{"id":"https://openalex.org/W4408861904","doi":"https://doi.org/10.1109/tifs.2025.3555179","title":"SLAPP: Poisoning Prevention in Federated Learning and Differential Privacy via Stateful Proofs of Execution","display_name":"SLAPP: Poisoning Prevention in Federated Learning and Differential Privacy via Stateful Proofs of Execution","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4408861904","doi":"https://doi.org/10.1109/tifs.2025.3555179"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2025.3555179","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3555179","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003935638","display_name":"Norrathep Rattanavipanon","orcid":null},"institutions":[{"id":"https://openalex.org/I131868736","display_name":"Prince of Songkla University","ror":"https://ror.org/0575ycz84","country_code":"TH","type":"education","lineage":["https://openalex.org/I131868736"]}],"countries":["TH"],"is_corresponding":true,"raw_author_name":"Norrathep Rattanavipanon","raw_affiliation_strings":["College of Computing, Prince of Songkla University, Phuket, Thailand","College of Computing, Prince of Songkla University, Thailand"],"affiliations":[{"raw_affiliation_string":"College of Computing, Prince of Songkla University, Phuket, Thailand","institution_ids":["https://openalex.org/I131868736"]},{"raw_affiliation_string":"College of Computing, Prince of Songkla University, Thailand","institution_ids":["https://openalex.org/I131868736"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5069912897","display_name":"Ivan De Oliveira Nunes","orcid":"https://orcid.org/0000-0003-3486-6550"},"institutions":[{"id":"https://openalex.org/I75746372","display_name":"ZTE (United States)","ror":"https://ror.org/0518yg160","country_code":"US","type":"company","lineage":["https://openalex.org/I4210098582","https://openalex.org/I75746372"]},{"id":"https://openalex.org/I202697423","display_name":"University of Zurich","ror":"https://ror.org/02crff812","country_code":"CH","type":"education","lineage":["https://openalex.org/I202697423"]}],"countries":["CH","US"],"is_corresponding":false,"raw_author_name":"Ivan De Oliveira Nunes","raw_affiliation_strings":["SPINS Group, Department of Informatics, University of Z&#x00FC;rich, Z&#x00FC;rich, Switzerland","Department of Informatics, University of Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"SPINS Group, Department of Informatics, University of Z&#x00FC;rich, Z&#x00FC;rich, Switzerland","institution_ids":["https://openalex.org/I75746372"]},{"raw_affiliation_string":"Department of Informatics, University of Zurich, Switzerland","institution_ids":["https://openalex.org/I202697423"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5003935638"],"corresponding_institution_ids":["https://openalex.org/I131868736"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.02456745,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"20","issue":null,"first_page":"4167","last_page":"4182"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9897000193595886,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9897000193595886,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9840999841690063,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9803000092506409,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.8777831792831421},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8441207408905029},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.8056236505508423},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.7183839082717896},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5862862467765808},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.165665864944458}],"concepts":[{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.8777831792831421},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8441207408905029},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.8056236505508423},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.7183839082717896},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5862862467765808},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.165665864944458},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2025.3555179","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3555179","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Gender equality","score":0.44999998807907104,"id":"https://metadata.un.org/sdg/5"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":67,"referenced_works":["https://openalex.org/W1973309971","https://openalex.org/W1981029888","https://openalex.org/W2075095478","https://openalex.org/W2111015674","https://openalex.org/W2135274013","https://openalex.org/W2159065056","https://openalex.org/W2167804035","https://openalex.org/W2168816812","https://openalex.org/W2397429946","https://openalex.org/W2480162961","https://openalex.org/W2535838896","https://openalex.org/W2604623598","https://openalex.org/W2621196214","https://openalex.org/W2625587722","https://openalex.org/W2739746516","https://openalex.org/W2752493903","https://openalex.org/W2896993707","https://openalex.org/W2913096406","https://openalex.org/W2942091739","https://openalex.org/W2962763344","https://openalex.org/W2965443102","https://openalex.org/W3004155269","https://openalex.org/W3007305010","https://openalex.org/W3015593455","https://openalex.org/W3017753896","https://openalex.org/W3034931939","https://openalex.org/W3045941597","https://openalex.org/W3049637327","https://openalex.org/W3087391814","https://openalex.org/W3175215793","https://openalex.org/W3176786489","https://openalex.org/W3185178788","https://openalex.org/W3201721481","https://openalex.org/W3212071806","https://openalex.org/W4206500166","https://openalex.org/W4226047321","https://openalex.org/W4229447446","https://openalex.org/W4246712378","https://openalex.org/W4252654521","https://openalex.org/W4293024078","https://openalex.org/W4306813589","https://openalex.org/W4307325440","https://openalex.org/W4381886049","https://openalex.org/W4387544261","https://openalex.org/W4390697909","https://openalex.org/W4390873656","https://openalex.org/W4391724758","https://openalex.org/W4400121035","https://openalex.org/W4400277159","https://openalex.org/W4405184817","https://openalex.org/W6682198590","https://openalex.org/W6683272254","https://openalex.org/W6743821447","https://openalex.org/W6744220956","https://openalex.org/W6748805329","https://openalex.org/W6751184934","https://openalex.org/W6752029299","https://openalex.org/W6758050939","https://openalex.org/W6759238902","https://openalex.org/W6761093806","https://openalex.org/W6769755587","https://openalex.org/W6770634426","https://openalex.org/W6794889289","https://openalex.org/W6803163835","https://openalex.org/W6846309198","https://openalex.org/W6852751816","https://openalex.org/W6881080252"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2583381754","https://openalex.org/W2144255176","https://openalex.org/W2222333653","https://openalex.org/W109977192","https://openalex.org/W1970797462","https://openalex.org/W2019740326","https://openalex.org/W2164795067"],"abstract_inverted_index":{"The":[0],"rise":[1],"of":[2,58,80,101,103,154,177],"IoT-driven":[3],"distributed":[4],"data":[5,22,73,170,203],"analytics,":[6],"coupled":[7],"with":[8],"increasing":[9],"privacy":[10],"concerns,":[11],"has":[12],"led":[13],"to":[14,61,74,91,165,171],"a":[15,88,97,137,183],"demand":[16],"for":[17,113,140],"effective":[18],"privacy-preserving":[19],"and":[20,34,42,202,215],"federated":[21],"collection/model":[23],"training":[24],"mechanisms.":[25],"In":[26,83],"response,":[27],"approaches":[28],"such":[29],"as":[30,175],"Federated":[31],"Learning":[32],"(FL)":[33],"Local":[35],"Differential":[36],"Privacy":[37],"(LDP)":[38],"have":[39],"been":[40],"proposed":[41],"attracted":[43],"much":[44],"attention":[45],"over":[46],"the":[47,55,78,119],"past":[48],"few":[49],"years.":[50],"However,":[51],"they":[52],"still":[53],"share":[54],"common":[56],"limitation":[57],"being":[59],"vulnerable":[60],"poisoning":[62],"attacks":[63],"wherein":[64],"adversaries":[65],"compromising":[66],"edge":[67,179],"devices":[68,156],"feed":[69],"forged":[70],"(a.k.a.":[71],"\u201cpoisoned\u201d)":[72],"aggregation":[75],"back-ends,":[76],"undermining":[77],"integrity":[79],"FL/LDP":[81,178],"results.":[82],"this":[84,93],"work,":[85],"we":[86,128],"propose":[87],"system-level":[89],"approach":[90],"remedy":[92],"issue":[94],"based":[95,194],"on":[96,195],"novel":[98],"security":[99,152,162,188,214],"notion":[100],"Proofs":[102],"Stateful":[104],"Execution":[105],"(<inline-formula":[106],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[107,121,131,144,208],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">":[108,122,132,145,209],"<tex-math":[109,123,133,146,210],"notation=\"LaTeX\">$\\mathsf":[110,124,134,147,211],"{PoSX}$":[111,125],"</tex-math></inline-formula>)":[112],"IoT/embedded":[114],"devices\u2019":[115],"software.":[116],"To":[117],"realize":[118],"<inline-formula":[120,130,143,207],"</tex-math></inline-formula>":[126,149],"concept,":[127],"design":[129],"{SLAPP}$":[135,148,212],"</tex-math></inline-formula>:":[136],"System-Level":[138],"Approach":[139],"Poisoning":[141],"Prevention.":[142],"leverages":[150],"commodity":[151],"features":[153],"embedded":[155],"\u2013":[157,164],"in":[158],"particular":[159],"ARM":[160],"TrustZone-M":[161],"extensions":[163],"verifiably":[166],"bind":[167],"raw":[168],"sensed":[169],"their":[172],"correct":[173],"usage":[174],"part":[176],"device":[180],"routines.":[181],"As":[182],"consequence,":[184],"it":[185],"offers":[186],"robust":[187],"guarantees":[189],"against":[190],"poisoning.":[191],"Our":[192],"evaluation,":[193],"real-world":[196],"prototypes":[197],"featuring":[198],"multiple":[199],"cryptographic":[200],"primitives":[201],"collection":[204],"schemes,":[205],"showcases":[206],"</tex-math></inline-formula>\u2019s":[213],"low":[216],"overhead.":[217]},"counts_by_year":[],"updated_date":"2025-12-28T23:10:05.387466","created_date":"2025-10-10T00:00:00"}