{"id":"https://openalex.org/W4414757835","doi":"https://doi.org/10.1109/tdsc.2025.3617070","title":"Privacy-Preserving Federated Learning Scheme With Mitigating Model Poisoning Attacks: Vulnerabilities and Countermeasures","display_name":"Privacy-Preserving Federated Learning Scheme With Mitigating Model Poisoning Attacks: Vulnerabilities and Countermeasures","publication_year":2025,"publication_date":"2025-10-02","ids":{"openalex":"https://openalex.org/W4414757835","doi":"https://doi.org/10.1109/tdsc.2025.3617070"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2025.3617070","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3617070","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101845076","display_name":"Jiahui Wu","orcid":"https://orcid.org/0000-0003-0121-5575"},"institutions":[{"id":"https://openalex.org/I4210136793","display_name":"Peng Cheng Laboratory","ror":"https://ror.org/03qdqbt06","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210136793"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jiahui Wu","raw_affiliation_strings":["New Network Department, Peng Cheng Laboratory, Shenzhen, China"],"raw_orcid":"https://orcid.org/0000-0003-0121-5575","affiliations":[{"raw_affiliation_string":"New Network Department, Peng Cheng Laboratory, Shenzhen, China","institution_ids":["https://openalex.org/I4210136793"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000037502","display_name":"Fucai Luo","orcid":"https://orcid.org/0000-0001-7961-5750"},"institutions":[{"id":"https://openalex.org/I75059550","display_name":"Zhejiang Gongshang University","ror":"https://ror.org/0569mkk41","country_code":"CN","type":"education","lineage":["https://openalex.org/I75059550"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fucai Luo","raw_affiliation_strings":["School of Computer Science and Technology, Zhejiang Gongshang University, Hangzhou, China"],"raw_orcid":"https://orcid.org/0000-0001-7961-5750","affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology, Zhejiang Gongshang University, Hangzhou, China","institution_ids":["https://openalex.org/I75059550"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090933045","display_name":"Tiecheng Sun","orcid":"https://orcid.org/0000-0002-6813-4756"},"institutions":[{"id":"https://openalex.org/I4210136793","display_name":"Peng Cheng Laboratory","ror":"https://ror.org/03qdqbt06","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210136793"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tiecheng Sun","raw_affiliation_strings":["New Network Department, Peng Cheng Laboratory, Shenzhen, China"],"raw_orcid":"https://orcid.org/0000-0002-6813-4756","affiliations":[{"raw_affiliation_string":"New Network Department, Peng Cheng Laboratory, Shenzhen, China","institution_ids":["https://openalex.org/I4210136793"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102003407","display_name":"Haiyan Wang","orcid":"https://orcid.org/0000-0002-5702-9897"},"institutions":[{"id":"https://openalex.org/I4210136793","display_name":"Peng Cheng Laboratory","ror":"https://ror.org/03qdqbt06","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210136793"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haiyan Wang","raw_affiliation_strings":["New Network Department, Peng Cheng Laboratory, Shenzhen, China"],"raw_orcid":"https://orcid.org/0000-0002-5702-9897","affiliations":[{"raw_affiliation_string":"New Network Department, Peng Cheng Laboratory, Shenzhen, China","institution_ids":["https://openalex.org/I4210136793"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085221201","display_name":"Weizhe Zhang","orcid":"https://orcid.org/0000-0003-4783-876X"},"institutions":[{"id":"https://openalex.org/I204983213","display_name":"Harbin Institute of Technology","ror":"https://ror.org/01yqg2h08","country_code":"CN","type":"education","lineage":["https://openalex.org/I204983213"]},{"id":"https://openalex.org/I4210136793","display_name":"Peng Cheng Laboratory","ror":"https://ror.org/03qdqbt06","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210136793"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Weizhe Zhang","raw_affiliation_strings":["School of Cyberspace Science Faculty of Computing, Harbin Institute of Technology, Shenzhen, China","New Network Department, Peng Cheng Laboratory, Shenzhen, China"],"raw_orcid":"https://orcid.org/0000-0003-4783-876X","affiliations":[{"raw_affiliation_string":"School of Cyberspace Science Faculty of Computing, Harbin Institute of Technology, Shenzhen, China","institution_ids":["https://openalex.org/I204983213"]},{"raw_affiliation_string":"New Network Department, Peng Cheng Laboratory, Shenzhen, China","institution_ids":["https://openalex.org/I4210136793"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5101845076"],"corresponding_institution_ids":["https://openalex.org/I4210136793"],"apc_list":null,"apc_paid":null,"fwci":2.1733,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.90626567,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"23","issue":"1","first_page":"1421","last_page":"1438"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9858999848365784,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/homomorphic-encryption","display_name":"Homomorphic encryption","score":0.7615000009536743},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.6371999979019165},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5180000066757202},{"id":"https://openalex.org/keywords/normalization","display_name":"Normalization (sociology)","score":0.4999000132083893},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.45750001072883606},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.45500001311302185},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.45210000872612},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.4302999973297119},{"id":"https://openalex.org/keywords/scheme","display_name":"Scheme (mathematics)","score":0.42089998722076416}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8507999777793884},{"id":"https://openalex.org/C158338273","wikidata":"https://www.wikidata.org/wiki/Q2154943","display_name":"Homomorphic encryption","level":3,"score":0.7615000009536743},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.6371999979019165},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5852000117301941},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5180000066757202},{"id":"https://openalex.org/C136886441","wikidata":"https://www.wikidata.org/wiki/Q926129","display_name":"Normalization (sociology)","level":2,"score":0.4999000132083893},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.45750001072883606},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.45500001311302185},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.45210000872612},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.4302999973297119},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.42089998722076416},{"id":"https://openalex.org/C45374587","wikidata":"https://www.wikidata.org/wiki/Q12525525","display_name":"Computation","level":2,"score":0.3862000107765198},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3840000033378601},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.37529999017715454},{"id":"https://openalex.org/C2780762811","wikidata":"https://www.wikidata.org/wiki/Q1784941","display_name":"Cosine similarity","level":3,"score":0.37450000643730164},{"id":"https://openalex.org/C94284585","wikidata":"https://www.wikidata.org/wiki/Q228184","display_name":"Random oracle","level":4,"score":0.362199991941452},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.31630000472068787},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.31380000710487366},{"id":"https://openalex.org/C79337645","wikidata":"https://www.wikidata.org/wiki/Q779824","display_name":"Outlier","level":2,"score":0.304500013589859},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.30320000648498535},{"id":"https://openalex.org/C165136773","wikidata":"https://www.wikidata.org/wiki/Q1363179","display_name":"Single point of failure","level":2,"score":0.3025999963283539},{"id":"https://openalex.org/C2777402240","wikidata":"https://www.wikidata.org/wiki/Q6783436","display_name":"Masking (illustration)","level":2,"score":0.28790000081062317},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.2797999978065491},{"id":"https://openalex.org/C178005623","wikidata":"https://www.wikidata.org/wiki/Q308859","display_name":"Anonymity","level":2,"score":0.2773999869823456},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.27379998564720154},{"id":"https://openalex.org/C204806902","wikidata":"https://www.wikidata.org/wiki/Q2333581","display_name":"Semantic security","level":5,"score":0.27379998564720154},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.2732999920845032},{"id":"https://openalex.org/C3017597292","wikidata":"https://www.wikidata.org/wiki/Q25052250","display_name":"Privacy protection","level":2,"score":0.2653000056743622},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.25780001282691956}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2025.3617070","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3617070","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G752701465","display_name":null,"funder_award_id":"U22A2036","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":48,"referenced_works":["https://openalex.org/W1544327602","https://openalex.org/W2112796928","https://openalex.org/W2591882872","https://openalex.org/W2618530766","https://openalex.org/W2768174108","https://openalex.org/W2985527074","https://openalex.org/W3090471584","https://openalex.org/W3138153888","https://openalex.org/W3138597937","https://openalex.org/W3176224843","https://openalex.org/W3176786489","https://openalex.org/W3198262235","https://openalex.org/W3214271738","https://openalex.org/W4205423013","https://openalex.org/W4210485920","https://openalex.org/W4226047321","https://openalex.org/W4226136925","https://openalex.org/W4226407702","https://openalex.org/W4281398987","https://openalex.org/W4285245206","https://openalex.org/W4285818630","https://openalex.org/W4289656845","https://openalex.org/W4308632285","https://openalex.org/W4311081048","https://openalex.org/W4312868796","https://openalex.org/W4317796249","https://openalex.org/W4320008809","https://openalex.org/W4323793447","https://openalex.org/W4378195077","https://openalex.org/W4385270023","https://openalex.org/W4385299238","https://openalex.org/W4387544261","https://openalex.org/W4388692507","https://openalex.org/W4388857983","https://openalex.org/W4388938021","https://openalex.org/W4391406919","https://openalex.org/W4391725340","https://openalex.org/W4392904898","https://openalex.org/W4392931300","https://openalex.org/W4392939651","https://openalex.org/W4394939057","https://openalex.org/W4395017388","https://openalex.org/W4396982182","https://openalex.org/W4400076000","https://openalex.org/W4407448645","https://openalex.org/W4407637752","https://openalex.org/W4415796111","https://openalex.org/W4415796793"],"related_works":[],"abstract_inverted_index":{"The":[0],"privacy-preserving":[1,49,83,143],"federated":[2,86],"learning":[3,87],"schemes":[4,30],"based":[5],"on":[6],"the":[7,48,64],"setting":[8],"of":[9,20,63],"two":[10,142],"honest-but-curious":[11,65],"and":[12,22,84,95,112,123,132,149,170,183,189,211,215],"non-colluding":[13],"servers":[14],"offer":[15],"promising":[16],"solutions":[17],"in":[18,73],"terms":[19],"security":[21],"efficiency.":[23,96],"However,":[24],"our":[25,99,178,197],"investigation":[26],"reveals":[27],"that":[28,47,90,107,177,196],"these":[29],"still":[31],"suffer":[32],"from":[33,41],"privacy":[34,60,202],"leakage":[35],"when":[36],"considering":[37],"model":[38,55],"poisoning":[39,56,114,209],"attacks":[40,57],"malicious":[42,187,191],"users.":[43],"Specifically,":[44],"we":[45,79,140],"demonstrate":[46,195],"computation":[50,214],"process":[51],"for":[52,135],"defending":[53],"against":[54,109],"inadvertently":[58],"leaks":[59],"to":[61,69,98,219],"one":[62,190],"servers,":[66],"enabling":[67],"it":[68],"access":[70],"users'":[71],"gradients":[72,158],"plaintext.":[74],"To":[75],"address":[76],"this":[77],"issue,":[78],"propose":[80],"an":[81],"enhanced":[82],"Byzantine-robust":[85],"(PBFL)":[88],"framework":[89],"simultaneously":[91],"achieves":[92],"privacy,":[93],"robustness,":[94],"Central":[97],"design":[100],"is":[101],"a":[102,128,160],"novel":[103],"Byzantine-tolerant":[104],"aggregation":[105,172],"strategy":[106],"defends":[108],"both":[110,168],"conventional":[111],"adaptive":[113,124],"attacks.":[115,137],"It":[116],"integrates":[117],"normalization":[118,147],"judgment,":[119],"cosine":[120,151],"similarity":[121,152],"computation,":[122],"user":[125],"weighting,":[126],"with":[127,186],"dual-scoring":[129],"trust":[130],"mechanism":[131],"outlier":[133],"suppression":[134],"stealthy":[136],"In":[138],"addition,":[139],"develop":[141],"subroutines,":[144],"namely":[145],"secure":[146,150],"judgment":[148],"measurement,":[153],"which":[154],"operate":[155],"over":[156],"encrypted":[157],"using":[159],"trapdoor":[161],"fully":[162],"homomorphic":[163],"encryption":[164],"(FHE)":[165],"scheme,":[166],"ensuring":[167],"confidentiality":[169],"robust":[171],"correctness.":[173],"Theoretical":[174],"analyses":[175],"confirm":[176],"scheme":[179],"guarantees":[180],"security,":[181],"convergence,":[182],"efficiency":[184],"even":[185],"users":[188],"server.":[192],"Extensive":[193],"experiments":[194],"method":[198],"effectively":[199],"breaks":[200],"prior":[201],"attacks,":[203],"maintains":[204],"high":[205],"accuracy":[206],"under":[207],"diverse":[208],"strategies,":[210],"significantly":[212],"reduces":[213],"communication":[216],"overhead":[217],"compared":[218],"state-of-the-art":[220],"PBFL":[221],"schemes.":[222]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}