TY - GEN
T1 - Advancing Evasion
T2 - 25th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2024
AU - Wang, Jian
AU - Shen, Hong
AU - Ke, Wei
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.
PY - 2025
Y1 - 2025
N2 - Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.
AB - Federated Learning (FL) is vulnerable to backdoor attacks through data poisoning if the data is not scrutinized, as malicious participants can inject backdoor triggers in normal samples, leading to poisoned updates. Distributed backdoor attacks pose a greater threat than centralized ones, as they often use fixed pixel blocks as triggers, increasing the risk of detection. This paper presents a novel distributed backdoor attack strategy that leverages edge structure poisoning to circumvent existing defense mechanisms, employing a distributed poisoning strategy to evade current defense mechanisms, thereby enhancing the stealth of the attack. Experimental results on multiple benchmark datasets demonstrate that this method is more effective and stealthy compared to other backdoor attack methods. Furthermore, this paper also proposes targeted defense strategies based on the experimental results, offering a new perspective on the security of FL systems.
KW - Distributed Backdoor Attack
KW - Federated Learning
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=105002715932&partnerID=8YFLogxK
U2 - 10.1007/978-981-96-4207-6_34
DO - 10.1007/978-981-96-4207-6_34
M3 - Conference contribution
AN - SCOPUS:105002715932
SN - 9789819642069
T3 - Lecture Notes in Computer Science
SP - 372
EP - 382
BT - Parallel and Distributed Computing, Applications and Technologies - 25th International Conference, PDCAT 2024, Proceedings
A2 - Li, Yupeng
A2 - Xu, Jianliang
A2 - Zhang, Yong
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 13 December 2024 through 15 December 2024
ER -