{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:49:07Z","timestamp":1773841747118,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,8,24]],"date-time":"2024-08-24T00:00:00Z","timestamp":1724457600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/https:\/\/doi.org\/10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2315612, 2315613, 2315614, 2327480, 2348452"],"award-info":[{"award-number":["2315612, 2315613, 2315614, 2327480, 2348452"]}],"id":[{"id":"10.13039\/https:\/\/doi.org\/10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,8,25]]},"DOI":"10.1145\/3637528.3671906","type":"proceedings-article","created":{"date-parts":[[2024,8,25]],"date-time":"2024-08-25T04:54:55Z","timestamp":1724561695000},"page":"3667-3678","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["<scp>FedRoLA:<\/scp>\n            Robust Federated Learning Against Model Poisoning via Layer-based Aggregation"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7734-1589","authenticated-orcid":false,"given":"Gang","family":"Yan","sequence":"first","affiliation":[{"name":"Binghamton University, Binghamton, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1444-2657","authenticated-orcid":false,"given":"Hao","family":"Wang","sequence":"additional","affiliation":[{"name":"Stevens Institute of Technology, Hoboken, NJ, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3775-3033","authenticated-orcid":false,"given":"Xu","family":"Yuan","sequence":"additional","affiliation":[{"name":"University of Delaware, Newark, DE, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3642-3569","authenticated-orcid":false,"given":"Jian","family":"Li","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,8,24]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"Proc. of ASIA CCS.","author":"Qiang Qiu Saurabh Bagchi Joshua Zhao","year":"2023","unstructured":"Joshua Zhao Qiang Qiu Saurabh Bagchi Atul Sharma, Wei Chen and Somali Chaterji. 2023. FLAIR: Defense against Model Poisoning Attack in Federated Learning. In Proc. of ASIA CCS."},{"key":"e_1_3_2_2_2_1","volume-title":"Proc. of AISTATS.","author":"Bagdasaryan Eugene","year":"2020","unstructured":"Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How to backdoor federated learning. In Proc. of AISTATS."},{"key":"e_1_3_2_2_3_1","volume-title":"Proc. of NeurIPS.","author":"Baruch Gilad","year":"2019","unstructured":"Gilad Baruch, Moran Baruch, and Yoav Goldberg. 2019. A little is enough: Circumventing defenses for distributed learning. In Proc. of NeurIPS."},{"key":"e_1_3_2_2_4_1","volume-title":"Proc. of ICML.","author":"Bhagoji Arjun Nitin","year":"2019","unstructured":"Arjun Nitin Bhagoji, Supriyo Chakraborty, Prateek Mittal, and Seraphin Calo. 2019. Analyzing federated learning through an adversarial lens. In Proc. of ICML."},{"key":"e_1_3_2_2_5_1","volume-title":"Proc. of NuerIPS.","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. In Proc. of NuerIPS."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24434"},{"key":"e_1_3_2_2_7_1","volume-title":"MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. arXiv preprint arXiv:2203.08669","author":"Cao Xiaoyu","year":"2022","unstructured":"Xiaoyu Cao and Neil Zhenqiang Gong. 2022. MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients. arXiv preprint arXiv:2203.08669 (2022)."},{"key":"e_1_3_2_2_8_1","volume-title":"Proc. of ICLR.","author":"Zachary Charles Sashank Reddiand","year":"2021","unstructured":"Sashank Reddiand Zachary Charles, Manzil Zaheer, Zachary Garrett, Keith Rush, Jakub Konecny, Sanjiv Kumar, and H Brendan McMahan. 2021. Adaptive federated optimization.. In Proc. of ICLR."},{"key":"e_1_3_2_2_9_1","volume-title":"Proc. of ICLR.","author":"Chen Hong-You","year":"2022","unstructured":"Hong-You Chen and Wei-Lun Chao. 2022. On Bridging Generic and Personalized Federated Learning for Image Classification. In Proc. of ICLR."},{"key":"e_1_3_2_2_10_1","volume-title":"Proc. of ICML. 4587--4604","author":"Dai Rong","year":"2022","unstructured":"Rong Dai, Li Shen, Fengxiang He, Xinmei Tian, and Dacheng Tao. 2022. DisPFL: Towards Communication-Efficient Personalized Federated Learning via Decentralized Sparse Training. In Proc. of ICML. 4587--4604."},{"key":"e_1_3_2_2_11_1","volume-title":"Proc of ICLR Workshop.","author":"Duygu Nur Yaldiz Tuo Zhang","year":"2023","unstructured":"Tuo Zhang Duygu Nur Yaldiz and Salman Avestimehr. 2023. Secure Federated Learning against Model Poisoning Attacks via Client Filtering. In Proc of ICLR Workshop."},{"key":"e_1_3_2_2_12_1","volume-title":"Proc. of ICML.","author":"El Mhamdi Mahdi El","year":"2018","unstructured":"Mahdi El El Mhamdi, Rachid Guerraoui, and S\u00e9bastien Rouault. 2018. The hidden vulnerability of distributed learning in byzantium. In Proc. of ICML."},{"key":"e_1_3_2_2_13_1","volume-title":"Proc. of USENIX Security.","author":"Fang Minghong","year":"2020","unstructured":"Minghong Fang, Xiaoyu Cao, Jinyuan Jia, and Neil Gong. 2020. Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. In Proc. of USENIX Security."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_2_15_1","volume-title":"Urmish Thakker, Shiqiang Wang, Jian Li, and M Hadi Amini.","author":"Imteaj Ahmed","year":"2022","unstructured":"Ahmed Imteaj, Khandaker Mamun Ahmed, Urmish Thakker, Shiqiang Wang, Jian Li, and M Hadi Amini. 2022. Federated learning for resource-constrained IoT devices: panoramas and state of the art. Federated and Transfer Learning (2022), 7--27."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00057"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3542929.3563463"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v30i1.10362"},{"key":"e_1_3_2_2_19_1","unstructured":"Alex Krizhevsky Geoffrey Hinton et al. 2009. Learning Multiple Layers of Features from Tiny Images. (2009)."},{"key":"e_1_3_2_2_20_1","volume-title":"Proc. of NIPS.","author":"Krizhevsky Alex","year":"2012","unstructured":"Alex Krizhevsky, Ilya Sutskever, and Geoffrey E Hinton. 2012. Imagenet Classification with Deep Convolutional Neural Networks. In Proc. of NIPS."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/5.726791"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3447993.3483278"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3495243.3517017"},{"key":"e_1_3_2_2_24_1","volume-title":"Proc. of ICML.","author":"Mahloujifar Saeed","year":"2019","unstructured":"Saeed Mahloujifar, Mohammad Mahmoody, and Ameer Mohammed. 2019. Universal multi-party poisoning attacks. In Proc. of ICML."},{"key":"e_1_3_2_2_25_1","volume-title":"Proc. of AISTATS. 1273--1282","author":"McMahan Brendan","year":"2017","unstructured":"Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Aguera y Arcas. 2017. Communication-Efficient Learning of Deep Networks from Decentralized Data. In Proc. of AISTATS. 1273--1282."},{"key":"e_1_3_2_2_26_1","volume-title":"Proc of ACM AISec. 27--38","author":"Gonz\u00e1lez Luis Mu","year":"2017","unstructured":"Luis Mu noz-Gonz\u00e1lez, Battista Biggio, Ambra Demontis, Andrea Paudice, Vasin Wongrassamee, Emil C Lupu, and Fabio Roli. 2017. Towards poisoning of deep learning algorithms with back-gradient optimization. In Proc of ACM AISec. 27--38."},{"key":"e_1_3_2_2_27_1","volume-title":"Byzantine-robust federated machine learning through adaptive model averaging. arXiv preprint arXiv:1909.05125","author":"Gonz\u00e1lez Luis Mu","year":"2019","unstructured":"Luis Mu noz-Gonz\u00e1lez, Kenneth T Co, and Emil C Lupu. 2019. Byzantine-robust federated machine learning through adaptive model averaging. arXiv preprint arXiv:1909.05125 (2019)."},{"key":"e_1_3_2_2_28_1","volume-title":"Proc. of ICLR.","author":"Oh Jaehoon","year":"2022","unstructured":"Jaehoon Oh, Sangmook Kim, and Se-Young Yun. 2022. Fedbabu: Towards enhanced representation for federated image classification. In Proc. of ICLR."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3458864.3467681"},{"key":"e_1_3_2_2_30_1","volume-title":"Proc. of NIPS.","author":"Paszke Adam","year":"2017","unstructured":"Adam Paszke, Sam Gross, Soumith Chintala, Gregory Chanan, Edward Yang, Zachary DeVito, Zeming Lin, Alban Desmaison, Luca Antiga, and Adam Lerer. 2017. Automatic differentiation in pytorch. In Proc. of NIPS."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24498"},{"key":"e_1_3_2_2_32_1","volume-title":"MPHM: Model poisoning attacks on federal learning using historical information momentum. Security and Safety","author":"Shi Lei","year":"2023","unstructured":"Lei Shi, Zhen Chen, Yucheng Shi, Lin Wei, Yongcai Tao, Mengyang He, Qingxian Wang, Yuan Zhou, and Yufei Gao. 2023. MPHM: Model poisoning attacks on federal learning using historical information momentum. Security and Safety (2023)."},{"key":"e_1_3_2_2_33_1","volume-title":"Proc. of ICLR.","author":"Simonyan Karen","year":"2015","unstructured":"Karen Simonyan and Andrew Zisserman. 2015. Very Deep Convolutional Networks for Large-scale Image Recognition. In Proc. of ICLR."},{"key":"e_1_3_2_2_34_1","volume-title":"Proc. of NeurIPS.","author":"Smith Virginia","year":"2017","unstructured":"Virginia Smith, Chao-Kai Chiang, Maziar Sanjabi, and Ameet Talwalkar. 2017. Federated Multi-Task Learning. In Proc. of NeurIPS."},{"key":"e_1_3_2_2_35_1","volume-title":"Ananda Theertha Suresh, and H Brendan McMahan","author":"Sun Ziteng","year":"2019","unstructured":"Ziteng Sun, Peter Kairouz, Ananda Theertha Suresh, and H Brendan McMahan. 2019. Can you really backdoor federated learning? arXiv preprint arXiv:1911.07963 (2019)."},{"key":"e_1_3_2_2_36_1","volume-title":"The EU General Data Protection Regulation (GDPR)","author":"Voigt Paul","unstructured":"Paul Voigt and Axel von dem Bussche. 2017. The EU General Data Protection Regulation (GDPR) 1st ed.). Springer International Publishing.","edition":"1"},{"key":"e_1_3_2_2_37_1","volume-title":"Proc. of ICLR.","author":"Wang Hongyi","year":"2020","unstructured":"Hongyi Wang, Mikhail Yurochkin, Yuekai Sun, Dimitris Papailiopoulos, and Yasaman Khazaeni. 2020. Federated Learning with Matched Averaging. In Proc. of ICLR."},{"key":"e_1_3_2_2_38_1","volume-title":"Proc. of NeurIPS.","author":"Wang Jianyu","year":"2020","unstructured":"Jianyu Wang, Qinghua Liu, Hao Liang, Gauri Joshi, and H Vincent Poor. 2020. Tackling the Objective Inconsistency Problem in Heterogeneous Federated Optimization. In Proc. of NeurIPS."},{"key":"e_1_3_2_2_39_1","volume-title":"Proc. of ICLR.","author":"Xie Chulin","year":"2020","unstructured":"Chulin Xie, Keli Huang, Pin Yu Chen, and Bo Li. 2020. Dba: Distributed backdoor attacks against federated learning. In Proc. of ICLR."},{"key":"e_1_3_2_2_40_1","volume-title":"Generalized byzantine-tolerant sgd. arXiv preprint arXiv:1802.10116","author":"Xie Cong","year":"2018","unstructured":"Cong Xie, Oluwasanmi Koyejo, and Indranil Gupta. 2018. Generalized byzantine-tolerant sgd. arXiv preprint arXiv:1802.10116 (2018)."},{"key":"e_1_3_2_2_41_1","volume-title":"Proc. of UAI.","author":"Xie Cong","year":"2020","unstructured":"Cong Xie, Oluwasanmi Koyejo, and Indranil Gupta. 2020. Fall of empires: Breaking byzantine-tolerant sgd by inner product manipulation. In Proc. of UAI."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3580305.3599293"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v37i9.26271"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3298981"},{"key":"e_1_3_2_2_45_1","volume-title":"Proc. of ICML.","author":"Yin Dong","year":"2018","unstructured":"Dong Yin, Yudong Chen, Ramchandran Kannan, and Peter Bartlett. 2018. Byzantine-robust distributed learning: Towards optimal statistical rates. In Proc. of ICML."},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3534678.3539231"},{"key":"e_1_3_2_2_47_1","volume-title":"Backdoor Federated Learning by Poisoning Backdoor-Critical Layers. arXiv preprint arXiv:2308.04466","author":"Zhuang Haomin","year":"2023","unstructured":"Haomin Zhuang, Mingxian Yu, Hao Wang, Yang Hua, Jian Li, and Xu Yuan. 2023. Backdoor Federated Learning by Poisoning Backdoor-Critical Layers. arXiv preprint arXiv:2308.04466 (2023)."}],"event":{"name":"KDD '24: The 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining","location":"Barcelona Spain","acronym":"KDD '24","sponsor":["SIGMOD ACM Special Interest Group on Management of Data","SIGKDD ACM Special Interest Group on Knowledge Discovery in Data"]},"container-title":["Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637528.3671906","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3637528.3671906","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:04:15Z","timestamp":1750291455000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637528.3671906"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,24]]},"references-count":47,"alternative-id":["10.1145\/3637528.3671906","10.1145\/3637528"],"URL":"https:\/\/doi.org\/10.1145\/3637528.3671906","relation":{},"subject":[],"published":{"date-parts":[[2024,8,24]]},"assertion":[{"value":"2024-08-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}