{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T15:27:15Z","timestamp":1776785235259,"version":"3.51.2"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031709029","type":"print"},{"value":"9783031709036","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70903-6_18","type":"book-chapter","created":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:04:30Z","timestamp":1725487470000},"page":"354-374","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Exploiting Layerwise Feature Representation Similarity For Backdoor Defence in\u00a0Federated Learning"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9759-4305","authenticated-orcid":false,"given":"Kane","family":"Walter","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3289-6599","authenticated-orcid":false,"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1835-3475","authenticated-orcid":false,"given":"Salil","family":"Kanhere","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,5]]},"reference":[{"key":"18_CR1","unstructured":"Utilization of fate in risk management of credit in small and micro enterprises. https:\/\/www.fedai.org\/cases\/utilization-of-fate-in-risk-management-of-credit-in-small-and-micro-enterprises\/"},{"key":"18_CR2","doi-asserted-by":"crossref","unstructured":"Andreina, S., Marson, G.A., M\u00f6llering, H., Karame, G.: Baffle: backdoor detection via feedback-based federated learning. In: 41st IEEE International Conference on Distributed Computing Systems, ICDCS 2021, Washington DC, USA, July 7-10, 2021, pp. 852\u2013863. IEEE (2021)","DOI":"10.1109\/ICDCS51616.2021.00086"},{"key":"18_CR3","unstructured":"Bagdasaryan, E., Veit, A., Hua, Y., Estrin, D., Shmatikov, V.: How to backdoor federated learning. In: Chiappa, S., Calandra, R. (eds.) The 23rd International Conference on Artificial Intelligence and Statistics, AISTATS 2020, 26-28 August 2020, Online [Palermo, Sicily, Italy]. Proceedings of Machine Learning Research, vol.\u00a0108, pp. 2938\u20132948. PMLR (2020)"},{"key":"18_CR4","unstructured":"Bhagoji, A.N., Chakraborty, S., Mittal, P., Calo, S.B.: Analyzing federated learning through an adversarial lens. In: Chaudhuri, K., Salakhutdinov, R. (eds.) Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9-15 June 2019, Long Beach, California, USA. Proceedings of Machine Learning Research, vol.\u00a097, pp. 634\u2013643. PMLR (2019)"},{"key":"18_CR5","unstructured":"Blanchard, P., Mhamdi, E.M.E., Guerraoui, R., Stainer, J.: Machine learning with adversaries: byzantine tolerant gradient descent. In: Guyon, I., von Luxburg, U., Bengio, S., Wallach, H.M., Fergus, R., Vishwanathan, S.V.N., Garnett, R. (eds.) Advances in Neural Information Processing Systems 30: Annual Conference on Neural Information Processing Systems 2017, December 4\u20139, 2017, Long Beach, CA, USA, pp. 119\u2013129 (2017)"},{"key":"18_CR6","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.ijmedinf.2018.01.007","volume":"112","author":"TS Brisimi","year":"2018","unstructured":"Brisimi, T.S., Chen, R., Mela, T., Olshevsky, A., Paschalidis, I.C., Shi, W.: Federated learning of predictive models from federated electronic health records. Int. J. Med. Inform. 112, 59\u201367 (2018)","journal-title":"Int. J. Med. Inform."},{"key":"18_CR7","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/978-3-642-37456-2_14","volume-title":"Advances in Knowledge Discovery and Data Mining","author":"RJGB Campello","year":"2013","unstructured":"Campello, R.J.G.B., Moulavi, D., Sander, J.: Density-based clustering based on hierarchical density estimates. In: Pei, J., Tseng, V.S., Cao, L., Motoda, H., Xu, G. (eds.) PAKDD 2013. LNCS (LNAI), vol. 7819, pp. 160\u2013172. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-37456-2_14"},{"key":"18_CR8","doi-asserted-by":"crossref","unstructured":"Cao, X., Fang, M., Liu, J., Gong, N.Z.: FLTrust: byzantine-robust federated learning via trust bootstrapping. In: 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021. The Internet Society (2021)","DOI":"10.14722\/ndss.2021.24434"},{"key":"18_CR9","unstructured":"Chen, M., Mathews, R., Ouyang, T., Beaufays, F.: Federated learning of out-of-vocabulary words. CoRR abs\/1903.10635 (2019). http:\/\/arxiv.org\/abs\/1903.10635"},{"key":"18_CR10","unstructured":"Chen, X., Liu, C., Li, B., Lu, K., Song, D.: Targeted backdoor attacks on deep learning systems using data poisoning. CoRR abs\/1712.05526 (2017). http:\/\/arxiv.org\/abs\/1712.05526"},{"key":"18_CR11","doi-asserted-by":"crossref","unstructured":"Doan, B.G., Abbasnejad, E., Ranasinghe, D.C.: Februus: input Purification Defense Against Trojan Attacks on Deep Neural Network Systems, pp. 897\u2013912. ACM, New York, NY, USA (2020)","DOI":"10.1145\/3427228.3427264"},{"key":"18_CR12","unstructured":"Fang, M., Cao, X., Jia, J., Gong, N.Z.: Local model poisoning attacks to byzantine-robust federated learning. In: Capkun, S., Roesner, F. (eds.) 29th USENIX Security Symposium, USENIX Security 2020, August 12\u201314, 2020, pp. 1605\u20131622. USENIX Association (2020)"},{"key":"18_CR13","unstructured":"Fung, C., Yoon, C.J.M., Beschastnikh, I.: The limitations of federated learning in sybil settings. In: Egele, M., Bilge, L. (eds.) 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2020, San Sebastian, Spain, October 14\u201315, 2020, pp. 301\u2013316. USENIX Association (2020)"},{"key":"18_CR14","doi-asserted-by":"crossref","unstructured":"Gao, Y., Xu, C., Wang, D., Chen, S., Ranasinghe, D.C., Nepal, S.: STRIP: a defence against trojan attacks on deep neural networks. In: Balenson, D. (ed.) Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019, pp. 113\u2013125. ACM (2019)","DOI":"10.1145\/3359789.3359790"},{"key":"18_CR15","unstructured":"Gretton, A., Fukumizu, K., Teo, C.H., Song, L., Sch\u00f6lkopf, B., Smola, A.J.: A kernel statistical test of independence. In: Platt, J.C., Koller, D., Singer, Y., Roweis, S.T. (eds.) Advances in Neural Information Processing Systems 20, Proceedings of the Twenty-First Annual Conference on Neural Information Processing Systems, Vancouver, British Columbia, Canada, December 3\u20136, 2007, pp. 585\u2013592. Curran Associates, Inc. (2007)"},{"key":"18_CR16","doi-asserted-by":"publisher","first-page":"47230","DOI":"10.1109\/ACCESS.2019.2909068","volume":"7","author":"T Gu","year":"2019","unstructured":"Gu, T., Liu, K., Dolan-Gavitt, B., Garg, S.: BadNets: evaluating backdooring attacks on deep neural networks. IEEE Access 7, 47230\u201347244 (2019)","journal-title":"IEEE Access"},{"key":"18_CR17","unstructured":"Hard, A., et al.: Federated learning for mobile keyboard prediction (2018). https:\/\/arxiv.org\/abs\/1811.03604"},{"key":"18_CR18","unstructured":"Kornblith, S., Norouzi, M., Lee, H., Hinton, G.E.: Similarity of neural network representations revisited. In: Chaudhuri, K., Salakhutdinov, R. (eds.) Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9\u201315 June 2019, Long Beach, California, USA. Proceedings of Machine Learning Research, vol.\u00a097, pp. 3519\u20133529. PMLR (2019)"},{"key":"18_CR19","unstructured":"Krizhevsky, A.: Learning multiple layers of features from tiny images. Tech. rep., University of Toronto (2009). https:\/\/www.cs.toronto.edu\/~kriz\/learning-features-2009-TR.pdf"},{"key":"18_CR20","doi-asserted-by":"crossref","unstructured":"Kurita, K., Michel, P., Neubig, G.: Weight poisoning attacks on pretrained models. In: Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics, pp. 2793\u20132806. Association for Computational Linguistics (2020)","DOI":"10.18653\/v1\/2020.acl-main.249"},{"issue":"21","key":"18_CR21","doi-asserted-by":"publisher","first-page":"16505","DOI":"10.1007\/s00521-019-04163-3","volume":"32","author":"H Kusetogullari","year":"2019","unstructured":"Kusetogullari, H., Yavariabdi, A., Cheddad, A., Grahn, H., Hall, J.: ARDIS: a Swedish historical handwritten digit dataset. Neural Comput. Appl. 32(21), 16505\u201316518 (2019). https:\/\/doi.org\/10.1007\/s00521-019-04163-3","journal-title":"Neural Comput. Appl."},{"key":"18_CR22","unstructured":"LeCun, Y., Cortes, C., Burges, C.: MNIST handwritten digit database. ATT Labs 2 (2010). http:\/\/yann.lecun.com\/exdb\/mnist"},{"key":"18_CR23","doi-asserted-by":"crossref","unstructured":"Liu, Y., et al.: Trojaning attack on neural networks. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18\u201321, 2018. The Internet Society (2018)","DOI":"10.14722\/ndss.2018.23291"},{"key":"18_CR24","unstructured":"McMahan, B., Moore, E., Ramage, D., Hampson, S., y\u00a0Arcas, B.A.: Communication-Efficient Learning of Deep Networks from Decentralized Data. In: Singh, A., Zhu, J. (eds.) Proceedings of the 20th International Conference on Artificial Intelligence and Statistics. Proceedings of Machine Learning Research, vol.\u00a054, pp. 1273\u20131282. PMLR, Fort Lauderdale, FL, USA (2017)"},{"key":"18_CR25","unstructured":"Mhamdi, E.M.E., Guerraoui, R., Rouault, S.: The hidden vulnerability of distributed learning in byzantium. In: Dy, J.G., Krause, A. (eds.) Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan, Stockholm, Sweden, July 10-15, 2018. Proceedings of Machine Learning Research, vol.\u00a080, pp. 3518\u20133527. PMLR (2018)"},{"key":"18_CR26","unstructured":"Nguyen, T.D., et al.: FLAME: taming backdoors in federated learning. In: Butler, K.R.B., Thomas, K. (eds.) 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022, pp. 1415\u20131432. USENIX Association (2022)"},{"key":"18_CR27","unstructured":"Paszke, A., Gross, S., et al.: An imperative style, high-performance deep learning library. In: Advances in Neural Information Processing Systems, vol. 32, pp. 8024\u20138035. Curran Associates, Inc. (2019). http:\/\/papers.neurips.cc\/paper\/9015-pytorch-an-imperative-style-high-performance-deep-learning-library.pdf"},{"key":"18_CR28","unstructured":"Qiao, X., Yang, Y., Li, H.: Defending neural backdoors via generative distribution modeling. In: Wallach, H.M., Larochelle, H., Beygelzimer, A., d\u2019Alch\u00e9-Buc, F., Fox, E.B., Garnett, R. (eds.) Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, NeurIPS 2019, December 8-14, 2019, Vancouver, BC, Canada, pp. 14004\u201314013 (2019)"},{"key":"18_CR29","doi-asserted-by":"crossref","unstructured":"Rieger, P., Nguyen, T.D., Miettinen, M., Sadeghi, A.: Deepsight: mitigating backdoor attacks in federated learning through deep model inspection. In: 29th Annual Network and Distributed System Security Symposium, NDSS 2022, San Diego, California, USA, April 24\u201328, 2022 (2022)","DOI":"10.14722\/ndss.2022.23156"},{"key":"18_CR30","unstructured":"Sun, Z., Kairouz, P., Suresh, A.T., McMahan, H.B.: Can you really backdoor federated learning? CoRR abs\/1911.07963 (2019). http:\/\/arxiv.org\/abs\/1911.07963"},{"key":"18_CR31","unstructured":"Wang, H., et al.: Attack of the tails: yes, you really can backdoor federated learning. In: Larochelle, H., Ranzato, M., Hadsell, R., Balcan, M., Lin, H. (eds.) Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, NeurIPS 2020, December 6\u201312, 2020, virtual (2020)"},{"key":"18_CR32","unstructured":"Xiao, H., Rasul, K., Vollgraf, R.: Fashion-MNIST: a novel image dataset for benchmarking machine learning algorithms. CoRR abs\/1708.07747 (2017). http:\/\/arxiv.org\/abs\/1708.07747"},{"key":"18_CR33","unstructured":"Xie, C., Chen, M., Chen, P., Li, B.: CRFL: certifiably robust federated learning against backdoor attacks. In: Meila, M., Zhang, T. (eds.) Proceedings of the 38th International Conference on Machine Learning, ICML 2021, 18\u201324 July 2021, Virtual Event. Proceedings of Machine Learning Research, vol.\u00a0139, pp. 11372\u201311382. PMLR (2021)"},{"key":"18_CR34","unstructured":"Xie, C., Huang, K., Chen, P., Li, B.: DBA: distributed backdoor attacks against federated learning. In: 8th International Conference on Learning Representations, ICLR 2020, Addis Ababa, Ethiopia, April 26\u201330, 2020 (2020)"},{"issue":"1","key":"18_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s41666-020-00082-4","volume":"5","author":"J Xu","year":"2021","unstructured":"Xu, J., Glicksberg, B.S., Su, C., Walker, P.B., Bian, J., Wang, F.: Federated learning for healthcare informatics. J. Heal. Inform. Res. 5(1), 1\u201319 (2021)","journal-title":"J. Heal. Inform. Res."},{"key":"18_CR36","unstructured":"Yin, D., Chen, Y., Ramchandran, K., Bartlett, P.L.: Byzantine-robust distributed learning: towards optimal statistical rates. In: Dy, J.G., Krause, A. (eds.) Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan, Stockholm, Sweden, July 10\u201315, 2018. Proceedings of Machine Learning Research, vol.\u00a080, pp. 5636\u20135645. PMLR (2018). http:\/\/proceedings.mlr.press\/v80\/yin18a.html"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70903-6_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:08:22Z","timestamp":1725487702000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70903-6_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031709029","9783031709036"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70903-6_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"5 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}