{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T05:49:44Z","timestamp":1777873784425,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100006374","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62372362, U22B2019, 62202369"],"award-info":[{"award-number":["62372362, U22B2019, 62202369"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,8,3]]},"DOI":"10.1145\/3711896.3737074","type":"proceedings-article","created":{"date-parts":[[2025,8,1]],"date-time":"2025-08-01T13:30:13Z","timestamp":1754055013000},"page":"1296-1307","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["PARSIFAL: Private and Robust Sign Federated Learning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8069-7861","authenticated-orcid":false,"given":"Runze","family":"Lei","sequence":"first","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1434-837X","authenticated-orcid":false,"given":"Pinghui","family":"Wang","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0935-0715","authenticated-orcid":false,"given":"Juxiang","family":"Zeng","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, Shannxi, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9539-5046","authenticated-orcid":false,"given":"Chenxu","family":"Wang","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7157-9959","authenticated-orcid":false,"given":"Hongbin","family":"Pei","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3476-8248","authenticated-orcid":false,"given":"Junzhou","family":"Zhao","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,8,3]]},"reference":[{"key":"e_1_3_2_2_1_1","first-page":"4618","article-title":"Byzantine Stochastic Gradient Descent","author":"Alistarh Dan","year":"2018","unstructured":"Dan Alistarh, Zeyuan Allen-Zhu, and Jerry Li. 2018. Byzantine Stochastic Gradient Descent. In NeurIPS. 4618-4628.","journal-title":"NeurIPS."},{"key":"e_1_3_2_2_2_1","first-page":"2938","article-title":"How To Backdoor Federated Learning","author":"Bagdasaryan Eugene","year":"2020","unstructured":"Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How To Backdoor Federated Learning. In AISTATS. 2938-2948.","journal-title":"AISTATS."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"crossref","unstructured":"Donald Beaver. 1991. Efficient Multiparty Protocols Using Circuit Randomization. In CRYPTO Joan Feigenbaum(Ed.). 420-432.","DOI":"10.1007\/3-540-46766-1_34"},{"key":"e_1_3_2_2_4_1","first-page":"1253","article-title":"Secure Single-Server Aggregation with (Poly)Logarithmic Overhead","author":"Bell James Henry","year":"2020","unstructured":"James Henry Bell, Kallista A. Bonawitz, Adri\u00e0 Gasc\u00f3n, Tancr\u00e8de Lepoint, and Mariana Raykova. 2020. Secure Single-Server Aggregation with (Poly)Logarithmic Overhead. In CCS. 1253-1269.","journal-title":"CCS."},{"key":"e_1_3_2_2_5_1","first-page":"559","article-title":"SIGNSGD","author":"Bernstein Jeremy","year":"2018","unstructured":"Jeremy Bernstein, Yu-Xiang Wang, Kamyar Azizzadenesheli, and Animashree Anandkumar. 2018. SIGNSGD: Compressed Optimisation for Non-Convex Problems. In ICML. 559-568.","journal-title":"Compressed Optimisation for Non-Convex Problems. In ICML."},{"key":"e_1_3_2_2_6_1","volume-title":"ICLR","author":"Bernstein Jeremy","unstructured":"Jeremy Bernstein, Jiawei Zhao, Kamyar Azizzadenesheli, and Anima Anandkumar. 2019. signSGD with Majority Vote is Communication Efficient and Fault Tolerant. In ICLR,"},{"key":"e_1_3_2_2_7_1","volume-title":"Rachid Guerraoui, and Julien Stainer.","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent. In NIPS. 119-129."},{"key":"e_1_3_2_2_8_1","first-page":"1175","article-title":"Practical Secure Aggregation for Privacy-Preserving Machine Learning","author":"Bonawitz Kallista A.","year":"2017","unstructured":"Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth. 2017. Practical Secure Aggregation for Privacy-Preserving Machine Learning. In CCS. 1175-1191.","journal-title":"CCS."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109048"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24434"},{"key":"e_1_3_2_2_11_1","first-page":"182","article-title":"Improved Primitives for Secure Multiparty Integer Computation","author":"Catrina Octavian","year":"2010","unstructured":"Octavian Catrina and Sebastiaan de Hoogh. 2010. Improved Primitives for Secure Multiparty Integer Computation. In SCN. 182-199.","journal-title":"SCN."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIV.2023.3332675"},{"key":"e_1_3_2_2_13_1","first-page":"1102","article-title":"New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning","author":"Damg\u00e5rd Ivan","year":"2019","unstructured":"Ivan Damg\u00e5rd, Daniel Escudero, Tore Kasper Frederiksen, Marcel Keller, Peter Scholl, and Nikolaj Volgushev. 2019. New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning. In S&P. 1102-1120.","journal-title":"S&P."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3264697"},{"key":"e_1_3_2_2_15_1","first-page":"823","article-title":"Improved Primitives for MPC over Mixed Arithmetic-Binary Circuits","author":"Escudero Daniel","year":"2020","unstructured":"Daniel Escudero, Satrajit Ghosh, Marcel Keller, Rahul Rachuri, and Peter Scholl. 2020. Improved Primitives for MPC over Mixed Arithmetic-Binary Circuits. In CRYPTO. 823-852.","journal-title":"CRYPTO."},{"key":"e_1_3_2_2_16_1","unstructured":"Jonas Geiping Hartmut Bauermeister Hannah Dr\u00f6ge and Michael Moeller. 2020. Inverting Gradients - How easy is it to break privacy in federated learning?. In NeurIPS."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2024.110424"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3126323"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1997.9.8.1735"},{"key":"e_1_3_2_2_20_1","unstructured":"Weihua Hu Matthias Fey Marinka Zitnik Yuxiao Dong Hongyu Ren Bowen Liu Michele Catasta and Jure Leskovec. 2020. Open Graph Benchmark: Datasets for Machine Learning on Graphs. In NeurIPS."},{"key":"e_1_3_2_2_21_1","first-page":"145","article-title":"Extending Oblivious Transfers Efficiently","author":"Ishai Yuval","year":"2003","unstructured":"Yuval Ishai, Joe Kilian, Kobbi Nissim, and Erez Petrank. 2003. Extending Oblivious Transfers Efficiently. In CRYPTO. 145-161.","journal-title":"CRYPTO."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2023.3242702"},{"key":"e_1_3_2_2_23_1","volume-title":"FedML-HE: An Efficient Homomorphic-Encryption-Based Privacy-Preserving Federated Learning System. arXiv Preprint","author":"Jin Weizhao","year":"2023","unstructured":"Weizhao Jin, Yuhang Yao, Shanshan Han, Carlee Joe-Wong, Srivatsan Ravi, Salman Avestimehr, and Chaoyang He. 2023. FedML-HE: An Efficient Homomorphic-Encryption-Based Privacy-Preserving Federated Learning System. arXiv Preprint, Vol. arXiv:2303.10837 (2023)."},{"key":"e_1_3_2_2_24_1","volume-title":"Kipf and Max Welling","author":"Thomas","year":"2017","unstructured":"Thomas N. Kipf and Max Welling. 2017. Semi-Supervised Classification with Graph Convolutional Networks. In ICLR,"},{"key":"e_1_3_2_2_25_1","first-page":"54","article-title":"Improved OT Extension for Transferring Short Secrets","author":"Kolesnikov Vladimir","year":"2013","unstructured":"Vladimir Kolesnikov and Ranjit Kumaresan. 2013. Improved OT Extension for Transferring Short Secrets. In CRYPTO. 54-70.","journal-title":"CRYPTO."},{"key":"e_1_3_2_2_26_1","unstructured":"Alex Krizhevsky. 2009. Learning multiple layers of features from tiny images. Technical Report."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1989.1.4.541"},{"key":"e_1_3_2_2_28_1","volume-title":"MNIST handwritten digit database. ATT Labs [Online]. Available: http:\/\/yann.lecun.com\/exdb\/mnist","author":"LeCun Yann","year":"2010","unstructured":"Yann LeCun, Corinna Cortes, and CJ Burges. 2010. MNIST handwritten digit database. ATT Labs [Online]. Available: http:\/\/yann.lecun.com\/exdb\/mnist, Vol. 2 (2010)."},{"key":"e_1_3_2_2_29_1","first-page":"892","article-title":"Fast Rotation Kernel Density Estimation over Data Streams","author":"Lei Runze","year":"2021","unstructured":"Runze Lei, Pinghui Wang, Rundong Li, Peng Jia, Junzhou Zhao, Xiaohong Guan, and Chao Deng. 2021. Fast Rotation Kernel Density Estimation over Data Streams. In KDD. 892-902.","journal-title":"KDD."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3108434"},{"key":"e_1_3_2_2_31_1","first-page":"453","article-title":"RoFL: Robustness of Secure Federated Learning. In S&P","author":"Lycklama Hidde","year":"2023","unstructured":"Hidde Lycklama, Lukas Burkhalter, Alexander Viand, Nicolas K\u00fcchler, and Anwar Hithnawi. 2023. RoFL: Robustness of Secure Federated Learning. In S&P, IEEE, 453-476.","journal-title":"IEEE"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3169918"},{"key":"e_1_3_2_2_33_1","first-page":"142","article-title":"Learning Word Vectors for Sentiment Analysis","author":"Maas Andrew L.","year":"2011","unstructured":"Andrew L. Maas, Raymond E. Daly, Peter T. Pham, Dan Huang, Andrew Y. Ng, and Christopher Potts. 2011. Learning Word Vectors for Sentiment Analysis. In ACL. 142-150.","journal-title":"ACL."},{"key":"e_1_3_2_2_34_1","first-page":"1273","article-title":"Communication-Efficient Learning of Deep Networks from Decentralized Data","author":"McMahan Brendan","year":"2017","unstructured":"Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Ag\u00fcera y Arcas. 2017. Communication-Efficient Learning of Deep Networks from Decentralized Data. In AISTATS. 1273-1282.","journal-title":"AISTATS."},{"key":"e_1_3_2_2_35_1","first-page":"691","article-title":"Exploiting Unintended Feature Leakage in Collaborative Learning","author":"Melis Luca","year":"2019","unstructured":"Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov. 2019. Exploiting Unintended Feature Leakage in Collaborative Learning. In S&P. 691-706.","journal-title":"S&P."},{"key":"e_1_3_2_2_36_1","first-page":"739","article-title":"Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning","author":"Nasr Milad","year":"2019","unstructured":"Milad Nasr, Reza Shokri, and Amir Houmansadr. 2019. Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning. In S&P. 739-753.","journal-title":"S&P."},{"key":"e_1_3_2_2_37_1","first-page":"1961","article-title":"ELSA","author":"Rathee Mayank","year":"2023","unstructured":"Mayank Rathee, Conghao Shen, Sameer Wagh, and Raluca Ada Popa. 2023. ELSA: Secure Aggregation for Federated Learning with Malicious Actors. In S&P. 1961-1979.","journal-title":"Secure Aggregation for Federated Learning with Malicious Actors. In S&P."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24498"},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2020.3041404"},{"key":"e_1_3_2_2_40_1","unstructured":"Jinhyun So Corey J. Nolet Chien-Sheng Yang Songze Li Qian Yu Ramy E. Ali Basak Guler and Salman Avestimehr. 2022. LightSecAgg: a Lightweight and Versatile Design for Secure Aggregation in Federated Learning. In MLSys."},{"key":"e_1_3_2_2_41_1","first-page":"3329","article-title":"Distributed Mean Estimation with Limited Communication","author":"Suresh Ananda Theertha","year":"2017","unstructured":"Ananda Theertha Suresh, Felix X. Yu, Sanjiv Kumar, and H. Brendan McMahan. 2017. Distributed Mean Estimation with Limited Communication. In ICML. 3329-3337.","journal-title":"ICML."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3375527"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3656165"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3226508"},{"key":"e_1_3_2_2_45_1","volume-title":"Pande","author":"Wu Zhenqin","year":"2017","unstructured":"Zhenqin Wu, Bharath Ramsundar, Evan N. Feinberg, Joseph Gomes, Caleb Geniesse, Aneesh S. Pappu, Karl Leswing, and Vijay S. Pande. 2017. MoleculeNet: A Benchmark for Molecular Machine Learning. arXiv preprint, Vol. arXiv:1703.00564 (2017)."},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2019.2929409"},{"key":"e_1_3_2_2_47_1","first-page":"1364","article-title":"Privacy-Preserving Federated Deep Learning With Irregular Users","volume":"19","author":"Xu Guowen","year":"2022","unstructured":"Guowen Xu, Hongwei Li, Yun Zhang, Shengmin Xu, Jianting Ning, and Robert H. Deng. 2022. Privacy-Preserving Federated Deep Learning With Irregular Users. IEEE Trans. Dependable Secur. Comput., Vol. 19, 2 (2022), 1364-1381.","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"e_1_3_2_2_48_1","first-page":"5636","article-title":"Byzantine-Robust Distributed Learning","author":"Yin Dong","year":"2018","unstructured":"Dong Yin, Yudong Chen, Kannan Ramchandran, and Peter L. Bartlett. 2018. Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates. In ICML. 5636-5645.","journal-title":"Towards Optimal Statistical Rates. In ICML."},{"key":"e_1_3_2_2_49_1","volume-title":"Krzysztof Marcin Choromanski, Daniel N. Holtmann-Rice, and Sanjiv Kumar.","author":"Yu Felix X.","year":"2016","unstructured":"Felix X. Yu, Ananda Theertha Suresh, Krzysztof Marcin Choromanski, Daniel N. Holtmann-Rice, and Sanjiv Kumar. 2016. Orthogonal Random Features. In NIPS."},{"key":"e_1_3_2_2_50_1","first-page":"493","article-title":"BatchCrypt","author":"Zhang Chengliang","year":"2020","unstructured":"Chengliang Zhang, Suyi Li, Junzhe Xia, Wei Wang, Feng Yan, and Yang Liu. 2020. BatchCrypt: Efficient Homomorphic Encryption for Cross-Silo Federated Learning. In ATC. 493-506.","journal-title":"Efficient Homomorphic Encryption for Cross-Silo Federated Learning. In ATC."},{"key":"e_1_3_2_2_51_1","first-page":"2545","article-title":"FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients","author":"Zhang Zaixi","year":"2022","unstructured":"Zaixi Zhang, Xiaoyu Cao, Jinyuan Jia, and Neil Zhenqiang Gong. 2022. FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients. In KDD. 2545-2555.","journal-title":"KDD."},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3280032"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v36i8.20903"},{"key":"e_1_3_2_2_54_1","first-page":"14747","article-title":"Deep Leakage from Gradients","author":"Zhu Ligeng","year":"2019","unstructured":"Ligeng Zhu, Zhijian Liu, and Song Han. 2019. Deep Leakage from Gradients. In NeurIPS. 14747-14756.","journal-title":"NeurIPS."}],"event":{"name":"KDD '25: The 31st ACM SIGKDD Conference on Knowledge Discovery and Data Mining","location":"Toronto ON Canada","acronym":"KDD '25","sponsor":["SIGKDD ACM Special Interest Group on Knowledge Discovery in Data","SIGMOD ACM Special Interest Group on Management of Data"]},"container-title":["Proceedings of the 31st ACM SIGKDD Conference on Knowledge Discovery and Data Mining V.2"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3711896.3737074","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T18:21:30Z","timestamp":1777573290000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3711896.3737074"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,3]]},"references-count":54,"alternative-id":["10.1145\/3711896.3737074","10.1145\/3711896"],"URL":"https:\/\/doi.org\/10.1145\/3711896.3737074","relation":{},"subject":[],"published":{"date-parts":[[2025,8,3]]},"assertion":[{"value":"2025-08-03","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}