{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T12:03:20Z","timestamp":1781006600595,"version":"3.54.1"},"reference-count":43,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"funder":[{"DOI":"10.13039\/100032486","name":"Qatar Research, Development and Innovation Council","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100032486","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Knowledge-Based Systems"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1016\/j.knosys.2026.116057","type":"journal-article","created":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T23:09:15Z","timestamp":1777590555000},"page":"116057","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Novel defense strategies for concurrent data and model poisoning attacks in federated learning"],"prefix":"10.1016","volume":"345","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-4254-7196","authenticated-orcid":false,"given":"Faria","family":"Nawshin","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3146-3502","authenticated-orcid":false,"given":"Devrim","family":"Unal","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ponnuthurai N.","family":"Suganthan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"key":"10.1016\/j.knosys.2026.116057_b1","article-title":"P-EVFL: Efficient verifiable federated learning with privacy","volume":"330, Part A","author":"Ma","year":"2025","journal-title":"Knowl.-Based Syst."},{"key":"10.1016\/j.knosys.2026.116057_b2","doi-asserted-by":"crossref","DOI":"10.1016\/j.knosys.2021.106775","article-title":"A survey on federated learning","volume":"216","author":"Zhang","year":"2021","journal-title":"Knowl.-Based Syst."},{"key":"10.1016\/j.knosys.2026.116057_b3","doi-asserted-by":"crossref","DOI":"10.1016\/j.cie.2020.106854","article-title":"A review of applications in federated learning","volume":"149","author":"Li","year":"2020","journal-title":"Comput. Ind. Eng."},{"key":"10.1016\/j.knosys.2026.116057_b4","doi-asserted-by":"crossref","DOI":"10.1016\/j.compeleceng.2024.109233","article-title":"Malware detection for mobile computing using secure and privacy-preserving machine learning approaches: A comprehensive survey","volume":"117","author":"Nawshin","year":"2024","journal-title":"Comput. Electr. Eng."},{"key":"10.1016\/j.knosys.2026.116057_b5","series-title":"Proceedings of the European Symposium on Research in Computer Security","first-page":"480","article-title":"Data poisoning attacks against federated learning systems","author":"Tolpegin","year":"2020"},{"key":"10.1016\/j.knosys.2026.116057_b6","unstructured":"Arjun Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, Seraphin Calo, Analyzing Federated Learning through an Adversarial Lens, in: Proceedings of the 36th International Conference on Machine Learning, ICML, 2019, pp. 634\u2013643."},{"issue":"2","key":"10.1016\/j.knosys.2026.116057_b7","doi-asserted-by":"crossref","first-page":"618","DOI":"10.1038\/s41591-024-03445-1","article-title":"Medical large language models are vulnerable to data-poisoning attacks","volume":"31","author":"Alber","year":"2025","journal-title":"Nature Med."},{"key":"10.1016\/j.knosys.2026.116057_b8","doi-asserted-by":"crossref","DOI":"10.1016\/j.knosys.2024.112115","article-title":"VPFL: Enabling verifiability and privacy in federated learning with zero-knowledge proofs","volume":"299","author":"Ma","year":"2024","journal-title":"Knowl.-Based Syst."},{"issue":"13","key":"10.1016\/j.knosys.2026.116057_b9","doi-asserted-by":"crossref","first-page":"11365","DOI":"10.1109\/JIOT.2021.3128646","article-title":"Data poisoning attacks on federated machine learning","volume":"9","author":"Sun","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"10.1016\/j.knosys.2026.116057_b10","article-title":"Beyond data poisoning in federated learning","volume":"vol. 235","author":"Kasyap","year":"2024"},{"key":"10.1016\/j.knosys.2026.116057_b11","first-page":"437","article-title":"LoMar: A local defense against poisoning attack on federated learning","volume":"vol. 20, no. 1","author":"Li","year":"2021"},{"key":"10.1016\/j.knosys.2026.116057_b12","article-title":"GAN-driven data poisoning attacks and their mitigation in federated learning systems","volume":"vol. 12, no. 8","author":"Psychogyios","year":"2023"},{"key":"10.1016\/j.knosys.2026.116057_b13","article-title":"DPAD: data poisoning attack defense mechanism for federated learning-based system","volume":"vol. 121","author":"Basak","year":"2025"},{"key":"10.1016\/j.knosys.2026.116057_b14","first-page":"2313","article-title":"Defending against data poisoning attack in federated learning with non-IID data","volume":"vol. 11, no. 2","author":"Yin","year":"2023"},{"key":"10.1016\/j.knosys.2026.116057_b15","series-title":"Proceedings of the 20th Annual IEEE International Conference on Sensing, Communication, and Networking","first-page":"321","article-title":"VagueGAN: A GAN-based data poisoning attack against federated learning systems","author":"Sun","year":"2023"},{"key":"10.1016\/j.knosys.2026.116057_b16","first-page":"1","article-title":"Federated learning-based robust android malware detection: label-flipping attacks and defenses","author":"Eslamnejad","year":"2025"},{"key":"10.1016\/j.knosys.2026.116057_b17","series-title":"Proceedings of the International Conference on Artificial Intelligence and Statistics","first-page":"2938","article-title":"How to backdoor federated learning","author":"Bagdasaryan","year":"2020"},{"key":"10.1016\/j.knosys.2026.116057_b18","first-page":"73","article-title":"Deep model poisoning attack on federated learning","volume":"vol. 13, no. 3","author":"Zhou","year":"2021"},{"key":"10.1016\/j.knosys.2026.116057_b19","unstructured":"Xiaoyu Cao, Neil Zhenqiang Gong, MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients, in: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, CVPR, 2022, pp. 3396\u20133404."},{"key":"10.1016\/j.knosys.2026.116057_b20","doi-asserted-by":"crossref","unstructured":"Zaixi Zhang, Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong, FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients, in: Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining, KDD, 2022, pp. 2545\u20132555.","DOI":"10.1145\/3534678.3539231"},{"key":"10.1016\/j.knosys.2026.116057_b21","first-page":"6693","article-title":"A robust privacy-preserving federated learning model against model poisoning attacks","volume":"vol. 19","author":"Yazdinejad","year":"2024"},{"key":"10.1016\/j.knosys.2026.116057_b22","first-page":"1639","article-title":"ShieldFL: Mitigating model poisoning attacks in privacy-preserving federated learning","volume":"vol. 17","author":"Ma","year":"2022"},{"key":"10.1016\/j.knosys.2026.116057_b23","series-title":"Proceedings of the International Conference on Artificial Intelligence and Statistics","first-page":"7587","article-title":"SparseFed: mitigating model poisoning attacks in federated learning with sparsification","author":"Panda","year":"2022"},{"key":"10.1016\/j.knosys.2026.116057_b24","series-title":"FLTrust: byzantine-robust federated learning via trust bootstrapping","author":"Cao","year":"2020"},{"issue":"6","key":"10.1016\/j.knosys.2026.116057_b25","doi-asserted-by":"crossref","first-page":"4544","DOI":"10.1109\/TNSE.2025.3572493","article-title":"FedSSuper: A secure and private federated learning under trusted supervision","volume":"12","author":"Zhao","year":"2025","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"issue":"4","key":"10.1016\/j.knosys.2026.116057_b26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3765743","article-title":"GradCAM-AE: A new shield defense against poisoning attacks on federated learning","volume":"28","author":"Zheng","year":"2025","journal-title":"ACM Trans. Priv. Secur."},{"key":"10.1016\/j.knosys.2026.116057_b27","doi-asserted-by":"crossref","DOI":"10.1016\/j.engappai.2021.104468","article-title":"Achieving security and privacy in federated learning systems: Survey, research challenges and future directions","volume":"106","author":"Blanco-Justicia","year":"2021","journal-title":"Eng. Appl. Artif. Intell."},{"issue":"1","key":"10.1016\/j.knosys.2026.116057_b28","article-title":"Security and privacy threats to federated learning: Issues, methods, and challenges","volume":"2022","author":"Zhang","year":"2022","journal-title":"Secur. Commun. Networks"},{"issue":"1","key":"10.1016\/j.knosys.2026.116057_b29","doi-asserted-by":"crossref","first-page":"822","DOI":"10.1109\/TNSM.2025.3525554","article-title":"Federated learning under attack: Exposing vulnerabilities through data poisoning attacks in computer networks","volume":"22","author":"Nowroozi","year":"2025","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"10.1016\/j.knosys.2026.116057_b30","doi-asserted-by":"crossref","unstructured":"A. Sharma, W. Chen, J. Zhao, Q. Qiu, S. Bagchi, S. Chaterji, FLAIR: Defense against Model Poisoning Attack in Federated Learning, in: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023, pp. 553\u2013566.","DOI":"10.1145\/3579856.3582836"},{"key":"10.1016\/j.knosys.2026.116057_b31","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2023.103270","article-title":"A novel data poisoning attack in federated learning based on inverted loss function","volume":"130","author":"Gupta","year":"2023","journal-title":"Comput. Secur."},{"key":"10.1016\/j.knosys.2026.116057_b32","doi-asserted-by":"crossref","first-page":"158","DOI":"10.1016\/j.ins.2023.02.025","article-title":"Model poisoning attack in differential privacy-based federated learning","volume":"630","author":"Yang","year":"2023","journal-title":"Inform. Sci."},{"issue":"1","key":"10.1016\/j.knosys.2026.116057_b33","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1007\/s10922-021-09634-4","article-title":"Effective and efficient hybrid android malware classification using pseudo-label stacked auto-encoder","volume":"30","author":"Mahdavifar","year":"2022","journal-title":"J. Netw. Syst. Manage."},{"key":"10.1016\/j.knosys.2026.116057_b34","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2021.102399","article-title":"KronoDroid: Time-based hybrid-featured dataset for effective android malware detection and characterization","volume":"110","author":"Guerra-Manzanares","year":"2021","journal-title":"Comput. Secur."},{"key":"10.1016\/j.knosys.2026.116057_b35","doi-asserted-by":"crossref","unstructured":"K. Allix, T.F. Bissyand\u00e9, J. Klein, Y. Le Traon, AndroZoo: Collecting Millions of Android Apps for the Research Community, in: Proceedings of the 13th International Conference on Mining Software Repositories, MSR, 2016, pp. 468\u2013471.","DOI":"10.1145\/2901739.2903508"},{"key":"10.1016\/j.knosys.2026.116057_b36","series-title":"Learning Multiple Layers of Features from Tiny Images","author":"Krizhevsky","year":"2009"},{"key":"10.1016\/j.knosys.2026.116057_b37","doi-asserted-by":"crossref","unstructured":"Takuya Akiba, Shotaro Sano, Toshihiko Yanase, Takeru Ohta, Masanori Koyama, Optuna: A Next-generation Hyperparameter Optimization Framework, in: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, 2019, pp. 2623\u20132631.","DOI":"10.1145\/3292500.3330701"},{"issue":"8","key":"10.1016\/j.knosys.2026.116057_b38","doi-asserted-by":"crossref","first-page":"226","DOI":"10.1007\/s10462-025-11147-4","article-title":"Adversarial machine learning: a review of methods, tools, and critical industry sectors","volume":"58","author":"Pelekis","year":"2025","journal-title":"Artif. Intell. Rev."},{"key":"10.1016\/j.knosys.2026.116057_b39","unstructured":"M. Fang, X. Cao, J. Jia, N.Z. Gong, Local Model Poisoning Attacks to Byzantine-Robust Federated Learning, in: Proceedings of the 29th USENIX Security Symposium, USENIX Security\u201920, 2020, pp. 1605\u20131622."},{"key":"10.1016\/j.knosys.2026.116057_b40","series-title":"Advances in Neural Information Processing Systems (NeurIPS)","article-title":"A little is enough: Circumventing defenses for distributed learning","volume":"vol. 32","author":"Baruch","year":"2019"},{"key":"10.1016\/j.knosys.2026.116057_b41","first-page":"119","article-title":"Machine learning with adversaries: Byzantine tolerant gradient descent","volume":"vol. 30","author":"Blanchard","year":"2017"},{"key":"10.1016\/j.knosys.2026.116057_b42","unstructured":"Dong Yin, Yudong Chen, Kannan Ramchandran, Peter Bartlett, Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates, in: Proceedings of the International Conference on Machine Learning, ICML, 2018, pp. 5650\u20135659."},{"key":"10.1016\/j.knosys.2026.116057_b43","doi-asserted-by":"crossref","unstructured":"Virat Shejwalkar, Amir Houmansadr, Manipulating the Byzantine: Optimizing model poisoning attacks and defenses for federated learning, in: Proceedings of the Network and Distributed System Security Symposium, NDSS, 2021, pp. 1\u201318.","DOI":"10.14722\/ndss.2021.24498"}],"container-title":["Knowledge-Based Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0950705126007835?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0950705126007835?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T11:27:17Z","timestamp":1781004437000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0950705126007835"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":43,"alternative-id":["S0950705126007835"],"URL":"https:\/\/doi.org\/10.1016\/j.knosys.2026.116057","relation":{},"ISSN":["0950-7051"],"issn-type":[{"value":"0950-7051","type":"print"}],"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Novel defense strategies for concurrent data and model poisoning attacks in federated learning","name":"articletitle","label":"Article Title"},{"value":"Knowledge-Based Systems","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.knosys.2026.116057","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 Published by Elsevier B.V.","name":"copyright","label":"Copyright"}],"article-number":"116057"}}