联邦学习（FL）是一种在去中心化数据上训练机器学习模型且保护隐私的有前景的方法。然而，隐私风险，特别是成员推理攻击（MIAs），仍然是一个重大问题，这类攻击旨在确定特定数据点是否属于目标客户端的训练集。现有的联邦学习中实现MIAs的方法主要分析来自目标客户端的更新，关注损失、梯度范数和梯度差异等指标。然而，这些方法未能利用来自非目标客户端的更新，可能未充分利用可用信息。本文首先基于非目标客户端更新的可能性，制定了一种单尾似然比假设检验。在此基础上，我们引入了一种三步成员推理攻击（MIA）方法，称为FedMIA，遵循“众人拾柴火焰高”的原则——利用多个通信轮次中所有客户端的更新，增强MIA的有效性。理论分析和广泛的实验结果表明，FedMIA在分类和生成任务中均优于现有的MIAs。此外，它还可以作为现有方法的扩展集成，并对各种防御策略、非独立同分布（Non-IID）数据和不同的联邦结构具有鲁棒性。我们的代码可在https://github.com/Liar-Mask/FedMIA获取。

Federated Learning (FL) is a promising approach for training machine learning models on decentralized data while preserving privacy. However, privacy risks, particularly Membership Inference Attacks (MIAs), which aim to determine whether a specific data point belongs to a target client's training set, remain a significant concern. Existing methods for implementing MIAs in FL primarily analyze updates from the target client, focusing on metrics such as loss, gradient norm, and gradient difference. However, these methods fail to leverage updates from non-target clients, potentially underutilizing available information. In this paper, we first formulate a one-tailed likelihood-ratio hypothesis test based on the likelihood of updates from non-target clients. Building upon this formulation, we introduce a three-step Membership Inference Attack (MIA) method, called FedMIA, which follows the "all for one"--leveraging updates from all clients across multiple communication rounds to enhance MIA effectiveness. Both theoretical analysis and extensive experimental results demonstrate that FedMIA outperforms existing MIAs in both classification and generative tasks. Additionally, it can be integrated as an extension to existing methods and is robust against various defense strategies, Non-IID data, and different federated structures. Our code is available in https://github.com/Liar-Mask/FedMIA.