TY - GEN
T1 - A highly efficient, confidential, and continuous federated learning backdoor attack strategy
AU - Cao, Jiarui
AU - Zhu, Liehuang
N1 - Publisher Copyright:
© 2022 ACM.
PY - 2022/2/18
Y1 - 2022/2/18
N2 - Federated learning is a kind of distributed machine learning. Researchers have conducted extensive research on federated learning's security defences and backdoor attacks. However, most studies are based on the assumption federated learning participant's data obey iid (independently identically distribution). This paper will evaluate the security issues of non-iid federated learning and propose a new attack strategy. Compared with the existing attack strategy, our approach has three innovations. The first one, we conquer foolsgold [1] defences through the attacker's negotiation. In the second one, we propose a modified gradient upload strategy for fedsgd backdoor attack, which significantly improves the backdoor attack's confidentiality on the original basis. Finally, we offer a bit Trojan method to realize continuous on non-iid federated learning. We conduct extensive experiments on different datasets to illustrate our backdoor attack strategy is highly efficient, confidential, and continuous on non-iid federated learning.
AB - Federated learning is a kind of distributed machine learning. Researchers have conducted extensive research on federated learning's security defences and backdoor attacks. However, most studies are based on the assumption federated learning participant's data obey iid (independently identically distribution). This paper will evaluate the security issues of non-iid federated learning and propose a new attack strategy. Compared with the existing attack strategy, our approach has three innovations. The first one, we conquer foolsgold [1] defences through the attacker's negotiation. In the second one, we propose a modified gradient upload strategy for fedsgd backdoor attack, which significantly improves the backdoor attack's confidentiality on the original basis. Finally, we offer a bit Trojan method to realize continuous on non-iid federated learning. We conduct extensive experiments on different datasets to illustrate our backdoor attack strategy is highly efficient, confidential, and continuous on non-iid federated learning.
KW - Federated learning
KW - backdoor attack
KW - model replacement
UR - http://www.scopus.com/inward/record.url?scp=85133477610&partnerID=8YFLogxK
U2 - 10.1145/3529836.3529845
DO - 10.1145/3529836.3529845
M3 - Conference contribution
AN - SCOPUS:85133477610
T3 - ACM International Conference Proceeding Series
SP - 18
EP - 27
BT - 2022 14th International Conference on Machine Learning and Computing, ICMLC 2022
PB - Association for Computing Machinery
T2 - 14th International Conference on Machine Learning and Computing, ICMLC 2022
Y2 - 18 February 2022 through 21 February 2022
ER -