Los puntos clave no están disponibles para este artículo en este momento.
As a pioneering distributed learning framework, federated learning (FL) has gained widespread adoption. It operates collaboratively among participants, with communication limited to sharing model parameters between the server and participants. However, FL is also more susceptible to active attacks from malicious insiders. Poisoned updates submitted by attackers can degrade the performance of the global model. Previous research only considered using the naive data of malicious clients for backdoor poisoning, and therefore achieved limited backdoor attack success rates. In this paper, we propose a novel Federated Backdoor Attack based on Privacy Inference (FBA-PI). Combining privacy inference based on generative adversarial networks (GAN), the attacker first infers sensitive information from victim participants and then injects backdoor triggers into the naive and generated data. Finally, malicious clients can embed backdoor semantics into the global model by participating in regular federated aggregation. Extensive experiments on the MNIST dataset verify the effectiveness of our proposed method.
Wu et al. (Tue,) studied this question.
Synapse has enriched 4 closely related papers on similar clinical questions. Consider them for comparative context: