{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T17:37:16Z","timestamp":1770917836366,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,5,13]],"date-time":"2024-05-13T00:00:00Z","timestamp":1715558400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,5,13]]},"DOI":"10.1145\/3589335.3651555","type":"proceedings-article","created":{"date-parts":[[2024,5,12]],"date-time":"2024-05-12T18:41:21Z","timestamp":1715539281000},"page":"798-801","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Robust Federated Learning Mitigates Client-side Training Data Distribution Inference Attacks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-1094-4206","authenticated-orcid":false,"given":"Yichang","family":"Xu","sequence":"first","affiliation":[{"name":"University of Science and Technology of China, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-9844-4447","authenticated-orcid":false,"given":"Ming","family":"Yin","sequence":"additional","affiliation":[{"name":"University of Science and Technology of China, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1365-3911","authenticated-orcid":false,"given":"Minghong","family":"Fang","sequence":"additional","affiliation":[{"name":"Duke University, Durham, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9900-9309","authenticated-orcid":false,"given":"Neil Zhenqiang","family":"Gong","sequence":"additional","affiliation":[{"name":"Duke University, Durham, NC, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,5,13]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Alham Fikri Aji and Kenneth Heafield. 2017. Sparse communication for distributed gradient descent. In EMNLP."},{"key":"e_1_3_2_2_2_1","unstructured":"Gilad Baruch Moran Baruch and Yoav Goldberg. 2019. A little is enough: Circumventing defenses for distributed learning. In NeurIPS."},{"key":"e_1_3_2_2_3_1","unstructured":"Jeremy Bernstein Yu-Xiang Wang Kamyar Azizzadenesheli and Anima Anandkumar. 2018. signSGD: Compressed Optimisation for Non-Convex Problems. In ICML."},{"key":"e_1_3_2_2_4_1","volume-title":"Rachid Guerraoui, and Julien Stainer.","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. In NeurIPS."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"crossref","unstructured":"Keith Bonawitz Vladimir Ivanov Ben Kreuter Antonio Marcedone H Brendan McMahan Sarvar Patel Daniel Ramage Aaron Segal and Karn Seth. 2017. Practical secure aggregation for privacy-preserving machine learning. In CCS.","DOI":"10.1145\/3133956.3133982"},{"key":"e_1_3_2_2_6_1","unstructured":"Xiaoyu Cao Minghong Fang Jia Liu and Neil Zhenqiang Gong. 2021. FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping. In NDSS."},{"key":"e_1_3_2_2_7_1","unstructured":"Kenneth R Castleman. 1996. Digital image processing."},{"key":"e_1_3_2_2_8_1","volume-title":"USENIX Security Symposium.","author":"Fang Minghong","year":"2020","unstructured":"Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Gong. 2020. Local model poisoning attacks to Byzantine-Robust federated learning. In USENIX Security Symposium."},{"key":"e_1_3_2_2_9_1","volume-title":"Neil Zhenqiang Gong, and Elizabeth S Bentley","author":"Fang Minghong","year":"2022","unstructured":"Minghong Fang, Jia Liu, Neil Zhenqiang Gong, and Elizabeth S Bentley. 2022. AFLGuard: Byzantine-robust Asynchronous Federated Learning. In ACSAC."},{"key":"e_1_3_2_2_10_1","unstructured":"Jonas Geiping Hartmut Bauermeister Hannah Dr\u00f6ge and Michael Moeller. 2020. Inverting gradients-how easy is it to break privacy in federated learning?. In NeurIPS."},{"key":"e_1_3_2_2_11_1","unstructured":"Ian Goodfellow Jean Pouget-Abadie Mehdi Mirza Bing Xu David Warde-Farley Sherjil Ozair Aaron Courville and Yoshua Bengio. 2014. Generative adversarial nets. In NeurIPS."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"crossref","unstructured":"Briland Hitaj Giuseppe Ateniese and Fernando Perez-Cruz. 2017. Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning. In CCS.","DOI":"10.1145\/3133956.3134012"},{"key":"e_1_3_2_2_13_1","unstructured":"Yann LeCun Corinna Cortes and CJ Burges. 1998. MNIST handwritten digit database. Available: http:\/\/yann. lecun. com\/exdb\/mnist."},{"key":"e_1_3_2_2_14_1","unstructured":"H. B. McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise Ag\u00fcera y Arcas. 2016. Communication-Efficient Learning of Deep Networks from Decentralized Data. In AISTATS."},{"key":"e_1_3_2_2_15_1","unstructured":"El Mahdi El Mhamdi Rachid Guerraoui and S\u00e9bastien Rouault. 2018. The Hidden Vulnerability of Distributed Learning in Byzantium. In ICML."},{"key":"e_1_3_2_2_16_1","volume-title":"Byzantine-robust federated machine learning through adaptive model averaging. arXiv preprint arXiv:1909.05125","author":"Gonz\u00e1lez Luis Mu","year":"2019","unstructured":"Luis Mu noz-Gonz\u00e1lez, Kenneth T Co, and Emil C Lupu. 2019. Byzantine-robust federated machine learning through adaptive model averaging. arXiv preprint arXiv:1909.05125 (2019)."},{"key":"e_1_3_2_2_17_1","volume-title":"Reading Digits in Natural Images with Unsupervised Feature Learning. In NeurIPS Workshop on Deep Learning and Unsupervised Feature Learning.","author":"Netzer Yuval","unstructured":"Yuval Netzer, Tao Wang, Adam Coates, A. Bissacco, Bo Wu, and A. Ng. 2011. Reading Digits in Natural Images with Unsupervised Feature Learning. In NeurIPS Workshop on Deep Learning and Unsupervised Feature Learning."},{"key":"e_1_3_2_2_18_1","unstructured":"Jim Nilsson and Tomas Akenine-M\u00f6ller. 2020. Understanding SSIM. In arXiv."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACV.1994.341300"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2011.6033395"},{"key":"e_1_3_2_2_22_1","volume-title":"Image quality assessment: from error visibility to structural similarity","author":"Wang Zhou","unstructured":"Zhou Wang, Alan C Bovik, Hamid R Sheikh, and Eero P Simoncelli. 2004. Image quality assessment: from error visibility to structural similarity. In IEEE transactions on image processing."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"crossref","unstructured":"Wenqi Wei Ling Liu Yanzhao Wu Gong Su and Arun Iyengar. 2021. Gradient-Leakage Resilient Federated Learning. In ICDCS.","DOI":"10.1109\/ICDCS51616.2021.00081"},{"key":"e_1_3_2_2_24_1","unstructured":"Han Xiao Kashif Rasul and Roland Vollgraf. 2017. Fashion-MNIST: a Novel Image Dataset for Benchmarking Machine Learning Algorithms."},{"key":"e_1_3_2_2_25_1","unstructured":"Dong Yin Yudong Chen Kannan Ramchandran and Peter Bartlett. 2021. Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates. In ICML."},{"key":"e_1_3_2_2_26_1","volume-title":"USENIX Security Symposium.","author":"Yue Kai","year":"2023","unstructured":"Kai Yue, Richeng Jin, Chau-Wai Wong, Dror Baron, and Huaiyu Dai. 2023. Gradient obfuscation gives a false sense of security in federated learning. In USENIX Security Symposium."},{"key":"e_1_3_2_2_27_1","unstructured":"Chengliang Zhang Suyi Li Junzhe Xia Wei Wang Feng Yan and Yang Liu. 2020. BatchCrypt: Efficient Homomorphic Encryption for Cross-Silo Federated Learning. In USENIX ATC."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"crossref","unstructured":"Richard Zhang Phillip Isola Alexei A Efros Eli Shechtman and Oliver Wang. 2018. The unreasonable effectiveness of deep features as a perceptual metric. In CVPR.","DOI":"10.1109\/CVPR.2018.00068"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3543507.3583542"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"crossref","unstructured":"Ligeng Zhu Zhijian Liu and Song Han. 2019. Deep leakage from gradients. In NeurIPS. io","DOI":"10.1007\/978-3-030-63076-8_2"}],"event":{"name":"WWW '24: The ACM Web Conference 2024","location":"Singapore Singapore","acronym":"WWW '24","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Companion Proceedings of the ACM Web Conference 2024"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589335.3651555","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3589335.3651555","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T00:35:29Z","timestamp":1755822929000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589335.3651555"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,13]]},"references-count":30,"alternative-id":["10.1145\/3589335.3651555","10.1145\/3589335"],"URL":"https:\/\/doi.org\/10.1145\/3589335.3651555","relation":{},"subject":[],"published":{"date-parts":[[2024,5,13]]},"assertion":[{"value":"2024-05-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}