A highly efficient, confidential, and continuous federated learning backdoor attack strategy

Jiarui Cao, Liehuang Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Citations (Scopus)

Abstract

Federated learning is a kind of distributed machine learning. Researchers have conducted extensive research on federated learning's security defences and backdoor attacks. However, most studies are based on the assumption federated learning participant's data obey iid (independently identically distribution). This paper will evaluate the security issues of non-iid federated learning and propose a new attack strategy. Compared with the existing attack strategy, our approach has three innovations. The first one, we conquer foolsgold [1] defences through the attacker's negotiation. In the second one, we propose a modified gradient upload strategy for fedsgd backdoor attack, which significantly improves the backdoor attack's confidentiality on the original basis. Finally, we offer a bit Trojan method to realize continuous on non-iid federated learning. We conduct extensive experiments on different datasets to illustrate our backdoor attack strategy is highly efficient, confidential, and continuous on non-iid federated learning.

Original languageEnglish
Title of host publication2022 14th International Conference on Machine Learning and Computing, ICMLC 2022
PublisherAssociation for Computing Machinery
Pages18-27
Number of pages10
ISBN (Electronic)9781450395700
DOIs
Publication statusPublished - 18 Feb 2022
Event14th International Conference on Machine Learning and Computing, ICMLC 2022 - Virtual, Online, China
Duration: 18 Feb 202221 Feb 2022

Publication series

NameACM International Conference Proceeding Series

Conference

Conference14th International Conference on Machine Learning and Computing, ICMLC 2022
Country/TerritoryChina
CityVirtual, Online
Period18/02/2221/02/22

Keywords

  • Federated learning
  • backdoor attack
  • model replacement

Fingerprint

Dive into the research topics of 'A highly efficient, confidential, and continuous federated learning backdoor attack strategy'. Together they form a unique fingerprint.

Cite this