{"id":"https://openalex.org/W7133362475","doi":"https://doi.org/10.1109/tps-isa67132.2025.00015","title":"RBBD: A Representation-Based Framework for Edge-Case Backdoor Defense in Federated Learning","display_name":"RBBD: A Representation-Based Framework for Edge-Case Backdoor Defense in Federated Learning","publication_year":2025,"publication_date":"2025-11-12","ids":{"openalex":"https://openalex.org/W7133362475","doi":"https://doi.org/10.1109/tps-isa67132.2025.00015"},"language":null,"primary_location":{"id":"doi:10.1109/tps-isa67132.2025.00015","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tps-isa67132.2025.00015","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 7th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5127917745","display_name":"Samir Poudel","orcid":null},"institutions":[{"id":"https://openalex.org/I169615421","display_name":"Middle Tennessee State University","ror":"https://ror.org/02n1hzn07","country_code":"US","type":"education","lineage":["https://openalex.org/I169615421"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Samir Poudel","raw_affiliation_strings":["Middle Tennessee State University,Computational and Data Science,Murfreesboro,TN,37132"],"affiliations":[{"raw_affiliation_string":"Middle Tennessee State University,Computational and Data Science,Murfreesboro,TN,37132","institution_ids":["https://openalex.org/I169615421"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077813275","display_name":"Kritagya Upadhyay","orcid":"https://orcid.org/0000-0002-3969-4201"},"institutions":[{"id":"https://openalex.org/I169615421","display_name":"Middle Tennessee State University","ror":"https://ror.org/02n1hzn07","country_code":"US","type":"education","lineage":["https://openalex.org/I169615421"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kritagya Upadhyay","raw_affiliation_strings":["Middle Tennessee State University,Department of Computer Science,Murfreesboro,TN,37132"],"affiliations":[{"raw_affiliation_string":"Middle Tennessee State University,Department of Computer Science,Murfreesboro,TN,37132","institution_ids":["https://openalex.org/I169615421"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087578063","display_name":"Jiblal Upadhya","orcid":"https://orcid.org/0000-0002-5470-1561"},"institutions":[{"id":"https://openalex.org/I196679149","display_name":"Lander University","ror":"https://ror.org/05eq86m59","country_code":"US","type":"education","lineage":["https://openalex.org/I196679149"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiblal Upadhya","raw_affiliation_strings":["Lander University,Department of Applied Computing,Greenwood,S.C.,29649"],"affiliations":[{"raw_affiliation_string":"Lander University,Department of Applied Computing,Greenwood,S.C.,29649","institution_ids":["https://openalex.org/I196679149"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5127917745"],"corresponding_institution_ids":["https://openalex.org/I169615421"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.88703536,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"43","last_page":"53"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.5174999833106995,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.5174999833106995,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.14059999585151672,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.03099999949336052,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.986299991607666},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5928999781608582},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4417000114917755},{"id":"https://openalex.org/keywords/thresholding","display_name":"Thresholding","score":0.37599998712539673},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.36309999227523804},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.33959999680519104},{"id":"https://openalex.org/keywords/feature-vector","display_name":"Feature vector","score":0.3303999900817871},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.32249999046325684},{"id":"https://openalex.org/keywords/bijection-injection-and-surjection","display_name":"Bijection, injection and surjection","score":0.3124000132083893}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.986299991607666},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7623000144958496},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5928999781608582},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4535999894142151},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4417000114917755},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3765999972820282},{"id":"https://openalex.org/C191178318","wikidata":"https://www.wikidata.org/wiki/Q2256906","display_name":"Thresholding","level":3,"score":0.37599998712539673},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36899998784065247},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.366100013256073},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.36309999227523804},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.33959999680519104},{"id":"https://openalex.org/C83665646","wikidata":"https://www.wikidata.org/wiki/Q42139305","display_name":"Feature vector","level":2,"score":0.3303999900817871},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.32249999046325684},{"id":"https://openalex.org/C48659774","wikidata":"https://www.wikidata.org/wiki/Q4907197","display_name":"Bijection, injection and surjection","level":3,"score":0.3124000132083893},{"id":"https://openalex.org/C59404180","wikidata":"https://www.wikidata.org/wiki/Q17013334","display_name":"Feature learning","level":2,"score":0.30309998989105225},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.3021000027656555},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.29840001463890076},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.2973000109195709},{"id":"https://openalex.org/C204806902","wikidata":"https://www.wikidata.org/wiki/Q2333581","display_name":"Semantic security","level":5,"score":0.2948000133037567},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.2906000018119812},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.2822999954223633},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.2793000042438507},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.2775999903678894},{"id":"https://openalex.org/C56288433","wikidata":"https://www.wikidata.org/wiki/Q58673","display_name":"Data manipulation language","level":2,"score":0.26980000734329224},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.2696000039577484},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.2581999897956848},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.25600001215934753},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.25040000677108765},{"id":"https://openalex.org/C2781122975","wikidata":"https://www.wikidata.org/wiki/Q16928266","display_name":"Semantic feature","level":2,"score":0.2500999867916107}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tps-isa67132.2025.00015","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tps-isa67132.2025.00015","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 7th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1602011302","https://openalex.org/W1965555277","https://openalex.org/W1995875735","https://openalex.org/W2067064328","https://openalex.org/W2088402748","https://openalex.org/W2099111195","https://openalex.org/W2103496339","https://openalex.org/W2112796928","https://openalex.org/W2122646361","https://openalex.org/W2125908420","https://openalex.org/W2163922914","https://openalex.org/W2194775991","https://openalex.org/W2592929672","https://openalex.org/W2912213068","https://openalex.org/W2950627632","https://openalex.org/W2964082701","https://openalex.org/W3012501605","https://openalex.org/W3137092842","https://openalex.org/W4213446860","https://openalex.org/W4221129260","https://openalex.org/W4245577611"],"related_works":[],"abstract_inverted_index":{"Federated":[0],"learning":[1],"systems":[2],"face":[3],"a":[4,80,151],"critical":[5],"vulnerability":[6],"from":[7],"edge-case":[8,167],"backdoor":[9,140],"attacks":[10,31],"that":[11,58,69,83,106,117,131],"target":[12],"uncommon":[13],"but":[14],"legitimate":[15],"inputs":[16],"occurring":[17],"in":[18,27,90],"the":[19],"tail":[20],"of":[21],"data":[22,42,112],"distributions,":[23],"yet":[24],"appearing":[25],"regularly":[26],"real":[28],"deployments.":[29],"These":[30],"are":[32],"particularly":[33],"insidious":[34],"because":[35,63],"they":[36],"maintain":[37],"normal":[38,72],"performance":[39,160],"on":[40,47],"common":[41],"while":[43,73,138,164],"introducing":[44],"malicious":[45],"behaviors":[46],"infrequent":[48],"patterns,":[49],"making":[50],"them":[51],"undetectable":[52],"through":[53,161],"standard":[54],"validation.":[55],"Existing":[56],"defenses":[57,156],"analyze":[59],"parameter":[60],"statistics":[61],"fail":[62],"sophisticated":[64],"attackers":[65],"can":[66],"craft":[67],"updates":[68],"appear":[70],"statistically":[71],"embedding":[74],"semantic":[75,88,162],"backdoors.":[76],"We":[77],"propose":[78],"RBBD,":[79],"representation-based":[81],"framework":[82],"detects":[84],"backdoors":[85],"by":[86,157],"analyzing":[87],"anomalies":[89],"learned":[91],"feature":[92,101],"representations.":[93],"Our":[94],"approach":[95],"combines":[96],"three":[97],"novel":[98],"components:":[99],"multi-layer":[100],"space":[102],"analysis,":[103],"distribution-aware":[104],"filtering":[105],"applies":[107],"heightened":[108],"scrutiny":[109],"to":[110,143],"low-density":[111],"regions,":[113],"and":[114,127],"adaptive":[115],"thresholding":[116],"evolves":[118],"with":[119],"threat":[120],"patterns.":[121],"Extensive":[122],"evaluation":[123],"across":[124],"multiple":[125],"datasets":[126],"attack":[128],"scenarios":[129],"demonstrates":[130],"RBBD":[132],"achieves":[133],"78.9":[134],"%":[135],"clean":[136,166],"accuracy":[137],"reducing":[139],"success":[141],"rates":[142],"<tex":[144],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[145],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">$\\mathbf{3.":[146],"1":[147],"\\%}$</tex>.":[148],"This":[149],"represents":[150],"significant":[152],"improvement":[153],"over":[154],"state-of-the-art":[155],"achieving":[158],"superior":[159],"understanding":[163],"preserving":[165],"accuracy.":[168]},"counts_by_year":[],"updated_date":"2026-03-05T07:30:30.508283","created_date":"2026-03-04T00:00:00"}