English
Related papers

Related papers: On Feasibility of Server-side Backdoor Attacks on …

200 papers

As a distributed machine learning paradigm, Federated Learning (FL) enables large-scale clients to collaboratively train a model without sharing their raw data. However, due to the lack of data auditing for untrusted clients, FL is…

Machine Learning · Computer Science 2025-09-10 Yanxin Yang , Ming Hu , Xiaofei Xie , Yue Cao , Pengyu Zhang , Yihao Huang , Mingsong Chen

Deep learning models are well known to be susceptible to backdoor attack, where the attacker only needs to provide a tampered dataset on which the triggers are injected. Models trained on the dataset will passively implant the backdoor, and…

Cryptography and Security · Computer Science 2024-06-21 Zonghao Ying , Bin Wu

The safety of decentralized reinforcement learning (RL) is a challenging problem since malicious agents can share their poisoned policies with benign agents. The paper investigates a cooperative backdoor attack in a decentralized…

Machine Learning · Computer Science 2024-05-27 Mengtong Gao , Yifei Zou , Zuyuan Zhang , Xiuzhen Cheng , Dongxiao Yu

These days, deep learning models have achieved great success in multiple fields, from autonomous driving to medical diagnosis. These models have expanded the abilities of artificial intelligence by offering great solutions to complex…

Cryptography and Security · Computer Science 2023-11-27 Gopichandh Golla

Split Learning (SL) is a distributed learning approach that enables resource-constrained clients to collaboratively train deep neural networks (DNNs) by offloading most layers to a central server while keeping in- and output layers on the…

Cryptography and Security · Computer Science 2025-09-15 Nojan Sheybani , Alessandro Pegoraro , Jonathan Knauer , Phillip Rieger , Elissa Mollakuqe , Farinaz Koushanfar , Ahmad-Reza Sadeghi

Backdoor data poisoning attacks have recently been demonstrated in computer vision research as a potential safety risk for machine learning (ML) systems. Traditional data poisoning attacks manipulate training data to induce unreliability of…

Computer Vision and Pattern Recognition · Computer Science 2020-04-27 Loc Truong , Chace Jones , Brian Hutchinson , Andrew August , Brenda Praggastis , Robert Jasper , Nicole Nichols , Aaron Tuor

Federated Instruction Tuning (FIT) enables collaborative instruction tuning of large language models across multiple organizations (clients) in a cross-silo setting without requiring the sharing of private instructions. Recent findings on…

Cryptography and Security · Computer Science 2026-03-03 Haodong Zhao , Jinming Hu , Zhaomin Wu , Zongru Wu , Wei Du , Junyi Hou , Caibei Zhao , Zhuosheng Zhang , Bingsheng He , Gongshen Liu

The privacy-preserving federated learning schemes based on the setting of two honest-but-curious and non-colluding servers offer promising solutions in terms of security and efficiency. However, our investigation reveals that these schemes…

Cryptography and Security · Computer Science 2025-07-31 Jiahui Wu , Fucai Luo , Tiecheng Sun , Haiyan Wang , Weizhe Zhang

The decentralized nature of federated learning makes detecting and defending against adversarial attacks a challenging task. This paper focuses on backdoor attacks in the federated learning setting, where the goal of the adversary is to…

Machine Learning · Computer Science 2019-12-04 Ziteng Sun , Peter Kairouz , Ananda Theertha Suresh , H. Brendan McMahan

When an adversary provides poison samples to a machine learning model, privacy leakage, such as membership inference attacks that infer whether a sample was included in the training of the model, becomes effective by moving the sample to an…

Cryptography and Security · Computer Science 2023-03-23 Yumeki Goto , Nami Ashizawa , Toshiki Shibahara , Naoto Yanai

In a backdoor attack on a machine learning model, an adversary produces a model that performs well on normal inputs but outputs targeted misclassifications on inputs containing a small trigger pattern. Model compression is a widely-used…

Cryptography and Security · Computer Science 2021-05-03 Yulong Tian , Fnu Suya , Fengyuan Xu , David Evans

Backdoor attacks compromise the integrity and reliability of machine learning models by embedding a hidden trigger during the training process, which can later be activated to cause unintended misbehavior. We propose a novel backdoor…

Computer Vision and Pattern Recognition · Computer Science 2024-10-01 Felix Hsieh , Huy H. Nguyen , AprilPyone MaungMaung , Dmitrii Usynin , Isao Echizen

Backdoor attacks pose a serious security threat for training neural networks as they surreptitiously introduce hidden functionalities into a model. Such backdoors remain silent during inference on clean inputs, evading detection due to…

Cryptography and Security · Computer Science 2023-12-15 Lukas Struppek , Martin B. Hentschel , Clifton Poth , Dominik Hintersdorf , Kristian Kersting

Semi-supervised learning methods can train high-accuracy machine learning models with a fraction of the labeled training samples required for traditional supervised learning. Such methods do not typically involve close review of the…

Machine Learning · Computer Science 2022-12-07 Marissa Connor , Vincent Emanuele

Federated learning (FL) is an emerging distributed machine learning paradigm proposed for privacy preservation. Unlike traditional centralized learning approaches, FL enables multiple users to collaboratively train a shared global model…

Cryptography and Security · Computer Science 2024-10-01 Hangyu Zhu , Liyuan Huang , Zhenping Xie

Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time. Although backdoor attacks have been demonstrated…

Privacy-preserving federated learning enables a population of distributed clients to jointly learn a shared model while keeping client training data private, even from an untrusted server. Prior works do not provide efficient solutions that…

Cryptography and Security · Computer Science 2022-02-22 David Byrd , Vaikkunth Mugunthan , Antigoni Polychroniadou , Tucker Hybinette Balch

Internet of things (IoT) devices are prone to attacks due to the limitation of their privacy and security components. These attacks vary from exploiting backdoors to disrupting the communication network of the devices. Intrusion Detection…

Networking and Internet Architecture · Computer Science 2020-12-15 Noor Ali Al-Athba Al-Marri , Bekir Sait Ciftler , Mohamed Abdallah

Malicious agents in collaborative learning and outsourced data collection threaten the training of clean models. Backdoor attacks, where an attacker poisons a model during training to successfully achieve targeted misclassification, are a…

Machine Learning · Computer Science 2022-01-31 Siddhartha Datta , Nigel Shadbolt

Real-world data is usually segmented by attributes and distributed across different parties. Federated learning empowers collaborative training without exposing local data or models. As we demonstrate through designed attacks, even with a…

Machine Learning · Computer Science 2021-04-30 Shuang Zhang , Liyao Xiang , Xi Yu , Pengzhi Chu , Yingqi Chen , Chen Cen , Li Wang