C Fung, CJM Yoon, I Beschastnikh - arXiv preprint arXiv:1808.04866, 2018 - arxiv.org
… vulnerability of federatedlearning to sybil-based poisoning attacks… to this problem that identifies poisoning sybils based on the … , targeted poisoning attacks are performed by adversaries …
… We design attacks on federatedlearning that ensure targeted poisoning of the global model while ensuring convergence. Our threat model considers adversaries controlling a small …
… , variations of poisoning, and adversary capabilities. We … threat models of poisoning attacks on federatedlearning (FL), … of untargeted model and data poisoning attacks on FL (including …
… Federatedlearning (FL) is an emerging paradigm for distributed … In this paper, we study targeted data poisoning attacks … We consider two scenarios in which the adversary is restricted …
D Cao, S Chang, Z Lin, G Liu… - 2019 IEEE 25th …, 2019 - ieeexplore.ieee.org
… Adversaries in collaborative learning and federatedlearning can be strong. They can … limits the number of adversaries in the system is 1. Because the adversary only gets the global …
… Unlike previous works [17], [4], [31], [37], we consider a comprehensive set of possible threat models for model poisoning attacks along two dimensions of the adversary’s knowledge: …
L Lyu, H Yu, Q Yang - arXiv preprint arXiv:2003.02133, 2020 - arxiv.org
… on FL systems: 1) poisoning attacks that attempt to prevent a model from being learned at all, or to bias the model to produce inferences that are preferable to the adversary; and 2) …
Z Ma, J Ma, Y Miao, Y Li… - IEEE Transactions on …, 2022 - ieeexplore.ieee.org
… trained local gradients into a federated model through a … poisoning attacks launched by a Byzantine adversary, who crafts malicious local gradients to harm the accuracy of the federated …
S Awan, B Luo, F Li - Computer Security–ESORICS 2021: 26th European …, 2021 - Springer
… We simulate two types of poisoning attacks: (1) Label-flipping attacks: the adversaries attempt to flip a randomly selected source label (S) of the training samples to a target (adversarial) …