K., Zhang, J., Qi, Y., Zhang, W., Yu, N., ... & Zhang, Z. (2025). Inferdpt: Privacy-preserving inference for black-box large language models. IEEE Transactions on Dependable and Secure Computing, 22(5), 4625-4640.
    [CrossRef] [Google Scholar]
  152. Luo, X., Yu, T., & Xiao, X. (2025, November). Prompt inference attack on distributed large language model inference frameworks. In Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security (pp. 1739-1753).
    [CrossRef] [Google Scholar]
  153. Wang, Z., Huang, Y., Song, M., Wu, L., Xue, F., & Ren, K. (2022). Poisoning-assisted property inference attack against federated learning. IEEE Transactions on Dependable and Secure Computing, 20(4), 3328-3340.
    [CrossRef] [Google Scholar]
  154. Fu, W., Wang, H., Gao, C., Liu, G., Li, Y., & Jiang, T. (2024). Membership inference attacks against fine-tuned large language models via self-prompt calibration. Advances in Neural Information Processing Systems, 37, 134981-135010.
    [Google Scholar]
  155. He, Y., Li, B., Liu, L., Ba, Z., Dong, W., Li, Y., ... & Chen, C. (2025). Towards {Label-Only Membership Inference Attack against Pre-trained Large Language Models. In 34th USENIX Security Symposium (USENIX Security 25) (pp. 1609-1628). https://www.usenix.org/conference/usenixsecurity25/presentation/he-yu
    [Google Scholar]
  156. Bai, L., Hu, H., Ye, Q., Li, H., Wang, L., & Xu, J. (2024). Membership inference attacks and defenses in federated learning: A survey. ACM Computing Surveys, 57(4), 1-35.
    [CrossRef] [Google Scholar]
  157. Fu, C., Zhang, X., Ji, S., Chen, J., Wu, J., Guo, S., ... & Wang, T. (2022). Label inference attacks against vertical federated learning. In 31st USENIX security symposium (USENIX Security 22) (pp. 1397-1414). https://www.usenix.org/conference/usenixsecurity22/presentation/fu-chong
    [Google Scholar]
  158. Li, Z., Wu, Y., Chen, Y., Tonin, F., Abad Rocamora, E., & Cevher, V. (2024). Membership inference attacks against large vision-language models. Advances in Neural Information Processing Systems, 37, 98645-98674.
    [Google Scholar]
  159. Shen, M., Meng, J., Peng, B., Tang, X., Wang, W., Niyato, D., & Zhu, L. (2026). Casper: A Causality-Inspired Defense With Confounder Against Label Inference Attacks in Vertical Split Federated Learning. IEEE Transactions on Information Forensics and Security, 21, 1050-1064.
    [CrossRef] [Google Scholar]
  160. Song, J., Yuan, J., Chen, G., Liu, Y., & Yang, N. (2026). LTMIA: a loss trajectory-based membership inference attack method in federated learning. Journal of Information Security and Applications, 97, 104364.
    [CrossRef] [Google Scholar]
  161. Acar, A., Aksu, H., Uluagac, A. S., & Conti, M. (2018). A survey on homomorphic encryption schemes: Theory and implementation. ACM Computing Surveys (Csur), 51(4), 1-35.
    [CrossRef] [Google Scholar]
  162. Zhang, C., Li, S., Xia, J., Wang, W., Yan, F., & Liu, Y. (2020). {BatchCrypt: Efficient homomorphic encryption for {Cross-Silo federated learning. In 2020 USENIX annual technical conference (USENIX ATC 20) (pp. 493-506). https://www.usenix.org/conference/atc20/presentation/zhang-chengliang
    [Google Scholar]
  163. Xie, Q., Jiang, S., Jiang, L., Huang, Y., Zhao, Z., Khan, S., ... & Wu, K. (2024). Efficiency optimization techniques in privacy-preserving federated learning with homomorphic encryption: A brief survey. IEEE Internet of Things Journal, 11(14), 24569-24580.
    [CrossRef] [Google Scholar]
  164. Zhao, C., Zhao, S., Zhao, M., Chen, Z., Gao, C. Z., Li, H., & Tan, Y. A. (2019). Secure multi-party computation: theory, practice and applications. Information Sciences, 476, 357-372.
    [CrossRef] [Google Scholar]
  165. Gamiz Ugarte, I., Regueiro Senderos, C., Lage Serrano, Ó., Jacob Taquet, E., & Astorga Burgo, J. (2025). Challenges and future research directions in secure multi-party computation for resource-constrained devices and large-scale computations. International Journal of Information Security, 24(1).
    [CrossRef] [Google Scholar]
  166. Tran, A.-T., Luong, T.-D., & Huynh, V.-N. (2026). PriFLRC: A secure multi-party computation-based privacy-enhanced federated learning scheme resilient to collusion. Neurocomputing, 132574.
    [CrossRef] [Google Scholar]
  167. Singh, J. P., Aqsa, A., Ghani, I., Sonani, R., & Govindarajan, V. (2025). Privacy-aware hierarchical federated learning in healthcare: integrating differential privacy and secure multi-party computation. Future Internet, 17(8), 345.
    [CrossRef] [Google Scholar]
  168. El Ouadrhiri, A., & Abdelhadi, A. (2022). Differential privacy for deep and federated learning: A survey. IEEE Access, 10, 22359-22380.
    [CrossRef] [Google Scholar]
  169. Truex, S., Liu, L., Chow, K. H., Gursoy, M. E., & Wei, W. (2020, April). LDP-Fed: Federated learning with local differential privacy. In Proceedings of the third ACM international workshop on edge systems, analytics and networking (pp. 61-66).
    [CrossRef] [Google Scholar]
  170. Yang, M., Guo, T., Zhu, T., Tjuawinata, I., Zhao, J., & Lam, K. Y. (2024). Local differential privacy and its applications: A comprehensive survey. Computer Standards & Interfaces, 89, 103827.
    [CrossRef] [Google Scholar]
  171. He, Y., Zhang, W., Wang, K., Lin, X., Zhang, Y., & Ni, W. (2026). Efficient and Effective Biclique Counting with Local Differential Privacy. Proceedings of the ACM on Management of Data, 4(1) (SIGMOD), 1-24.
    [CrossRef] [Google Scholar]
  172. Wang, X., Kim, B. G., Amoon, M., Kumar, S., & Liu, Z. (2025). Federated learning with local differential privacy for autonomous electronic vehicles: Enhancing security and performance. IEEE Transactions on Consumer Electronics, 71(2), 6147-6157.
    [CrossRef] [Google Scholar]
  173. Zhu, L., & Chen, X. (2025). Privacy protection in federated learning: a study on the combined strategy of local and global differential privacy. The Journal of Supercomputing, 81(1), 326.
    [CrossRef] [Google Scholar]
  174. Letafati, M., & Otoum, S. (2023, September). Global differential privacy for distributed metaverse healthcare systems. In 2023 International Conference on Intelligent Metaverse Technologies & Applications (iMETA) (pp. 01-08). IEEE.
    [CrossRef] [Google Scholar]
  175. Li, H., Li, X., Liu, X., Wang, B., Wang, J., & Tian, Y. (2026). FedSam: Enhancing federated learning accuracy with differential privacy and data heterogeneity mitigation. Computer Standards & Interfaces, 95, 104019.
    [CrossRef] [Google Scholar]
  176. Wei, K., Li, J., Ding, M., Ma, C., Yang, H. H., Farokhi, F., ... & Poor, H. V. (2020). Federated learning with differential privacy: Algorithms and performance analysis. IEEE transactions on information forensics and security, 15, 3454-3469.
    [CrossRef] [Google Scholar]
  177. Naresh, V. S., & Ayyappa, D. (2026). Privacy-preserving federated credit risk models: evaluating differential privacy and homomorphic encryption techniques. Scientific Reports.
    [CrossRef] [Google Scholar]
  178. Liu, X. Y., Zhu, R., Zha, D., Gao, J., Zhong, S., White, M., & Qiu, M. (2025). Differentially private low-rank adaptation of large language model using federated learning. ACM Transactions on Management Information Systems, 16(2), 1-24.
    [CrossRef] [Google Scholar]
  179. Carillo, R., Cerasuolo, F., Bovenzi, G., Ciuonzo, D., & Pescapé, A. (2026). A Federated and Incremental Network Intrusion Detection System for IoT Emerging Threats. IEEE Transactions on Network and Service Management, 23, 3865-3880.
    [CrossRef] [Google Scholar]
  180. Pereira, L., & Nagasundaram, S. (2026, February). A Multi-Model Hybrid Framework for Twitter Spam Detection using LSTM, CNN and GAN. In 2026 International Conference on Electronics and Renewable Systems (ICEARS) (pp. 1838-1843). IEEE.
    [CrossRef] [Google Scholar]
  181. Soysaldı Şahin, M., Şahin, D. Ö., & Salah, A. F. (2026). Revisiting SMS Spam Detection: The Impact of Feature Representation on Classical Machine Learning Models. Electronics, 15(4), 894.
    [CrossRef] [Google Scholar]
  182. Schuhmann, C., Beaumont, R., Vencu, R., Gordon, C., Wightman, R., Cherti, M., ... & Jitsev, J. (2022). Laion-5b: An open large-scale dataset for training next generation image-text models. Advances in neural information processing systems, 35, 25278-25294.
    [Google Scholar]
  183. Sun, Q., Wang, J., Yu, Q., Cui, Y., Zhang, F., Zhang, X., & Wang, X. (2024). Eva-clip-18b: Scaling clip to 18 billion parameters. arXiv preprint arXiv:2402.04252.
    [CrossRef] [Google Scholar]
  184. Carlini, N., Jagielski, M., Choquette-Choo, C. A., Paleka, D., Pearce, W., Anderson, H., ... & Tramèr, F. (2024, May). Poisoning web-scale training datasets is practical. In 2024 IEEE Symposium on Security and Privacy (SP) (pp. 407-425). IEEE.
    [CrossRef] [Google Scholar]
  185. Qu, Y., Li, B., Huang, S., Nie, P., Li, L., & Yao, Y. (2026). BADS: A backdoor attack against code intent summarization engines. Information and Software Technology, 192, 108018.
    [CrossRef] [Google Scholar]
  186. Zhu, Y., Tao, Q., & Zhao, N. (2026). Can In-Context Learning Defend against Backdoor Attacks to LLMs. In AAAI 2026 Workshop on Assessing and Improving Reliability of Foundation Models in the Real World. https://openreview.net/pdf?id=X7vXylFSGq
    [Google Scholar]
  187. Guo, J., Zhang, Z., Sun, Z., Yang, Y., Wu, J., Zhang, F., & He, X. (2026, March). 6dattack: Backdoor attacks in the 6dof pose estimation. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 42, pp. 35455-35463).
    [CrossRef] [Google Scholar]
  188. Luo, J., Sun, Q., Lyu, L., Zhang, Z., Yuan, H., Fu, X., & Li, J. (2026, March). Towards effective, stealthy, and persistent backdoor attacks targeting graph foundation models. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 29, pp. 24142-24150).
    [CrossRef] [Google Scholar]
  189. AlHayan, A., & Al-Muhtadi, J. (2026). Federated learning-powered real-time behavioral intrusion detection leveraging LSTM, attention, GANs, and large language models. Scientific Reports.
    [CrossRef] [Google Scholar]
  190. Archa, A. T., & Kartheeban, K. (2026). Secure ML: a hybrid defense method to prevent poisoning attacks on machine learning systems. International Journal of Machine Learning and Cybernetics, 17(1), 37.
    [CrossRef] [Google Scholar]
  191. Chaudhari, H., Rathbun, E., Foerster, H., Hayes, J., Jagielski, M., Nasr, M., ... & Oprea, A. (2026). Thought-Transfer: Indirect Targeted Poisoning Attacks on Chain-of-Thought Reasoning Models. arXiv preprint arXiv:2601.19061.
    [CrossRef] [Google Scholar]
  192. Wang, B., Yan, Y., Zhang, M., Wang, W., & Yao, H. (2026). Model Backdoor Attack on Federated Learning Based on Parameter Analysis. IEEE Transactions on Dependable and Secure Computing, 23(3), 6490-6505.
    [CrossRef] [Google Scholar]
  193. Hu, Z., Chen, C., & Wang, Y. (2026, March). FILTER: A Framework for Defending against Backdoor Attacks in Vertical Federated Learning. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 42, pp. 35490-35499).
    [CrossRef] [Google Scholar]
  194. Sui, Y., Sun, Y., Chen, N., Zhao, Y., Cao, H., & Xu, B. (2026). Backdoor Detection in Federated Learning with Feature Map: A Multi-Task Learning Perspective. IEEE Transactions on Information Forensics and Security, 21, 1142-1154.
    [CrossRef] [Google Scholar]
  195. Shi, Y., Zheng, W., Xu, H., Wang, X. A., & Wang, R. (2026). A Unified Optimization Framework for Backdoor Attacks in Large Language Models. Information Fusion, 104221.
    [CrossRef] [Google Scholar]
  196. Wang, K., Wang, L., Liu, Z., Luo, Y., Zhang, K., & Li, W. (2026). SHIFT: Enhancing Federated Learning Robustness through Client-Side Backdoor Detection. Information Fusion, 104144.
    [CrossRef] [Google Scholar]
  197. Chen, J., Lin, Z., Kang, Y., Wang, C., & Lin, W. (2026). Stealthy Targeted Poisoning Attacks in Vertical Split Learning via Embedding Model Manipulation. IEEE Transactions on Dependable and Secure Computing, 23(3), 7059-7072.
    [CrossRef] [Google Scholar]
  198. You, Z., Dong, X., Cheng, K., Mu, X., Fu, J., Ma, S., ... & Shen, Y. (2026). Prifft: Privacy-preserving federated fine-tuning of large language models via hybrid secret sharing. IEEE Transactions on Dependable and Secure Computing, 23(3), 6167-6182.
    [CrossRef] [Google Scholar]
  199. Huang, W., Wang, Y., Cheng, A., Zhou, A., Yu, C., & Wang, L. (2024, April). A fast, performant, secure distributed training framework for LLM. In ICASSP 2024-2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 4800-4804). IEEE.
    [CrossRef] [Google Scholar]
  200. Zhou, T., Yan, H., Han, B., Liu, L., & Zhang, J. (2024). Learning a robust foundation model against clean-label data poisoning attacks at downstream tasks. Neural Networks, 169, 756-763.
    [CrossRef] [Google Scholar]
  201. Li, X., Wu, C., & Wang, J. (2024, April). Unveiling backdoor risks brought by foundation models in heterogeneous federated learning. In Pacific-Asia Conference on Knowledge Discovery and Data Mining (pp. 168-181). Singapore: Springer Nature Singapore.
    [CrossRef] [Google Scholar]
  202. Rondanini, C., Carminati, B., Ferrari, E., Kundu, A., & Gaudiano, A. (2026). Malware detection at the edge with lightweight LLMs: A performance evaluation. ACM Transactions on Internet Technology, 26(1), 1-24.
    [CrossRef] [Google Scholar]
  203. Ullah, F., Mohammad, N., Mostarda, L., Cacciagrano, D., & Zhao, Y. (2025). Q-p2fl: Quantum-enhanced federated edge intelligence for privacy-preserving adversarial attack detection on consumer edge devices. IEEE Transactions on Consumer Electronics, 71(2), 4914-4924.
    [CrossRef] [Google Scholar]
  204. Zhou, J., Wu, N., Wang, Y., Gu, S., Cao, Z., Dong, X., & Choo, K. K. R. (2022). A differentially private federated learning model against poisoning attacks in edge computing. IEEE Transactions on Dependable and Secure Computing, 20(3), 1941-1958.
    [CrossRef] [Google Scholar]
  205. Zhan, Z., Li, K., Zhang, Y., & Haddadi, H. (2026, April). Systems-Level Attack Surface of Edge Agent Deployments on IoT. In Proceedings of the Sixth European Workshop on Machine Learning and Systems (pp. 99-108).
    [CrossRef] [Google Scholar]
  206. Jonnalagadda, A. K., Natarajan, G. N., Veerapaneni, S. M., & Vikram, S. (2025, October). Edge-Aware Federated AI: Scalable LLM Integration for Privacy-Preserving Big Data Networks. In 2025 5th International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME) (pp. 1-7). IEEE.
    [CrossRef] [Google Scholar]
  207. Han, C., Yang, T., Cui, Z., & Sun, X. (2025). A privacy-preserving and trustworthy inference framework for LLM-IoT integration via hierarchical federated collaborative computing. IEEE Internet of Things Journal, 12(24), 51877-51891.
    [CrossRef] [Google Scholar]
  208. Tan, J., Li, A., Liu, Q., Ran, P., & Zhang, L. (2026). VTarbel: Targeted Label Attack with Minimal Knowledge on Detector-enhanced Vertical Federated Learning. ACM Transactions on Sensor Networks, 22(2), 1-33.
    [CrossRef] [Google Scholar]
  209. Han, S., Han, X., Zhao, P., & Zhang, S. (2026). LFO: Layer-wise Feature Occlusion for Transferable Targeted Adversarial Attacks. Expert Systems with Applications, 131684.
    [CrossRef] [Google Scholar]
  210. Jebreel, N. M., & Domingo-Ferrer, J. (2023). Fl-defender: Combating targeted attacks in federated learning. Knowledge-Based Systems, 260, 110178.
    [CrossRef] [Google Scholar]
  211. Yu, Y., Liu, Q., Wu, L., Yu, R., Yu, S. L., & Zhang, Z. (2023, June). Untargeted attack against federated recommendation systems via poisonous item embeddings and the defense. In Proceedings of the AAAI conference on artificial intelligence (Vol. 37, No. 4, pp. 4854-4863).
    [CrossRef] [Google Scholar]
  212. Pathak, J., Mundra, P., Sejpal, Y., Mahapatra, T., & Rajput, A. S. (2026). Early round detection Protocols: strategies against Untargeted adversarial attacks in federated learning Network. Computer Networks, 112098.
    [CrossRef] [Google Scholar]
  213. Mhamdi, E. M. E., Guerraoui, R., & Rouault, S. (2018). The hidden vulnerability of distributed learning in byzantium. arXiv preprint arXiv:1802.07927.
    [CrossRef] [Google Scholar]
  214. Colosimo, F., & De Rango, F. (2023, October). Median-krum: A joint distance-statistical based byzantine-robust algorithm in federated learning. In Proceedings of the Int'l ACM Symposium on Mobility Management and Wireless Access (pp. 61-68).
    [CrossRef] [Google Scholar]
  215. Zhu, T., Guo, Z., Yao, C., Tan, J., Dou, S., Wang, W., & Han, Z. (2024). Byzantine-robust federated learning via cosine similarity aggregation. Computer Networks, 254, 110730.
    [CrossRef] [Google Scholar]
  216. Zhu, G., Shen, W., Liu, Z., Qin, J., & Ma, J. (2026). BPFLH: Byzantine-Robust Privacy-Preserving Federated Learning for Heterogeneous Data. IEEE Transactions on Dependable and Secure Computing, 23(3), 6103-6118.
    [CrossRef] [Google Scholar]
  217. Zhang, Y., Wang, L., Li, M., Gai, K., & Wang, J. (2026). “malicious or Benign?”: Enhancing the Contribution of Model Updates in Byzantine-Robust Heterogeneous Federated Learning. IEEE Transactions on Network Science and Engineering, 13, 6027-6040.
    [CrossRef] [Google Scholar]
  218. Bolatov, A., Horváth, S., Takáč, M., & Gorbunov, E. (2026). Byzantine-Robust Optimization under $(L_0, L_1) $-Smoothness. arXiv preprint arXiv:2603.12512.
    [CrossRef] [Google Scholar]
  219. Egger, M., Bakshi, M., & Bitar, R. (2025). Byzantine-resilient zero-order optimization for scalable federated fine-tuning of large language models. In ES-FoMo III: 3rd Workshop on Efficient Systems for Foundation Models. https://openreview.net/pdf?id=jeOrrO1Q4N
    [Google Scholar]
  220. Hu, C., Hu, Q., Zhang, M., & Yang, Z. (2025). FDBA: Feature-guided Defense against Byzantine and Adaptive attacks in Federated Learning. Journal of Information Security and Applications, 90, 104035.
    [CrossRef] [Google Scholar]
  221. Luo, H., Sun, G., Liu, Y., Zhao, D., Niyato, D., Yu, H., & Dustdar, S. (2025). A weighted byzantine fault tolerance consensus driven trusted multiple large language models network. IEEE Transactions on Cognitive Communications and Networking, 12, 3815-3830.
    [CrossRef] [Google Scholar]
  222. Mahdavi, A., Aghapour, S., Zamanifar, A., & Farhadi, A. (2026). TinyGuard: A lightweight Byzantine Defense for Resource-Constrained Federated Learning via Statistical Update Fingerprints. arXiv preprint arXiv:2602.02615.
    [CrossRef] [Google Scholar]
  223. Dong, Q., Dai, Z., Gao, Y., Zheng, Y., Fu, A., & Susilo, W. (2026). FORCE: Byzantine-Resilient Decentralized Federated Learning via Game-Theoretic Contribution Aggregation. IEEE Transactions on Information Forensics and Security, 21, 3182-3196.
    [CrossRef] [Google Scholar]
  224. Islamov, R., Malinovsky, G., Gaponov, A., Lucchi, A., Richtárik, P., & Gorbunov, E. (2026). Byzantine-Robust and Differentially Private Federated Optimization under Weaker Assumptions. arXiv preprint arXiv:2603.23472.
    [CrossRef] [Google Scholar]
  225. Das, R., & Sen, B. K. (2026). Dynamic Meta-Layer Aggregation for Byzantine-Robust Federated Learning. arXiv preprint arXiv:2603.16846.
    [CrossRef] [Google Scholar]
  226. Tao, M., Tian, Y., Tu, W., Yang, Y., Yang, X., & Tang, X. (2026). Safe-FedLLM: Delving into the Safety of Federated Large Language Models. arXiv preprint arXiv:2601.07177.
    [CrossRef] [Google Scholar]
  227. Duarte, J. D., Cândido, G. D., De Britto Filho, J. R. A., Neto, J. S., Costa, E. J., Da Costa, J. P. J., & De Melo, L. P. (2026). A Systematic Review of Prompt Injection Attacks on Large Language Models: Trends, Taxonomy, Evaluation, Defenses and Opportunities. IEEE Access, 14, 12875-12899.
    [CrossRef] [Google Scholar]
  228. Geng, T., Xu, Z., Qu, Y., & Wong, W. E. (2026). Prompt injection attacks on large language models: A survey of attack methods, root causes, and defense strategies. Computers, Materials, & Continua, 87(1). Tech Science Press.
    [CrossRef] [Google Scholar]
  229. Liu, Y., Jia, Y., Geng, R., Jia, J., & Gong, N. Z. (2024). Formalizing and benchmarking prompt injection attacks and defenses. In 33rd USENIX Security Symposium (USENIX Security 24) (pp. 1831-1847). https://www.usenix.org/conference/usenixsecurity24/presentation/liu-yupei
    [Google Scholar]
  230. Jain, N., Schwarzschild, A., Wen, Y., Somepalli, G., Kirchenbauer, J., Chiang, P. Y., ... & Goldstein, T. (2023). Baseline defenses for adversarial attacks against aligned language models. arXiv preprint arXiv:2309.00614.
    [CrossRef] [Google Scholar]
  231. Hines, K., Lopez, G., Hall, M., Zarfati, F., Zunger, Y., & Kiciman, E. (2024). Defending against indirect prompt injection attacks with spotlighting. arXiv preprint arXiv:2403.14720.
    [CrossRef] [Google Scholar]
  232. Jia, F., Wu, T., Qin, X., & Squicciarini, A. (2025, July). The task shield: Enforcing task alignment to defend against indirect prompt injection in llm agents. In Proceedings of the 63rd Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers) (pp. 29680-29697).
    [CrossRef] [Google Scholar]
  233. Liu, Y., Deng, G., Li, Y., Wang, K., Wang, Z., Wang, X., ... & Liu, Y. (2023). Prompt injection attack against llm-integrated applications. arXiv preprint arXiv:2306.05499.
    [CrossRef] [Google Scholar]
  234. Greshake, K., Abdelnabi, S., Mishra, S., Endres, C., Holz, T., & Fritz, M. (2023, November). Not what you've signed up for: Compromising real-world llm-integrated applications with indirect prompt injection. In Proceedings of the 16th ACM workshop on artificial intelligence and security (pp. 79-90).
    [CrossRef] [Google Scholar]
  235. Li, Z., Peng, B., He, P., & Yan, X. (2024, November). Evaluating the instruction-following robustness of large language models to prompt injection. In Proceedings of the 2024 Conference on Empirical Methods in Natural Language Processing (pp. 557-568).
    [CrossRef] [Google Scholar]
  236. Zhan, Q., Liang, Z., Ying, Z., & Kang, D. (2024, August). Injecagent: Benchmarking indirect prompt injections in tool-integrated large language model agents. In Findings of the Association for Computational Linguistics: ACL 2024 (pp. 10471-10506).
    [CrossRef] [Google Scholar]
  237. Liu, X., Yu, Z., Zhang, Y., Zhang, N., & Xiao, C. (2024). Automatic and universal prompt injection attacks against large language models. arXiv preprint arXiv:2403.04957.
    [CrossRef] [Google Scholar]
  238. Chen, S., Piet, J., Sitawarin, C., & Wagner, D. (2025). {StruQ: Defending against prompt injection with structured queries. In 34th USENIX Security Symposium (USENIX Security 25) (pp. 2383-2400). https://www.usenix.org/conference/usenixsecurity25/presentation/chen-sizhe
    [Google Scholar]
  239. Perez, F., & Ribeiro, I. (2022). Ignore previous prompt: Attack techniques for language models. arXiv preprint arXiv:2211.09527.
    [CrossRef] [Google Scholar]
  240. Chen, Y., Li, H., Sui, Y., He, Y., Liu, Y., Song, Y., & Hooi, B. (2025, July). Can indirect prompt injection attacks be detected and removed?. In Proceedings of the 63rd Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers) (pp. 18189-18206).
    [CrossRef] [Google Scholar]
  241. Seo, J., Zhang, N., & Rong, C. (2023, December). Flexible and secure code deployment in federated learning using large language models: prompt engineering to enhance malicious code detection. In 2023 IEEE International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 341-349). IEEE.
    [CrossRef] [Google Scholar]
  242. Jayathilaka, H. (2025). Privacy-Preserving Prompt Injection Detection for LLMs Using Federated Learning and Embedding-Based NLP Classification. arXiv preprint arXiv:2511.12295.
    [CrossRef] [Google Scholar]
  243. Lee, Y., Park, T., Lee, Y., Gong, J., & Kang, J. (2025). Exploring potential prompt injection attacks in federated military llms and their mitigation. arXiv preprint arXiv:2501.18416.
    [CrossRef] [Google Scholar]
  244. Wang, X., Bloch, J., Shao, Z., Hu, Y., Zhou, S., & Gong, N. Z. (2025, November). Webinject: Prompt injection attack to web agents. In Proceedings of the 2025 Conference on Empirical Methods in Natural Language Processing (pp. 2010-2030).
    [CrossRef] [Google Scholar]
  245. Yi, J., Xie, Y., Zhu, B., Kiciman, E., Sun, G., Xie, X., & Wu, F. (2025, July). Benchmarking and defending against indirect prompt injection attacks on large language models. In Proceedings of the 31st ACM SIGKDD Conference on Knowledge Discovery and Data Mining V. 1 (pp. 1809-1820).
    [CrossRef] [Google Scholar]
  246. Debenedetti, E., Zhang, J., Balunovic, M., Beurer-Kellner, L., Fischer, M., & Tramèr, F. (2024). Agentdojo: A dynamic environment to evaluate prompt injection attacks and defenses for llm agents. Advances in Neural Information Processing Systems, 37, 82895-82920.
    [Google Scholar]
  247. Hanna, M. G., Pantanowitz, L., Jackson, B., Palmer, O., Visweswaran, S., Pantanowitz, J., ... & Rashidi, H. H. (2025). Ethical and bias considerations in artificial intelligence/machine learning. Modern Pathology, 38(3), 100686.
    [CrossRef] [Google Scholar]
  248. Hall, Z., Subbiah, M., Zollo, T., McKeown, K., & Zemel, R. (2026). Guiding LLM decision-making with fairness reward models. Advances in Neural Information Processing Systems, 38, 145422-145456.
    [Google Scholar]
  249. Wang, L., Li, Q., Cui, D., Wang, M., Zhao, Y., Xu, Y., ... & Wang, L. (2025, April). Building Bridges, Not Walls: Fairness-Aware and Accurate Recommendation of Code Reviewers via LLm-Based Agents Collaboration. In 2025 IEEE/ACM 33rd International Conference on Program Comprehension (ICPC) (pp. 577-588). IEEE.
    [CrossRef] [Google Scholar]
  250. Saeidnia, H. R. (2023). Ethical artificial intelligence (AI): confronting bias and discrimination in the library and information industry. Library Hi Tech News.
    [CrossRef] [Google Scholar]
  251. Islam, M. M., & Shuford, J. (2024). A survey of ethical considerations in AI: navigating the landscape of bias and fairness. Journal of Artificial Intelligence General Science (JAIGS) ISSN: 3006-4023, 1(1). https://ideas.repec.org/a/das/njaigs/v1y2024i1id27.html
    [Google Scholar]
  252. Hine, E., & Floridi, L. (2023). The blueprint for an AI bill of rights: In search of enaction, at risk of inaction. Minds and Machines, 33(2), 285-292.
    [CrossRef] [Google Scholar]
  253. Sjoding, M. W., Dickson, R. P., Iwashyna, T. J., Gay, S. E., & Valley, T. S. (2020). Racial bias in pulse oximetry measurement. New England Journal of Medicine, 383(25), 2477-2478.
    [CrossRef] [Google Scholar]
  254. European Parliament and Council. (2024). Regulation (EU) 2024/1689 (Artificial Intelligence Act). Official Journal of the European Union. https://www.wsgr.com/a/web/qrkz1SnNzWw6nk7B3oAyDa/10-things-you-should-know-about-the-eu-artificial-intelligence-act_v2.pdf
    [Google Scholar]
  255. Naidu, G., Zuva, T., & Sibanda, E. M. (2023, April). A review of evaluation metrics in machine learning algorithms. In Computer science on-line conference (pp. 15-25). Cham: Springer International Publishing.
    [CrossRef] [Google Scholar]
  256. Fan, X., Ma, Y., Dai, Z., Jing, W., Tan, C., & Low, B. K. H. (2021). Fault-tolerant federated reinforcement learning with theoretical guarantee. Advances in neural information processing systems, 34, 1007-1021.
    [Google Scholar]
  257. Huang, W., Li, T., Wang, D., Du, S., Zhang, J., & Huang, T. (2022). Fairness and accuracy in horizontal federated learning. Information Sciences, 589, 170-185.
    [CrossRef] [Google Scholar]
  258. Li, Y., Wang, X., Xu, W., Wang, H., Qi, Y., Dong, J., & Li, R. (2026). Feature distillation is the better choice for model-heterogeneous federated learning. Advances in Neural Information Processing Systems, 38, 104726-104744.
    [Google Scholar]
  259. Che, H., Jin, H., Gu, Z., Lin, Y., Jin, C., & Chen, H. (2025). Llm-driven medical report generation via communication-efficient heterogeneous federated learning. IEEE Transactions on Medical Imaging, 45(1), 28-39.
    [CrossRef] [Google Scholar]
  260. Li, A., Chen, Y., Long, W., Yin, Y., Hu, Y., Kim, H., ... & Chen, Q. (2026). A Federated and Parameter-Efficient Framework for Large Language Model Training in Medicine. arXiv preprint arXiv:2601.22124.
    [CrossRef] [Google Scholar]
  261. Shin, J., Yoon, H., Lee, S., Park, S., Liu, Y., Choi, J. D., & Lee, S. J. (2023, December). Fedtherapist: Mental health monitoring with user-generated linguistic expressions on smartphones via federated learning. In Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing (pp. 11971-11988).
    [CrossRef] [Google Scholar]
  262. Liu, Y., Zhai, Y., Qu, B., Xue, H., & Liu, X. (2025). Fed-WGCA: A Federated Learning Framework With Coordinate Attention and WGAN for Enhanced Performance. IEEE Internet of Things Journal, 13(6), 11456-11471.
    [CrossRef] [Google Scholar]
  263. Vu, M., Nguyen, T., & Thai, M. T. (2024, April). Analysis of privacy leakage in federated large language models. In International Conference on Artificial Intelligence and Statistics (pp. 1423-1431). PMLR.
    [Google Scholar]
  264. Djuhera, A., Andrei, V. C., Li, X., Mönich, U. J., Boche, H., & Saad, W. (2025). R-SFLLM: Jamming resilient framework for split federated learning with large language models. IEEE Transactions on Information Forensics and Security, 20, 8296-8311.
    [CrossRef] [Google Scholar]
  265. Doğruluk, E., & Açıkgöz, H. (2025, September). Edge-Centric Federated Learning for LLMs in Smart Manufacturing: Architectures, Challenges, and Opportunities. In 2025 4th International Conference on Innovative Mechanisms for Industry Applications (ICIMIA) (pp. 1250-1256). IEEE.
    [CrossRef] [Google Scholar]
  266. Xia, Y., Chen, Y., Zhao, Y., Kuang, L., Liu, X., Hu, J., & Liu, Z. (2024). FCLLM-DT: Enpowering federated continual learning with large language models for digital-twin-based industrial IoT. IEEE Internet of Things Journal, 12(6), 6070-6081.
    [CrossRef] [Google Scholar]
  267. Xia, L., Fan, J., Parlikad, A., Huang, X., & Zheng, P. (2024). Unlocking large language model power in industry: Privacy-preserving collaborative creation of knowledge graph. IEEE Transactions on Big Data, 11(4), 2046-2060.
    [CrossRef] [Google Scholar]
  268. Hasan, M. K., Kabir, S. R., Islam, S., Abdullah, S., Abbas, H. S., Pandey, B., & Gadekallu, T. R. (2025). AES Cryptography Enabled Responsible Federated Foundation Model Using Transformer LLM and LSTM for Smart Grid IIoT Networks. IEEE Internet of Things Journal, 12(23), 49801-49810.
    [CrossRef] [Google Scholar]
  269. Wan, Z., Guo, C., Hu, B., Du, J., Mou, X., & Zhang, J. (2025, August). LLM-Based V2X Multi-Model Sensor Data Fusion for Improved Road Safety and Data Privacy. In 2025 34th International Conference on Computer Communications and Networks (ICCCN) (pp. 1-6). IEEE.
    [CrossRef] [Google Scholar]
  270. Xiang, T., Bi, Y., Zhi, M., & Cai, L. (2025). FLAD: Federated-Trained Large Language Models for Autonomous Driving. IEEE Network.
    [CrossRef] [Google Scholar]
  271. Chen, J., He, J., Chen, F., Lv, Z., Tang, J., & Jia, Y. (2024). Empowering IoT-based autonomous driving via federated instruction tuning with feature diversity. IEEE Internet of Things Journal, 12(6), 6095-6108.
    [CrossRef] [Google Scholar]
  272. Reddy, M. S., Karnati, H., & Sundari, L. M. (2024). Transformer-based federated learning models for recommendation systems. IEEE Access, 12, 109596--109607.
    [CrossRef] [Google Scholar]
  273. Wang, Y., Tang, X., Lu, Y., & Liu, N. (2023, November). Research on the fairness of cold-start recommender system based on federated learning framework. In Proceedings of the 2023 5th International Conference on Internet of Things, Automation and Artificial Intelligence (pp. 802-807).
    [CrossRef] [Google Scholar]
  274. Xia, Y., Feng, H., Ge, Q., Rodrigues, J., Gadekallu, T. R., & Fang, K. (2025). Federated Learning based Water Streamflow Forecasting via Multi-Sensor Data Fusion. Information Fusion, 104020.
    [CrossRef] [Google Scholar]
  275. Guo, L., Lu, Z., Yu, J., Nguyen, Q. V. H., & Yin, H. (2024, May). Prompt-enhanced federated content representation learning for cross-domain recommendation. In Proceedings of the ACM Web Conference 2024 (pp. 3139-3149).
    [CrossRef] [Google Scholar]
  276. Chen, S., Long, G., Shen, T., & Jiang, J. (2023). Prompt federated learning for weather forecasting: Toward foundation models on meteorological data. arXiv preprint arXiv:2301.09152.
    [CrossRef] [Google Scholar]
  277. Pham, T., Furno, A., Chamroukhi, F., & Oukhellou, L. (2026). Federated dynamic modeling and learning for spatiotemporal data forecasting. Neurocomputing, 132712.
    [CrossRef] [Google Scholar]
  278. Chen, P., Zeng, X., Zhao, M., Shen, M., Cheng, W., Yu, G., & Chen, T. (2026). Sparse-vdit: Unleashing the power of sparse attention to accelerate video diffusion transformers. In Proceedings of the AAAI Conference on Artificial Intelligence, 40(4), 2957-2965.
    [CrossRef] [Google Scholar]
  279. Egashira, K., Vero, M., Staab, R., He, J., & Vechev, M. (2024). Exploiting llm quantization. Advances in Neural Information Processing Systems, 37, 41709-41732.
    [Google Scholar]
  280. Fan, T., Ma, G., Song, Y., Fan, L., & Yang, Q. (2025, November). PPC-GPT: federated task-specific compression of large language models via pruning and chain-of-thought distillation. In Proceedings of the 2025 Conference on Empirical Methods in Natural Language Processing (pp. 14794-14805).
    [CrossRef] [Google Scholar]
  281. Ma, X., Fang, G., & Wang, X. (2023). Llm-pruner: On the structural pruning of large language models. Advances in neural information processing systems, 36, 21702-21720.
    [Google Scholar]
  282. Wang, J., Wu, Y., Xiong, X., Zhang, Y., Lyu, Z., Ghoneim, A., & Zhao, H. (2025). FedLMA: A Federated Learning Framework Integrating LLM-Based Multi-Agent Reasoning With Knowledge Distillation. IEEE Transactions on Consumer Electronics, 71(4), 11339-11349.
    [CrossRef] [Google Scholar]
  283. Liu, Z., Desai, A., Liao, F., Wang, W., Xie, V., Xu, Z., ... & Shrivastava, A. (2023). Scissorhands: Exploiting the persistence of importance hypothesis for llm kv cache compression at test time. Advances in Neural Information Processing Systems, 36, 52342-52364.
    [Google Scholar]
  284. Fan, Q., Zou, A., & Ma, Y. (2026, March). Timebill: Time-budgeted inference for large language models. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 36, pp. 30620-30628).
    [CrossRef] [Google Scholar]
  285. Chennam, K. K., V, U. M., Aluvalu, R., Chinthaginjala, R., Ab Wahab, M. N., Zhao, X., & Tolba, A. (2025). Load balancing for cloud computing using optimized cluster based federated learning. Scientific Reports, 15(1), 41328.
    [CrossRef] [Google Scholar]
  286. Wang, Z., Hong, C., Parmar, D., Ma, S., Zhao, Z., Zhao, Q., & Liu, X. (2026, March). SpecProto: A Parallelizing Compiler for Speculative Decoding of Large Protocol Buffers Data. In Proceedings of the 31st ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2 (pp. 1848-1862).
    [CrossRef] [Google Scholar]
  287. Liu, Z., Jiang, Y., Shen, J., Peng, M., Lam, K. Y., Yuan, X., & Liu, X. (2024). A survey on federated unlearning: Challenges, methods, and future directions. ACM Computing Surveys, 57(1), 1-38.
    [CrossRef] [Google Scholar]
  288. Wang, W., Tian, Z., Zhang, C., & Yu, S. (2026). BlindU: Blind Machine Unlearning without Revealing Erasing Data. IEEE Transactions on Pattern Analysis and Machine Intelligence, 48(5), 5963-5978.
    [CrossRef] [Google Scholar]
  289. Zuo, X., Wang, M., Zhu, T., Zhang, L., Ye, D., Yu, S., & Zhou, W. (2026). Federated TrustChain: Blockchain-enhanced LLM training and unlearning. IEEE Transactions on Dependable and Secure Computing, 23(3), 6457-6473.
    [CrossRef] [Google Scholar]
  290. Marco-Pérez, I., Pérez, B., Rubio Garcia, A. L., & Zapata, M. A. (2026). The Many Faces of Data Deletion: On the Significance and Implications of Deleting Data. ACM Computing Surveys, 58(7), 1-31.
    [CrossRef] [Google Scholar]
  291. Wang, L., Zhang, X., Su, H., & Zhu, J. (2024). A comprehensive survey of continual learning: Theory, method and application. IEEE transactions on pattern analysis and machine intelligence, 46(8), 5362-5383.
    [CrossRef] [Google Scholar]
  292. Yang, X., Yu, H., Gao, X., Wang, H., Zhang, J., & Li, T. (2024). Federated continual learning via knowledge fusion: A survey. IEEE Transactions on Knowledge and Data Engineering, 36(8), 3832-3850.
    [CrossRef] [Google Scholar]
  293. Feng, T., Li, X., Liu, H., Wang, Z., & Shen, B. (2026). WarmFed: Federated Learning With Warm-Start for Globalization and Personalization via Personalized Diffusion Models. IEEE Transactions on Industrial Informatics, 22(6), 4647-4658.
    [CrossRef] [Google Scholar]
  294. Li, C., Wong, C., Zhang, S., Usuyama, N., Liu, H., Yang, J., ... & Gao, J. (2023, December). LLaVA-med: training a large language-and-vision assistant for biomedicine in one day. In Proceedings of the 37th International Conference on Neural Information Processing Systems (pp. 28541-28564).
    [Google Scholar]
  295. Mao, Y., Qin, Z., Zhou, J., Fan, B., Zhang, J., Zhong, Y., & Dai, Y. (2026). Learning Spatial Decay for Vision Transformers. In Proceedings of the AAAI Conference on Artificial Intelligence, 40(10), 7945--7953.
    [CrossRef] [Google Scholar]
  296. Kelly, B. S., Duignan, S., Mathur, P., Dillon, H., Lee, E. H., Yeom, K. W., ... & Killeen, R. P. (2025). Can ChatGPT4-vision identify radiologic progression of multiple sclerosis on brain MRI?. European Radiology Experimental, 9(1), 9.
    [CrossRef] [Google Scholar]
  297. Zhang, J., Sun, C., & Peng, Y. (2026). ProtoMFL: a robust multimodal federated learning framework via cross-modal prototype integration. The Journal of Supercomputing, 82(5), 269.
    [CrossRef] [Google Scholar]
  298. Gu, Z., Zhang, K., Bai, G., Chen, L., Zhao, L., & Yang, C. (2023, April). Dynamic activation of clients and parameters for federated learning over heterogeneous graphs. In 2023 IEEE 39th International Conference on Data Engineering (ICDE) (pp. 1597-1610). IEEE.
    [CrossRef] [Google Scholar]
  299. Deng, Z., Ma, W., Han, Q. L., Zhou, W., Zhu, X., Wen, S., & Xiang, Y. (2025). Exploring DeepSeek: A survey on advances, applications, challenges and future directions. IEEE/CAA Journal of Automatica Sinica, 12(5), 872-893.
    [CrossRef] [Google Scholar]
  300. Zhang, S., Huang, H., Zhang, C., & Li, X. (2026). QwenStyle: Content-Preserving Style Transfer with Qwen-Image-Edit. arXiv preprint arXiv:2601.06202.
    [CrossRef] [Google Scholar]
  301. Huang, D., & Wang, Z. (2025, June). Llms at the edge: Performance and efficiency evaluation with ollama on diverse hardware. In 2025 International Joint Conference on Neural Networks (IJCNN) (pp. 1-8). IEEE.
    [CrossRef] [Google Scholar]
  302. Hundera, N. W., Elhabob, R., Adhikari, D., & Xiong, H. (2026). A Blockchain-Based Revocable Identity-Based Proxy Re-Encryption Scheme with Cryptographic Reverse Firewalls for Secure Data Sharing. Journal of Reliable and Secure Computing, 2(1), 50-65.
    [CrossRef] [Google Scholar]
  303. Elhabob, R., Elkhalil, A., Hadabi, A., Taha, M., Hundera, N. W., & Eltayieb, N. (2026). Certificateless Encryption Supporting Equality Test with Cryptographic Reverse Firewalls in Smart City. Journal of Reliable and Secure Computing, 2(1), 66-82.
    [CrossRef] [Google Scholar]
  304. Li, C., Lv, P., Gao, Y., Yuan, X., Zhang, S., Chen, K., ... & Li, Y. (2026). FedWM: Data-Free Watermarking for Model Ownership Protection in Federated Learning. IEEE Transactions on Dependable and Secure Computing, 23(3), 5135-5149.
    [CrossRef] [Google Scholar]
  305. Brant-Zawadzki, G., Klapthor, B., Ryba, C., Youngquist, D. C., Burton, B., Palatinus, H., & Youngquist, S. T. (2025). The performance of ChatGPT-4 and Gemini Ultra 1.0 for quality assurance review in emergency medical services chest pain calls. Prehospital Emergency Care, 29(3), 210-217.
    [CrossRef] [Google Scholar]
  306. Nguyen, D. C., Ding, M., Pathirana, P. N., Seneviratne, A., Li, J., & Poor, H. V. (2021). Federated learning for internet of things: A comprehensive survey. IEEE communications surveys & tutorials, 23(3), 1622-1658.
    [CrossRef] [Google Scholar]
  307. Yuan, L., Wang, Z., Sun, L., Yu, P. S., & Brinton, C. G. (2024). Decentralized federated learning: A survey and perspective. IEEE Internet of Things Journal, 11(21), 34617-34638.
    [CrossRef] [Google Scholar]
  308. Chen, J., Yan, H., Liu, Z., Zhang, M., Xiong, H., & Yu, S. (2024). When federated learning meets privacy-preserving computation. ACM Computing Surveys, 56(12), 1-36.
    [CrossRef] [Google Scholar]
  309. Sanjalawe, Y., Al-E’mari, S., Fraihat, S., & Makhadmeh, S. (2025). AI-driven job scheduling in cloud computing: a comprehensive review. Artificial Intelligence Review, 58(7), 197.
    [CrossRef] [Google Scholar]
  310. McMahan, B., Moore, E., Ramage, D., Hampson, S., & y Arcas, B. A. (2017, April). Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics (pp. 1273-1282). Pmlr.
    [Google Scholar]
  311. Beltrán, E. T. M., Pérez, M. Q., Sánchez, P. M. S., Bernal, S. L., Bovet, G., Pérez, M. G., ... & Celdrán, A. H. (2023). Decentralized federated learning: Fundamentals, state of the art, frameworks, trends, and challenges. IEEE Communications Surveys & Tutorials, 25(4), 2983-3013.
    [CrossRef] [Google Scholar]
  312. Liu, Y., Kang, Y., Zou, T., Pu, Y., He, Y., Ye, X., ... & Yang, Q. (2024). Vertical federated learning: Concepts, advances, and challenges. IEEE transactions on knowledge and data engineering, 36(7), 3615-3634.
    [CrossRef] [Google Scholar]
  313. Ye, M., Shen, W., Du, B., Snezhko, E., Kovalev, V., & Yuen, P. C. (2025). Vertical federated learning for effectiveness, security, applicability: A survey. ACM Computing Surveys, 57(9), 1-32.
    [CrossRef] [Google Scholar]
  314. Zhang, X., Mavromatis, A., Vafeas, A., Nejabati, R., & Simeonidou, D. (2023). Federated feature selection for horizontal federated learning in IoT networks. IEEE Internet of Things Journal, 10(11), 10095-10112.
    [CrossRef] [Google Scholar]
  315. Fan, Z., Fang, H., Zhou, Z., Pei, J., Friedlander, M. P., Liu, C., & Zhang, Y. (2022, May). Improving fairness for data valuation in horizontal federated learning. In 2022 IEEE 38th International Conference on Data Engineering (ICDE) (pp. 2440-2453). IEEE.
    [CrossRef] [Google Scholar]
  316. He, C., Annavaram, M., & Avestimehr, S. (2020). Group knowledge transfer: Federated learning of large cnns at the edge. Advances in neural information processing systems, 33, 14068-14080.
    [Google Scholar]
  317. Otoum, S., Guizani, N., & Mouftah, H. (2022). On the feasibility of split learning, transfer learning and federated learning for preserving security in its systems. IEEE Transactions on Intelligent Transportation Systems, 24(7), 7462-7470.
    [CrossRef] [Google Scholar]
  318. Li, Y., Su, H., Li, H., Yang, H., Zhuang, X., Xue, H., ... & Razzak, I. (2026, March). FedCD: Towards Consolidated Distillation for Heterogeneous Federated Learning. In Proceedings of the AAAI Conference on Artificial Intelligence (Vol. 40, No. 28, pp. 23256-23264).
    [CrossRef] [Google Scholar]
  319. Zuo, Z., Ye, H., Li, J., & Ge, Y. (2026). A Robust and Heterogeneity-Aware Federated Learning Framework with Knowledge Distillation for Cross-Regional Load Forecasting. IEEE Transactions on Smart Grid.
    [CrossRef] [Google Scholar]

Cite This Article

APA Style
Adhikari, D., Ullah, I., Khadim, M., Hundera, N. W., Ssemwogerere, R., Debela, L. B., Jiang, W., & Xiong, H. (2026). A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge. Journal of Reliable and Secure Computing, 2(2), 111-155. https://doi.org/10.62762/JRSC.2026.942513
Export Citation
RIS Format
Compatible with EndNote, Zotero, Mendeley, and other reference managers
TY  - JOUR
AU  - Adhikari, Deepak
AU  - Ullah, Inam
AU  - Khadim, Mustafa
AU  - Hundera, Negalign Wake
AU  - Ssemwogerere, Rajab
AU  - Debela, Lemessa Bona
AU  - Jiang, Wei
AU  - Xiong, Hu
PY  - 2026
DA  - 2026/06/17
TI  - A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge
JO  - Journal of Reliable and Secure Computing
T2  - Journal of Reliable and Secure Computing
JF  - Journal of Reliable and Secure Computing
VL  - 2
IS  - 2
SP  - 111
EP  - 155
DO  - 10.62762/JRSC.2026.942513
UR  - https://www.icck.org/article/abs/JRSC.2026.942513
KW  - federated learning
KW  - large language model
KW  - privacy preserving
AB  - Large Language Models (LLMs) have revolutionized natural language processing, yet their deployment is hindered by data, computation, and privacy constraints. Federated Learning (FL) offers a promising solution by enabling collaborative, privacy-preserving training across distributed devices, while the push for low-latency on-device intelligence further drives LLM integration into FL and edge settings—posing new challenges in heterogeneity and resource limits. This survey comprehensively reviews the integration of LLMs with federated learning, termed FLM, and its deployment at the edge, with particular emphasis on the robustness, privacy, and trustworthiness challenges that emerge across the LLM lifecycle from pre-training to deployment. We analyze core challenges including communication cost, system heterogeneity, privacy risks, and scalability, with a focus on edge-oriented efficiency techniques such as pruning and quantization. Security vulnerabilities and defenses are also discussed, alongside trade-offs among privacy, robustness, and performance. We further examine demographic, contribution-related, and performance-related biases that can emerge in FLM systems. Finally, we outline open research directions, underscoring the potential of federated and edge intelligence to enable scalable, privacy-aware LLM ecosystems, and aim to offer a unified perspective to guide future research in this fast-moving field.
SN  - 3070-6424
PB  - Institute of Central Computation and Knowledge
LA  - English
ER  -
BibTeX Format
Compatible with LaTeX, BibTeX, and other reference managers
@article{Adhikari2026A,
  author = {Deepak Adhikari and Inam Ullah and Mustafa Khadim and Negalign Wake Hundera and Rajab Ssemwogerere and Lemessa Bona Debela and Wei Jiang and Hu Xiong},
  title = {A Comprehensive Survey on Robustness and Privacy in Federated Learning Meets Large Language Model at Edge},
  journal = {Journal of Reliable and Secure Computing},
  year = {2026},
  volume = {2},
  number = {2},
  pages = {111-155},
  doi = {10.62762/JRSC.2026.942513},
  url = {https://www.icck.org/article/abs/JRSC.2026.942513},
  abstract = {Large Language Models (LLMs) have revolutionized natural language processing, yet their deployment is hindered by data, computation, and privacy constraints. Federated Learning (FL) offers a promising solution by enabling collaborative, privacy-preserving training across distributed devices, while the push for low-latency on-device intelligence further drives LLM integration into FL and edge settings—posing new challenges in heterogeneity and resource limits. This survey comprehensively reviews the integration of LLMs with federated learning, termed FLM, and its deployment at the edge, with particular emphasis on the robustness, privacy, and trustworthiness challenges that emerge across the LLM lifecycle from pre-training to deployment. We analyze core challenges including communication cost, system heterogeneity, privacy risks, and scalability, with a focus on edge-oriented efficiency techniques such as pruning and quantization. Security vulnerabilities and defenses are also discussed, alongside trade-offs among privacy, robustness, and performance. We further examine demographic, contribution-related, and performance-related biases that can emerge in FLM systems. Finally, we outline open research directions, underscoring the potential of federated and edge intelligence to enable scalable, privacy-aware LLM ecosystems, and aim to offer a unified perspective to guide future research in this fast-moving field.},
  keywords = {federated learning, large language model, privacy preserving},
  issn = {3070-6424},
  publisher = {Institute of Central Computation and Knowledge}
}

Article Metrics

Citations
Crossref
0
Scopus
0
Views
19
PDF Downloads
3

Publisher's Note

ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and Permissions

CC BY Copyright © 2026 by the Author(s). Published by Institute of Central Computation and Knowledge. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made.
Journal of Reliable and Secure Computing
Journal of Reliable and Secure Computing
ISSN: 3070-6424 (Online)
Portico
Preserved at
Portico

Article QR Code

Article QR Code
Scan to read this article
Submit Manuscript Edit a Special Issue

Popular Articles

Share This Article