{"id":"https://openalex.org/W3158967187","doi":"https://doi.org/10.1109/wcnc49053.2021.9417334","title":"Shielding Federated Learning: A New Attack Approach and Its Defense","display_name":"Shielding Federated Learning: A New Attack Approach and Its Defense","publication_year":2021,"publication_date":"2021-03-29","ids":{"openalex":"https://openalex.org/W3158967187","doi":"https://doi.org/10.1109/wcnc49053.2021.9417334","mag":"3158967187"},"language":"en","primary_location":{"id":"doi:10.1109/wcnc49053.2021.9417334","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wcnc49053.2021.9417334","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Wireless Communications and Networking Conference (WCNC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://figshare.com/articles/conference_contribution/Shielding_Federated_Learning_A_New_Attack_Approach_and_Its_Defense/20665620","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100784790","display_name":"Wei Wan","orcid":"https://orcid.org/0000-0002-1247-5092"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Wei Wan","raw_affiliation_strings":["School of Software Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Software Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086983134","display_name":"Jianrong Lu","orcid":null},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianrong Lu","raw_affiliation_strings":["School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081287468","display_name":"Shengshan Hu","orcid":"https://orcid.org/0000-0003-0042-9045"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shengshan Hu","raw_affiliation_strings":["School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015011245","display_name":"Leo Yu Zhang","orcid":"https://orcid.org/0000-0001-9330-2662"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Leo Yu Zhang","raw_affiliation_strings":["School of Information Technology, Deakin University, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101800578","display_name":"Xiaobing Pei","orcid":"https://orcid.org/0000-0002-2978-0659"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaobing Pei","raw_affiliation_strings":["School of Software Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Software Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100784790"],"corresponding_institution_ids":["https://openalex.org/I47720641"],"apc_list":null,"apc_paid":null,"fwci":2.0987,"has_fulltext":false,"cited_by_count":24,"citation_normalized_percentile":{"value":0.89176923,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9836999773979187,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8061954975128174},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.6925034523010254},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.6823333501815796},{"id":"https://openalex.org/keywords/convergence","display_name":"Convergence (economics)","score":0.5218883156776428},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5010321140289307},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.500025749206543},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.49297308921813965},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.48191478848457336},{"id":"https://openalex.org/keywords/data-modeling","display_name":"Data modeling","score":0.45781320333480835},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4338582456111908},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.3133305311203003},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.31263595819473267},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.304628849029541},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.26424169540405273},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.17160943150520325}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8061954975128174},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.6925034523010254},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.6823333501815796},{"id":"https://openalex.org/C2777303404","wikidata":"https://www.wikidata.org/wiki/Q759757","display_name":"Convergence (economics)","level":2,"score":0.5218883156776428},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5010321140289307},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.500025749206543},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.49297308921813965},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.48191478848457336},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.45781320333480835},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4338582456111908},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.3133305311203003},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.31263595819473267},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.304628849029541},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.26424169540405273},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.17160943150520325},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/wcnc49053.2021.9417334","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wcnc49053.2021.9417334","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Wireless Communications and Networking Conference (WCNC)","raw_type":"proceedings-article"},{"id":"pmh:oai:dro.deakin.edu.au:DU:30151596","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306401102","display_name":"Own your potential (DEAKIN)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I149704539","host_organization_name":"Deakin University","host_organization_lineage":["https://openalex.org/I149704539"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Paper"},{"id":"pmh:oai:figshare.com:article/20665620","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/Shielding_Federated_Learning_A_New_Attack_Approach_and_Its_Defense/20665620","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/20665620","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/Shielding_Federated_Learning_A_New_Attack_Approach_and_Its_Defense/20665620","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5199999809265137}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W1798695550","https://openalex.org/W2144182447","https://openalex.org/W2541884796","https://openalex.org/W2613314732","https://openalex.org/W2752689052","https://openalex.org/W2788816110","https://openalex.org/W2789911054","https://openalex.org/W2810065831","https://openalex.org/W2886444620","https://openalex.org/W2946633206","https://openalex.org/W2950447132","https://openalex.org/W2963165390","https://openalex.org/W2965921687","https://openalex.org/W2970204870","https://openalex.org/W2972594657","https://openalex.org/W2973217491","https://openalex.org/W2981349114","https://openalex.org/W2989774918","https://openalex.org/W3004854320","https://openalex.org/W3030565336","https://openalex.org/W3037024761","https://openalex.org/W4254182148","https://openalex.org/W4288578176","https://openalex.org/W4292084264","https://openalex.org/W4318619660","https://openalex.org/W6728757088","https://openalex.org/W6743821447","https://openalex.org/W6748786018","https://openalex.org/W6748805329","https://openalex.org/W6752600739","https://openalex.org/W6754708698","https://openalex.org/W6758201434","https://openalex.org/W6762462524","https://openalex.org/W6763079992","https://openalex.org/W6768836789","https://openalex.org/W6773798084"],"related_works":["https://openalex.org/W3196405711","https://openalex.org/W3187232590","https://openalex.org/W2591273803","https://openalex.org/W3081645608","https://openalex.org/W4390187619","https://openalex.org/W4388282301","https://openalex.org/W4385625427","https://openalex.org/W4321488549","https://openalex.org/W4312119938","https://openalex.org/W2995862995"],"abstract_inverted_index":{"Federated":[0],"learning":[1,8,100],"(FL)":[2],"is":[3,11,39,72],"a":[4,23,65,81,122],"newly":[5,186],"emerging":[6],"distributed":[7],"framework":[9],"that":[10,37,71,154],"communication-efficient":[12],"with":[13],"user":[14],"privacy":[15],"guarantee.":[16],"Wireless":[17],"end-user":[18],"devices":[19],"can":[20,104,157,189],"collaboratively":[21],"train":[22],"global":[24,116,172],"model":[25,117,165],"while":[26,79,184],"keeping":[27],"their":[28],"local":[29,57],"training":[30,58],"data":[31],"private.":[32],"Nevertheless,":[33],"recent":[34],"studies":[35],"show":[36,153],"FL":[38],"highly":[40],"susceptible":[41],"to":[42,75,127,139],"attacks":[43],"from":[44],"malicious":[45],"users":[46],"since":[47],"the":[48,55,88,92,97,106,112,115,134,160,163,168,171,178],"server":[49],"cannot":[50],"directly":[51],"access":[52],"and":[53,110,151,166],"audit":[54],"user's":[56],"data.":[59],"In":[60],"this":[61],"work,":[62],"we":[63],"identify":[64],"new":[66,123],"kind":[67],"of":[68,91,114,162,170],"attack":[69,83,103,131,156],"surface":[70],"much":[73],"easier":[74],"be":[76],"carried":[77],"out":[78],"remaining":[80],"high":[82],"success":[84],"rate.":[85],"By":[86],"exploiting":[87],"inherent":[89],"flaw":[90],"weight":[93],"assignment":[94],"strategy":[95,126],"in":[96],"standard":[98],"federated":[99],"process,":[101],"our":[102,155,185],"bypass":[105],"existing":[107],"defense":[108,180,188],"methods":[109],"damage":[111],"performance":[113],"effectively.":[118],"We":[119],"then":[120],"propose":[121],"density-based":[124],"detection":[125,138],"defend":[128],"against":[129],"such":[130,192],"by":[132],"modeling":[133],"problem":[135],"as":[136],"anomaly":[137],"effectively":[140,190],"detect":[141],"anomalous":[142],"updates.":[143],"Experimental":[144],"results":[145],"on":[146],"two":[147],"typical":[148],"datasets,":[149],"MNIST":[150],"CIFAR-10,":[152],"significantly":[158],"affect":[159],"convergence":[161],"aggregated":[164],"reduce":[167],"accuracy":[169],"model.":[173],"This":[174],"holds":[175],"true":[176],"even":[177],"state-of-the-art":[179],"strategies":[181],"are":[182],"deployed,":[183],"proposed":[187],"mitigate":[191],"attack.":[193]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}