{"id":"https://openalex.org/W3213330817","doi":"https://doi.org/10.1109/jiot.2021.3128646","title":"Data Poisoning Attacks on Federated Machine Learning","display_name":"Data Poisoning Attacks on Federated Machine Learning","publication_year":2021,"publication_date":"2021-11-17","ids":{"openalex":"https://openalex.org/W3213330817","doi":"https://doi.org/10.1109/jiot.2021.3128646","mag":"3213330817"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2021.3128646","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2021.3128646","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5031333887","display_name":"Gan Sun","orcid":"https://orcid.org/0000-0003-1111-6909"},"institutions":[{"id":"https://openalex.org/I142078773","display_name":"Shenyang Institute of Automation","ror":"https://ror.org/00ft6nj33","country_code":"CN","type":"facility","lineage":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Gan Sun","raw_affiliation_strings":["State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006477225","display_name":"Yang Cong","orcid":"https://orcid.org/0000-0002-5102-0189"},"institutions":[{"id":"https://openalex.org/I142078773","display_name":"Shenyang Institute of Automation","ror":"https://ror.org/00ft6nj33","country_code":"CN","type":"facility","lineage":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yang Cong","raw_affiliation_strings":["State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014443478","display_name":"Jiahua Dong","orcid":"https://orcid.org/0000-0001-8545-4447"},"institutions":[{"id":"https://openalex.org/I142078773","display_name":"Shenyang Institute of Automation","ror":"https://ror.org/00ft6nj33","country_code":"CN","type":"facility","lineage":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahua Dong","raw_affiliation_strings":["State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","Institutes for Robotics and Intelligent Manufacturing, Chinese Academy of Sciences, Shenyang, China","University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institutes for Robotics and Intelligent Manufacturing, Chinese Academy of Sciences, Shenyang, China","institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100366955","display_name":"Qiang Wang","orcid":"https://orcid.org/0000-0002-2018-1764"},"institutions":[{"id":"https://openalex.org/I142078773","display_name":"Shenyang Institute of Automation","ror":"https://ror.org/00ft6nj33","country_code":"CN","type":"facility","lineage":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I42852656","display_name":"Shenyang University","ror":"https://ror.org/04ddfwm68","country_code":"CN","type":"education","lineage":["https://openalex.org/I42852656"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qiang Wang","raw_affiliation_strings":["State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","Shenyang University, Shenyang, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, China","institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Shenyang University, Shenyang, China","institution_ids":["https://openalex.org/I42852656"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052577882","display_name":"Lingjuan Lyu","orcid":"https://orcid.org/0000-0003-3170-4994"},"institutions":[{"id":"https://openalex.org/I4210122684","display_name":"Sony Computer Science Laboratories","ror":"https://ror.org/02nc46417","country_code":"JP","type":"facility","lineage":["https://openalex.org/I4210122684"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Lingjuan Lyu","raw_affiliation_strings":["Sony AI, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"Sony AI, Tokyo, Japan","institution_ids":["https://openalex.org/I4210122684"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100396318","display_name":"Ji Liu","orcid":"https://orcid.org/0000-0002-0240-8881"},"institutions":[{"id":"https://openalex.org/I4401726859","display_name":"Kuaishou (China)","ror":"https://ror.org/0258as409","country_code":null,"type":"company","lineage":["https://openalex.org/I4401726859"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ji Liu","raw_affiliation_strings":["Beijing Kuaishou Technology Company, Ltd., Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing Kuaishou Technology Company, Ltd., Beijing, China","institution_ids":["https://openalex.org/I4401726859"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5031333887"],"corresponding_institution_ids":["https://openalex.org/I142078773","https://openalex.org/I19820366"],"apc_list":null,"apc_paid":null,"fwci":25.3334,"has_fulltext":false,"cited_by_count":268,"citation_normalized_percentile":{"value":0.99684591,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"9","issue":"13","first_page":"11365","last_page":"11375"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.9451000094413757,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8309340476989746},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6512097120285034},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.627327561378479},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.42732763290405273}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8309340476989746},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6512097120285034},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.627327561378479},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.42732763290405273},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2021.3128646","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2021.3128646","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5316510423","display_name":null,"funder_award_id":"BX20200353","funder_id":"https://openalex.org/F4320335768","funder_display_name":"National Postdoctoral Program for Innovative Talents"},{"id":"https://openalex.org/G7231748729","display_name":null,"funder_award_id":"2022-Z06","funder_id":"https://openalex.org/F4320326907","funder_display_name":"State Key Laboratory of Robotics"},{"id":"https://openalex.org/G7309481675","display_name":null,"funder_award_id":"62073205","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7968052432","display_name":null,"funder_award_id":"62003336","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320326907","display_name":"State Key Laboratory of Robotics","ror":null},{"id":"https://openalex.org/F4320335768","display_name":"National Postdoctoral Program for Innovative Talents","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":41,"referenced_works":["https://openalex.org/W2070228535","https://openalex.org/W2095577883","https://openalex.org/W2113740359","https://openalex.org/W2116612304","https://openalex.org/W2118545728","https://openalex.org/W2125908420","https://openalex.org/W2143104527","https://openalex.org/W2151298633","https://openalex.org/W2530417694","https://openalex.org/W2557044351","https://openalex.org/W2565355925","https://openalex.org/W2604205681","https://openalex.org/W2770705125","https://openalex.org/W2788963265","https://openalex.org/W2803831897","https://openalex.org/W2902287545","https://openalex.org/W2912213068","https://openalex.org/W2914583895","https://openalex.org/W2949377959","https://openalex.org/W2963173190","https://openalex.org/W2963178695","https://openalex.org/W2963540401","https://openalex.org/W3029558105","https://openalex.org/W3033511014","https://openalex.org/W3033597179","https://openalex.org/W3035260401","https://openalex.org/W3088084782","https://openalex.org/W3090383361","https://openalex.org/W3098276446","https://openalex.org/W3100779497","https://openalex.org/W3102330763","https://openalex.org/W3160371670","https://openalex.org/W3176639943","https://openalex.org/W4212774754","https://openalex.org/W6676935882","https://openalex.org/W6725794477","https://openalex.org/W6738383168","https://openalex.org/W6752600739","https://openalex.org/W6756732929","https://openalex.org/W6763497089","https://openalex.org/W6771533808"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W4387369504","https://openalex.org/W3046775127","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W3107602296","https://openalex.org/W4364306694","https://openalex.org/W4312192474"],"abstract_inverted_index":{"Federated":[0],"machine":[1,67,83,192,206],"learning":[2,68,102,109,118,130,168,207,244],"which":[3,57,104,137],"enables":[4],"resource-constrained":[5],"node":[6],"devices":[7,13],"(e.g.,":[8],"Internet":[9],"of":[10,81,122,144],"Things":[11],"(IoT)":[12],"and":[14,31,85,149,183],"smartphones)":[15],"to":[16,49,65,76,96,111,140,174,199,248],"establish":[17],"a":[18,62,98,106,134,158],"knowledge-shared":[19],"model":[20,79,245],"while":[21],"keeping":[22],"the":[23,78,116,141,177,190,221,225,233,238,241],"raw":[24],"data":[25,51,209,216],"local,":[26],"could":[27],"provide":[28],"privacy":[29],"preservation,":[30],"economic":[32],"benefit":[33],"by":[34,47],"designing":[35],"an":[36,196],"effective":[37],"communication":[38,42,239],"protocol.":[39],"However,":[40],"this":[41,73],"protocol":[43],"can":[44],"be":[45,91],"adopted":[46],"attackers":[48,222],"launch":[50],"poisoning":[52,125,250],"attacks":[53,126],"for":[54,180],"different":[55],"nodes,":[56],"has":[58],"been":[59],"shown":[60],"as":[61,133,164],"big":[63],"threat":[64],"most":[66],"models.":[69],"Therefore,":[70],"we":[71,93],"in":[72,115,189],"article":[74],"intend":[75],"study":[77],"vulnerability":[80],"federated":[82,100,117,128,167,191,205,242],"learning,":[84],"even":[86],"on":[87,127,166,213],"IoT":[88],"systems.":[89],"To":[90],"specific,":[92],"here":[94],"attempt":[95],"attacking":[97,204],"popular":[99],"multitask":[101,108,129,243],"framework,":[103],"uses":[105],"general":[107],"framework":[110],"handle":[112],"statistical":[113],"challenges":[114],"setting.":[119],"The":[120],"problem":[121],"calculating":[123],"optimal":[124,186],"is":[131,138,195,246],"formulated":[132],"bilevel":[135],"program,":[136],"adaptive":[139],"arbitrary":[142],"selection":[143],"<italic":[145,150,226],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[146,151,171,227],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">target</i>":[147,228],"nodes":[148,229,235],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">source":[152],"attacking</i>":[153],"nodes.":[154],"We":[155],"then":[156],"propose":[157],"novel":[159],"systems-aware":[160],"optimization":[161],"method,":[162],"called":[163],"attack":[165,187],"(AT":[169],"<sup":[170],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">2</sup>":[172],"FL),":[173],"efficiently":[175],"derive":[176],"implicit":[178],"gradients":[179],"poisoned":[181],"data,":[182],"further":[184],"attain":[185],"strategies":[188],"learning.":[193],"This":[194],"earlier":[197],"work,":[198],"our":[200],"knowledge,":[201],"that":[202,219],"explores":[203],"via":[208,236],"poisoning.":[210],"Finally,":[211],"experiments":[212],"several":[214],"real-world":[215],"sets":[217],"demonstrate":[218],"when":[220],"directly":[223],"poison":[224,232],"or":[230],"indirectly":[231],"related":[234],"using":[237],"protocol,":[240],"sensitive":[247],"both":[249],"attacks.":[251]},"counts_by_year":[{"year":2026,"cited_by_count":10},{"year":2025,"cited_by_count":75},{"year":2024,"cited_by_count":76},{"year":2023,"cited_by_count":67},{"year":2022,"cited_by_count":31},{"year":2021,"cited_by_count":7},{"year":2020,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}