{"id":"https://openalex.org/W4416252310","doi":"https://doi.org/10.1109/ijcnn64981.2025.11228101","title":"Do Adversarial Perturbations Truly Mitigate Gradient Inversion in Federated Learning?","display_name":"Do Adversarial Perturbations Truly Mitigate Gradient Inversion in Federated Learning?","publication_year":2025,"publication_date":"2025-06-30","ids":{"openalex":"https://openalex.org/W4416252310","doi":"https://doi.org/10.1109/ijcnn64981.2025.11228101"},"language":null,"primary_location":{"id":"doi:10.1109/ijcnn64981.2025.11228101","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn64981.2025.11228101","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5000922423","display_name":"Hui Zhou","orcid":"https://orcid.org/0000-0003-0572-8976"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Hui Zhou","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100695329","display_name":"Zheng Qin","orcid":"https://orcid.org/0000-0003-4373-4111"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zheng Qin","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060773103","display_name":"Ye Zou","orcid":"https://orcid.org/0000-0002-6445-4541"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yipeng Zou","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030040920","display_name":"Xin Deng","orcid":"https://orcid.org/0000-0003-2149-0240"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xin Deng","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049781333","display_name":"Jiaxin Jiang","orcid":"https://orcid.org/0000-0002-4425-047X"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiaxin Jiang","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101192346","display_name":"Ge Xiao","orcid":"https://orcid.org/0000-0001-9063-3749"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ge Xiao","raw_affiliation_strings":["Hunan University,College of Computer Science and Electronic Engineering,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Computer Science and Electronic Engineering,Changsha,China","institution_ids":["https://openalex.org/I16609230"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100353673","display_name":"Hao Chen","orcid":"https://orcid.org/0009-0001-6480-7976"},"institutions":[{"id":"https://openalex.org/I16609230","display_name":"Hunan University","ror":"https://ror.org/05htk5m33","country_code":"CN","type":"education","lineage":["https://openalex.org/I16609230"]},{"id":"https://openalex.org/I56934997","display_name":"Changsha University of Science and Technology","ror":"https://ror.org/03yph8055","country_code":"CN","type":"education","lineage":["https://openalex.org/I56934997"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hao Chen","raw_affiliation_strings":["Hunan University,College of Cyber Science and Technology,Changsha,China"],"affiliations":[{"raw_affiliation_string":"Hunan University,College of Cyber Science and Technology,Changsha,China","institution_ids":["https://openalex.org/I56934997","https://openalex.org/I16609230"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5000922423"],"corresponding_institution_ids":["https://openalex.org/I16609230"],"apc_list":null,"apc_paid":null,"fwci":2.3568,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.91851716,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.732699990272522,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.732699990272522,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.24070000648498535,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11612","display_name":"Stochastic Gradient Optimization Techniques","score":0.00279999990016222,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.935699999332428},{"id":"https://openalex.org/keywords/inversion","display_name":"Inversion (geology)","score":0.5604000091552734},{"id":"https://openalex.org/keywords/perturbation","display_name":"Perturbation (astronomy)","score":0.48829999566078186},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.38909998536109924},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.38179999589920044},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.35670000314712524},{"id":"https://openalex.org/keywords/ground-truth","display_name":"Ground truth","score":0.33160001039505005},{"id":"https://openalex.org/keywords/synthetic-data","display_name":"Synthetic data","score":0.3271999955177307}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.935699999332428},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6703000068664551},{"id":"https://openalex.org/C1893757","wikidata":"https://www.wikidata.org/wiki/Q3653001","display_name":"Inversion (geology)","level":3,"score":0.5604000091552734},{"id":"https://openalex.org/C177918212","wikidata":"https://www.wikidata.org/wiki/Q803623","display_name":"Perturbation (astronomy)","level":2,"score":0.48829999566078186},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4269999861717224},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.38909998536109924},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.38179999589920044},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.35670000314712524},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33399999141693115},{"id":"https://openalex.org/C146849305","wikidata":"https://www.wikidata.org/wiki/Q370766","display_name":"Ground truth","level":2,"score":0.33160001039505005},{"id":"https://openalex.org/C160920958","wikidata":"https://www.wikidata.org/wiki/Q7662746","display_name":"Synthetic data","level":2,"score":0.3271999955177307},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.32179999351501465},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3199000060558319},{"id":"https://openalex.org/C153258448","wikidata":"https://www.wikidata.org/wiki/Q1199743","display_name":"Gradient descent","level":3,"score":0.31380000710487366},{"id":"https://openalex.org/C135252773","wikidata":"https://www.wikidata.org/wiki/Q1567213","display_name":"Inverse problem","level":2,"score":0.3059999942779541},{"id":"https://openalex.org/C126255220","wikidata":"https://www.wikidata.org/wiki/Q141495","display_name":"Mathematical optimization","level":1,"score":0.30379998683929443},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.3003000020980835},{"id":"https://openalex.org/C137836250","wikidata":"https://www.wikidata.org/wiki/Q984063","display_name":"Optimization problem","level":2,"score":0.2992999851703644},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2946000099182129},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.2937000095844269},{"id":"https://openalex.org/C2986577269","wikidata":"https://www.wikidata.org/wiki/Q11306265","display_name":"Random noise","level":2,"score":0.2815000116825104},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.2676999866962433},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2563000023365021},{"id":"https://openalex.org/C3017597292","wikidata":"https://www.wikidata.org/wiki/Q25052250","display_name":"Privacy protection","level":2,"score":0.2515999972820282}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ijcnn64981.2025.11228101","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn64981.2025.11228101","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W2108598243","https://openalex.org/W2774644650","https://openalex.org/W2781091734","https://openalex.org/W2962847335","https://openalex.org/W2963542245","https://openalex.org/W3110068734","https://openalex.org/W3171288285","https://openalex.org/W3172312230","https://openalex.org/W3175192640","https://openalex.org/W4312809802","https://openalex.org/W4385412495","https://openalex.org/W4386260756","https://openalex.org/W4390871834","https://openalex.org/W4390872679","https://openalex.org/W4396723350","https://openalex.org/W4405182454"],"related_works":[],"abstract_inverted_index":{"Federated":[0],"Learning":[1],"(FL)":[2],"has":[3],"emerged":[4],"as":[5,186,188],"a":[6,16,123,143,151],"privacy-preserving":[7,216],"framework":[8],"under":[9,194],"which":[10],"multiple":[11],"participants":[12],"jointly":[13],"solve":[14],"the":[15,35,67,71,92,104,137,183,190],"collaborative":[17],"training":[18,28,109],"and":[19,210],"user":[20],"privacy":[21,78,208],"problem.":[22],"Recent":[23],"studies":[24],"find":[25],"that":[26,98,158,172],"private":[27],"data":[29,129,149],"can":[30,106],"still":[31,107],"be":[32,57],"leaked":[33],"by":[34,61,135,150],"exchanged":[36],"gradients":[37,105,134],"based":[38],"on":[39,91,214],"optimization":[40],"or":[41],"analytic,":[42],"i.e.,":[43],"gradient":[44,116,163],"inversion":[45,117,164],"attacks":[46],"(GIAs).":[47],"To":[48],"enhance":[49],"privacy,":[50],"adversarial":[51,74,89,100,114,132,166,205],"perturbations":[52,75,90,101,206],"(AP)":[53],"are":[54],"attempted":[55],"to":[56,103,127,147],"applied":[58],"in":[59,76,175,218],"FL":[60],"introducing":[62],"carefully":[63],"crafted":[64],"noise":[65],"into":[66,203],"local":[68],"gradients.":[69],"However,":[70],"effectiveness":[72,185],"of":[73,94,192],"strengthening":[77],"against":[79],"GIAs":[80],"remains":[81],"underexplored.":[82],"In":[83],"this":[84,198],"work,":[85],"we":[86,121,141],"empirically":[87],"evaluate":[88],"resistance":[93],"GIAs.":[95,195],"We":[96,111,196],"show":[97],"even":[99],"added":[102],"leak":[108],"data.":[110],"propose":[112],"an":[113],"perturbation":[115,133,167],"attack,":[118],"APT.":[119],"Specifically,":[120],"design":[122,142],"feature":[124,144,153],"extraction":[125],"method":[126,146,160],"extract":[128],"features":[130],"from":[131,165],"utilizing":[136],"linear":[138],"layer.":[139],"Moreover,":[140],"reconstruction":[145],"reconstruct":[148],"key":[152],"reconstructor.":[154],"Extensive":[155],"experiments":[156],"demonstrate":[157],"our":[159,180],"achieves":[161],"high-quality":[162],"gradients,":[168],"surpassing":[169],"state-of-the-art":[170],"methods":[171],"commonly":[173],"fail":[174],"more":[176],"challenge":[177],"scenarios.":[178],"Overall,":[179],"work":[181,199],"explores":[182],"defense":[184,209],"well":[187],"reveals":[189],"vulnerability":[191],"AP":[193],"hope":[197],"provide":[200],"valuable":[201],"insights":[202],"leveraging":[204],"for":[207],"inspire":[211],"future":[212],"research":[213],"robust":[215],"mechanisms":[217],"FL.":[219]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-11-14T00:00:00"}