{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T11:03:50Z","timestamp":1776078230586,"version":"3.50.1"},"reference-count":54,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T00:00:00Z","timestamp":1705881600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T00:00:00Z","timestamp":1705881600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Front. Comput. Sci."],"published-print":{"date-parts":[[2024,4]]},"DOI":"10.1007\/s11704-023-2283-x","type":"journal-article","created":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T07:03:31Z","timestamp":1705907011000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["FedDAA: a robust federated learning framework to protect privacy and defend against adversarial attack"],"prefix":"10.1007","volume":"18","author":[{"given":"Shiwei","family":"Lu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ruihu","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenbin","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,1,22]]},"reference":[{"key":"2283_CR1","unstructured":"McMahan H B, Moore E, Ramage D, Arcas B A Y. Federated learning of deep networks using model averaging. 2016, arXiv preprint arXiv: 1602.05629"},{"key":"2283_CR2","unstructured":"McMahan H B, Moore E, Ramage D, Hampson S, Arcas B A Y. Communication-efficient learning of deep networks from decentralized data. In: Proceedings of the 20th International Conference on Artificial Intelligence and Statistics. 2017, 1273\u20131282"},{"key":"2283_CR3","unstructured":"Geiping J, Bauermeister H, Dr\u00f6ge H, Moeller M. Inverting gradients-how easy is it to break privacy in federated learning?. In: Proceedings of the 34th International Conference on Neural Information Processing Systems. 2020, 1421"},{"key":"2283_CR4","unstructured":"Jeon J, Kim J, Lee K, Oh S, Ok J. Gradient inversion with generative image prior. In: Proceedings of the 35th Conference on Neural Information Processing Systems. 2021, 29898\u201329908"},{"key":"2283_CR5","doi-asserted-by":"crossref","unstructured":"Yin H, Mallya A, Vahdat A, Alvarez J M, Kautz J, Molchanov P. See through gradients: image batch recovery via gradInversion. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition. 2021, 16332\u201316341","DOI":"10.1109\/CVPR46437.2021.01607"},{"key":"2283_CR6","unstructured":"Zhao B, Mopuri K R, Bilen H. iDLG: improved deep leakage from gradients. 2020, arXiv preprint arXiv: 2001.02610"},{"key":"2283_CR7","unstructured":"Zhu L, Liu Z, Han S. Deep leakage from gradients. In: Proceedings of the 33rd International Conference on Neural Information Processing Systems. 2019, 1323"},{"key":"2283_CR8","unstructured":"Bhagoji A N, Chakraborty S, Mittal P, Calo S B. Analyzing federated learning through an adversarial lens. In: Proceedings of the 36th International Conference on Machine Learning. 2019, 634\u2013643"},{"key":"2283_CR9","unstructured":"Fung C, Yoon C J M, Beschastnikh I. Mitigating sybils in federated learning poisoning. 2018, arXiv preprint arXiv: 1808.04866"},{"key":"2283_CR10","doi-asserted-by":"crossref","unstructured":"Lyu L, Yu H, Yang Q. Threats to federated learning: a survey. 2020, arXiv preprint arXiv: 2003.02133","DOI":"10.1007\/978-3-030-63076-8_1"},{"key":"2283_CR11","doi-asserted-by":"crossref","unstructured":"Tolpegin V, Truex S, Gursoy M E, Liu L. Data poisoning attacks against federated learning systems. In: Proceedings of the 25th European Symposium on Research in Computer Security. 2020, 480\u2013501","DOI":"10.1007\/978-3-030-58951-6_24"},{"key":"2283_CR12","unstructured":"Bagdasaryan E, Veit A, Hua Y, Estrin D, Shmatikov V. How to backdoor federated learning. In: Proceedings of the 23rd International Conference on Artificial Intelligence and Statistics. 2020, 2938\u20132948"},{"key":"2283_CR13","unstructured":"Sun Z, Kairouz P, Suresh A T, McMahan H B. Can you really backdoor federated learning?. 2019, arXiv preprint arXiv: 1911.07963"},{"key":"2283_CR14","unstructured":"Wang H, Sreenivasan K, Rajput S, Vishwakarma H, Agarwal S, Sohn J Y, Lee K, Papailiopoulos D. Attack of the tails: yes, you really can backdoor federated learning. In: Proceedings of the 34th International Conference on Neural Information Processing Systems. 2020, 1348"},{"key":"2283_CR15","unstructured":"Fang M, Cao X, Jia J, Gong N Z. Local model poisoning attacks to byzantine-robust federated learning. In: Proceedings of the 29th USENIX Conference on Security Symposium (USENIX Security 20). 2020, 92"},{"key":"2283_CR16","unstructured":"Li S, Cheng Y, Wang W, Liu Y, Chen T. Learning to detect malicious clients for robust federated learning. 2020, arXiv preprint arXiv: 2002.00211"},{"issue":"7","key":"2283_CR17","doi-asserted-by":"publisher","first-page":"2168","DOI":"10.1109\/JSAC.2020.3041404","volume":"39","author":"J So","year":"2021","unstructured":"So J, G\u00fcler B, Avestimehr A S. Byzantine-resilient secure federated learning. IEEE Journal on Selected Areas in Communications, 2021, 39(7): 2168\u20132181","journal-title":"IEEE Journal on Selected Areas in Communications"},{"issue":"4","key":"2283_CR18","doi-asserted-by":"publisher","first-page":"94","DOI":"10.3390\/fi13040094","volume":"13","author":"H Fang","year":"2021","unstructured":"Fang H, Qian Q. Privacy preserving machine learning with homomorphic encryption and federated learning. Future Internet, 2021, 13(4): 94","journal-title":"Future Internet"},{"key":"2283_CR19","unstructured":"Hardy S, Henecka W, Ivey-Law H, Nock R, Patrini G, Smith G, Thorne B. Private federated learning on vertically partitioned data via entity resolution and additively homomorphic encryption. 2017, arXiv preprint arXiv: 1711.10677"},{"key":"2283_CR20","unstructured":"Jiang Z, Wang W, Liu Y. FLASHE: additively symmetric homomorphic encryption for cross-silo federated learning. 2021, arXiv preprint arXiv: 2109.00675"},{"key":"2283_CR21","unstructured":"Girgis A, Data D, Diggavi S, Kairouz P, Suresh A T. Shuffled model of differential privacy in federated learning. In: Proceedings of the 24th International Conference on Artificial Intelligence and Statistics. 2021, 2521\u20132529"},{"key":"2283_CR22","doi-asserted-by":"crossref","unstructured":"Sun L, Qian J, Chen X. LDP-FL: practical private aggregation in federated learning with local differential privacy. In: Proceedings of the 30th International Joint Conference on Artificial Intelligence. 2021, 1571\u20131578","DOI":"10.24963\/ijcai.2021\/217"},{"key":"2283_CR23","doi-asserted-by":"crossref","unstructured":"Truex S, Liu L, Chow K H, Gursoy M E, Wei W. LDP-Fed: federated learning with local differential privacy. In: Proceedings of the 3rd ACM International Workshop on Edge Systems, Analytics and Networking. 2020, 61\u201366","DOI":"10.1145\/3378679.3394533"},{"key":"2283_CR24","doi-asserted-by":"publisher","first-page":"3454","DOI":"10.1109\/TIFS.2020.2988575","volume":"15","author":"K Wei","year":"2020","unstructured":"Wei K, Li J, Ding M, Ma C, Yang H H, Farokhi F, Jin S, Quek T Q S, Poor H V. Federated learning with differential privacy: algorithms and performance analysis. IEEE Transactions on Information Forensics and Security, 2020, 15: 3454\u20133469","journal-title":"IEEE Transactions on Information Forensics and Security"},{"issue":"11","key":"2283_CR25","doi-asserted-by":"publisher","first-page":"8836","DOI":"10.1109\/JIOT.2020.3037194","volume":"8","author":"Y Zhao","year":"2021","unstructured":"Zhao Y, Zhao J, Yang M, Wang T, Wang N, Lyu L, Niyato D, Lam K Y. Local differential privacy-based federated learning for internet of things. IEEE Internet of Things Journal, 2021, 8(11): 8836\u20138853","journal-title":"IEEE Internet of Things Journal"},{"key":"2283_CR26","unstructured":"Bonawitz K, Ivanov V, Kreuter B, Marcedone A, McMahan H B, Patel S, Ramage D, Segal A, Seth K. Practical secure aggregation for federated learning on user-held data. 2016, arXiv preprint arXiv: 1611.04482"},{"key":"2283_CR27","unstructured":"Choi B, Sohn J Y, Han D J, Moon J. Communication-computation efficient secure aggregation for federated learning. 2020, arXiv preprint arXiv: 2012.05433"},{"key":"2283_CR28","doi-asserted-by":"crossref","unstructured":"Fereidooni H, Marchal S, Miettinen M, Mirhoseini A, M\u00f6llering H, Nguyen T D, Rieger P, Sadeghi A R, Schneider T, Yalame H, Zeitouni S. SAFELearn: secure aggregation for private FEderated learning. In: Proceedings of 2021 IEEE Security and Privacy Workshops (SPW). 2021, 56\u201362","DOI":"10.1109\/SPW53761.2021.00017"},{"key":"2283_CR29","doi-asserted-by":"crossref","unstructured":"Truex S, Baracaldo N, Anwar A, Steinke T, Ludwig H, Zhang R, Zhou Y. A hybrid approach to privacy-preserving federated learning. In: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security. 2019, 1\u201311","DOI":"10.1145\/3338501.3357370"},{"key":"2283_CR30","doi-asserted-by":"publisher","first-page":"911","DOI":"10.1109\/TIFS.2019.2929409","volume":"15","author":"G Xu","year":"2020","unstructured":"Xu G, Li H, Liu S, Yang K, Lin X D. VerifyNet: secure and verifiable federated learning. IEEE Transactions on Information Forensics and Security, 2020, 15: 911\u2013926","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"2283_CR31","doi-asserted-by":"publisher","first-page":"101824","DOI":"10.1016\/j.cose.2020.101824","volume":"94","author":"Y Dong","year":"2020","unstructured":"Dong Y, Chen X, Shen L, Wang D. EaSTFLy: efficient and secure ternary federated learning. Computers & Security, 2020, 94: 101824","journal-title":"Computers & Security"},{"key":"2283_CR32","doi-asserted-by":"publisher","first-page":"101889","DOI":"10.1016\/j.cose.2020.101889","volume":"96","author":"C Fang","year":"2020","unstructured":"Fang C, Guo Y, Wang N, Ju A. Highly efficient federated learning with strong privacy preservation in cloud computing. Computers & Security, 2020, 96: 101889","journal-title":"Computers & Security"},{"key":"2283_CR33","unstructured":"Blanchard P, El Mhamdi E M, Guerraoui R, Stainer J. Machine learning with adversaries: byzantine tolerant gradient descent. In: Proceedings of the 31st International Conference on Neural Information Processing Systems. 2017, 118\u2013128"},{"key":"2283_CR34","unstructured":"El Mhamdi E M, Guerraoui R, Rouault S. The hidden vulnerability of distributed learning in Byzantium. In: Proceedings of the 35th International Conference on Machine Learning. 2018, 3521\u20133530"},{"key":"2283_CR35","unstructured":"Yin D, Chen Y, Kannan R, Bartlett P. Byzantine-robust distributed learning: towards optimal statistical rates. In: Proceedings of the 35th International Conference on Machine Learning. 2018, 5650\u20135659"},{"key":"2283_CR36","doi-asserted-by":"crossref","unstructured":"Andreina S, Marson G A, M\u00f6llering H, Karame G. BaFFle: backdoor detection via feedback-based federated learning. In: Proceedings of the 41st International Conference on Distributed Computing Systems (ICDCS). 2021, 852\u2013863","DOI":"10.1109\/ICDCS51616.2021.00086"},{"key":"2283_CR37","unstructured":"Chen C, Zhang J, Tung A K H, Kankanhalli M, Chen G. Robust federated recommendation system. 2020, arXiv preprint arXiv: 2006.08259"},{"key":"2283_CR38","doi-asserted-by":"crossref","unstructured":"Melis L, Song C, De Cristofaro E, Shmatikov V. Exploiting unintended feature leakage in collaborative learning. In: Proceedings of 2019 IEEE Symposium on Security and Privacy (SP). 2019, 691\u2013706","DOI":"10.1109\/SP.2019.00029"},{"key":"2283_CR39","doi-asserted-by":"crossref","unstructured":"Shokri R, Stronati M, Song C, Shmatikov V. Membership inference attacks against machine learning models. In: Proceedings of the IEEE Symposium on Security and Privacy (SP). 2017, 3\u201318","DOI":"10.1109\/SP.2017.41"},{"key":"2283_CR40","doi-asserted-by":"crossref","unstructured":"Yang D, Zhang D, Yu Z, Yu Z. Fine-grained preference-aware location search leveraging crowdsourced digital footprints from LBSNs. In: Proceedings of 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing. 2013, 479\u2013488","DOI":"10.1145\/2493432.2493464"},{"key":"2283_CR41","unstructured":"Huang G B, Mattar M, Berg T, Learned-Miller E. Labeled faces in the wild: a database for studying face recognition in unconstrained environments. In: Proceedings of the Workshop on Faces in \u2018Real-Life\u2019 Images: detection, Alignment, and Recognition. 2008"},{"key":"2283_CR42","doi-asserted-by":"crossref","unstructured":"Fredrikson M, Jha S, Ristenpart T. Model inversion attacks that exploit confidence information and basic countermeasures. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015, 1322\u20131333","DOI":"10.1145\/2810103.2813677"},{"issue":"11","key":"2283_CR43","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1145\/3422622","volume":"63","author":"I Goodfellow","year":"2020","unstructured":"Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y. Generative adversarial networks. Communications of the ACM, 2020, 63(11): 139\u2013144","journal-title":"Communications of the ACM"},{"issue":"5","key":"2283_CR44","doi-asserted-by":"publisher","first-page":"1333","DOI":"10.1109\/TIFS.2017.2787987","volume":"13","author":"L T Phong","year":"2018","unstructured":"Phong L T, Aono Y, Hayashi T, Wang L, Moriai S. Privacy-preserving deep learning via additively homomorphic encryption. IEEE Transactions on Information Forensics and Security, 2018, 13(5): 1333\u20131345","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"2283_CR45","unstructured":"Lin Y, Han S, Mao H, Wang Y, Dally W J. Deep gradient compression: reducing the communication bandwidth for distributed training. In: Proceedings of the 6th International Conference on Learning Representations. 2018"},{"key":"2283_CR46","unstructured":"Tsuzuku Y, Imachi H, Akiba T. Variance-based gradient compression for efficient distributed deep learning. In: Proceedings of the 6th International Conference on Learning Representations. 2018"},{"issue":"1\u20132","key":"2283_CR47","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1561\/2200000083","volume":"14","author":"P Kairouz","year":"2021","unstructured":"Kairouz P, McMahan H B, Avent B, Bellet A, Bennis M, et al. Advances and open problems in federated learning. Foundations and Trends\u00ae in Machine Learning, 2021, 14(1\u20132): 1\u2013210","journal-title":"Foundations and Trends\u00ae in Machine Learning"},{"key":"2283_CR48","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1016\/j.neunet.2012.02.016","volume":"32","author":"J Stallkamp","year":"2012","unstructured":"Stallkamp J, Schlipsing M, Salmen J, Igel C. Man vs. computer: benchmarking machine learning algorithms for traffic sign recognition. Neural Networks, 2012, 32: 323\u2013332","journal-title":"Neural Networks"},{"key":"2283_CR49","doi-asserted-by":"crossref","unstructured":"Li L, Xu W, Chen T, Giannakis G B, Ling Q. RSA: byzantine-robust stochastic aggregation methods for distributed learning from heterogeneous datasets. In: Proceedings of the 33rd AAAI Conference on Artificial Intelligence. 2019, 1544\u20131551","DOI":"10.1609\/aaai.v33i01.33011544"},{"key":"2283_CR50","doi-asserted-by":"publisher","first-page":"4583","DOI":"10.1109\/TSP.2020.3012952","volume":"68","author":"Z Wu","year":"2020","unstructured":"Wu Z, Ling Q, Chen T, Giannakis G B. Federated variance-reduced stochastic gradient descent with robustness to byzantine attacks. IEEE Transactions on Signal Processing, 2020, 68: 4583\u20134596","journal-title":"IEEE Transactions on Signal Processing"},{"issue":"4","key":"2283_CR51","doi-asserted-by":"publisher","first-page":"409","DOI":"10.1111\/j.2164-0947.1963.tb01464.x","volume":"25","author":"E N Lorenz","year":"1963","unstructured":"Lorenz E N. Section of planetary sciences: the predictability of hydrodynamic flow. Transactions of the New York Academy of Sciences, 1963, 25(4 Series II): 409\u2013432","journal-title":"Transactions of the New York Academy of Sciences"},{"key":"2283_CR52","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-0-387-21830-4_7","volume-title":"The Theory of Chaotic Attractors","author":"R M May","year":"2004","unstructured":"May R M. Simple mathematical models with very complicated dynamics. In: Hunt B R, Li T Y, Kennedy J A, Nusse H E, eds. The Theory of Chaotic Attractors. New York: Springer, 2004, 85\u201393"},{"key":"2283_CR53","unstructured":"Hsu T M H, Qi H, Brown M. Measuring the effects of non-identical data distribution for federated visual classification. 2019, arXiv preprint arXiv: 1909.06335"},{"key":"2283_CR54","doi-asserted-by":"crossref","unstructured":"He K, Zhang X, Ren S, Sun J. Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2016, 770\u2013778","DOI":"10.1109\/CVPR.2016.90"}],"container-title":["Frontiers of Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11704-023-2283-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11704-023-2283-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11704-023-2283-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,22]],"date-time":"2024-01-22T07:35:35Z","timestamp":1705908935000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11704-023-2283-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,1,22]]},"references-count":54,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,4]]}},"alternative-id":["2283"],"URL":"https:\/\/doi.org\/10.1007\/s11704-023-2283-x","relation":{},"ISSN":["2095-2228","2095-2236"],"issn-type":[{"value":"2095-2228","type":"print"},{"value":"2095-2236","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,1,22]]},"assertion":[{"value":"10 May 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 February 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 January 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"182307"}}