On the Security &amp; Privacy in Federated Learning

Abad, Gorka; Picek, Stjepan; Ramírez-Durán, Víctor Julio; Urbieta, Aitor

doi:10.48550/arxiv.2112.05423

Cited by 7 publications

(12 citation statements)

References 115 publications

(167 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Integrity of training data is compromised by adversaries in data poisoning attacks and thus it reduces the overall accuracy of the model. Data poisoning attacks may happen in any one of these forms: clean-label or dirty-label [91], [92]. In cleanlabel attack, the adversary cannot change the labels of data in a dataset, but he places the poisoned data instance online and waits for the genuine client to label it and include it into their dataset.…”

Section: A Attacks Focused On Datamentioning

confidence: 99%

“…In cleanlabel attack, the adversary cannot change the labels of data in a dataset, but he places the poisoned data instance online and waits for the genuine client to label it and include it into their dataset. This type of attack happens when the data is collected from the untrusted sources and are therefore very difficult to identify as the poisoned instance is labelled correctly [91]. However, in dirty-label attack, the adversary changes the label of genuine instances of the dataset into the targeted ones.…”

Section: A Attacks Focused On Datamentioning

confidence: 99%

“…When the adversaries manipulate the local model parameters, the attack is known as gradient manipulation. Whereas, when the training rules are manipulated by the adversaries, the attack is known as training rule manipulation attack [22], [91]. Backdoor attacks are performed by adding the stealth backdoors to the global model such that the overall accuracy of the model is retained [93].…”

Section: A Attacks Focused On Datamentioning

confidence: 99%

See 2 more Smart Citations

Federated Learning Based Privacy Ensured Sensor Communication in IoT Networks: A Taxonomy, Threats and Attacks

et al. 2023

View full text Add to dashboard Cite

Our daily lives are significantly impacted by intelligent Internet of Things (IoT) application, services, IoT gadgets, and more intelligent industries. Artificial Intelligence (AI) is anticipated to have a substantial impact on training machine learning algorithms on IoT devices without sharing data. As data privacy has become a serious societal concern, Federated Learning (FL) has emerged as a hot research area for enabling the collaborative training of machine learning models across many smart IoT devices while adhering to privacy constraints. Although, FL is utilized for preserving privacy in IoT networks, but it is also facing some challenges such as privacy, effectiveness, and efficiency. In this article, a taxonomy of FL-based IoT systems is proposed and an analysis of related works on FL-based IoT systems is presented. Further, a comprehensive study of various types of threats, attacks, and frameworks is done. In addition to this, a taxonomy on privacy-preserving FL techniques for IoT networks is also devised. Finally, the study is concluded by highlighting the various open research challenges in FL-based IoT networks.

show abstract

Section: A Attacks Focused On Datamentioning

confidence: 99%

Section: A Attacks Focused On Datamentioning

confidence: 99%

Section: A Attacks Focused On Datamentioning

confidence: 99%

See 1 more Smart Citation

Federated Learning Based Privacy Ensured Sensor Communication in IoT Networks: A Taxonomy, Threats and Attacks

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Integrity attack: It mainly refers to interfering with the prediction results of the model, making the output results of the model fail to meet the expected performance. 16 Attackers usually use targeted attack methods, such as backdoor attack and clean label attack.…”

Section: Attack Targetmentioning

confidence: 99%

Security of federated learning for cloud‐edge intelligence collaborative computing

Yang

Zheng

Zhang

et al. 2022

Int J of Intelligent Sys

View full text Add to dashboard Cite

Federated Learning (FL) is one of the key technologies to solve privacy protection for cloud-edge intelligent collaborative computing, and its security and privacy issues have attracted extensive attention from academia and industry. FL is a distributed privacy protection framework. Multiple edged nodes or servers jointly train a machine learning model by sharing model parameters without exchanging local data. However, there are still many security risks and privacy threats in FL in edge-cloud collaborative computing. In this paper, we mainly discuss the security and privacy challenges on FL in collaborative computing at the edge. First, we introduce the principle, classification, and threat model of FL in edge-cloud collaboration, which helps understand the challenges faced by edgecloud collaborative computing. Second, privacy leakage attacks and poisoning attacks launched by adversaries or honest but curious actors are summarized and compared. Then, the problems existing on the attack method are summarized and analyzed. Finally, the future development direction of FL in the field of edgecloud collaborative computing is further discussed.

show abstract

“…Regarding SNNs, recent investigations have concluded that SNNs are also vulnerable to some of these attacks, i.e., adversarial examples [28,33,9] and backdoor attacks [2,1]. In the context of FL, security and privacy evaluations have also been in the scope of security experts [3,25], concluding that FL is vulnerable to privacy attacks, such as membership inference, and security attacks, such as backdoor attacks.…”

Section: Introductionmentioning

confidence: 99%

Sniper Backdoor: Single Client Targeted Backdoor Attack in Federated Learning

Abad

Paguada

Ersoy

et al. 2023

2023 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML)

Self Cite

View full text Add to dashboard Cite

This paper investigates the vulnerability of spiking neural networks (SNNs) and federated learning (FL) to backdoor attacks using neuromorphic data. Despite the efficiency of SNNs and the privacy advantages of FL, particularly in low-powered devices, we demonstrate that these systems are susceptible to such attacks. We first assess the viability of using FL with SNNs using neuromorphic data, showing its potential usage. Then, we evaluate the transferability of known FL attack methods to SNNs, finding that these lead to suboptimal attack performance. Therefore, we explore backdoor attacks involving single and multiple attackers to improve the attack performance. Our primary contribution is developing a novel attack strategy tailored to SNNs and FL, which distributes the backdoor trigger temporally and across malicious devices, enhancing the attack's effectiveness and stealthiness. In the best case, we achieve a 100% attack success rate, 0.13 MSE, and 98.9 SSIM. Moreover, we adapt and evaluate an existing defense against backdoor attacks, revealing its inadequacy in protecting SNNs. This study underscores the need for robust security measures in deploying SNNs and FL, particularly in the context of backdoor attacks.

show abstract

On the Security & Privacy in Federated Learning

Cited by 7 publications

References 115 publications

Federated Learning Based Privacy Ensured Sensor Communication in IoT Networks: A Taxonomy, Threats and Attacks

Federated Learning Based Privacy Ensured Sensor Communication in IoT Networks: A Taxonomy, Threats and Attacks

Security of federated learning for cloud‐edge intelligence collaborative computing

Sniper Backdoor: Single Client Targeted Backdoor Attack in Federated Learning

Contact Info

Product

Resources

About