{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T04:01:15Z","timestamp":1754107275443,"version":"3.28.0"},"reference-count":56,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,9,18]],"date-time":"2023-09-18T00:00:00Z","timestamp":1694995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,9,18]],"date-time":"2023-09-18T00:00:00Z","timestamp":1694995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,9,18]]},"DOI":"10.1109\/fmec59375.2023.10306127","type":"proceedings-article","created":{"date-parts":[[2023,11,8]],"date-time":"2023-11-08T18:51:37Z","timestamp":1699469497000},"page":"262-269","source":"Crossref","is-referenced-by-count":3,"title":["An Investigation of Recent Backdoor Attacks and Defenses in Federated Learning"],"prefix":"10.1109","author":[{"given":"Qiuxian","family":"Chen","sequence":"first","affiliation":[{"name":"Institute of Computer Application, China Academy of Engineering Physics,Mianyang,China"}]},{"given":"Yizheng","family":"Tao","sequence":"additional","affiliation":[{"name":"Institute of Computer Application, China Academy of Engineering Physics,Mianyang,China"}]}],"member":"263","reference":[{"key":"ref13","article-title":"Can you really backdoor federated learning?","author":"sun","year":"2019","journal-title":"ArXiv Preprint"},{"key":"ref12","article-title":"Dba: Distributed backdoor attacks against federated learning","author":"xie","year":"0","journal-title":"International Conference on Learning Representations"},{"doi-asserted-by":"publisher","key":"ref56","DOI":"10.1609\/aaai.v37i10.26393"},{"key":"ref15","first-page":"480","article-title":"Data poisoning attacks against federated learning systems","author":"tolpegin","year":"2020","journal-title":"Computer Security-ESORICS 2020 25th European Symposium on Research in Computer Security ESORICS 2020 Guildford UK September 14–18 2020 Proceedings Part I 25"},{"key":"ref14","first-page":"26429","article-title":"N eurotoxin: Durable backdoors in federated learning","author":"zhang","year":"2022","journal-title":"International Conference on Machine Learning"},{"key":"ref53","first-page":"50","article-title":"Federated learning: Challenges, methods, and future directions","volume":"37","author":"li","year":"2019","journal-title":"IEEE Signal Processing Magazine"},{"doi-asserted-by":"publisher","key":"ref52","DOI":"10.1145\/3298981"},{"key":"ref11","first-page":"16070","article-title":"Attack of the tails: Yes, you really can backdoor federated learning","volume":"33","author":"wang","year":"2020","journal-title":"Advances in neural information processing systems"},{"key":"ref55","article-title":"Mitigating sybils in federated learning poisoning","author":"fung","year":"2018","journal-title":"ArXiv Preprint"},{"doi-asserted-by":"publisher","key":"ref10","DOI":"10.1145\/3372297.3423362"},{"key":"ref54","article-title":"Threats to federated learning: A survey","volume":"abs 2003 2133","author":"lyu","year":"2020","journal-title":"ArXiv"},{"doi-asserted-by":"publisher","key":"ref17","DOI":"10.1007\/978-981-16-8059-5_36"},{"doi-asserted-by":"publisher","key":"ref16","DOI":"10.1109\/JIOT.2021.3128646"},{"key":"ref19","first-page":"11 973","article-title":"On the trade-off between adversarial and backdoor robustness","volume":"33","author":"weng","year":"2020","journal-title":"Advances in neural information processing systems"},{"key":"ref18","first-page":"154","article-title":"Backdoor attack is a devil in federated gan-based med-ical image synthesis","author":"jin","year":"2022","journal-title":"Simulation and Synthesis in Medical Imaging 7th International Workshop SASHIMI 2022 Held in Conjunction with MICCAI2022 Singapore September 18 2022 Proceedings"},{"doi-asserted-by":"publisher","key":"ref51","DOI":"10.1016\/j.cie.2020.106854"},{"key":"ref50","article-title":"Survey on federated learning threats: concepts, taxonomy on attacks and defences, experimental study and challenges","volume":"abs 2201 8135","author":"rodr'iguez-barroso","year":"2022","journal-title":"ArXiv"},{"key":"ref46","first-page":"11372","article-title":"Crfl: Certifiably robust federated learning against backdoor attacks","author":"xie","year":"2021","journal-title":"International Conference on Machine Learning"},{"key":"ref45","article-title":"signsgd with majority vote is communication efficient and fault tolerant","author":"bernstein","year":"2018","journal-title":"ArXiv Preprint"},{"key":"ref48","first-page":"12613","article-title":"FI-wbc: Enhancing robustness against model poisoning attacks in federated learning from a client perspective","volume":"34","author":"sun","year":"2021","journal-title":"Advances in neural information processing systems"},{"key":"ref47","first-page":"7587","article-title":"Sparsefed: Mitigating model poisoning attacks in federated learning with sparsification","author":"panda","year":"2022","journal-title":"International Conference on Artificial Intelli-gence and Statistics"},{"doi-asserted-by":"publisher","key":"ref42","DOI":"10.1145\/3219617.3219655"},{"key":"ref41","first-page":"5650","article-title":"Byzantine-robust dis-tributed learning: Towards optimal statistical rates","author":"yin","year":"2018","journal-title":"International Conference on Machine Learning"},{"key":"ref44","doi-asserted-by":"crossref","first-page":"9268","DOI":"10.1609\/aaai.v35i10.17118","article-title":"Defending against back-doors in federated learning with robust learning rate","volume":"35","author":"ozdayi","year":"0","journal-title":"Proceedings of the AAAI Conference on Artificial Intelligence"},{"key":"ref43","article-title":"Rflbat: A robust fed-erated learning algorithm against backdoor attack","author":"wang","year":"2022","journal-title":"ar Xiv preprint"},{"doi-asserted-by":"publisher","key":"ref49","DOI":"10.1109\/MSP.2020.2975749"},{"key":"ref8","first-page":"2938","article-title":"How to backdoor federated learning","author":"bagdasaryan","year":"2020","journal-title":"International Conference on Artificial Intelligence and Statistics"},{"key":"ref7","article-title":"Backdoor attacks and defenses in federated learning: State-of-the-art, taxonomy, and future directions","author":"gong","year":"2022","journal-title":"IEEE Wireless Communications"},{"key":"ref9","article-title":"Badnets: Identifying vulnera-bilities in the machine learning model supply chain","author":"gu","year":"2017","journal-title":"ar Xiv preprint"},{"doi-asserted-by":"publisher","key":"ref4","DOI":"10.1561\/2200000083"},{"doi-asserted-by":"publisher","key":"ref3","DOI":"10.1109\/ACCESS.2021.3075203"},{"key":"ref6","first-page":"634","article-title":"Analyzing feder-ated learning through an adversarial lens","author":"bhagoji","year":"2019","journal-title":"International Conference on Machine Learning"},{"doi-asserted-by":"publisher","key":"ref5","DOI":"10.14722\/ndss.2018.23291"},{"key":"ref40","article-title":"Ma-chine learning with adversaries: Byzantine tolerant gradient descent","volume":"30","author":"blanchard","year":"2017","journal-title":"Advances in neural information processing systems"},{"doi-asserted-by":"publisher","key":"ref35","DOI":"10.1109\/SP.2019.00031"},{"key":"ref34","first-page":"273","article-title":"Fine-pruning: Defending against backdooring attacks on deep neural networks","author":"liu","year":"2018","journal-title":"Research in Attacks Intrusions and Defenses 21st International Symposium RAID 2018 Heraklion Crete Greece September 10–12 2018 Proceedings 21"},{"doi-asserted-by":"publisher","key":"ref37","DOI":"10.1038\/nature14236"},{"key":"ref36","article-title":"Mitigating backdoor attacks in federated learning","author":"wu","year":"2020","journal-title":"ArXiv Preprint"},{"doi-asserted-by":"publisher","key":"ref31","DOI":"10.1109\/Trustcom.2015.357"},{"key":"ref30","article-title":"Close the gate: Detecting backdoored models in federated learning based on client-side deep layer output analysis","author":"rieger","year":"2022","journal-title":"ArXiv Preprint"},{"key":"ref33","first-page":"129","article-title":"What is the state of neural network pruning?","volume":"2","author":"blalock","year":"0","journal-title":"Proceedings of Machine Learning and Systems"},{"doi-asserted-by":"publisher","key":"ref32","DOI":"10.1145\/3422337.3447837"},{"key":"ref2","first-page":"1273","article-title":"Communication-efficient learning of deep networks from decentralized data","author":"mcmahan","year":"2017","journal-title":"Artificial Intelligence and Statistics"},{"key":"ref1","article-title":"Federated learning: Strategies for improving communication efficiency","author":"konecny","year":"2016","journal-title":"ArXiv Preprint"},{"doi-asserted-by":"publisher","key":"ref39","DOI":"10.1145\/2976749.2978318"},{"key":"ref38","first-page":"1","article-title":"Differential privacy","author":"dwork","year":"2006","journal-title":"Automata Languages and Program-ming 33rd International Colloquium ICALP 2006 Venice Italy July 10–14 2006 Proceedings Part II 33"},{"doi-asserted-by":"publisher","key":"ref24","DOI":"10.1145\/3534678.3539231"},{"key":"ref23","first-page":"6921","article-title":"Power k-means clustering","author":"xu","year":"2019","journal-title":"International Conference on Machine Learning"},{"key":"ref26","first-page":"1747","article-title":"Baybfed: Bayesian backdoor defense for federated learning","author":"kumari","year":"2022","journal-title":"2023 IEEE Symposium on Security and Privacy (SP) IEEE Computer Society"},{"key":"ref25","first-page":"1415","article-title":"{FLAME}: Taming backdoors in federated learning","author":"nguyen","year":"0","journal-title":"31st USENIX Security Symposium (USENIX Security 22)"},{"doi-asserted-by":"publisher","key":"ref20","DOI":"10.14722\/diss.2020.23003"},{"doi-asserted-by":"publisher","key":"ref22","DOI":"10.1016\/j.engappai.2023.107166"},{"key":"ref21","article-title":"Deep sight: Mitigating backdoor attacks in federated learning through deep model inspection","author":"rieger","year":"2022","journal-title":"ArXiv Preprint"},{"key":"ref28","article-title":"Learning to de-tect malicious clients for robust federated learning","author":"li","year":"2020","journal-title":"ar Xiv preprint"},{"key":"ref27","article-title":"Spectral signatures in backdoor attacks","volume":"31","author":"tran","year":"2018","journal-title":"Advances in neural information processing systems"},{"doi-asserted-by":"publisher","key":"ref29","DOI":"10.1109\/ICDCS51616.2021.00086"}],"event":{"name":"2023 Eighth International Conference on Fog and Mobile Edge Computing (FMEC)","start":{"date-parts":[[2023,9,18]]},"location":"Tartu, Estonia","end":{"date-parts":[[2023,9,20]]}},"container-title":["2023 Eighth International Conference on Fog and Mobile Edge Computing (FMEC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10305711\/10305726\/10306127.pdf?arnumber=10306127","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,11]],"date-time":"2023-12-11T19:22:44Z","timestamp":1702322564000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10306127\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,18]]},"references-count":56,"URL":"https:\/\/doi.org\/10.1109\/fmec59375.2023.10306127","relation":{},"subject":[],"published":{"date-parts":[[2023,9,18]]}}}