{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T01:31:31Z","timestamp":1779327091996,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":111,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,8,24]],"date-time":"2024-08-24T00:00:00Z","timestamp":1724457600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,8,25]]},"DOI":"10.1145\/3637528.3671545","type":"proceedings-article","created":{"date-parts":[[2024,8,25]],"date-time":"2024-08-25T04:55:12Z","timestamp":1724561712000},"page":"5070-5081","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":28,"title":["FedSecurity: A Benchmark for Attacks and Defenses in Federated Learning and Federated LLMs"],"prefix":"10.1145","author":[{"given":"Shanshan","family":"Han","sequence":"first","affiliation":[{"name":"University of California, Irvine, Irvine, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baturalp","family":"Buyukates","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zijian","family":"Hu","sequence":"additional","affiliation":[{"name":"TensorOpera Inc., Palo Alto, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Han","family":"Jin","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Weizhao","family":"Jin","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lichao","family":"Sun","sequence":"additional","affiliation":[{"name":"Lehigh University, Bethlehem, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaoyang","family":"Wang","sequence":"additional","affiliation":[{"name":"UIUC, Urbana, IL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenxuan","family":"Wu","sequence":"additional","affiliation":[{"name":"Texas A&amp;M University, College Station, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chulin","family":"Xie","sequence":"additional","affiliation":[{"name":"UIUC, Urbana, IL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuhang","family":"Yao","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Zhang","sequence":"additional","affiliation":[{"name":"Lehigh University, Bethlehem, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qifan","family":"Zhang","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuhui","family":"Zhang","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Carlee","family":"Joe-Wong","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Salman","family":"Avestimehr","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chaoyang","family":"He","sequence":"additional","affiliation":[{"name":"TensorOpera Inc., Palo Alto, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,8,24]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Mart\u00edn Abadi Ashish Agarwal Paul Barham Eugene Brevdo Zhifeng Chen Craig Citro Greg S. Corrado Andy Davis Jeffrey Dean Matthieu Devin Sanjay Ghemawat Ian Goodfellow Andrew Harp Geoffrey Irving Michael Isard Yangqing Jia Rafal Jozefowicz Lukasz Kaiser Manjunath Kudlur Josh Levenberg Dandelion Man\u00e9 Rajat Monga Sherry Moore Derek Murray Chris Olah Mike Schuster Jonathon Shlens Benoit Steiner Ilya Sutskever Kunal Talwar Paul Tucker Vincent Vanhoucke Vijay Vasudevan Fernanda Vi\u00e9gas Oriol Vinyals Pete Warden Martin Wattenberg Martin Wicke Yuan Yu and Xiaoqiang Zheng. 2015. TensorFlow: Large-Scale Machine Learning on Het-erogeneous Systems. https:\/\/www.tensorflow.org\/ Software available from tensorflow.org."},{"key":"e_1_3_2_2_2_1","volume-title":"Introducing PyTorch Lightning 2.0 and Fabric. https:\/\/lightning.ai\/blog\/introducing-lightning-2-0\/","author":"Antiga Luca","year":"2023","unstructured":"Luca Antiga. 2023. Introducing PyTorch Lightning 2.0 and Fabric. https:\/\/lightning.ai\/blog\/introducing-lightning-2-0\/ (2023)."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3501813"},{"key":"e_1_3_2_2_4_1","volume-title":"International Conference on Artificial Intelligence and Statistics. PMLR, 2938--2948","author":"Bagdasaryan Eugene","year":"2020","unstructured":"Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How to backdoor federated learning. In International Conference on Artificial Intelligence and Statistics. PMLR, 2938--2948."},{"key":"e_1_3_2_2_5_1","volume-title":"A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32","author":"Baruch Gilad","year":"2019","unstructured":"Gilad Baruch, Moran Baruch, and Yoav Goldberg. 2019. A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32 (2019)."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-20901-7_2"},{"key":"e_1_3_2_2_7_1","volume-title":"Pedro PB de Gusm\u00e3o, and Nicholas D Lane","author":"Beutel Daniel J","year":"2020","unstructured":"Daniel J Beutel, Taner Topal, Akhil Mathur, Xinchi Qiu, Titouan Parcollet, Pedro PB de Gusm\u00e3o, and Nicholas D Lane. 2020. Flower: A friendly federated learning research framework. arXiv preprint arXiv:2007.14390 (2020)."},{"key":"e_1_3_2_2_8_1","volume-title":"International Conference on Machine Learning. PMLR, 634--643","author":"Bhagoji Arjun Nitin","year":"2019","unstructured":"Arjun Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, and Seraphin Calo. 2019. Analyzing federated learning through an adversarial lens. In International Conference on Machine Learning. PMLR, 634--643."},{"key":"e_1_3_2_2_9_1","volume-title":"Shivanshu Purohit, USVSN Sai Prashanth, Edward Raff, et al.","author":"Biderman Stella","year":"2023","unstructured":"Stella Biderman, Hailey Schoelkopf, Quentin Anthony, Herbie Bradley, Kyle O'Brien, Eric Hallahan, Mohammad Aflah Khan, Shivanshu Purohit, USVSN Sai Prashanth, Edward Raff, et al. 2023. Pythia: A suite for analyzing large language models across training and scaling. arXiv preprint arXiv:2304.01373 (2023)."},{"key":"e_1_3_2_2_10_1","volume-title":"Rachid Guerraoui, and Julien Stainer.","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in neural information processing systems 30 (2017)."},{"key":"e_1_3_2_2_11_1","unstructured":"Tom Brown Benjamin Mann Nick Ryder Melanie Subbiah Jared D Kaplan Prafulla Dhariwal Arvind Neelakantan Pranav Shyam Girish Sastry Amanda Askell et al. 2020. Language models are few-shot learners. Advances in neural information processing systems 33 (2020) 1877--1901."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3383455.3422562"},{"key":"e_1_3_2_2_13_1","volume-title":"Peter Wu, Tian Li, Jakub Kone\u010d\u1ef4, H Brendan McMahan, Virginia Smith, and Ameet Talwalkar.","author":"Caldas Sebastian","year":"2018","unstructured":"Sebastian Caldas, Sai Meher Karthik Duddu, Peter Wu, Tian Li, Jakub Kone\u010d\u1ef4, H Brendan McMahan, Virginia Smith, and Ameet Talwalkar. 2018. Leaf: A benchmark for federated settings. arXiv preprint arXiv:1812.01097 (2018)."},{"key":"e_1_3_2_2_14_1","volume-title":"Federated Large Language Model: A Position Paper. arXiv preprint arXiv:2307.08925","author":"Chen Chaochao","year":"2023","unstructured":"Chaochao Chen, Xiaohua Feng, Jun Zhou, Jianwei Yin, and Xiaolin Zheng. 2023. Federated Large Language Model: A Position Paper. arXiv preprint arXiv:2307.08925 (2023)."},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3297369"},{"key":"e_1_3_2_2_16_1","volume-title":"Federated learning of out-of-vocabulary words. arXiv preprint arXiv:1903.10635","author":"Chen Mingqing","year":"2019","unstructured":"Mingqing Chen, Rajiv Mathews, Tom Ouyang, and Fran\u00e7oise Beaufays. 2019. Federated learning of out-of-vocabulary words. arXiv preprint arXiv:1903.10635 (2019)."},{"key":"e_1_3_2_2_17_1","first-page":"1","article-title":"Distributed statistical machine learning in adversarial settings: Byzantine gradient descent","volume":"1","author":"Chen Y.","year":"2017","unstructured":"Y. Chen, L. Su, and J. Xu. 2017. Distributed statistical machine learning in adversarial settings: Byzantine gradient descent. ACM on Measurement and Analysis of Computing Systems 1, 2 (2017), 1--25.","journal-title":"ACM on Measurement and Analysis of Computing Systems"},{"key":"e_1_3_2_2_18_1","volume-title":"Stroke and Traumatic Brain Injuries: 7th International Workshop, BrainLes 2021, Held in Conjunction with MICCAI 2021, Virtual Event","author":"Chowdhury Alexander","year":"2022","unstructured":"Alexander Chowdhury, Hasan Kassem, Nicolas Padoy, Renato Umeton, and Alexandros Karargyris. 2022. A review of medical federated learning: Applications in oncology and cancer research. In Brainlesion: Glioma, Multiple Sclerosis, Stroke and Traumatic Brain Injuries: 7th International Workshop, BrainLes 2021, Held in Conjunction with MICCAI 2021, Virtual Event, September 27, 2021, Revised Selected Papers, Part I. Springer, 3--24."},{"key":"e_1_3_2_2_19_1","first-page":"1727","article-title":"Revealing and protecting labels in distributed training","volume":"34","author":"Dang Trung","year":"2021","unstructured":"Trung Dang, Om Thakkar, Swaroop Ramaswamy, Rajiv Mathews, Peter Chin, and Fran\u00e7oise Beaufays. 2021. Revealing and protecting labels in distributed training. Advances in Neural Information Processing Systems 34 (2021), 1727--1738.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_20_1","volume-title":"Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805","author":"Devlin Jacob","year":"2018","unstructured":"Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2018. Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018)."},{"key":"e_1_3_2_2_21_1","volume-title":"Daniel Madrigal Diaz, Andre Manoel, and Robert Sim.","author":"Dimitriadis Dimitrios","year":"2022","unstructured":"Dimitrios Dimitriadis, Mirian Hipolito Garcia, Daniel Madrigal Diaz, Andre Manoel, and Robert Sim. 2022. Flute: A scalable, extensible framework for high-performance federated learning simulations. arXiv preprint arXiv:2203.13789 (2022)."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1561\/116.00000063"},{"key":"e_1_3_2_2_23_1","volume-title":"29th USENIX security symposium (USENIX Security 20). 1605--1622.","author":"Fang Minghong","unstructured":"Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Gong. 2020. Local model poisoning attacks to {Byzantine-Robust} federated learning. In 29th USENIX security symposium (USENIX Security 20). 1605--1622."},{"key":"e_1_3_2_2_24_1","unstructured":"FedML Inc. 2023. Releasing FedLLM: Build Your Own Large Language Models on Proprietary Data using the FedML Platform. https:\/\/blog.fedml.ai\/releasing-fedllm-build-your-own-large-language-models-on-proprietary-data-using-the-fedml-platform."},{"key":"e_1_3_2_2_25_1","volume-title":"Robbing the fed: Directly obtaining private data in federated learning with modified models. arXiv preprint arXiv:2110.13057","author":"Fowl Liam","year":"2021","unstructured":"Liam Fowl, Jonas Geiping, Wojtek Czaja, Micah Goldblum, and Tom Goldstein. 2021. Robbing the fed: Directly obtaining private data in federated learning with modified models. arXiv preprint arXiv:2110.13057 (2021)."},{"key":"e_1_3_2_2_26_1","volume-title":"International Conference on Artificial Intelligence and Statistics. PMLR","author":"Fraboni Yann","year":"2021","unstructured":"Yann Fraboni, Richard Vidal, and Marco Lorenzi. 2021. Free-rider attacks on model aggregation in federated learning. In International Conference on Artificial Intelligence and Statistics. PMLR, 1846--1854."},{"key":"e_1_3_2_2_27_1","volume-title":"Attack-resistant federated learning with residual-based reweighting. arXiv preprint arXiv:1912.11464","author":"Fu Shuhao","year":"2019","unstructured":"Shuhao Fu, Chulin Xie, Bo Li, and Qifeng Chen. 2019. Attack-resistant federated learning with residual-based reweighting. arXiv preprint arXiv:1912.11464 (2019)."},{"key":"e_1_3_2_2_28_1","volume-title":"Chris JM Yoon, and Ivan Beschastnikh","author":"Fung Clement","year":"2020","unstructured":"Clement Fung, Chris JM Yoon, and Ivan Beschastnikh. 2020. The Limitations of Federated Learning in Sybil Settings.. In RAID. 301--316."},{"key":"e_1_3_2_2_29_1","unstructured":"Erich Gamma Richard Helm Ralph Johnson Ralph E Johnson and John Vlissides. 1995. Design patterns: elements of reusable object-oriented software. Pearson Deutschland GmbH."},{"key":"e_1_3_2_2_30_1","first-page":"16937","article-title":"Inverting gradients-how easy is it to break privacy in federated learning","volume":"33","author":"Geiping Jonas","year":"2020","unstructured":"Jonas Geiping, Hartmut Bauermeister, Hannah Dr\u00f6ge, and Michael Moeller. 2020. Inverting gradients-how easy is it to break privacy in federated learning? Advances in Neural Information Processing Systems 33 (2020), 16937--16947.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_31_1","unstructured":"Ian J. Goodfellow Jean Pouget-Abadie Mehdi Mirza Bing Xu David Warde-Farley Sherjil Ozair Aaron C. Courville and Yoshua Bengio. 2014. Generative Adversarial Nets. In NIPS."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2909068"},{"key":"e_1_3_2_2_33_1","volume-title":"International Conference on Machine Learning. PMLR, 3521--3530","author":"Guerraoui Rachid","year":"2018","unstructured":"Rachid Guerraoui, S\u00e9bastien Rouault, et al. 2018. The hidden vulnerability of distributed learning in byzantium. In International Conference on Machine Learning. PMLR, 3521--3530."},{"key":"e_1_3_2_2_34_1","unstructured":"Sylvain Gugger. 2021. Introducing Hugging Face Accelerate. https:\/\/huggingface.co\/blog\/accelerate-library."},{"key":"e_1_3_2_2_35_1","volume-title":"Kick Bad Guys Out! Zero-Knowledge-Proof-Based Anomaly Detection in Federated Learning. arXiv preprint arXiv:2310.04055","author":"Han Shanshan","year":"2023","unstructured":"Shanshan Han, Wenxuan Wu, Baturalp Buyukates, Weizhao Jin, Yuhang Yao, Qifan Zhang, Salman Avestimehr, and Chaoyang He. 2023. Kick Bad Guys Out! Zero-Knowledge-Proof-Based Anomaly Detection in Federated Learning. arXiv preprint arXiv:2310.04055 (2023)."},{"key":"e_1_3_2_2_36_1","volume-title":"Federated learning for mobile keyboard prediction. arXiv preprint arXiv:1811.03604","author":"Hard Andrew","year":"2018","unstructured":"Andrew Hard, Kanishka Rao, Rajiv Mathews, Swaroop Ramaswamy, Fran\u00e7oise Beaufays, Sean Augenstein, Hubert Eichner, Chlo\u00e9 Kiddon, and Daniel Ramage. 2018. Federated learning for mobile keyboard prediction. arXiv preprint arXiv:1811.03604 (2018)."},{"key":"e_1_3_2_2_37_1","first-page":"14068","article-title":"Group knowledge transfer: Federated learning of large cnns at the edge","volume":"33","author":"He Chaoyang","year":"2020","unstructured":"Chaoyang He, Murali Annavaram, and Salman Avestimehr. 2020. Group knowledge transfer: Federated learning of large cnns at the edge. Advances in Neural Information Processing Systems 33 (2020), 14068--14080.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_38_1","unstructured":"Chaoyang He Songze Li Jinhyun So Xiao Zeng Mi Zhang Hongyi Wang Xiaoyang Wang Praneeth Vepakomma Abhishek Singh Hang Qiu et al. 2020. FedML: A research library and benchmark for federated machine learning. arXiv preprint arXiv:2007.13518 (2020)."},{"key":"e_1_3_2_2_39_1","volume-title":"Fednas: Federated deep learning via neural architecture search.","author":"He Chaoyang","year":"2021","unstructured":"Chaoyang He, Erum Mushtaq, Jie Ding, and Salman Avestimehr. 2021. Fednas: Federated deep learning via neural architecture search. (2021)."},{"key":"e_1_3_2_2_40_1","volume-title":"Deep Residual Learning for Image Recognition. 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)","author":"He Kaiming","year":"2015","unstructured":"Kaiming He, X. Zhang, Shaoqing Ren, and Jian Sun. 2015. Deep Residual Learning for Image Recognition. 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR) (2015), 770--778."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134012"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM51629.2021.00129"},{"key":"e_1_3_2_2_44_1","volume-title":"Kim-Kwang Raymond Choo, and Gillian Dobbie","author":"Hu Hongsheng","year":"2023","unstructured":"Hongsheng Hu, Xuyun Zhang, Zoran Salcic, Lichao Sun, Kim-Kwang Raymond Choo, and Gillian Dobbie. 2023. Source Inference Attacks: Beyond Membership Inference Attacks in Federated Learning. IEEE Transactions on Dependable and Secure Computing (2023)."},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D19-1259"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2012.108"},{"key":"e_1_3_2_2_47_1","volume-title":"Byzantine-robust learning on heterogeneous datasets via bucketing. arXiv preprint arXiv:2006.09365","author":"Karimireddy Sai Praneeth","year":"2020","unstructured":"Sai Praneeth Karimireddy, Lie He, and Martin Jaggi. 2020. Byzantine-robust learning on heterogeneous datasets via bucketing. arXiv preprint arXiv:2006.09365 (2020)."},{"key":"e_1_3_2_2_48_1","volume-title":"International Conference on Machine Learning. PMLR, 5311--5319","author":"Karimireddy Sai Praneeth","year":"2021","unstructured":"Sai Praneeth Karimireddy, Lie He, and Martin Jaggi. 2021. Learning from history for byzantine robust optimization. In International Conference on Machine Learning. PMLR, 5311--5319."},{"key":"e_1_3_2_2_49_1","unstructured":"Alex Krizhevsky Geoffrey Hinton et al. 2009. Learning multiple layers of features from tiny images. (2009)."},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP43922.2022.9747497"},{"key":"e_1_3_2_2_51_1","volume-title":"BayBFed: Bayesian Backdoor Defense for Federated Learning. arXiv preprint arXiv:2301.09508","author":"Kumari Kavita","year":"2023","unstructured":"Kavita Kumari, Phillip Rieger, Hossein Fereidooni, Murtuza Jadliwala, and Ahmad-Reza Sadeghi. 2023. BayBFed: Bayesian Backdoor Defense for Federated Learning. arXiv preprint arXiv:2301.09508 (2023)."},{"key":"e_1_3_2_2_52_1","volume-title":"International Conference on Machine Learning. PMLR, 11814--11827","author":"Lai Fan","year":"2022","unstructured":"Fan Lai, Yinwei Dai, Sanjay Singapuram, Jiachen Liu, Xiangfeng Zhu, Harsha Madhyastha, and Mosharaf Chowdhury. 2022. FedScale: Benchmarking model and system performance of federated learning at scale. In International Conference on Machine Learning. PMLR, 11814--11827."},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1016\/B978-1-55860-377-6.50048-7"},{"key":"e_1_3_2_2_54_1","volume-title":"Backpropagation applied to handwritten zip code recognition. Neural computation 1, 4","author":"LeCun Yann","year":"1989","unstructured":"Yann LeCun, Bernhard Boser, John S Denker, Donnie Henderson, Richard E Howard, Wayne Hubbard, and Lawrence D Jackel. 1989. Backpropagation applied to handwritten zip code recognition. Neural computation 1, 4 (1989), 541--551."},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/5.726791"},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2019.8683546"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v33i01.33011544"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/IoTDI61053.2024.00018"},{"key":"e_1_3_2_2_59_1","volume-title":"Proceedings of Machine learning and systems 2","author":"Li Tian","year":"2020","unstructured":"Tian Li, Anit Kumar Sahu, Manzil Zaheer, Maziar Sanjabi, Ameet Talwalkar, and Virginia Smith. 2020. Federated optimization in heterogeneous networks. Proceedings of Machine learning and systems 2 (2020), 429--450."},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3135422"},{"key":"e_1_3_2_2_61_1","volume-title":"Free-riders in federated learning: Attacks and defenses. arXiv preprint arXiv:1911.12560","author":"Lin Jierui","year":"2019","unstructured":"Jierui Lin, Min Du, and Jian Liu. 2019. Free-riders in federated learning: Attacks and defenses. arXiv preprint arXiv:1911.12560 (2019)."},{"key":"e_1_3_2_2_62_1","doi-asserted-by":"publisher","DOI":"10.5555\/3546258.3546484"},{"key":"e_1_3_2_2_63_1","unstructured":"Heiko Ludwig Nathalie Baracaldo Gegi Thomas Yi Zhou Ali Anwar Shashank Rajamoni Yuya Ong Jayaram Radhakrishnan Ashish Verma Mathieu Sinn et al. 2020. IBM Federated Learning: An Enterprise Framework White Paper v0.1. arXiv preprint arXiv:2007.10987 (2020)."},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1093\/bib"},{"key":"e_1_3_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE51399.2021.00023"},{"key":"e_1_3_2_2_66_1","volume-title":"Privacy and robustness in federated learning: Attacks and defenses","author":"Lyu Lingjuan","year":"2022","unstructured":"Lingjuan Lyu, Han Yu, Xingjun Ma, Chen Chen, Lichao Sun, Jun Zhao, Qiang Yang, and S Yu Philip. 2022. Privacy and robustness in federated learning: Attacks and defenses. IEEE transactions on neural networks and learning systems (2022)."},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3169918"},{"key":"e_1_3_2_2_68_1","volume-title":"Federated learning: Opportunities and challenges. arXiv preprint arXiv:2101.05428","author":"Mammen Priyanka Mary","year":"2021","unstructured":"Priyanka Mary Mammen. 2021. Federated learning: Opportunities and challenges. arXiv preprint arXiv:2101.05428 (2021)."},{"key":"e_1_3_2_2_69_1","unstructured":"Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise Aguera y Arcas. 2017. Communication-efficient learning of deep net-works from decentralized data. In Artificial intelligence and statistics. PMLR 1273--1282."},{"key":"e_1_3_2_2_70_1","unstructured":"Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR 1273--1282."},{"key":"e_1_3_2_2_71_1","volume-title":"International Conference on Artificial Intelligence and Statistics.","author":"McMahan H. B.","year":"2016","unstructured":"H. B. McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Ag\u00fcera y Arcas. 2016. Communication-Efficient Learning of Deep Networks from Decentralized Data. In International Conference on Artificial Intelligence and Statistics."},{"key":"e_1_3_2_2_72_1","volume-title":"Exploiting Unintended Feature Leakage in Collaborative Learning. 2019 IEEE Symposium on Security and Privacy (SP)","author":"Melis Luca","year":"2018","unstructured":"Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov. 2018. Exploiting Unintended Feature Leakage in Collaborative Learning. 2019 IEEE Symposium on Security and Privacy (SP) (2018), 691--706. https:\/\/api. semanticscholar.org\/CorpusID:53099247"},{"key":"e_1_3_2_2_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00029"},{"key":"e_1_3_2_2_74_1","volume-title":"AIP Conference Proceedings","volume":"2909","author":"Nevrataki Theodora","year":"2023","unstructured":"Theodora Nevrataki, Anastasia Iliadou, George Ntolkeras, Ioannis Sfakianakis, Lazaros Lazaridis, George Maraslidis, Nikolaos Asimopoulos, and George F Fragulis. 2023. A survey on federated learning applications in healthcare, finance, and data privacy\/data security. In AIP Conference Proceedings, Vol. 2909. AIP Publishing."},{"key":"e_1_3_2_2_75_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v35i10.17118"},{"key":"e_1_3_2_2_76_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSP.2022.3153135"},{"key":"e_1_3_2_2_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/SC41405.2020.00024"},{"key":"e_1_3_2_2_78_1","volume-title":"Federated Analytics: Collaborative Data Science Without Data Collection. Google AI Blog (May","author":"Ramage Daniel","year":"2020","unstructured":"Daniel Ramage. 2020. Federated Analytics: Collaborative Data Science Without Data Collection. Google AI Blog (May 2020). https:\/\/ai.googleblog.com\/2020\/ 05\/federated-analytics-collaborative-data.html"},{"key":"e_1_3_2_2_79_1","volume-title":"Federated learning for emoji prediction in a mobile keyboard. arXiv preprint arXiv:1906.04329","author":"Ramaswamy Swaroop","year":"2019","unstructured":"Swaroop Ramaswamy, Rajiv Mathews, Kanishka Rao, and Fran\u00e7oise Beaufays. 2019. Federated learning for emoji prediction in a mobile keyboard. arXiv preprint arXiv:1906.04329 (2019)."},{"key":"e_1_3_2_2_80_1","volume-title":"Fedgan: Federated generative adversarial networks for distributed data. arXiv preprint arXiv:2006.07228","author":"Rasouli Mohammad","year":"2020","unstructured":"Mohammad Rasouli, Tao Sun, and Ram Rajagopal. 2020. Fedgan: Federated generative adversarial networks for distributed data. arXiv preprint arXiv:2006.07228 (2020)."},{"key":"e_1_3_2_2_81_1","volume-title":"Adaptive Federated Optimization. In International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=LkFG3lB13U5","author":"Reddi Sashank J.","year":"2021","unstructured":"Sashank J. Reddi, Zachary Charles, Manzil Zaheer, Zachary Garrett, Keith Rush, Jakub Kone?n\u00fd, Sanjiv Kumar, and Hugh Brendan McMahan. 2021. Adaptive Federated Optimization. In International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=LkFG3lB13U5"},{"key":"e_1_3_2_2_82_1","unstructured":"G Anthony Reina Alexey Gruzdev Patrick Foley Olga Perepelkina Mansi Sharma Igor Davidyuk Ilya Trushkin Maksim Radionov Aleksandr Mokrov Dmitry Agapov et al. 2021. OpenFL: An open-source framework for Federated Learning. arXiv preprint arXiv:2105.06413 (2021)."},{"key":"e_1_3_2_2_83_1","volume-title":"NVIDIA FLARE: Federated Learning from Simulation to Real-World. arXiv preprint arXiv:2210.13291","author":"Roth Holger R","year":"2022","unstructured":"Holger R Roth, Yan Cheng, Yuhong Wen, Isaac Yang, Ziyue Xu, Yuan-Ting Hsieh, Kristopher Kersten, Ahmed Harouni, Can Zhao, Kevin Lu, et al. 2022. NVIDIA FLARE: Federated Learning from Simulation to Real-World. arXiv preprint arXiv:2210.13291 (2022)."},{"key":"e_1_3_2_2_84_1","volume-title":"Learning representations by back-propagating errors. nature 323, 6088","author":"Rumelhart David E","year":"1986","unstructured":"David E Rumelhart, Geoffrey E Hinton, and Ronald J Williams. 1986. Learning representations by back-propagating errors. nature 323, 6088 (1986), 533--536."},{"key":"e_1_3_2_2_85_1","doi-asserted-by":"crossref","unstructured":"Virat Shejwalkar and Amir Houmansadr. 2021. Manipulating the byzantine: Optimizing model poisoning attacks and defenses for federated learning. In NDSS.","DOI":"10.14722\/ndss.2021.24498"},{"key":"e_1_3_2_2_86_1","volume-title":"Proceedings of the 22nd ACM SIGSAC conference on computer and communications security. 1310--1321","author":"Shokri Reza","year":"2015","unstructured":"Reza Shokri and Vitaly Shmatikov. 2015. Privacy-preserving deep learning. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security. 1310--1321."},{"key":"e_1_3_2_2_87_1","volume-title":"Domain Adaptation and Representation Transfer, and Distributed and Collaborative Learning: Second MICCAI Workshop","author":"Silva Santiago","unstructured":"Santiago Silva, Andre Altmann, Boris Gutman, and Marco Lorenzi. 2020. Fed-BioMed: A General Open-Source Frontend Framework for Federated Learning in Healthcare. In Domain Adaptation and Representation Transfer, and Distributed and Collaborative Learning: Second MICCAI Workshop. Springer, 201--210."},{"key":"e_1_3_2_2_88_1","first-page":"12613","article-title":"Fl-wbc: Enhancing robustness against model poisoning attacks in federated learning from a client perspective","volume":"34","author":"Sun Jingwei","year":"2021","unstructured":"Jingwei Sun, Ang Li, Louis DiValentin, Amin Hassanzadeh, Yiran Chen, and Hai Li. 2021. Fl-wbc: Enhancing robustness against model poisoning attacks in federated learning from a client perspective. Advances in Neural Information Processing Systems 34 (2021), 12613--12624.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_89_1","volume-title":"LDP-FL: Practical private aggregation in federated learning with local differential privacy. arXiv preprint arXiv:2007.15789","author":"Sun Lichao","year":"2020","unstructured":"Lichao Sun, Jianwei Qian, and Xun Chen. 2020. LDP-FL: Practical private aggregation in federated learning with local differential privacy. arXiv preprint arXiv:2007.15789 (2020)."},{"key":"e_1_3_2_2_90_1","volume-title":"Ananda Theertha Suresh, and H Brendan McMahan","author":"Sun Ziteng","year":"2019","unstructured":"Ziteng Sun, Peter Kairouz, Ananda Theertha Suresh, and H Brendan McMahan. 2019. Can you really backdoor federated learning? arXiv preprint arXiv:1911.07963 (2019)."},{"key":"e_1_3_2_2_91_1","unstructured":"Theta Network. 2023. Theta Network Website. https:\/\/thetatoken.org\/."},{"key":"e_1_3_2_2_92_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58951-6_24"},{"key":"e_1_3_2_2_93_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.101.2100328"},{"key":"e_1_3_2_2_94_1","volume-title":"Connor Holmes, Samyam Rajbhandari, Olatunji Ruwase, Feng Yan, Lei Yang, and Yuxiong He.","author":"Wang Guanhua","year":"2023","unstructured":"Guanhua Wang, Heyang Qin, Sam Ade Jacobs, Connor Holmes, Samyam Rajbhandari, Olatunji Ruwase, Feng Yan, Lei Yang, and Yuxiong He. 2023. ZeRO: Extremely Efficient Collective Communication for Giant Model Training. arXiv preprint arXiv:2306.10209 (2023)."},{"key":"e_1_3_2_2_95_1","unstructured":"H. Wang K. Sreenivasan S. Rajput H. Vishwakarma S. Agarwal J. Sohn K. Lee and D. Papailiopoulos. 2020. Attack of the tails: Yes you really can backdoor federated learning. In NeurIPS."},{"key":"e_1_3_2_2_96_1","volume-title":"PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. arXiv preprint arXiv:2207.07292","author":"Wang Jianhua","year":"2022","unstructured":"Jianhua Wang. 2022. PASS: Parameters Audit-based Secure and Fair Federated Learning Scheme against Free Rider. arXiv preprint arXiv:2207.07292 (2022)."},{"key":"e_1_3_2_2_97_1","volume-title":"Tackling the Objective Inconsistency Problem in Heterogeneous Federated Optimization. ArXiv abs\/2007.07481","author":"Wang Jianyu","year":"2020","unstructured":"Jianyu Wang, Qinghua Liu, Hao Liang, Gauri Joshi, and H. Vincent Poor. 2020. Tackling the Objective Inconsistency Problem in Heterogeneous Federated Optimization. ArXiv abs\/2007.07481 (2020)."},{"key":"e_1_3_2_2_98_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3196646"},{"key":"e_1_3_2_2_99_1","volume-title":"International Conference on Machine Learning. PMLR, 11372--11382","author":"Xie Chulin","year":"2021","unstructured":"Chulin Xie, Minghao Chen, Pin-Yu Chen, and Bo Li. 2021. CRFL: Certifiably robust federated learning against backdoor attacks. In International Conference on Machine Learning. PMLR, 11372--11382."},{"key":"e_1_3_2_2_100_1","unstructured":"Cong Xie Oluwasanmi Koyejo and Indranil Gupta. 2020. Fall of empires: Breaking byzantine-tolerant sgd by inner product manipulation. In Uncertainty in Artificial Intelligence. PMLR 261--270."},{"key":"e_1_3_2_2_101_1","volume-title":"SLSGD: Secure and Efficient Distributed On-device Machine Learning. In Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer, 213--228","author":"Xie Cong","year":"2020","unstructured":"Cong Xie, Oluwasanmi Koyejo, and Indranil Gupta. 2020. SLSGD: Secure and Efficient Distributed On-device Machine Learning. In Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer, 213--228."},{"key":"e_1_3_2_2_102_1","volume-title":"FederatedScope: A Flexible Federated Learning Platform for Heterogeneity. arXiv preprint arXiv:2204.05011","author":"Xie Yuexiang","year":"2022","unstructured":"Yuexiang Xie, Zhen Wang, Daoyuan Chen, Dawei Gao, Liuyi Yao, Weirui Kuang, Yaliang Li, Bolin Ding, and Jingren Zhou. 2022. FederatedScope: A Flexible Federated Learning Platform for Heterogeneity. arXiv preprint arXiv:2204.05011 (2022)."},{"key":"e_1_3_2_2_103_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41666-020-00082-4"},{"key":"e_1_3_2_2_104_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS54860.2022.00120"},{"key":"e_1_3_2_2_105_1","doi-asserted-by":"crossref","unstructured":"H. Yang X. Zhang M. Fang and J. Liu. Dec 2019. Byzantine-resilient stochastic gradient descent for distributed learning: A Lipschitz-inspired coordinate-wise median approach. In IEEE CDC.","DOI":"10.1109\/CDC40024.2019.9029245"},{"key":"e_1_3_2_2_106_1","volume-title":"International Conference on Machine Learning. PMLR, 5650--5659","author":"Yin Dong","year":"2018","unstructured":"Dong Yin, Yudong Chen, Kannan Ramchandran, and Peter Bartlett. 2018. Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning. PMLR, 5650--5659."},{"key":"e_1_3_2_2_107_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC40277.2020.9148790"},{"key":"e_1_3_2_2_108_1","volume-title":"Efficient federated learning on knowledge graphs via privacy-preserving relation embedding aggregation. arXiv preprint arXiv:2203.09553","author":"Zhang Kai","year":"2022","unstructured":"Kai Zhang, Yu Wang, Hongyi Wang, Lifu Huang, Carl Yang, Xun Chen, and Lichao Sun. 2022. Efficient federated learning on knowledge graphs via privacy-preserving relation embedding aggregation. arXiv preprint arXiv:2203.09553 (2022)."},{"key":"e_1_3_2_2_109_1","volume-title":"International Conference on Machine Learning. PMLR, 26429--26446","author":"Zhang Zhengming","year":"2022","unstructured":"Zhengming Zhang, Ashwinee Panda, Linyue Song, Yaoqing Yang, Michael Mahoney, Prateek Mittal, Ramchandran Kannan, and Joseph Gonzalez. 2022. Neurotoxin: Durable backdoors in federated learning. In International Conference on Machine Learning. PMLR, 26429--26446."},{"key":"e_1_3_2_2_110_1","volume-title":"Deep leakage from gradients. Advances in Neural Information Processing Systems 32","author":"Zhu Ligeng","year":"2019","unstructured":"Ligeng Zhu, Zhijian Liu, and Song Han. 2019. Deep leakage from gradients. Advances in Neural Information Processing Systems 32 (2019)."},{"key":"e_1_3_2_2_111_1","doi-asserted-by":"crossref","unstructured":"Alexander Ziller Andrew Trask Antonio Lopardo Benjamin Szymkow Bobby Wagner Emma Bluemke Jean-Mickael Nounahon Jonathan Passerat-Palmbach Kritika Prakash Nick Rose et al. 2021. PySyft: A library for easy federated learning. Federated Learning Systems: Towards Next-Generation AI (2021) 111--139.","DOI":"10.1007\/978-3-030-70604-3_5"}],"event":{"name":"KDD '24: The 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining","location":"Barcelona Spain","acronym":"KDD '24","sponsor":["SIGMOD ACM Special Interest Group on Management of Data","SIGKDD ACM Special Interest Group on Knowledge Discovery in Data"]},"container-title":["Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637528.3671545","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3637528.3671545","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:04:19Z","timestamp":1750291459000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637528.3671545"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,24]]},"references-count":111,"alternative-id":["10.1145\/3637528.3671545","10.1145\/3637528"],"URL":"https:\/\/doi.org\/10.1145\/3637528.3671545","relation":{},"subject":[],"published":{"date-parts":[[2024,8,24]]},"assertion":[{"value":"2024-08-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}