{"id":"https://openalex.org/W4306813589","doi":"https://doi.org/10.1145/3528535.3565255","title":"Shielding federated learning systems against inference attacks with ARM TrustZone","display_name":"Shielding federated learning systems against inference attacks with ARM TrustZone","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4306813589","doi":"https://doi.org/10.1145/3528535.3565255"},"language":"en","primary_location":{"id":"doi:10.1145/3528535.3565255","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3528535.3565255","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23rd ACM/IFIP International Middleware Conference","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://hal.science/hal-03815963","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084723501","display_name":"Aghiles Ait Messaoud","orcid":"https://orcid.org/0000-0003-4657-5179"},"institutions":[{"id":"https://openalex.org/I48430043","display_name":"Institut National des Sciences Appliqu\u00e9es de Lyon","ror":"https://ror.org/050jn9y42","country_code":"FR","type":"education","lineage":["https://openalex.org/I203339264","https://openalex.org/I48430043"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Aghiles Ait Messaoud","raw_affiliation_strings":["INSA Lyon, Lyon, France"],"affiliations":[{"raw_affiliation_string":"INSA Lyon, Lyon, France","institution_ids":["https://openalex.org/I48430043"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018656827","display_name":"Sonia Ben Mokhtar","orcid":"https://orcid.org/0000-0003-2821-7714"},"institutions":[{"id":"https://openalex.org/I48430043","display_name":"Institut National des Sciences Appliqu\u00e9es de Lyon","ror":"https://ror.org/050jn9y42","country_code":"FR","type":"education","lineage":["https://openalex.org/I203339264","https://openalex.org/I48430043"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Sonia Ben Mokhtar","raw_affiliation_strings":["INSA Lyon, Lyon, France"],"affiliations":[{"raw_affiliation_string":"INSA Lyon, Lyon, France","institution_ids":["https://openalex.org/I48430043"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039079735","display_name":"Vlad Nitu","orcid":"https://orcid.org/0000-0002-7996-3963"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Vlad Nitu","raw_affiliation_strings":["Integrate.ai, Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"Integrate.ai, Toronto, Canada","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033418614","display_name":"Valerio Schiavoni","orcid":"https://orcid.org/0000-0003-1493-6603"},"institutions":[{"id":"https://openalex.org/I57825437","display_name":"University of Neuch\u00e2tel","ror":"https://ror.org/00vasag41","country_code":"CH","type":"education","lineage":["https://openalex.org/I57825437"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Valerio Schiavoni","raw_affiliation_strings":["University of Neuch\u00e2tel, Neuch\u00e2tel, Switzerland"],"affiliations":[{"raw_affiliation_string":"University of Neuch\u00e2tel, Neuch\u00e2tel, Switzerland","institution_ids":["https://openalex.org/I57825437"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5084723501"],"corresponding_institution_ids":["https://openalex.org/I48430043"],"apc_list":null,"apc_paid":null,"fwci":1.9278,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.88139879,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"335","last_page":"348"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8208491802215576},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.620844304561615},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6171826124191284},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5858551859855652},{"id":"https://openalex.org/keywords/competitor-analysis","display_name":"Competitor analysis","score":0.5161541700363159},{"id":"https://openalex.org/keywords/server-side","display_name":"Server-side","score":0.4386889338493347},{"id":"https://openalex.org/keywords/client-side","display_name":"Client-side","score":0.41736334562301636},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3477380573749542},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.331462025642395},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2324013113975525}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8208491802215576},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.620844304561615},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6171826124191284},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5858551859855652},{"id":"https://openalex.org/C127576917","wikidata":"https://www.wikidata.org/wiki/Q624630","display_name":"Competitor analysis","level":2,"score":0.5161541700363159},{"id":"https://openalex.org/C14414571","wikidata":"https://www.wikidata.org/wiki/Q519081","display_name":"Server-side","level":2,"score":0.4386889338493347},{"id":"https://openalex.org/C202477664","wikidata":"https://www.wikidata.org/wiki/Q1352449","display_name":"Client-side","level":2,"score":0.41736334562301636},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3477380573749542},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.331462025642395},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2324013113975525},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3528535.3565255","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3528535.3565255","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23rd ACM/IFIP International Middleware Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-03815963v1","is_oa":true,"landing_page_url":"https://hal.science/hal-03815963","pdf_url":null,"source":{"id":"https://openalex.org/S4406922461","display_name":"SPIRE - Sciences Po Institutional REpository","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Middleware '22: Proceedings of the 23rd ACM/IFIP International Middleware Conference, Nov 2022, Qu\u00e9bec City, Canada, Canada. pp.335-348, &#x27E8;10.1145/3528535.3565255&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-03815963v1","is_oa":true,"landing_page_url":"https://hal.science/hal-03815963","pdf_url":null,"source":{"id":"https://openalex.org/S4406922461","display_name":"SPIRE - Sciences Po Institutional REpository","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Middleware '22: Proceedings of the 23rd ACM/IFIP International Middleware Conference, Nov 2022, Qu\u00e9bec City, Canada, Canada. pp.335-348, &#x27E8;10.1145/3528535.3565255&#x27E9;","raw_type":"Conference papers"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5400000214576721,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G4317444912","display_name":null,"funder_award_id":"957197","funder_id":"https://openalex.org/F4320338335","funder_display_name":"H2020 European Research Council"}],"funders":[{"id":"https://openalex.org/F4320338335","display_name":"H2020 European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W123926129","https://openalex.org/W152692962","https://openalex.org/W2046036463","https://openalex.org/W2060992388","https://openalex.org/W2109426455","https://openalex.org/W2112796928","https://openalex.org/W2181368052","https://openalex.org/W2397242782","https://openalex.org/W2767079719","https://openalex.org/W2789876780","https://openalex.org/W2904190483","https://openalex.org/W2913096406","https://openalex.org/W2930926105","https://openalex.org/W2953304078","https://openalex.org/W2959279087","https://openalex.org/W2963456518","https://openalex.org/W3012501605","https://openalex.org/W3016075089","https://openalex.org/W3016632787","https://openalex.org/W3038028469","https://openalex.org/W3086590218","https://openalex.org/W3086809868","https://openalex.org/W3097981673","https://openalex.org/W3103245149","https://openalex.org/W3123735584","https://openalex.org/W3140753276","https://openalex.org/W3152441168","https://openalex.org/W3166576348","https://openalex.org/W3173677040","https://openalex.org/W3175192640","https://openalex.org/W3210684657","https://openalex.org/W4221006538","https://openalex.org/W4229044039","https://openalex.org/W4236786653","https://openalex.org/W4293363185","https://openalex.org/W4301002347","https://openalex.org/W4313129540","https://openalex.org/W6712237015"],"related_works":["https://openalex.org/W4302890120","https://openalex.org/W3005688497","https://openalex.org/W4322735059","https://openalex.org/W4301042531","https://openalex.org/W4403348793","https://openalex.org/W4319448716","https://openalex.org/W2993438822","https://openalex.org/W3003811204","https://openalex.org/W4387881033","https://openalex.org/W3014448854"],"abstract_inverted_index":{"Federated":[0],"Learning":[1],"(FL)":[2],"opens":[3],"new":[4],"perspectives":[5],"for":[6,41],"training":[7,190],"machine":[8,138,171],"learning":[9,139,172],"models":[10,22],"while":[11],"keeping":[12],"personal":[13],"data":[14,54],"on":[15,25,87,101,115],"the":[16,26,45,59,64,73,88,102,108,116,121,137,142,181,188],"users":[17,97],"premises.":[18],"Specifically,":[19],"in":[20,58,163],"FL,":[21],"are":[23,35,119],"trained":[24],"users'":[27],"devices":[28],"and":[29,187,196],"only":[30,166],"model":[31,140],"updates":[32],"(i.e.,":[33],"gradients)":[34],"sent":[36],"to":[37,71,83,95,144,194,200],"a":[38,133,151,158,164,170],"central":[39],"server":[40,89],"aggregation":[42],"purposes.":[43],"However,":[44,125],"long":[46],"list":[47],"of":[48,66,75,110,136,153,169],"inference":[49],"attacks":[50,86,99,149],"that":[51,160],"leak":[52],"private":[53],"from":[55,98],"gradients,":[56],"published":[57],"recent":[60],"years,":[61],"have":[62],"emphasized":[63],"need":[65],"devising":[67],"effective":[68],"protection":[69],"mechanisms":[70],"incentivize":[72],"adoption":[74],"FL":[76],"at":[77],"scale.":[78],"While":[79],"there":[80],"exist":[81],"solutions":[82],"mitigate":[84],"these":[85],"side,":[90],"little":[91],"has":[92],"been":[93],"done":[94],"protect":[96,146],"performed":[100],"client":[103,117],"side.":[104],"In":[105],"this":[106],"context,":[107],"use":[109],"Trusted":[111,182],"Execution":[112],"Environments":[113],"(TEEs)":[114],"side":[118],"among":[120],"most":[122],"proposing":[123],"solutions.":[124],"existing":[126],"frameworks":[127],"(e.g.,":[128],"DarkneTZ)":[129],"require":[130],"statically":[131,175],"putting":[132],"large":[134],"portion":[135],"into":[141],"TEE":[143,165],"effectively":[145],"against":[147],"complex":[148],"or":[150,176],"combination":[152],"attacks.":[154],"We":[155],"present":[156],"GradSec,":[157],"solution":[159],"allows":[161],"protecting":[162],"sensitive":[167],"layers":[168],"model,":[173],"either":[174],"dynamically,":[177],"hence":[178],"reducing":[179],"both":[180],"Computing":[183],"Base":[184],"(TCB)":[185],"size":[186],"overall":[189],"time":[191],"by":[192],"up":[193],"30%":[195],"56%,":[197],"respectively":[198],"compared":[199],"state-of-the-art":[201],"competitors.":[202]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":1}],"updated_date":"2026-03-09T08:58:05.943551","created_date":"2025-10-10T00:00:00"}