{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T23:22:47Z","timestamp":1771543367358,"version":"3.50.1"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T00:00:00Z","timestamp":1753315200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T00:00:00Z","timestamp":1753315200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61971380;61772477"],"award-info":[{"award-number":["61971380;61772477"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"key technologies R&D Program of Henan Province","award":["252102211089;252102211112"],"award-info":[{"award-number":["252102211089;252102211112"]}]},{"name":"Key Laboratory of Big Data Intelligent Computing","award":["BDIC2023B006"],"award-info":[{"award-number":["BDIC2023B006"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J. King Saud Univ. Comput. Inf. Sci."],"published-print":{"date-parts":[[2025,8]]},"DOI":"10.1007\/s44443-025-00146-8","type":"journal-article","created":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T14:21:58Z","timestamp":1753366918000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A sparse and invisible targeted backdoor attack in federated learning"],"prefix":"10.1007","volume":"37","author":[{"given":"Qikun","family":"Zhang","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0007-2462-0502","authenticated-orcid":false,"given":"Mengyang","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Ruifang","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Yongjiao","family":"Li","sequence":"additional","affiliation":[]},{"given":"Junling","family":"Yuan","sequence":"additional","affiliation":[]},{"given":"Yu-an","family":"Tan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,24]]},"reference":[{"key":"146_CR1","doi-asserted-by":"publisher","first-page":"13877","DOI":"10.1007\/s00500-023-09042-7","volume":"27","author":"A Aljarf","year":"2023","unstructured":"Aljarf A, Zamzami H, Gutub A (2023) Integrating machine learning and features extraction for practical reliable color images steganalysis classification. Soft Comput 27:13877\u201313888. https:\/\/doi.org\/10.1007\/s00500-023-09042-7","journal-title":"Soft Comput"},{"key":"146_CR2","doi-asserted-by":"publisher","first-page":"4579","DOI":"10.1007\/s11042-023-15682-6","volume":"83","author":"A Aljarf","year":"2024","unstructured":"Aljarf A, Zamzami H, Gutub A (2024) Is blind image steganalysis practical using feature-based classification? Multimed Tools Appl 83:4579\u20134612. https:\/\/doi.org\/10.1007\/s11042-023-15682-6","journal-title":"Multimed Tools Appl"},{"issue":"6","key":"146_CR3","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0287291","volume":"18","author":"AA Almazroi","year":"2023","unstructured":"Almazroi AA, Aldhahri EA, Al-Shareeda MA, Manickam S (2023) ECA-VFog: An efficient certificateless authentication scheme for 5G-assisted vehicular fog computing. PLoS ONE 18(6):e0287291. https:\/\/doi.org\/10.1371\/journal.pone.0287291","journal-title":"PLoS ONE"},{"issue":"12","key":"146_CR4","first-page":"167","volume":"20","author":"B Al-Roithy","year":"2020","unstructured":"Al-Roithy B, Gutub A (2020) Trustworthy image security via involving binary and chaotic gravitational searching within PRNG selections. Int J Comput Sci Netw Secur 20(12):167\u2013176","journal-title":"Int J Comput Sci Netw Secur"},{"key":"146_CR5","doi-asserted-by":"publisher","unstructured":"Al-Shareeda MA, Anbar M, Manickam S, Hasbullah IH (2021b) Towards Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks. IEEE Access 9:113226\u2013113238. https:\/\/doi.org\/10.1109\/ACCESS.2021.3104148","DOI":"10.1109\/ACCESS.2021.3104148"},{"key":"146_CR6","doi-asserted-by":"publisher","unstructured":"Al-Shareeda MA, Anbar M, Manickam S, Khalil A, Hasbullah IH (2021a) Security and Privacy Schemes in Vehicular Ad-Hoc Network With Identity-Based Cryptography Approach: A Survey. IEEE Access 9:121522\u2013121531. https:\/\/doi.org\/10.1109\/ACCESS.2021.3109264","DOI":"10.1109\/ACCESS.2021.3109264"},{"key":"146_CR7","doi-asserted-by":"publisher","unstructured":"Al-Shareeda MA, Gaber T, Alqarni MA, Alkinani MH, Almazroey AA, Almazroi AA (2025) Chebyshev Polynomial Based Emergency Conditions with Authentication Scheme for 5G-Assisted Vehicular Fog Computing. In: IEEE Transactions on dependable and secure computing. https:\/\/doi.org\/10.1109\/TDSC.2025.3553868","DOI":"10.1109\/TDSC.2025.3553868"},{"key":"146_CR8","doi-asserted-by":"publisher","unstructured":"Al-Shareeda MA, Manickam S, Mohammed BA, Al-Mekhlafi ZG, Qtaish A, Alzahrani AJ, Alshammari G, Sallam AA, Almekhlafi K (2022a) CM-CPPA: Chaotic Map-Based Conditional Privacy-Preserving Authentication Scheme in 5G-Enabled Vehicular Networks. Sensors 22:5026. https:\/\/doi.org\/10.3390\/s22135026","DOI":"10.3390\/s22135026"},{"key":"146_CR9","doi-asserted-by":"publisher","unstructured":"Al-Shareeda MA, Manickam S, Mohammed BA, Al-Mekhlafi ZG, Qtaish A, Alzahrani AJ, Alshammari G, Sallam AA, Almekhlafi K (2022b) Provably Secure with Efficient Data Sharing Scheme for Fifth-Generation (5G)-Enabled Vehicular Networks without Road-Side Unit (RSU). Sustainability 14:9961. https:\/\/doi.org\/10.3390\/su14169961","DOI":"10.3390\/su14169961"},{"key":"146_CR10","unstructured":"Bagdasaryan E, Veit A, Hua Y, Estrin D, Shmatikov V (2020) How to backdoor federated learning. In International conference on artificial intelligence and statistics, PMLR, (pp 2938\u20132948)"},{"key":"146_CR11","doi-asserted-by":"crossref","unstructured":"Barni M, Kallas K, Tondi B (2019) A new backdoor attack in cnns by training set corruption without label poisoning. In: 2019 IEEE International conference on image processing (ICIP), IEEE, (pp 101\u2013105)","DOI":"10.1109\/ICIP.2019.8802997"},{"key":"146_CR12","doi-asserted-by":"crossref","unstructured":"Cao X, Jia J, Gong NZ (2021) Provably secure federated learning against malicious clients. In: Proceedings of the AAAI conference on artificial intelligence (Vol. 35, No. 8, pp 6885\u20136893)","DOI":"10.1609\/aaai.v35i8.16849"},{"issue":"2","key":"146_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3606017","volume":"56","author":"H Chen","year":"2023","unstructured":"Chen H, Zhu T, Zhang T, Zhou W, Yu PS (2023) Privacy and fairness in Federated learning: on the perspective of Tradeoff. ACM Comput Surv 56(2):1\u201337","journal-title":"ACM Comput Surv"},{"key":"146_CR14","doi-asserted-by":"crossref","unstructured":"Cheng S, Liu Y, Ma S, Zhang X (2021) Deep feature space trojan attack of neural networks by controlled detoxification. In: Proceedings of the AAAI conference on artificial intelligence (Vol. 35, No. 2, pp 1148\u20131156)","DOI":"10.1609\/aaai.v35i2.16201"},{"key":"146_CR15","doi-asserted-by":"crossref","unstructured":"Chen W, Song D, Li B (2023) Trojdiff: Trojan attacks on diffusion models with diverse targets. In: Proceedings of the IEEE\/CVF conference on computer vision and pattern recognition (pp 4035\u20134044)","DOI":"10.1109\/CVPR52729.2023.00393"},{"issue":"6","key":"146_CR16","doi-asserted-by":"publisher","first-page":"4993","DOI":"10.1109\/TDSC.2023.3239225","volume":"20","author":"X Gong","year":"2023","unstructured":"Gong X, Wang Z, Chen Y, Xue M, Wang Q, Shen C (2023) Kaleidoscope: Physical backdoor attacks against deep neural networks with RGB filters. IEEE Trans Dependable Secure Comput 20(6):4993\u20135004","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"146_CR17","first-page":"3","volume":"11","author":"A Gutub","year":"2023","unstructured":"Gutub A (2023) Dynamic smart random preference for higher medical image confidentiality. J Eng Res 11:3","journal-title":"J Eng Res"},{"key":"146_CR18","doi-asserted-by":"publisher","first-page":"3A","DOI":"10.36909\/jer.v9i3A.10111","volume":"9","author":"A Gutub","year":"2021","unstructured":"Gutub A, Al-Roithy B (2021) Varying PRNG to improve image cryptography implementation. J Eng Res 9:3A","journal-title":"J Eng Res"},{"issue":"1","key":"146_CR19","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1049\/cit2.12053","volume":"7","author":"FS Hassan","year":"2022","unstructured":"Hassan FS, Gutub A (2022) Improving data hiding within colour images using hue component of HSV colour space. CAAI Trans Intell Technol 7(1):56\u201368","journal-title":"CAAI Trans Intell Technol"},{"key":"146_CR20","doi-asserted-by":"publisher","unstructured":"Hemalatha J, Sekar M, Kumar C, Gutub A, Sahu AK (2023) Towards improving the performance of blind image steganalyzer using third-order SPAM features and ensemble classifier. J Inf Sec Appl Volume 76:103541, ISSN 2214\u20132126. https:\/\/doi.org\/10.1016\/j.jisa.2023.103541","DOI":"10.1016\/j.jisa.2023.103541"},{"key":"146_CR21","doi-asserted-by":"crossref","unstructured":"Jia H, Yaghini M, Choquette-Choo CA, Dullerud N, Thudi A, Chandrasekaran V, Papernot N (2021) Proof-of-learning: Definitions and practice. In: 2021 IEEE Symposium on Security and Privacy (SP), IEEE, (pp 1039\u20131056)","DOI":"10.1109\/SP40001.2021.00106"},{"issue":"5","key":"146_CR22","first-page":"2088","volume":"18","author":"S Li","year":"2020","unstructured":"Li S, Xue M, Zhao BZH, Zhu H, Zhang X (2020) Invisible backdoor attacks on deep neural networks via steganography and regularization. IEEE Trans Dependable Secure Comput 18(5):2088\u20132105","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"146_CR23","first-page":"13238","volume":"35","author":"Y Li","year":"2022","unstructured":"Li Y, Bai Y, Jiang Y, Yang Y, Xia ST, Li B (2022) Untargeted backdoor watermark: Towards harmless and stealthy dataset copyright protection. Adv Neural Inf Process Syst 35:13238\u201313250","journal-title":"Adv Neural Inf Process Syst"},{"issue":"1","key":"146_CR24","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/TNNLS.2022.3182979","volume":"35","author":"Y Li","year":"2022","unstructured":"Li Y, Jiang Y, Li Z, Xia ST (2022) Backdoor learning: A survey. IEEE Trans Neural Netw Learn Syst 35(1):5\u201322","journal-title":"IEEE Trans Neural Netw Learn Syst"},{"key":"146_CR25","doi-asserted-by":"crossref","unstructured":"Li Y, Li Y, Wu B, Li L, He R, Lyu S (2021) Invisible backdoor attack with sample-specific triggers. In: Proceedings of the IEEE\/CVF international conference on computer vision (pp 16463\u201316472)","DOI":"10.1109\/ICCV48922.2021.01615"},{"key":"146_CR26","doi-asserted-by":"crossref","unstructured":"Li Y, Li Y, Wu B, Li L, He R, Lyu S (2021) Invisible backdoor attack with sample-specific triggers. In: Proceedings of the IEEE\/CVF international conference on computer vision (pp 16463\u201316472)","DOI":"10.1109\/ICCV48922.2021.01615"},{"key":"146_CR27","unstructured":"Li J, Schmidt F, Kolter Z (2019) Adversarial camera stickers: A physical camera-based attack on deep learning systems. In International conference on machine learning, PMLR, (pp 3896\u20133904)"},{"key":"146_CR28","doi-asserted-by":"crossref","unstructured":"Liu Z, He W, Chang CH, Ye J, Li H, Li X (2024) SPFL: A Self-purified Federated Learning Method Against Poisoning Attacks. IEEE Trans Inf Forensics Sec","DOI":"10.1109\/TIFS.2024.3420135"},{"key":"146_CR29","doi-asserted-by":"crossref","unstructured":"Luo C, Li Y, Jiang Y, Xia ST (2023) Untargeted backdoor attack against object detection. In ICASSP 2023-2023 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), IEEE, (pp 1\u20135)","DOI":"10.1109\/ICASSP49357.2023.10095980"},{"key":"146_CR30","unstructured":"Nguyen TD, Rieger P, Chen H, Yalame H, M\u00f6llering H, Fereidooni H, Marchal S, Miettinen M, Mirhoseini A, Zeitouni S, Koushanfar F (2022). FLAME: Taming backdoors in federated learning. In 31st USENIX Security Symposium (USENIX Security 22) (pp 1415\u20131432)"},{"issue":"1","key":"146_CR31","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1049\/ipr2.12938","volume":"18","author":"Z Saeidi","year":"2024","unstructured":"Saeidi Z, Yazdi A, Mashhadi S, Hadian M, Gutub A (2024) High performance image steganography integrating IWT and Hamming code within secret sharing. IET Image Process 18(1):129\u2013139. https:\/\/doi.org\/10.1049\/ipr2.12938","journal-title":"IET Image Process"},{"key":"146_CR32","doi-asserted-by":"publisher","first-page":"9801","DOI":"10.1007\/s13369-021-06348-2","volume":"47","author":"A Singh","year":"2022","unstructured":"Singh A, Satapathy SC, Roy A et al (2022) AI-Based Mobile Edge Computing for IoT: Applications, Challenges, and Future Scope. Arab J Sci Eng 47:9801\u20139831. https:\/\/doi.org\/10.1007\/s13369-021-06348-2","journal-title":"Arab J Sci Eng"},{"key":"146_CR33","first-page":"12613","volume":"34","author":"J Sun","year":"2021","unstructured":"Sun J, Li A, DiValentin L, Hassanzadeh A, Chen Y, Li H (2021) Fl-wbc: Enhancing robustness against model poisoning attacks in federated learning from a client perspective. Adv Neural Inf Process Syst 34:12613\u201312624","journal-title":"Adv Neural Inf Process Syst"},{"issue":"5","key":"146_CR34","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1109\/MNET.2019.1800286","volume":"33","author":"X Wang","year":"2019","unstructured":"Wang X, Han Y, Wang C, Zhao Q, Chen X, Chen M (2019) In-edge ai: Intelligentizing mobile edge computing, caching and communication by federated learning. IEEE Netw 33(5):156\u2013165","journal-title":"IEEE Netw"},{"key":"146_CR35","first-page":"16070","volume":"33","author":"H Wang","year":"2020","unstructured":"Wang H, Sreenivasan K, Rajput S, Vishwakarma H, Agarwal S, Sohn JY, Lee K, Papailiopoulos D (2020) Attack of the tails: Yes, you really can backdoor federated learning. Adv Neural Inf Process Syst 33:16070\u201316084","journal-title":"Adv Neural Inf Process Syst"},{"key":"146_CR36","doi-asserted-by":"crossref","unstructured":"Wang Y, Zhai DH, Xia Y, Liu D (2023) PerVK: A Robust Personalized Federated Framework to Defend Against Backdoor Attacks for IoT Applications. IEEE Trans Indust Inf","DOI":"10.1109\/TII.2023.3329688"},{"issue":"5","key":"146_CR37","doi-asserted-by":"publisher","DOI":"10.1111\/exsy.13161","volume":"40","author":"J Yang","year":"2023","unstructured":"Yang J, Zheng J, Baker T, Tang S, Tan YA, Zhang Q (2023) Clean-label poisoning attacks on federated learning for IoT. Expert Syst 40(5):e13161","journal-title":"Expert Syst"},{"key":"146_CR38","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2021.106775","volume":"216","author":"C Zhang","year":"2021","unstructured":"Zhang C, Xie Y, Bai H, Yu B, Li W, Gao Y (2021) A survey on federated learning. Knowl-Based Syst 216:106775","journal-title":"Knowl-Based Syst"},{"key":"146_CR39","doi-asserted-by":"publisher","first-page":"3289","DOI":"10.1109\/TIFS.2023.3280032","volume":"18","author":"Z Zhang","year":"2023","unstructured":"Zhang Z, Li J, Yu S, Makaya C (2023) SAFELearning: Secure Aggregation in Federated Learning With Backdoor Detectability. IEEE Trans Inf Forensics Sec 18:3289\u20133304","journal-title":"IEEE Trans Inf Forensics Sec"},{"key":"146_CR40","doi-asserted-by":"crossref","unstructured":"Zhang J, Chen J, Wu D, Chen B, Yu S (2019) Poisoning attack in federated learning using generative adversarial nets. In: 2019 18th IEEE international conference on trust, security and privacy in computing and communications\/13th IEEE international conference on big data science and engineering (TrustCom\/BigDataSE), IEEE, (pp 374\u2013380)","DOI":"10.1109\/TrustCom\/BigDataSE.2019.00057"},{"key":"146_CR41","unstructured":"Zhang H, Jia J, Chen J, Lin L, Wu D (2024) A3fl: Adversarially adaptive backdoor attacks to federated learning. Adv Neural Inf Process Syst 36"},{"key":"146_CR42","unstructured":"Zhang Z, Panda A, Song L, Yang Y, Mahoney M, Mittal P, Kannan R, Gonzalez J (2022) Neurotoxin: Durable backdoors in federated learning. In International Conference on Machine Learning, PMLR, (pp 26429\u201326446)"},{"key":"146_CR43","doi-asserted-by":"crossref","unstructured":"Zhao S, Ma X, Zheng X, Bailey J, Chen J, Jiang YG (2020) Clean-label backdoor attacks on video\u00a0recognition models. In Proceedings of the IEEE\/CVF conference on computer vision and pattern recognition (pp 14443\u201314452)","DOI":"10.1109\/CVPR42600.2020.01445"}],"container-title":["Journal of King Saud University Computer and Information Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44443-025-00146-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s44443-025-00146-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44443-025-00146-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T21:56:12Z","timestamp":1757282172000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s44443-025-00146-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,24]]},"references-count":43,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2025,8]]}},"alternative-id":["146"],"URL":"https:\/\/doi.org\/10.1007\/s44443-025-00146-8","relation":{},"ISSN":["1319-1578","2213-1248"],"issn-type":[{"value":"1319-1578","type":"print"},{"value":"2213-1248","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,24]]},"assertion":[{"value":"12 May 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 June 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 July 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that there is no conflict of interest regarding the publication of this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of Interest"}}],"article-number":"134"}}