{"id":"https://openalex.org/W4387197180","doi":"https://doi.org/10.1109/tdsc.2023.3320694","title":"Optimally Mitigating Backdoor Attacks in Federated Learning","display_name":"Optimally Mitigating Backdoor Attacks in Federated Learning","publication_year":2023,"publication_date":"2023-09-29","ids":{"openalex":"https://openalex.org/W4387197180","doi":"https://doi.org/10.1109/tdsc.2023.3320694"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2023.3320694","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3320694","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080243955","display_name":"Kane Walter","orcid":null},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Kane Walter","raw_affiliation_strings":["Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0002-9759-4305","affiliations":[{"raw_affiliation_string":"Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076389456","display_name":"Meisam Mohammady","orcid":null},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Meisam Mohammady","raw_affiliation_strings":["Department of Computer Science, Iowa State University, 226 Atanasoff Hall, 2434 Osborn Dr, Ames, IA, USA"],"raw_orcid":"https://orcid.org/0000-0002-0619-6361","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Iowa State University, 226 Atanasoff Hall, 2434 Osborn Dr, Ames, IA, USA","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082256444","display_name":"\u202aSurya Nepal\u202c","orcid":"https://orcid.org/0000-0002-3289-6599"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["CSIRO&#x0027;s Data61, Cnr of Vimiera and Pembroke Roads, Marsfield, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0002-3289-6599","affiliations":[{"raw_affiliation_string":"CSIRO&#x0027;s Data61, Cnr of Vimiera and Pembroke Roads, Marsfield, NSW, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059077090","display_name":"Salil S. Kanhere","orcid":"https://orcid.org/0000-0002-1835-3475"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Salil S. Kanhere","raw_affiliation_strings":["Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0002-1835-3475","affiliations":[{"raw_affiliation_string":"Computer Science and Engineering, University of New South Wales, Sydney, NSW, Australia","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5080243955"],"corresponding_institution_ids":["https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":0.5112,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.71938338,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"21","issue":"4","first_page":"2949","last_page":"2963"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9158999919891357,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9951786994934082},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8356049060821533},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6057521104812622},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.5818157196044922},{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.5524415969848633},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5327779054641724},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.47023245692253113},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.45938876271247864},{"id":"https://openalex.org/keywords/trainer","display_name":"Trainer","score":0.4491819143295288},{"id":"https://openalex.org/keywords/data-modeling","display_name":"Data modeling","score":0.43106022477149963},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.38749587535858154},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3295442461967468},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3004680871963501},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.12322160601615906}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9951786994934082},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8356049060821533},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6057521104812622},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.5818157196044922},{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.5524415969848633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5327779054641724},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.47023245692253113},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.45938876271247864},{"id":"https://openalex.org/C2780463512","wikidata":"https://www.wikidata.org/wiki/Q15122700","display_name":"Trainer","level":2,"score":0.4491819143295288},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.43106022477149963},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.38749587535858154},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3295442461967468},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3004680871963501},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.12322160601615906},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2023.3320694","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3320694","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4399999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4394671520","https://openalex.org/W4286971788","https://openalex.org/W3127875616","https://openalex.org/W3128233162","https://openalex.org/W3199340467","https://openalex.org/W3157608626","https://openalex.org/W3132132958","https://openalex.org/W4321612632","https://openalex.org/W4322580403","https://openalex.org/W4399147128"],"abstract_inverted_index":{"Federated":[0],"learning":[1,7],"(FL)":[2],"is":[3,13,131,164],"a":[4,10,82,113,134],"distributed,":[5],"privacy-preserving":[6],"paradigm":[8],"where":[9],"joint":[11,40],"model":[12,86,135],"trained":[14,55],"on":[15,19,166],"private":[16],"data":[17],"stored":[18],"client":[20],"devices.":[21],"Data":[22],"owners":[23],"(clients)":[24],"train":[25],"models":[26,96],"locally":[27],"and":[28,126,146,170],"then":[29],"submit":[30],"them":[31],"to":[32,69,106,121,133],"an":[33],"aggregation":[34],"server":[35],"for":[36],"incorporation":[37],"into":[38],"the":[39,85,117,151],"model.":[41],"Malicious":[42],"clients":[43],"can":[44,65],"apply":[45],"training":[46,119,144],"time":[47,142],"attacks,":[48,51],"e.g.,":[49],"backdoor":[50,70,108,167],"by":[52],"submitting":[53],"maliciously":[54],"models.":[56],"Prior":[57],"work":[58],"has":[59],"shown":[60],"that":[61,94,115,129],"Differential":[62],"Privacy":[63],"(DP)":[64],"provide":[66,173],"certified":[67,123],"robustness":[68],"attacks;":[71],"however,":[72],"there":[73],"are":[74,157],"limited":[75],"studies":[76],"regarding":[77],"DP":[78,103,138,156],"parameter":[79,104],"selection":[80],"as":[81],"function":[83],"of":[84,141],"architecture.":[87],"In":[88],"this":[89],"work,":[90],"we":[91,111],"show":[92,127],"empirically":[93,128],"larger":[95],"(i.e.,":[97],"with":[98,147],"more":[99],"parameters)":[100],"require":[101],"stronger":[102],"settings":[105],"mitigate":[107],"attacks.":[109],"Furthermore,":[110],"present":[112],"framework":[114],"alters":[116],"FL":[118],"algorithm":[120],"preserve":[122],"accuracy":[124],"round-by-round":[125],"it":[130,163],"superior":[132],"trainer":[136],"selecting":[137],"parameters":[139],"ahead":[140],"before":[143],"begins":[145],"incomplete":[148],"information":[149],"about":[150],"attacker.":[152],"Although":[153],"tools":[154],"from":[155],"used":[158],"in":[159],"our":[160],"proposed":[161],"framework,":[162],"focused":[165],"attack":[168],"mitigation":[169],"does":[171],"not":[172],"privacy":[174],"guarantees.":[175]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}