Advancing Evasion: Distributed Backdoor Attacks in Federated Learning

Jian Wang; Hong Shen; Wei Ke

doi:10.1007/978-981-96-4207-6_34

Advancing Evasion: Distributed Backdoor Attacks in Federated Learning

Jian Wang, Hong Shen, Wei Ke

Faculty of Applied Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.

Original language	English
Title of host publication	Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings
Editors	Yupeng Li, Jianliang Xu, Yong Zhang
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	372-382
Number of pages	11
ISBN (Print)	9789819642069
DOIs	https://doi.org/10.1007/978-981-96-4207-6_34
Publication status	Published - 2025
Event	25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024 - Hong Kong, China Duration: 13 Dec 2024 → 15 Dec 2024

Publication series

Name	Lecture Notes in Computer Science
Volume	15502 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024
Country/Territory	China
City	Hong Kong
Period	13/12/24 → 15/12/24

Keywords

Distributed Backdoor Attack
Federated Learning
Security

Access to Document

10.1007/978-981-96-4207-6_34

Cite this

Wang, J., Shen, H., & Ke, W. (2025). Advancing Evasion: Distributed Backdoor Attacks in Federated Learning. In Y. Li, J. Xu, & Y. Zhang (Eds.), Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings (pp. 372-382). (Lecture Notes in Computer Science; Vol. 15502 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-96-4207-6_34

Wang, Jian ; Shen, Hong ; Ke, Wei. / Advancing Evasion : Distributed Backdoor Attacks in Federated Learning. Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings. editor / Yupeng Li ; Jianliang Xu ; Yong Zhang. Springer Science and Business Media Deutschland GmbH, 2025. pp. 372-382 (Lecture Notes in Computer Science).

@inproceedings{dbf3c9608a2842ae9b0cab0732fcfd9b,

title = "Advancing Evasion: Distributed Backdoor Attacks in Federated Learning",

abstract = "Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.",

keywords = "Distributed Backdoor Attack, Federated Learning, Security",

author = "Jian Wang and Hong Shen and Wei Ke",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.; 25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024 ; Conference date: 13-12-2024 Through 15-12-2024",

year = "2025",

doi = "10.1007/978-981-96-4207-6_34",

language = "English",

isbn = "9789819642069",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "372--382",

editor = "Yupeng Li and Jianliang Xu and Yong Zhang",

booktitle = "Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings",

address = "Germany",

}

Wang, J, Shen, H & Ke, W 2025, Advancing Evasion: Distributed Backdoor Attacks in Federated Learning. in Y Li, J Xu & Y Zhang (eds), Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings. Lecture Notes in Computer Science, vol. 15502 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 372-382, 25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024, Hong Kong, China, 13/12/24. https://doi.org/10.1007/978-981-96-4207-6_34

Advancing Evasion: Distributed Backdoor Attacks in Federated Learning. / Wang, Jian; Shen, Hong; Ke, Wei.
Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings. ed. / Yupeng Li; Jianliang Xu; Yong Zhang. Springer Science and Business Media Deutschland GmbH, 2025. p. 372-382 (Lecture Notes in Computer Science; Vol. 15502 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Advancing Evasion

T2 - 25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024

AU - Wang, Jian

AU - Shen, Hong

AU - Ke, Wei

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

PY - 2025

Y1 - 2025

N2 - Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.

AB - Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.

KW - Distributed Backdoor Attack

KW - Federated Learning

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=105002715932&partnerID=8YFLogxK

U2 - 10.1007/978-981-96-4207-6_34

DO - 10.1007/978-981-96-4207-6_34

M3 - Conference contribution

AN - SCOPUS:105002715932

SN - 9789819642069

T3 - Lecture Notes in Computer Science

SP - 372

EP - 382

BT - Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings

A2 - Li, Yupeng

A2 - Xu, Jianliang

A2 - Zhang, Yong

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 13 December 2024 through 15 December 2024

ER -

Wang J, Shen H, Ke W. Advancing Evasion: Distributed Backdoor Attacks in Federated Learning. In Li Y, Xu J, Zhang Y, editors, Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings. Springer Science and Business Media Deutschland GmbH. 2025. p. 372-382. (Lecture Notes in Computer Science). doi: 10.1007/978-981-96-4207-6_34