Federated learning is a machine learning paradigm that emerges as a solution to the privacy-preservation demands in artificial intelligence. As machine learning, federated learning is threatened by adversarial attacks against the integrity of the learning model and the privacy of data via a distributed approach to tackle local and global learning. This weak point is exacerbated by the inaccessibility of data in federated learning, which makes the protection against adversarial attacks harder and evidences the need to furtherance the research on defence methods to make federated learning a real solution for safeguarding data privacy. In this paper, we present an extensive review of the threats of federated learning, as well as as their corresponding countermeasures, attacks versus defences. This survey provides a taxonomy of adversarial attacks and a taxonomy of defence methods that depict a general picture of this vulnerability of federated learning and how to overcome it. Likewise, we expound guidelines for selecting the most adequate defence method according to the category of the adversarial attack. Besides, we carry out an extensive experimental study from which we draw further conclusions about the behaviour of attacks and defences and the guidelines for selecting the most adequate defence method according to the category of the adversarial attack. Finally, we present our learned lessons and challenges.

联邦学习是一种机器学习范式，它作为人工智能中隐私保护需求的解决方案而出现。作为机器学习，联邦学习受到对学习模型完整性和数据隐私的对抗性攻击的威胁，通过分布式方法解决本地和全局学习问题。联邦学习中数据的不可访问性加剧了这一弱点，这使得对抗性攻击的保护更加困难，并证明有必要进一步研究防御方法，以使联邦学习成为保护数据隐私的真正解决方案。在本文中，我们对联邦学习的威胁及其相应的对策（攻击与防御）进行了广泛的回顾。该调查提供了对抗性攻击的分类法和防御方法的分类法，描绘了联邦学习的这种脆弱性以及如何克服它的一般情况。同样，我们阐述了根据对抗性攻击的类别选择最合适的防御方法的指南。此外，我们进行了广泛的实验研究，从中我们得出关于攻击和防御行为的进一步结论，以及根据对抗性攻击的类别选择最合适的防御方法的指导方针。最后，我们介绍我们的经验教训和挑战。我们阐述了根据对抗性攻击的类别选择最合适的防御方法的指南。此外，我们进行了广泛的实验研究，从中我们得出关于攻击和防御行为的进一步结论，以及根据对抗性攻击的类别选择最合适的防御方法的指导方针。最后，我们介绍我们的经验教训和挑战。我们阐述了根据对抗性攻击的类别选择最合适的防御方法的指南。此外，我们进行了广泛的实验研究，从中我们得出关于攻击和防御行为的进一步结论，以及根据对抗性攻击的类别选择最合适的防御方法的指导方针。最后，我们介绍我们的经验教训和挑战。