Sébastien Andreina scite author profile

Recent studies have shown that federated learning (FL) is vulnerable to poisoning attacks which aim at injecting a backdoor into the global model. These attacks are effective, even when performed by a single client, and undetectable by most existing defensive techniques. In this paper, we propose a novel defense, dubbed BAFFLE-Backdoor detection via Feedback-based Federated Learning-to secure FL against backdoor attacks. The core idea behind BAFFLE is to leverage data of multiple clients not only for training but also for uncovering model poisoning. Namely, we exploit the availability of multiple, rich datasets at the various clients by incorporating a feedback loop into the FL process to integrate the views of those clients when deciding whether a given model update is genuine or not. We show that this powerful construct can achieve very high detection rates against state-of-the-art backdoor attacks, even when relying on straightforward methods to validate the model. Namely, we show by means of evaluation using the CIFAR-10 and FEMNIST datasets that, by combining the feedback loop with a method that suspects poisoning attempts by assessing the per-class classification performance of the updated model, BAFFLE reliably detects state-of-the-art semanticbackdoor attacks with a detection accuracy of 100% and a false-positive rate below 5%. Moreover, we show that our solution can detect an adaptive attack which is tuned to bypass the defense.

show abstract

BaFFLe: Backdoor detection via Feedback-based Federated Learning

Andreina¹,

Marson²,

Möllering³

et al. 2020

Preprint

View full text Add to dashboard Cite

PoTS: A Secure Proof of TEE-Stake for Permissionless Blockchains

Andreina¹,

Bohli

Karame³

et al. 2022

IEEE Trans. Serv. Comput.

View full text Add to dashboard Cite

Tutorial: Analyzing, Exploiting, and Patching Smart Contracts in Ethereum

Jens-Rene

Andreina

Rodler

et al. 2022

View full text Add to dashboard Cite

Practical Mitigation of Smart Contract Bugs

Jens-Rene¹,

Andreina²,

Rodler³

et al. 2022

Preprint

View full text Add to dashboard Cite

DLT-based End-to-end Inter-domain Transport Network Slice with SLA Management Using Cloud-based SDN Controllers: Demo Session

Gifre

Vilalta

Andreina

et al. 2022

View full text Add to dashboard Cite

Estimating Patch Propagation Times across (Blockchain) Forks

Andreina¹,

Alluminio²,

Marson³

et al. 2022

Preprint

View full text Add to dashboard Cite

The wide success of Bitcoin has led to a huge surge of alternative cryptocurrencies (altcoins). Most altcoins essentially fork Bitcoin's code with minor modifications, such as the number of coins to be minted, the block size, and the block generation time. As such, they are often deemed identical to Bitcoin in terms of security, robustness, and maturity.In this paper, we show that this common conception is misleading. By mining data retrieved from the GitHub repositories of various altcoin projects, we estimate the time it took to propagate relevant patches from Bitcoin to the altcoins. We find that, while the Bitcoin development community is quite active in fixing security flaws of Bitcoin's code base, forked cryptocurrencies are not as rigorous in patching the same vulnerabilities (inherited from Bitcoin). In some cases, we observe that even critical vulnerabilities, discovered and fixed within the Bitcoin community, have been addressed by the altcoins tens of months after disclosure. Besides raising awareness of this problem, our work aims to motivate the need for a proper responsible disclosure of vulnerabilities to all forked chains prior to reporting them publicly.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.