{"id":"https://openalex.org/W4402957850","doi":"https://doi.org/10.1145/3678890.3678915","title":"Enhancing Model Poisoning Attacks to Byzantine-Robust Federated Learning via Critical Learning Periods","display_name":"Enhancing Model Poisoning Attacks to Byzantine-Robust Federated Learning via Critical Learning Periods","publication_year":2024,"publication_date":"2024-09-29","ids":{"openalex":"https://openalex.org/W4402957850","doi":"https://doi.org/10.1145/3678890.3678915"},"language":"en","primary_location":{"id":"doi:10.1145/3678890.3678915","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678915","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3678890.3678915","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103189024","display_name":"Gang Yan","orcid":"https://orcid.org/0000-0002-7734-1589"},"institutions":[{"id":"https://openalex.org/I156087764","display_name":"University of California, Merced","ror":"https://ror.org/00d9ah105","country_code":"US","type":"education","lineage":["https://openalex.org/I156087764"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Gang Yan","raw_affiliation_strings":["UC Merced, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-7734-1589","affiliations":[{"raw_affiliation_string":"UC Merced, United States of America","institution_ids":["https://openalex.org/I156087764"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100769481","display_name":"Hao Wang","orcid":"https://orcid.org/0000-0002-1444-2657"},"institutions":[{"id":"https://openalex.org/I108468826","display_name":"Stevens Institute of Technology","ror":"https://ror.org/02z43xh36","country_code":"US","type":"education","lineage":["https://openalex.org/I108468826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hao Wang","raw_affiliation_strings":["Stevens Institute of Technology, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-1444-2657","affiliations":[{"raw_affiliation_string":"Stevens Institute of Technology, United States of America","institution_ids":["https://openalex.org/I108468826"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061718239","display_name":"Xu Yuan","orcid":"https://orcid.org/0000-0003-3775-3033"},"institutions":[{"id":"https://openalex.org/I86501945","display_name":"University of Delaware","ror":"https://ror.org/01sbq1a82","country_code":"US","type":"education","lineage":["https://openalex.org/I86501945"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xu Yuan","raw_affiliation_strings":["University of Delaware, United States of America"],"raw_orcid":"https://orcid.org/0000-0003-3775-3033","affiliations":[{"raw_affiliation_string":"University of Delaware, United States of America","institution_ids":["https://openalex.org/I86501945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100402612","display_name":"Jian Li","orcid":"https://orcid.org/0000-0003-3642-3569"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jian Li","raw_affiliation_strings":["Stony Brook University, USA"],"raw_orcid":"https://orcid.org/0000-0003-3642-3569","affiliations":[{"raw_affiliation_string":"Stony Brook University, USA","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5103189024"],"corresponding_institution_ids":["https://openalex.org/I156087764"],"apc_list":null,"apc_paid":null,"fwci":0.3311,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.66266148,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"496","last_page":"512"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9275000095367432,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.714361310005188},{"id":"https://openalex.org/keywords/byzantine-fault-tolerance","display_name":"Byzantine fault tolerance","score":0.5352559685707092},{"id":"https://openalex.org/keywords/byzantine-architecture","display_name":"Byzantine architecture","score":0.5299167633056641},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4450499415397644},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.37673890590667725},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.36195921897888184},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.17583706974983215}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.714361310005188},{"id":"https://openalex.org/C168021876","wikidata":"https://www.wikidata.org/wiki/Q1353446","display_name":"Byzantine fault tolerance","level":3,"score":0.5352559685707092},{"id":"https://openalex.org/C104562893","wikidata":"https://www.wikidata.org/wiki/Q47591","display_name":"Byzantine architecture","level":2,"score":0.5299167633056641},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4450499415397644},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.37673890590667725},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36195921897888184},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.17583706974983215},{"id":"https://openalex.org/C63540848","wikidata":"https://www.wikidata.org/wiki/Q3140932","display_name":"Fault tolerance","level":2,"score":0.0},{"id":"https://openalex.org/C195244886","wikidata":"https://www.wikidata.org/wiki/Q41493","display_name":"Ancient history","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3678890.3678915","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678915","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3678890.3678915","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678915","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3226884938","display_name":null,"funder_award_id":"2327480","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3301947670","display_name":null,"funder_award_id":"2315614","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4008369546","display_name":null,"funder_award_id":"2348452","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4316939315","display_name":null,"funder_award_id":"2315612","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8070265479","display_name":null,"funder_award_id":"2315613","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1987866119","https://openalex.org/W2007562169","https://openalex.org/W2064470060","https://openalex.org/W2088454850","https://openalex.org/W2112796928","https://openalex.org/W2169153112","https://openalex.org/W2194775991","https://openalex.org/W2613314732","https://openalex.org/W2913570153","https://openalex.org/W2951559648","https://openalex.org/W2962763344","https://openalex.org/W2964043980","https://openalex.org/W3138153888","https://openalex.org/W3138597937","https://openalex.org/W3182125009","https://openalex.org/W4283790910","https://openalex.org/W4288057793","https://openalex.org/W4382203046","https://openalex.org/W4384948739","https://openalex.org/W4385568263","https://openalex.org/W4388858471"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W3046775127","https://openalex.org/W3107602296","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"Most":[0],"existing":[1,116,198,396],"model":[2,117,169,175,199,397],"poisoning":[3,118,176,200,398],"attacks":[4,119,177],"in":[5,26,99,185,226,249,278,358],"federated":[6,227],"learning":[7,158],"(FL)":[8],"control":[9],"a":[10,17,33,51,273,323,369],"set":[11],"of":[12,20,66,88,139,238,283,336,395],"malicious":[13,21,89,93,239,244,319],"clients":[14,90,240],"and":[15,40,56,134,233,331,366],"share":[16,92,242],"fixed":[18],"number":[19,87,237],"gradients":[22,94,245,320],"with":[23,95,209,246,272],"the":[24,37,41,64,86,96,112,128,131,137,140,224,236,247,281,307,347,393],"server":[25,98,248],"each":[27,100,250],"FL":[28,101,123,150],"training":[29,102],"round,":[30,251],"to":[31,81,111,126,130,148,230,253,259,269,293,306,392],"achieve":[32],"desired":[34],"tradeoff":[35,52],"between":[36],"attack":[38,42,59,67,201,212,256,275,308,349,389],"impact":[39,65,138,167,257,390],"budget.":[43,276],"In":[44],"this":[45,186,329],"paper,":[46],"we":[47,171,344],"show":[48,376],"that":[49,91,114,145,241,377],"such":[50],"is":[53,109,304,381],"not":[54,61,379],"fundamental":[55],"an":[57,197,210,387],"adaptive":[58,211],"budget":[60,213],"only":[62,380],"improves":[63,280],"<Formula":[68,178,188,202,216,260,284,297,309,337,351,359],"format=\"inline\"><TexMath><?TeX":[69,179,189,203,217,261,285,298,310,338,352,360],"$\\mathcal":[70,180,190,204,218,262,286,299,311,339,353,361],"{A}$?></TexMath><AltText>Math":[71,181,191,205,219,263,287,300,312,340,354,362],"1</AltText><File":[72],"name=\"raid2024-25-inline1\"":[73],"type=\"svg\"/></Formula>":[74,208,266,290,357],"but":[75,384],"also":[76,317,385],"makes":[77],"it":[78,316],"more":[79,382],"resilient":[80],"defenses.":[82],"However,":[83],"adaptively":[84,234],"determining":[85],"central":[97],"round":[103],"has":[104],"been":[105],"less":[106],"investigated.":[107],"This":[108,277],"due":[110],"fact":[113],"most":[115],"mainly":[120],"focus":[121],"on":[122,156,168,333],"optimization":[124,325],"itself":[125],"maximize":[127],"damage":[129],"global":[132],"model,":[133],"largely":[135],"ignore":[136],"underlying":[141],"deep":[142],"neural":[143],"networks":[144],"are":[146],"used":[147],"train":[149],"models.":[151],"Inspired":[152],"by":[153,267,291,321],"recent":[154],"findings":[155],"critical":[157],"periods":[159],"(CLP),":[160],"where":[161],"small":[162],"gradient":[163,228],"errors":[164],"have":[165],"irrecoverable":[166],"accuracy,":[170],"advocate":[172],"CLP":[173,232,371],"augmented":[174,372],"2</AltText><File":[182],"name=\"raid2024-25-inline2\"":[183],"type=\"svg\"/></Formula>-CLP":[184,194,222,303,365],"paper.":[187],"3</AltText><File":[192],"name=\"raid2024-25-inline3\"":[193],"merely":[195],"augments":[196],"4</AltText><File":[206],"name=\"raid2024-25-inline4\"":[207],"scheme.":[214],"Specifically,":[215],"5</AltText><File":[220],"name=\"raid2024-25-inline5\"":[221],"inspects":[223],"changes":[225],"norms":[229],"identify":[231],"adjusts":[235],"their":[243],"leading":[252],"dramatically":[254],"improved":[255,388],"compared":[258,391],"6</AltText><File":[264],"name=\"raid2024-25-inline6\"":[265],"up":[268,292],"6.85":[270],"\u00d7,":[271],"smaller":[274],"turn":[279],"resilience":[282],"7</AltText><File":[288],"name=\"raid2024-25-inline7\"":[289],"2":[294],"\u00d7.":[295],"Since":[296],"8</AltText><File":[301],"name=\"raid2024-25-inline8\"":[302],"orthogonal":[305],"9</AltText><File":[313],"name=\"raid2024-25-inline9\"":[314],"type=\"svg\"/></Formula>,":[315],"crafts":[318],"solving":[322],"difficult":[324],"problem.":[326],"To":[327],"tackle":[328],"challenge":[330],"based":[332],"our":[334],"understandings":[335],"10</AltText><File":[341],"name=\"raid2024-25-inline10\"":[342],"type=\"svg\"/></Formula>-CLP,":[343],"further":[345],"relax":[346],"inner":[348],"subroutine":[350],"11</AltText><File":[355],"name=\"raid2024-25-inline11\"":[356],"12</AltText><File":[363],"name=\"raid2024-25-inline12\"":[364],"design":[367],"GraSP,":[368],"lightweight":[370],"similarity-based":[373],"attack.":[374],"We":[375],"GraSP":[378],"flexible":[383],"achieves":[386],"strongest":[394],"attacks.":[399]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}