{"id":"https://openalex.org/W4416714642","doi":"https://doi.org/10.1109/tifs.2025.3633157","title":"FinBack: Infiltrating Backdoors into Gradient Compressors on Federated Learning","display_name":"FinBack: Infiltrating Backdoors into Gradient Compressors on Federated Learning","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4416714642","doi":"https://doi.org/10.1109/tifs.2025.3633157"},"language":null,"primary_location":{"id":"doi:10.1109/tifs.2025.3633157","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3633157","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070769211","display_name":"Xiangyun Tang","orcid":"https://orcid.org/0000-0002-5511-0720"},"institutions":[{"id":"https://openalex.org/I145897649","display_name":"Minzu University of China","ror":"https://ror.org/0044e2g62","country_code":"CN","type":"education","lineage":["https://openalex.org/I145897649"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xiangyun Tang","raw_affiliation_strings":["Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China","institution_ids":["https://openalex.org/I145897649"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006980036","display_name":"Yang Wen","orcid":"https://orcid.org/0000-0001-6303-8178"},"institutions":[{"id":"https://openalex.org/I145897649","display_name":"Minzu University of China","ror":"https://ror.org/0044e2g62","country_code":"CN","type":"education","lineage":["https://openalex.org/I145897649"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wen Yang","raw_affiliation_strings":["Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China","institution_ids":["https://openalex.org/I145897649"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002153002","display_name":"Luyao Peng","orcid":"https://orcid.org/0009-0005-1277-4251"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Luyao Peng","raw_affiliation_strings":["School of Cyberspace Security, Beijing Institute of Technology, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047030842","display_name":"Meng Shen","orcid":"https://orcid.org/0000-0002-1867-0972"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meng Shen","raw_affiliation_strings":["School of Cyberspace Security, Beijing Institute of Technology, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100375796","display_name":"Tao Zhang","orcid":"https://orcid.org/0000-0002-3366-7640"},"institutions":[{"id":"https://openalex.org/I21193070","display_name":"Beijing Jiaotong University","ror":"https://ror.org/01yj56c84","country_code":"CN","type":"education","lineage":["https://openalex.org/I21193070"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Zhang","raw_affiliation_strings":["School of Cyberspace Science and Technology, Beijing Jiaotong University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace Science and Technology, Beijing Jiaotong University, Beijing, China","institution_ids":["https://openalex.org/I21193070"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024296105","display_name":"Yu Weng","orcid":"https://orcid.org/0000-0002-0787-550X"},"institutions":[{"id":"https://openalex.org/I145897649","display_name":"Minzu University of China","ror":"https://ror.org/0044e2g62","country_code":"CN","type":"education","lineage":["https://openalex.org/I145897649"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yu Weng","raw_affiliation_strings":["Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Ethnic Language Intelligent Analysis and Security Governance of MOE, Minzu University of China, Beijing, China","institution_ids":["https://openalex.org/I145897649"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062761975","display_name":"Jiawen Kang","orcid":"https://orcid.org/0000-0002-8218-3490"},"institutions":[{"id":"https://openalex.org/I139024713","display_name":"Guangdong University of Technology","ror":"https://ror.org/04azbjn80","country_code":"CN","type":"education","lineage":["https://openalex.org/I139024713"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiawen Kang","raw_affiliation_strings":["School of Automation, Guangdong University of Technology, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Automation, Guangdong University of Technology, Guangzhou, China","institution_ids":["https://openalex.org/I139024713"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091266202","display_name":"Dusit Niyato","orcid":"https://orcid.org/0000-0002-7442-7416"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Dusit Niyato","raw_affiliation_strings":["College of Computing and Data Science, Nanyang Technological University, Jurong West, Singapore"],"affiliations":[{"raw_affiliation_string":"College of Computing and Data Science, Nanyang Technological University, Jurong West, Singapore","institution_ids":["https://openalex.org/I172675005"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5070769211"],"corresponding_institution_ids":["https://openalex.org/I145897649"],"apc_list":null,"apc_paid":null,"fwci":2.4849,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.9231906,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"20","issue":null,"first_page":"12460","last_page":"12475"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.6352999806404114,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.6352999806404114,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.3156999945640564,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.006500000134110451,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9937000274658203},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.3774999976158142},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.3594000041484833},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.30160000920295715}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9937000274658203},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8300999999046326},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40450000762939453},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.3774999976158142},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.3594000041484833},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.30160000920295715},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2712000012397766},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25690001249313354},{"id":"https://openalex.org/C180016635","wikidata":"https://www.wikidata.org/wiki/Q2712821","display_name":"Compression (physics)","level":2,"score":0.25450000166893005},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.25440001487731934}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2025.3633157","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3633157","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W2807363941","https://openalex.org/W2970408908","https://openalex.org/W2989289980","https://openalex.org/W3132656194","https://openalex.org/W3138597937","https://openalex.org/W3156284706","https://openalex.org/W3161441563","https://openalex.org/W3175919946","https://openalex.org/W3178326529","https://openalex.org/W3197655726","https://openalex.org/W3209752568","https://openalex.org/W4214680449","https://openalex.org/W4226380048","https://openalex.org/W4285605767","https://openalex.org/W4288057793","https://openalex.org/W4293846201","https://openalex.org/W4308463821","https://openalex.org/W4311454612","https://openalex.org/W4313042326","https://openalex.org/W4319586478","https://openalex.org/W4382237486","https://openalex.org/W4385187226","https://openalex.org/W4385289448","https://openalex.org/W4385327089","https://openalex.org/W4390871473","https://openalex.org/W4390904993","https://openalex.org/W4392251605","https://openalex.org/W4392906255","https://openalex.org/W4393161237","https://openalex.org/W4393973474","https://openalex.org/W4394717809","https://openalex.org/W4402264407","https://openalex.org/W4402925050","https://openalex.org/W4409347672"],"related_works":[],"abstract_inverted_index":{"Federated":[0],"Learning":[1],"(FL)":[2],"has":[3],"emerged":[4],"as":[5,75],"a":[6,18,76,137],"promising":[7],"distributed":[8],"machine":[9],"learning":[10],"paradigm":[11],"that":[12,69,144,165],"allows":[13],"clients":[14,36,171,177],"to":[15,31,44,56,104,225],"jointly":[16],"train":[17],"global":[19,47,120],"model":[20],"without":[21,113,201],"sharing":[22],"their":[23,41],"raw":[24],"training":[25],"datasets.":[26],"However,":[27],"FL":[28,61],"is":[29],"vulnerable":[30],"backdoor":[32,64,81,95,111,132,140],"attacks,":[33,65,215],"where":[34],"malicious":[35,234],"inject":[37],"specific":[38,163],"backdoors":[39,154],"into":[40],"local":[42],"models":[43],"manipulate":[45],"the":[46,89,105,116,119,148,183,196,202,208,213,218],"model\u2019s":[48],"outputs.":[49],"Recent":[50],"studies":[51],"widely":[52],"applied":[53],"gradient":[54,70,92,123,149],"compression":[55,71,93,124],"construct":[57],"efficient":[58],"and":[59,152,178,185,199,210],"robust":[60],"systems":[62],"against":[63,80,94,131],"but":[66],"we":[67,86,135],"argue":[68],"cannot":[72],"be":[73],"seen":[74],"reliable":[77],"defense":[78],"strategy":[79],"attacks.":[82,96,133],"In":[83],"this":[84],"work,":[85],"systematically":[87],"evaluate":[88],"effectiveness":[90,106,184,209],"of":[91,107,118,187,212,233],"The":[97],"experimental":[98],"results":[99],"indicate":[100],"that,":[101],"in":[102,109,155,228],"addition":[103],"SignSGD":[108,151],"preventing":[110],"injection":[112],"significantly":[114],"reducing":[115],"accuracy":[117],"model,":[121],"most":[122],"methods":[125],"do":[126,166],"not":[127,167],"provide":[128],"effective":[129],"defenses":[130],"Furthermore,":[134],"develop":[136],"novel":[138],"adaptive":[139],"attack,":[141],"named":[142],"FinBack,":[143],"can":[145],"effectively":[146],"infiltrate":[147],"compressor":[150],"implant":[153],"FL,":[156],"by":[157,175],"inducing":[158],"small":[159],"weight":[160],"changes":[161],"on":[162],"neurons":[164],"conflict":[168],"with":[169,195,231],"benign":[170,176],"while":[172],"avoiding":[173],"counteraction":[174],"perturbation":[179],"triggers":[180],"thereby":[181],"ensuring":[182],"persistence":[186,211],"backdoors.":[188],"FinBack":[189,194],"encompasses":[190],"two":[191],"attack":[192],"modes:":[193],"server":[197,203],"collusion":[198],"FinBackR":[200],"collusion.":[204],"Extensive":[205],"experiments":[206],"demonstrate":[207],"proposed":[214],"which":[216],"increases":[217],"Attack":[219],"Success":[220],"Rate":[221],"(ASR)":[222],"from":[223],"10%":[224],"over":[226],"90%":[227],"SignSGD,":[229],"even":[230],"1%":[232],"clients.":[235]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-11-14T00:00:00"}