{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T09:02:29Z","timestamp":1773824549013,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":61,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3590328","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"579-592","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["SoK: Systematizing Attack Studies in Federated Learning \u2013 From Sparseness to Completeness"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-7333-8752","authenticated-orcid":false,"given":"Geetanjli","family":"Sharma","sequence":"first","affiliation":[{"name":"La Trobe University, Australia and CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4286-3774","authenticated-orcid":false,"given":"M.A.P.","family":"Chamikara","sequence":"additional","affiliation":[{"name":"CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6138-7742","authenticated-orcid":false,"given":"Mohan Baruwal","family":"Chhetri","sequence":"additional","affiliation":[{"name":"CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4122-3767","authenticated-orcid":false,"given":"Yi-Ping Phoebe","family":"Chen","sequence":"additional","affiliation":[{"name":"La Trobe University, Australia"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"International Conference on Artificial Intelligence and Statistics. PMLR, 2938\u20132948","author":"Bagdasaryan Eugene","year":"2020","unstructured":"Eugene Bagdasaryan , Andreas Veit , Yiqing Hua , Deborah Estrin , and Vitaly Shmatikov . 2020 . How to backdoor federated learning . In International Conference on Artificial Intelligence and Statistics. PMLR, 2938\u20132948 . Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How to backdoor federated learning. In International Conference on Artificial Intelligence and Statistics. PMLR, 2938\u20132948."},{"key":"e_1_3_2_1_2_1","volume-title":"International Conference on Machine Learning. PMLR, 634\u2013643","author":"Bhagoji Arjun\u00a0Nitin","year":"2019","unstructured":"Arjun\u00a0Nitin Bhagoji , Supriyo Chakraborty , Prateek Mittal , and Seraphin Calo . 2019 . Analyzing federated learning through an adversarial lens . In International Conference on Machine Learning. PMLR, 634\u2013643 . Arjun\u00a0Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, and Seraphin Calo. 2019. Analyzing federated learning through an adversarial lens. In International Conference on Machine Learning. PMLR, 634\u2013643."},{"key":"e_1_3_2_1_3_1","volume-title":"Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in Neural Information Processing Systems 30","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard , El\u00a0Mahdi El\u00a0Mhamdi , Rachid Guerraoui , and Julien Stainer . 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in Neural Information Processing Systems 30 ( 2017 ). Peva Blanchard, El\u00a0Mahdi El\u00a0Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in Neural Information Processing Systems 30 (2017)."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3075203"},{"key":"e_1_3_2_1_5_1","volume-title":"2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS). IEEE, 233\u2013239","author":"Cao Di","year":"2019","unstructured":"Di Cao , Shan Chang , Zhijian Lin , Guohua Liu , and Donghong Sun . 2019 . Understanding distributed poisoning attack in federated learning . In 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS). IEEE, 233\u2013239 . Di Cao, Shan Chang, Zhijian Lin, Guohua Liu, and Donghong Sun. 2019. Understanding distributed poisoning attack in federated learning. In 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS). IEEE, 233\u2013239."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPRW56347.2022.00383"},{"key":"e_1_3_2_1_7_1","volume-title":"2020 29th International Conference on Computer Communications and Networks (ICCCN). IEEE, 1\u20139.","author":"Chen Jiale","year":"2020","unstructured":"Jiale Chen , Jiale Zhang , Yanchao Zhao , Hao Han , Kun Zhu , and Bing Chen . 2020 . Beyond model-level membership privacy leakage: an adversarial approach in federated learning . In 2020 29th International Conference on Computer Communications and Networks (ICCCN). IEEE, 1\u20139. Jiale Chen, Jiale Zhang, Yanchao Zhao, Hao Han, Kun Zhu, and Bing Chen. 2020. Beyond model-level membership privacy leakage: an adversarial approach in federated learning. In 2020 29th International Conference on Computer Communications and Networks (ICCCN). IEEE, 1\u20139."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","first-page":"100002","DOI":"10.1016\/j.hcc.2021.100002","article-title":"Towards multi-party targeted model poisoning attacks against federated learning systems","volume":"1","author":"Chen Zheyi","year":"2021","unstructured":"Zheyi Chen , Pu Tian , Weixian Liao , and Wei Yu . 2021 . Towards multi-party targeted model poisoning attacks against federated learning systems . High-Confidence Computing 1 , 1 (2021), 100002 . Zheyi Chen, Pu Tian, Weixian Liao, and Wei Yu. 2021. Towards multi-party targeted model poisoning attacks against federated learning systems. High-Confidence Computing 1, 1 (2021), 100002.","journal-title":"High-Confidence Computing"},{"key":"e_1_3_2_1_9_1","volume-title":"Perception Poisoning Attacks in Federated Learning. In 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 146\u2013155","author":"Chow Ka-Ho","year":"2021","unstructured":"Ka-Ho Chow and Ling Liu . 2021 . Perception Poisoning Attacks in Federated Learning. In 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 146\u2013155 . Ka-Ho Chow and Ling Liu. 2021. Perception Poisoning Attacks in Federated Learning. In 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 146\u2013155."},{"key":"e_1_3_2_1_10_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Fang Minghong","year":"2020","unstructured":"Minghong Fang , Xiaoyu Cao , Jinyuan Jia , and Neil Gong . 2020 . Local model poisoning attacks to { Byzantine-Robust} federated learning . In 29th USENIX Security Symposium (USENIX Security 20) . 1605\u20131622. Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Gong. 2020. Local model poisoning attacks to { Byzantine-Robust} federated learning. In 29th USENIX Security Symposium (USENIX Security 20). 1605\u20131622."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3118642"},{"key":"e_1_3_2_1_12_1","volume-title":"2021 18th International Conference on Privacy, Security and Trust (PST). IEEE, 1\u201310","author":"Fontana Michele","year":"2021","unstructured":"Michele Fontana , Francesca Naretto , and Anna Monreale . 2021 . A new approach for cross-silo federated learning and its privacy risks . In 2021 18th International Conference on Privacy, Security and Trust (PST). IEEE, 1\u201310 . Michele Fontana, Francesca Naretto, and Anna Monreale. 2021. A new approach for cross-silo federated learning and its privacy risks. In 2021 18th International Conference on Privacy, Security and Trust (PST). IEEE, 1\u201310."},{"key":"e_1_3_2_1_13_1","volume-title":"International Conference on Artificial Intelligence and Statistics. PMLR","author":"Fraboni Yann","year":"2021","unstructured":"Yann Fraboni , Richard Vidal , and Marco Lorenzi . 2021 . Free-rider attacks on model aggregation in federated learning . In International Conference on Artificial Intelligence and Statistics. PMLR , 1846\u20131854. Yann Fraboni, Richard Vidal, and Marco Lorenzi. 2021. Free-rider attacks on model aggregation in federated learning. In International Conference on Artificial Intelligence and Statistics. PMLR, 1846\u20131854."},{"key":"e_1_3_2_1_14_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Fu Chong","year":"2022","unstructured":"Chong Fu , Xuhong Zhang , Shouling Ji , Jinyin Chen , Jingzheng Wu , Shanqing Guo , Jun Zhou , Alex\u00a0 X Liu , and Ting Wang . 2022 . Label inference attacks against vertical federated learning . In 31st USENIX Security Symposium (USENIX Security 22) , Boston, MA. Chong Fu, Xuhong Zhang, Shouling Ji, Jinyin Chen, Jingzheng Wu, Shanqing Guo, Jun Zhou, Alex\u00a0X Liu, and Ting Wang. 2022. Label inference attacks against vertical federated learning. In 31st USENIX Security Symposium (USENIX Security 22), Boston, MA."},{"key":"e_1_3_2_1_15_1","volume-title":"Secure aggregation is insecure: Category inference attack on federated learning","author":"Gao Jiqiang","year":"2021","unstructured":"Jiqiang Gao , Boyu Hou , Xiaojie Guo , Zheli Liu , Ying Zhang , Kai Chen , and Jin Li. 2021. Secure aggregation is insecure: Category inference attack on federated learning . IEEE Transactions on Dependable and Secure Computing ( 2021 ). Jiqiang Gao, Boyu Hou, Xiaojie Guo, Zheli Liu, Ying Zhang, Kai Chen, and Jin Li. 2021. Secure aggregation is insecure: Category inference attack on federated learning. IEEE Transactions on Dependable and Secure Computing (2021)."},{"key":"e_1_3_2_1_16_1","volume-title":"Inverting gradients-how easy is it to break privacy in federated learning?Advances in Neural Information Processing Systems 33","author":"Geiping Jonas","year":"2020","unstructured":"Jonas Geiping , Hartmut Bauermeister , Hannah Dr\u00f6ge , and Michael Moeller . 2020. Inverting gradients-how easy is it to break privacy in federated learning?Advances in Neural Information Processing Systems 33 ( 2020 ), 16937\u201316947. Jonas Geiping, Hartmut Bauermeister, Hannah Dr\u00f6ge, and Michael Moeller. 2020. Inverting gradients-how easy is it to break privacy in federated learning?Advances in Neural Information Processing Systems 33 (2020), 16937\u201316947."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.011.2000783"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103201"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM51629.2021.00129"},{"key":"e_1_3_2_1_20_1","first-page":"7232","article-title":"Evaluating gradient inversion attacks and defenses in federated learning","volume":"34","author":"Huang Yangsibo","year":"2021","unstructured":"Yangsibo Huang , Samyak Gupta , Zhao Song , Kai Li , and Sanjeev Arora . 2021 . Evaluating gradient inversion attacks and defenses in federated learning . Advances in Neural Information Processing Systems 34 (2021), 7232 \u2013 7241 . Yangsibo Huang, Samyak Gupta, Zhao Song, Kai Li, and Sanjeev Arora. 2021. Evaluating gradient inversion attacks and defenses in federated learning. Advances in Neural Information Processing Systems 34 (2021), 7232\u20137241.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2022-0045"},{"key":"e_1_3_2_1_22_1","volume-title":"International Conference on Machine Learning. PMLR, 5959\u20135968","author":"Lam Maximilian","year":"2021","unstructured":"Maximilian Lam , Gu-Yeon Wei , David Brooks , Vijay\u00a0Janapa Reddi , and Michael Mitzenmacher . 2021 . Gradient disaggregation: Breaking privacy in federated learning by reconstructing the user participant matrix . In International Conference on Machine Learning. PMLR, 5959\u20135968 . Maximilian Lam, Gu-Yeon Wei, David Brooks, Vijay\u00a0Janapa Reddi, and Michael Mitzenmacher. 2021. Gradient disaggregation: Breaking privacy in federated learning by reconstructing the user participant matrix. In International Conference on Machine Learning. PMLR, 5959\u20135968."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2020.2975749"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-021-00105-6"},{"key":"e_1_3_2_1_25_1","volume-title":"Inverting Gradient Attack Combined with GAN Network in Federated Learning of Face Recognition. In 2021 IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC)","author":"Liu Yiming","unstructured":"Yiming Liu , Kejie Xu , Jianhao Cui , and Qiji Zheng . 2021. Inverting Gradient Attack Combined with GAN Network in Federated Learning of Face Recognition. In 2021 IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC) . IEEE , 317\u2013325. Yiming Liu, Kejie Xu, Jianhao Cui, and Qiji Zheng. 2021. Inverting Gradient Attack Combined with GAN Network in Federated Learning of Face Recognition. In 2021 IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC). IEEE, 317\u2013325."},{"key":"e_1_3_2_1_26_1","volume-title":"2021 IEEE 37th International Conference on Data Engineering (ICDE). IEEE, 181\u2013192","author":"Luo Xinjian","year":"2021","unstructured":"Xinjian Luo , Yuncheng Wu , Xiaokui Xiao , and Beng\u00a0Chin Ooi . 2021 . Feature inference attack on model predictions in vertical federated learning . In 2021 IEEE 37th International Conference on Data Engineering (ICDE). IEEE, 181\u2013192 . Xinjian Luo, Yuncheng Wu, Xiaokui Xiao, and Beng\u00a0Chin Ooi. 2021. Feature inference attack on model predictions in vertical federated learning. In 2021 IEEE 37th International Conference on Data Engineering (ICDE). IEEE, 181\u2013192."},{"key":"e_1_3_2_1_27_1","unstructured":"Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise\u00a0Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR 1273\u20131282. Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise\u00a0Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR 1273\u20131282."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00029"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.10.007"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00065"},{"key":"e_1_3_2_1_31_1","volume-title":"Proc. Workshop Decentralized IoT Syst. Secur.(DISS). 1\u20137.","author":"Nguyen Thien\u00a0Duc","year":"2020","unstructured":"Thien\u00a0Duc Nguyen , Phillip Rieger , Markus Miettinen , and Ahmad-Reza Sadeghi . 2020 . Poisoning attacks on federated learning-based IoT intrusion detection system . In Proc. Workshop Decentralized IoT Syst. Secur.(DISS). 1\u20137. Thien\u00a0Duc Nguyen, Phillip Rieger, Markus Miettinen, and Ahmad-Reza Sadeghi. 2020. Poisoning attacks on federated learning-based IoT intrusion detection system. In Proc. Workshop Decentralized IoT Syst. Secur.(DISS). 1\u20137."},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy. 168\u2013170","author":"Nuding Florian","year":"2020","unstructured":"Florian Nuding and Rudolf Mayer . 2020 . Poisoning attacks in federated learning: An evaluation on traffic sign classification . In Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy. 168\u2013170 . Florian Nuding and Rudolf Mayer. 2020. Poisoning attacks in federated learning: An evaluation on traffic sign classification. In Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy. 168\u2013170."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510548.3519372"},{"key":"e_1_3_2_1_34_1","volume-title":"Robust aggregation for federated learning. arXiv preprint arXiv:1912.13445","author":"Pillutla Krishna","year":"2019","unstructured":"Krishna Pillutla , Sham\u00a0 M Kakade , and Zaid Harchaoui . 2019. Robust aggregation for federated learning. arXiv preprint arXiv:1912.13445 ( 2019 ). Krishna Pillutla, Sham\u00a0M Kakade, and Zaid Harchaoui. 2019. Robust aggregation for federated learning. arXiv preprint arXiv:1912.13445 (2019)."},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, Vol.\u00a010","author":"Pustozerova Anastasia","year":"2020","unstructured":"Anastasia Pustozerova and Rudolf Mayer . 2020 . Information leaks in federated learning . In Proceedings of the Network and Distributed System Security Symposium, Vol.\u00a010 . Anastasia Pustozerova and Rudolf Mayer. 2020. Information leaks in federated learning. In Proceedings of the Network and Distributed System Security Symposium, Vol.\u00a010."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"Naik Bakht\u00a0Sania Qureshi Dong-Hoon Kim Jiwoo Lee and Eun-Kyu Lee. 2021. On the Performance Impact of Poisoning Attacks on Load Forecasting in Federated Learning. In Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers. 64\u201366. Naik Bakht\u00a0Sania Qureshi Dong-Hoon Kim Jiwoo Lee and Eun-Kyu Lee. 2021. On the Performance Impact of Poisoning Attacks on Load Forecasting in Federated Learning. In Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers. 64\u201366.","DOI":"10.1145\/3460418.3479285"},{"key":"e_1_3_2_1_37_1","volume-title":"NOMS 2022-2022 IEEE\/IFIP Network Operations and Management Symposium. IEEE, 1\u20137.","author":"Bakht\u00a0Sania Qureshi Naik","year":"2022","unstructured":"Naik Bakht\u00a0Sania Qureshi , Dong-Hoon Kim , Jiwoo Lee , and Eun-Kyu Lee . 2022 . Poisoning Attacks against Federated Learning in Load Forecasting of Smart Energy . In NOMS 2022-2022 IEEE\/IFIP Network Operations and Management Symposium. IEEE, 1\u20137. Naik Bakht\u00a0Sania Qureshi, Dong-Hoon Kim, Jiwoo Lee, and Eun-Kyu Lee. 2022. Poisoning Attacks against Federated Learning in Load Forecasting of Smart Energy. In NOMS 2022-2022 IEEE\/IFIP Network Operations and Management Symposium. IEEE, 1\u20137."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Virat Shejwalkar and Amir Houmansadr. 2021. Manipulating the byzantine: Optimizing model poisoning attacks and defenses for federated learning. In NDSS. Virat Shejwalkar and Amir Houmansadr. 2021. Manipulating the byzantine: Optimizing model poisoning attacks and defenses for federated learning. In NDSS.","DOI":"10.14722\/ndss.2021.24498"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833647"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2020.3000372"},{"key":"e_1_3_2_1_41_1","volume-title":"Data poisoning attacks on federated machine learning","author":"Sun Gan","year":"2021","unstructured":"Gan Sun , Yang Cong , Jiahua Dong , Qiang Wang , Lingjuan Lyu , and Ji Liu . 2021. Data poisoning attacks on federated machine learning . IEEE Internet of Things Journal ( 2021 ). Gan Sun, Yang Cong, Jiahua Dong, Qiang Wang, Lingjuan Lyu, and Ji Liu. 2021. Data poisoning attacks on federated machine learning. IEEE Internet of Things Journal (2021)."},{"key":"e_1_3_2_1_42_1","volume-title":"Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. In 2021 IEEE International Conference on Systems, Man, and Cybernetics (SMC). IEEE, 2749\u20132754","author":"Sun Yuwei","year":"2021","unstructured":"Yuwei Sun , Ng\u00a0 ST Chong , and Hideya Ochiai . 2021 . Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. In 2021 IEEE International Conference on Systems, Man, and Cybernetics (SMC). IEEE, 2749\u20132754 . Yuwei Sun, Ng\u00a0ST Chong, and Hideya Ochiai. 2021. Information Stealing in Federated Learning Systems Based on Generative Adversarial Networks. In 2021 IEEE International Conference on Systems, Man, and Cybernetics (SMC). IEEE, 2749\u20132754."},{"key":"e_1_3_2_1_43_1","volume-title":"Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963","author":"Sun Ziteng","year":"2019","unstructured":"Ziteng Sun , Peter Kairouz , Ananda\u00a0Theertha Suresh , and H\u00a0Brendan McMahan . 2019. Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963 ( 2019 ). Ziteng Sun, Peter Kairouz, Ananda\u00a0Theertha Suresh, and H\u00a0Brendan McMahan. 2019. Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963 (2019)."},{"key":"e_1_3_2_1_44_1","volume-title":"European Symposium on Research in Computer Security. Springer, 480\u2013501","author":"Tolpegin Vale","year":"2020","unstructured":"Vale Tolpegin , Stacey Truex , Mehmet\u00a0Emre Gursoy , and Ling Liu . 2020 . Data poisoning attacks against federated learning systems . In European Symposium on Research in Computer Security. Springer, 480\u2013501 . Vale Tolpegin, Stacey Truex, Mehmet\u00a0Emre Gursoy, and Ling Liu. 2020. Data poisoning attacks against federated learning systems. In European Symposium on Research in Computer Security. Springer, 480\u2013501."},{"key":"e_1_3_2_1_45_1","volume-title":"ICASSP 2022-2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, 6972\u20136976","author":"Tomashenko Natalia","year":"2022","unstructured":"Natalia Tomashenko , Salima Mdhaffar , Marc Tommasi , Yannick Est\u00e8ve , and Jean-Fran\u00e7ois Bonastre . 2022 . Privacy attacks for automatic speech recognition acoustic models in a federated learning framework . In ICASSP 2022-2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, 6972\u20136976 . Natalia Tomashenko, Salima Mdhaffar, Marc Tommasi, Yannick Est\u00e8ve, and Jean-Fran\u00e7ois Bonastre. 2022. Privacy attacks for automatic speech recognition acoustic models in a federated learning framework. In ICASSP 2022-2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, 6972\u20136976."},{"key":"e_1_3_2_1_46_1","first-page":"16070","article-title":"Attack of the tails: Yes, you really can backdoor federated learning","volume":"33","author":"Wang Hongyi","year":"2020","unstructured":"Hongyi Wang , Kartik Sreenivasan , Shashank Rajput , Harit Vishwakarma , Saurabh Agarwal , Jy-yong Sohn, Kangwook Lee , and Dimitris Papailiopoulos . 2020 . Attack of the tails: Yes, you really can backdoor federated learning . Advances in Neural Information Processing Systems 33 (2020), 16070 \u2013 16084 . Hongyi Wang, Kartik Sreenivasan, Shashank Rajput, Harit Vishwakarma, Saurabh Agarwal, Jy-yong Sohn, Kangwook Lee, and Dimitris Papailiopoulos. 2020. Attack of the tails: Yes, you really can backdoor federated learning. Advances in Neural Information Processing Systems 33 (2020), 16070\u201316084.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3196646"},{"key":"e_1_3_2_1_48_1","volume-title":"Gradient-Leakage Resilient Federated Learning. In 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). 797\u2013807","author":"Wei Wenqi","year":"2021","unstructured":"Wenqi Wei , Ling Liu , Yanzhao Wut , Gong Su , and Arun Iyengar . 2021 . Gradient-Leakage Resilient Federated Learning. In 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). 797\u2013807 . https:\/\/doi.org\/10.1109\/ICDCS51616.2021.00081 10.1109\/ICDCS51616.2021.00081 Wenqi Wei, Ling Liu, Yanzhao Wut, Gong Su, and Arun Iyengar. 2021. Gradient-Leakage Resilient Federated Learning. In 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). 797\u2013807. https:\/\/doi.org\/10.1109\/ICDCS51616.2021.00081"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"crossref","unstructured":"Xiguang Wei Quan Li Yang Liu Han Yu Tianjian Chen and Qiang Yang. 2019. Multi-Agent Visualization for Explaining Federated Learning.. In IJCAI. 6572\u20136574. Xiguang Wei Quan Li Yang Liu Han Yu Tianjian Chen and Qiang Yang. 2019. Multi-Agent Visualization for Explaining Federated Learning.. In IJCAI. 6572\u20136574.","DOI":"10.24963\/ijcai.2019\/960"},{"key":"e_1_3_2_1_50_1","volume-title":"International Conference on Learning Representations.","author":"Xie Chulin","year":"2019","unstructured":"Chulin Xie , Keli Huang , Pin-Yu Chen , and Bo Li . 2019 . Dba: Distributed backdoor attacks against federated learning . In International Conference on Learning Representations. Chulin Xie, Keli Huang, Pin-Yu Chen, and Bo Li. 2019. Dba: Distributed backdoor attacks against federated learning. In International Conference on Learning Representations."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3411501.3419423"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3339474"},{"key":"e_1_3_2_1_53_1","volume-title":"International Conference on Machine Learning. PMLR, 5650\u20135659","author":"Yin Dong","year":"2018","unstructured":"Dong Yin , Yudong Chen , Ramchandran Kannan , and Peter Bartlett . 2018 . Byzantine-robust distributed learning: Towards optimal statistical rates . In International Conference on Machine Learning. PMLR, 5650\u20135659 . Dong Yin, Yudong Chen, Ramchandran Kannan, and Peter Bartlett. 2018. Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning. PMLR, 5650\u20135659."},{"key":"e_1_3_2_1_54_1","volume-title":"ACL 2022 Workshop on Federated Learning for Natural Language Processing.","author":"Yoo KiYoon","year":"2022","unstructured":"KiYoon Yoo and Nojun Kwak . 2022 . Backdoor Attacks in Federated Learning by Poisoned Word Embeddings . In ACL 2022 Workshop on Federated Learning for Natural Language Processing. KiYoon Yoo and Nojun Kwak. 2022. Backdoor Attacks in Federated Learning by Poisoned Word Embeddings. In ACL 2022 Workshop on Federated Learning for Natural Language Processing."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3089713"},{"key":"e_1_3_2_1_56_1","volume-title":"Models and Methods for Management Science","author":"Zhang Hao","unstructured":"Hao Zhang . 2022. Structural equation modeling . In Models and Methods for Management Science . Springer , 363\u2013381. Hao Zhang. 2022. Structural equation modeling. In Models and Methods for Management Science. Springer, 363\u2013381."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3023126"},{"key":"e_1_3_2_1_58_1","volume-title":"Security And Privacy In Computing And Communications\/13th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE)","author":"Zhang Jiale","unstructured":"Jiale Zhang , Junjun Chen , Di Wu , Bing Chen , and Shui Yu. 2019. Poisoning attack in federated learning using generative adversarial nets. In 2019 18th IEEE International Conference On Trust , Security And Privacy In Computing And Communications\/13th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE) . IEEE , 374\u2013380. Jiale Zhang, Junjun Chen, Di Wu, Bing Chen, and Shui Yu. 2019. Poisoning attack in federated learning using generative adversarial nets. In 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications\/13th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE). IEEE, 374\u2013380."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488560.3498386"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.3390\/fi13030073"},{"key":"e_1_3_2_1_61_1","volume-title":"Deep leakage from gradients. Advances in neural information processing systems 32","author":"Zhu Ligeng","year":"2019","unstructured":"Ligeng Zhu , Zhijian Liu , and Song Han . 2019. Deep leakage from gradients. Advances in neural information processing systems 32 ( 2019 ). Ligeng Zhu, Zhijian Liu, and Song Han. 2019. Deep leakage from gradients. Advances in neural information processing systems 32 (2019)."}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590328","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:16Z","timestamp":1750183696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590328"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":61,"alternative-id":["10.1145\/3579856.3590328","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3590328","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}