{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T06:59:09Z","timestamp":1762325949834,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3637682","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"1287-1298","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Mitigating Distributed Backdoor Attack in Federated Learning Through Mode Connectivity"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9759-4305","authenticated-orcid":false,"given":"Kane","family":"Walter","sequence":"first","affiliation":[{"name":"UNSW, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0619-6361","authenticated-orcid":false,"given":"Meisam","family":"Mohammady","sequence":"additional","affiliation":[{"name":"Iowa State University of Science and Technology, Iowa, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3289-6599","authenticated-orcid":false,"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1835-3475","authenticated-orcid":false,"given":"Salil S.","family":"Kanhere","sequence":"additional","affiliation":[{"name":"UNSW, Sydney, Australia"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. Machine Learning Ledger Orchestration For Drug Discovery (MEL-LODDY). [Online]. Available: https:\/\/www.melloddy.eu\/."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. Utilization of FATE in Risk Management of Credit in Small and Micro Enterprises. [Online]. Available: ttps:\/\/www.fedai.org\/cases\/utilization-of-fate-in-risk-management-of-credit-in-small-and-micro-enterprises\/."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS51616.2021.00086"},{"key":"e_1_3_2_1_4_1","volume-title":"NIPS","author":"Auer Peter","year":"1995","unstructured":"Peter Auer, Mark Herbster, and Manfred K. Warmuth. 1995. Exponentially many local minima for single neurons. In Advances in Neural Information Processing Systems 8, NIPS, Denver, CO, USA, November 27-30, 1995, David S. Touretzky, Michael Mozer, and Michael E. Hasselmo (Eds.). MIT Press, 316--322."},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the Twenty Third International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research","volume":"2948","author":"Bagdasaryan Eugene","year":"2020","unstructured":"Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How To Backdoor Federated Learning. In Proceedings of the Twenty Third International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research, Vol. 108), Silvia Chiappa and Roberto Calandra (Eds.). PMLR, 2938--2948."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9--15","volume":"643","author":"Bhagoji Arjun Nitin","year":"2019","unstructured":"Arjun Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, and Seraphin B. Calo. 2019. Analyzing Federated Learning through an Adversarial Lens. In Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9--15 June 2019, Long Beach, California, USA (Proceedings of Machine Learning Research, Vol. 97), Kamalika Chaudhuri and Ruslan Salakhutdinov (Eds.). PMLR, 634--643."},{"volume-title":"Pattern Recognition and Machine Learning (Information Science and Statistics)","author":"Bishop Christopher M.","key":"e_1_3_2_1_7_1","unstructured":"Christopher M. Bishop. 2006. Pattern Recognition and Machine Learning (Information Science and Statistics). Springer-Verlag, Berlin, Heidelberg."},{"key":"e_1_3_2_1_8_1","volume-title":"Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent. In Advances in Neural Information Processing Systems 30: Annual Conference on Neural Information Processing Systems 2017","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent. In Advances in Neural Information Processing Systems 30: Annual Conference on Neural Information Processing Systems 2017, December 4--9, 2017, Long Beach, CA, USA, Isabelle Guyon, Ulrike von Luxburg, Samy Bengio, Hanna M. Wallach, Rob Fergus, S. V. N. Vishwanathan, and Roman Garnett (Eds.). 119--129."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijmedinf.2018.01.007"},{"key":"e_1_3_2_1_10_1","volume-title":"17th Pacific-Asia Conference, PAKDD 2013, Gold Coast, Australia, April 14-17, 2013, Proceedings, Part II (Lecture Notes in Computer Science","volume":"172","author":"Campello Ricardo J. G. B.","year":"2013","unstructured":"Ricardo J. G. B. Campello, Davoud Moulavi, and J\u00f6rg Sander. 2013. Density-Based Clustering Based on Hierarchical Density Estimates. In Advances in Knowledge Discovery and Data Mining, 17th Pacific-Asia Conference, PAKDD 2013, Gold Coast, Australia, April 14-17, 2013, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 7819), Jian Pei, Vincent S. Tseng, Longbing Cao, Hiroshi Motoda, and Guandong Xu (Eds.). Springer, 160--172."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24434"},{"key":"e_1_3_2_1_12_1","volume-title":"Federated Learning Of Out-Of-Vocabulary Words. CoRR abs\/1903.10635","author":"Chen Mingqing","year":"2019","unstructured":"Mingqing Chen, Rajiv Mathews, Tom Ouyang, and Fran\u00e7oise Beaufays. 2019. Federated Learning Of Out-Of-Vocabulary Words. CoRR abs\/1903.10635 (2019). arXiv:1903.10635 http:\/\/arxiv.org\/abs\/1903.10635"},{"key":"e_1_3_2_1_13_1","volume-title":"Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning. CoRR abs\/1712.05526","author":"Chen Xinyun","year":"2017","unstructured":"Xinyun Chen, Chang Liu, Bo Li, Kimberly Lu, and Dawn Song. 2017. Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning. CoRR abs\/1712.05526 (2017). arXiv:1712.05526 http:\/\/arxiv.org\/abs\/1712.05526"},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the Eighteenth International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research","author":"Choromanska Anna","year":"2015","unstructured":"Anna Choromanska, MIkael Henaff, Michael Mathieu, Gerard Ben Arous, and Yann LeCun. 2015. The Loss Surfaces of Multilayer Networks. In Proceedings of the Eighteenth International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research, Vol. 38), Guy Lebanon and S. V. N. Vishwanathan (Eds.). PMLR, San Diego, California, USA, 192--204."},{"key":"e_1_3_2_1_15_1","volume-title":"Ranasinghe","author":"Doan Bao Gia","year":"2020","unstructured":"Bao Gia Doan, Ehsan Abbasnejad, and Damith C. Ranasinghe. 2020. Februus: Input Purification Defense Against Trojan Attacks on Deep Neural Network Systems. Association for Computing Machinery, New York, NY, USA, 897--912."},{"key":"e_1_3_2_1_16_1","volume-title":"The Limitations of Federated Learning in Sybil Settings. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2020","author":"Fung Clement","year":"2020","unstructured":"Clement Fung, Chris J. M. Yoon, and Ivan Beschastnikh. 2020. The Limitations of Federated Learning in Sybil Settings. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2020, San Sebastian, Spain, October 14-15, 2020, Manuel Egele and Leyla Bilge (Eds.). USENIX Association, 301--316."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359790"},{"key":"e_1_3_2_1_18_1","volume-title":"Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018","author":"Garipov Timur","year":"2018","unstructured":"Timur Garipov, Pavel Izmailov, Dmitrii Podoprikhin, Dmitry P. Vetrov, and Andrew Gordon Wilson. 2018. Loss Surfaces, Mode Connectivity, and Fast Ensembling of DNNs. In Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018, NeurIPS 2018, December 3--8, 2018, Montr\u00e9al, Canada, Samy Bengio, Hanna M. Wallach, Hugo Larochelle, Kristen Grauman, Nicol\u00f2 Cesa-Bianchi, and Roman Garnett (Eds.). 8803--8812."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2909068"},{"key":"e_1_3_2_1_20_1","unstructured":"Andrew Hard Chlo\u00e9 M Kiddon Daniel Ramage Francoise Beaufays Hubert Eichner Kanishka Rao Rajiv Mathews and Sean Augenstein. 2018. Federated Learning for Mobile Keyboard Prediction. https:\/\/arxiv.org\/abs\/1811.03604"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics. Association for Computational Linguistics, 2793--2806","author":"Kurita Keita","year":"2020","unstructured":"Keita Kurita, Paul Michel, and Graham Neubig. 2020. Weight Poisoning Attacks on Pretrained Models. In Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics. Association for Computational Linguistics, 2793--2806."},{"key":"e_1_3_2_1_22_1","volume-title":"Trojaning Attack on Neural Networks. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018","author":"Liu Yingqi","year":"2018","unstructured":"Yingqi Liu, Shiqing Ma, Yousra Aafer, Wen-Chuan Lee, Juan Zhai, Weihang Wang, and Xiangyu Zhang. 2018. Trojaning Attack on Neural Networks. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Society."},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 20th International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research","volume":"1282","author":"McMahan Brendan","year":"2017","unstructured":"Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Aguera y Arcas. 2017. Communication-Efficient Learning of Deep Networks from Decentralized Data. In Proceedings of the 20th International Conference on Artificial Intelligence and Statistics (Proceedings of Machine Learning Research, Vol. 54), Aarti Singh and Jerry Zhu (Eds.). PMLR, Fort Lauderdale, FL, USA, 1273--1282."},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan","author":"El Mhamdi El Mahdi","year":"2018","unstructured":"El Mahdi El Mhamdi, Rachid Guerraoui, and S\u00e9bastien Rouault. 2018. The Hidden Vulnerability of Distributed Learning in Byzantium. In Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan, Stockholm, Sweden, July 10-15, 2018 (Proceedings of Machine Learning Research, Vol. 80), Jennifer G. Dy and Andreas Krause (Eds.). PMLR, 3518--3527."},{"key":"e_1_3_2_1_25_1","volume-title":"FLAME: Taming Backdoors in Federated Learning. In 31st USENIX Security Symposium, USENIX Security 2022","author":"Nguyen Thien Duc","year":"2022","unstructured":"Thien Duc Nguyen, Phillip Rieger, Huili Chen, Hossein Yalame, Helen M\u00f6llering, Hossein Fereidooni, Samuel Marchal, Markus Miettinen, Azalia Mirhoseini, Shaza Zeitouni, Farinaz Koushanfar, Ahmad-Reza Sadeghi, and Thomas Schneider. 2022. FLAME: Taming Backdoors in Federated Learning. In 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022, Kevin R. B. Butler and Kurt Thomas (Eds.). USENIX Association, 1415--1432."},{"key":"e_1_3_2_1_26_1","volume-title":"Garnett (Eds.)","volume":"32","author":"Paszke Adam","year":"2019","unstructured":"Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, Alban Desmaison, Andreas Kopf, Edward Yang, Zachary DeVito, Martin Raison, Alykhan Tejani, Sasank Chilamkurthy, Benoit Steiner, Lu Fang, Junjie Bai, and Soumith Chintala. 2019. PyTorch: An Imperative Style, High-Performance Deep Learning Library. In Advances in Neural Information Processing Systems, H. Wallach, H. Larochelle, A. Beygelzimer, F. d'Alch\u00e9-Buc, E. Fox, and R. Garnett (Eds.), Vol. 32. Curran Associates, Inc. https:\/\/proceedings.neurips.cc\/paper_files\/paper\/2019\/file\/bdbca288fee7f92f2bfa9f7012727740-Paper.pdf"},{"key":"e_1_3_2_1_27_1","volume-title":"Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019","author":"Qiao Ximing","year":"2019","unstructured":"Ximing Qiao, Yukun Yang, and Hai Li. 2019. Defending Neural Backdoors via Generative Distribution Modeling. In Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, NeurIPS 2019, December 8--14, 2019, Vancouver, BC, Canada, Hanna M. Wallach, Hugo Larochelle, Alina Beygelzimer, Florence d'Alch\u00e9-Buc, Emily B. Fox, and Roman Garnett (Eds.). 14004--14013."},{"key":"e_1_3_2_1_28_1","volume-title":"DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. In 29th Annual Network and Distributed System Security Symposium, NDSS 2022","author":"Rieger Phillip","year":"2022","unstructured":"Phillip Rieger, Thien Duc Nguyen, Markus Miettinen, and Ahmad-Reza Sadeghi. 2022. DeepSight: Mitigating Backdoor Attacks in Federated Learning Through Deep Model Inspection. In 29th Annual Network and Distributed System Security Symposium, NDSS 2022, San Diego, California, USA, April 24-28, 2022."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991125"},{"key":"e_1_3_2_1_30_1","volume-title":"Ananda Theertha Suresh, and H. Brendan McMahan","author":"Sun Ziteng","year":"2019","unstructured":"Ziteng Sun, Peter Kairouz, Ananda Theertha Suresh, and H. Brendan McMahan. 2019. Can You Really Backdoor Federated Learning? CoRR abs\/1911.07963 (2019). arXiv:1911.07963 http:\/\/arxiv.org\/abs\/1911.07963"},{"key":"e_1_3_2_1_31_1","volume-title":"You Really Can Backdoor Federated Learning. In Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020","author":"Wang Hongyi","year":"2020","unstructured":"Hongyi Wang, Kartik Sreenivasan, Shashank Rajput, Harit Vishwakarma, Saurabh Agarwal, Jy-yong Sohn, Kangwook Lee, and Dimitris S. Papailiopoulos. 2020. Attack of the Tails: Yes, You Really Can Backdoor Federated Learning. In Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, NeurIPS 2020, December 6--12, 2020, virtual, Hugo Larochelle, Marc'Aurelio Ranzato, Raia Hadsell, Maria-Florina Balcan, and Hsuan-Tien Lin (Eds.)."},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 38th International Conference on Machine Learning, ICML 2021","volume":"11382","author":"Xie Chulin","year":"2021","unstructured":"Chulin Xie, Minghao Chen, Pin-Yu Chen, and Bo Li. 2021. CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. In Proceedings of the 38th International Conference on Machine Learning, ICML 2021, 18-24 July 2021, Virtual Event (Proceedings of Machine Learning Research, Vol. 139), Marina Meila and Tong Zhang (Eds.). PMLR, 11372--11382."},{"key":"e_1_3_2_1_33_1","volume-title":"8th International Conference on Learning Representations, ICLR 2020","author":"Xie Chulin","year":"2020","unstructured":"Chulin Xie, Keli Huang, Pin-Yu Chen, and Bo Li. 2020. DBA: Distributed Backdoor Attacks against Federated Learning. In 8th International Conference on Learning Representations, ICLR 2020, Addis Ababa, Ethiopia, April 26-30, 2020."},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9--15","volume":"6901","author":"Xie Cong","year":"2019","unstructured":"Cong Xie, Sanmi Koyejo, and Indranil Gupta. 2019. Zeno: Distributed Stochastic Gradient Descent with Suspicion-based Fault-tolerance. In Proceedings of the 36th International Conference on Machine Learning, ICML 2019, 9--15 June 2019, Long Beach, California, USA (Proceedings of Machine Learning Research, Vol. 97), Kamalika Chaudhuri and Ruslan Salakhutdinov (Eds.). PMLR, 6893--6901."},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the 37th International Conference on Machine Learning (Proceedings of Machine Learning Research","author":"Xie Cong","year":"2020","unstructured":"Cong Xie, Sanmi Koyejo, and Indranil Gupta. 2020. Zeno++: Robust Fully Asynchronous SGD. In Proceedings of the 37th International Conference on Machine Learning (Proceedings of Machine Learning Research, Vol. 119), Hal Daum\u00e9 III and Aarti Singh (Eds.). PMLR, 10495--10503."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41666-020-00082-4"},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan","author":"Yin Dong","year":"2018","unstructured":"Dong Yin, Yudong Chen, Kannan Ramchandran, and Peter L. Bartlett. 2018. Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates. In Proceedings of the 35th International Conference on Machine Learning, ICML 2018, Stockholmsm\u00e4ssan, Stockholm, Sweden, July 10-15, 2018 (Proceedings of Machine Learning Research, Vol. 80), Jennifer G. Dy and Andreas Krause (Eds.). PMLR, 5636--5645."},{"key":"e_1_3_2_1_38_1","volume-title":"Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness. In 8th International Conference on Learning Representations, ICLR","author":"Zhao Pu","year":"2020","unstructured":"Pu Zhao, Pin-Yu Chen, Payel Das, Karthikeyan Natesan Ramamurthy, and Xue Lin. 2020. Bridging Mode Connectivity in Loss Landscapes and Adversarial Robustness. In 8th International Conference on Learning Representations, ICLR 2020, Addis Ababa, Ethiopia, April 26-30."}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Singapore Singapore","acronym":"ASIA CCS '24"},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637682","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:06Z","timestamp":1750290246000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637682"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":38,"alternative-id":["10.1145\/3634737.3637682","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3637682","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}