{"id":"https://openalex.org/W7106492836","doi":"https://doi.org/10.1587/transfun.2025cip0018","title":"Adversarial Examples on Vertical Federated Split Learning by Using Gradient Sign Prediction","display_name":"Adversarial Examples on Vertical Federated Split Learning by Using Gradient Sign Prediction","publication_year":2025,"publication_date":"2025-11-24","ids":{"openalex":"https://openalex.org/W7106492836","doi":"https://doi.org/10.1587/transfun.2025cip0018"},"language":"en","primary_location":{"id":"doi:10.1587/transfun.2025cip0018","is_oa":true,"landing_page_url":"https://doi.org/10.1587/transfun.2025cip0018","pdf_url":"https://www.jstage.jst.go.jp/article/transfun/advpub/0/advpub_2025CIP0018/_pdf","source":{"id":"https://openalex.org/S166990724","display_name":"IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences","issn_l":"0916-8508","issn":["0916-8508","1745-1337"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4320800604","host_organization_name":"Institute of Electronics, Information and Communication Engineers","host_organization_lineage":["https://openalex.org/P4320800604"],"host_organization_lineage_names":["Institute of Electronics, Information and Communication Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://www.jstage.jst.go.jp/article/transfun/advpub/0/advpub_2025CIP0018/_pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Kota YOSHIDA","orcid":null},"institutions":[{"id":"https://openalex.org/I135768898","display_name":"Ritsumeikan University","ror":"https://ror.org/0197nmd03","country_code":"JP","type":"education","lineage":["https://openalex.org/I135768898","https://openalex.org/I4390039241"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Kota YOSHIDA","raw_affiliation_strings":["Ritsumeikan University"],"affiliations":[{"raw_affiliation_string":"Ritsumeikan University","institution_ids":["https://openalex.org/I135768898"]}]},{"author_position":"last","author":{"id":null,"display_name":"Takeshi FUJINO","orcid":null},"institutions":[{"id":"https://openalex.org/I135768898","display_name":"Ritsumeikan University","ror":"https://ror.org/0197nmd03","country_code":"JP","type":"education","lineage":["https://openalex.org/I135768898","https://openalex.org/I4390039241"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takeshi FUJINO","raw_affiliation_strings":["Ritsumeikan University"],"affiliations":[{"raw_affiliation_string":"Ritsumeikan University","institution_ids":["https://openalex.org/I135768898"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I135768898"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.79455201,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"E109.A","issue":"3","first_page":"339","last_page":"348"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.5616000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.5616000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.35740000009536743,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.01769999973475933,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6920999884605408},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5722000002861023},{"id":"https://openalex.org/keywords/sign","display_name":"Sign (mathematics)","score":0.4699999988079071},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4636000096797943},{"id":"https://openalex.org/keywords/training","display_name":"Training (meteorology)","score":0.4180000126361847},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.41029998660087585},{"id":"https://openalex.org/keywords/boundary","display_name":"Boundary (topology)","score":0.39500001072883606},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.3741999864578247}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8464999794960022},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6920999884605408},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5722000002861023},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4902999997138977},{"id":"https://openalex.org/C139676723","wikidata":"https://www.wikidata.org/wiki/Q1193832","display_name":"Sign (mathematics)","level":2,"score":0.4699999988079071},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4636000096797943},{"id":"https://openalex.org/C2777211547","wikidata":"https://www.wikidata.org/wiki/Q17141490","display_name":"Training (meteorology)","level":2,"score":0.4180000126361847},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.41029998660087585},{"id":"https://openalex.org/C62354387","wikidata":"https://www.wikidata.org/wiki/Q875399","display_name":"Boundary (topology)","level":2,"score":0.39500001072883606},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.3741999864578247},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.3734000027179718},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.37299999594688416},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36959999799728394},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.3513999879360199},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3472999930381775},{"id":"https://openalex.org/C83665646","wikidata":"https://www.wikidata.org/wiki/Q42139305","display_name":"Feature vector","level":2,"score":0.3425999879837036},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.2973000109195709},{"id":"https://openalex.org/C5465570","wikidata":"https://www.wikidata.org/wiki/Q5326898","display_name":"Early stopping","level":3,"score":0.296099990606308},{"id":"https://openalex.org/C155032097","wikidata":"https://www.wikidata.org/wiki/Q798503","display_name":"Backpropagation","level":3,"score":0.29589998722076416},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.2897999882698059},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.2897000014781952},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.2833000123500824},{"id":"https://openalex.org/C157764524","wikidata":"https://www.wikidata.org/wiki/Q1383412","display_name":"Throughput","level":3,"score":0.2703999876976013},{"id":"https://openalex.org/C196083921","wikidata":"https://www.wikidata.org/wiki/Q7915758","display_name":"Variance (accounting)","level":2,"score":0.26980000734329224},{"id":"https://openalex.org/C115680565","wikidata":"https://www.wikidata.org/wiki/Q5977448","display_name":"Gradient method","level":2,"score":0.2624000012874603}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1587/transfun.2025cip0018","is_oa":true,"landing_page_url":"https://doi.org/10.1587/transfun.2025cip0018","pdf_url":"https://www.jstage.jst.go.jp/article/transfun/advpub/0/advpub_2025CIP0018/_pdf","source":{"id":"https://openalex.org/S166990724","display_name":"IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences","issn_l":"0916-8508","issn":["0916-8508","1745-1337"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4320800604","host_organization_name":"Institute of Electronics, Information and Communication Engineers","host_organization_lineage":["https://openalex.org/P4320800604"],"host_organization_lineage_names":["Institute of Electronics, Information and Communication Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1587/transfun.2025cip0018","is_oa":true,"landing_page_url":"https://doi.org/10.1587/transfun.2025cip0018","pdf_url":"https://www.jstage.jst.go.jp/article/transfun/advpub/0/advpub_2025CIP0018/_pdf","source":{"id":"https://openalex.org/S166990724","display_name":"IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences","issn_l":"0916-8508","issn":["0916-8508","1745-1337"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4320800604","host_organization_name":"Institute of Electronics, Information and Communication Engineers","host_organization_lineage":["https://openalex.org/P4320800604"],"host_organization_lineage_names":["Institute of Electronics, Information and Communication Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5089702606201172,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7106492836.pdf"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W2194775991","https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2603766943","https://openalex.org/W3018102029","https://openalex.org/W3205860677","https://openalex.org/W3208549305","https://openalex.org/W4372266209","https://openalex.org/W4378710505","https://openalex.org/W4387185516","https://openalex.org/W4387857707"],"related_works":[],"abstract_inverted_index":{"Vertical":[0],"federated":[1],"split":[2,30,48],"learning":[3],"(VFSL)":[4],"is":[5,29,108,188,215],"a":[6,13,19,88,104],"technique":[7],"in":[8,87],"which":[9,187],"multiple":[10],"clients":[11,33,92],"and":[12,34,41,54,73,93,150,180],"single":[14],"server":[15,95,120,164],"cooperate":[16],"to":[17,50,97,118,127,138,156,191,217,233],"train":[18],"deep":[20],"neural":[21],"network":[22],"model.":[23],"In":[24,76],"VFSL,":[25],"the":[26,32,35,44,47,94,100,111,114,119,129,135,140,143,147,151,157,163,170,177,184,193,196,199,208,225],"DNN":[27],"model":[28,60,175],"between":[31],"server.":[36],"They":[37],"exchange":[38],"intermediate":[39,115,158,178,201],"features":[40,179],"gradients":[42,181],"of":[43,110,142,195,207],"loss":[45,144],"at":[46],"boundary":[49],"perform":[51],"both":[52],"training":[53,61,185],"inference.":[55,204],"This":[56],"approach":[57],"enables":[58],"effective":[59],"while":[62],"preserving":[63],"data":[64,72],"confidentiality,":[65],"as":[66,125],"it":[67,123],"avoids":[68],"directly":[69],"sharing":[70],"input":[71],"labels":[74],"directly.":[75],"this":[77],"paper,":[78],"we":[79],"investigate":[80],"an":[81,173],"adversarial":[82],"examples":[83],"(AEs)":[84],"generation":[85],"attack":[86,174],"VFSL":[89],"setting,":[90],"where":[91],"continue":[96],"collaborate":[98],"during":[99,161,183,203],"inference":[101,130,148,230],"phase.":[102],"Specifically,":[103],"malicious":[105],"attacker,":[106],"who":[107],"one":[109],"clients,":[112],"manipulates":[113],"feature":[116,202],"sent":[117],"so":[121],"that":[122,224],"behaves":[124],"AEs":[126,227],"mislead":[128],"results.":[131],"To":[132],"generate":[133,218],"AEs,":[134],"attacker":[136,171],"needs":[137],"obtain":[139],"gradient":[141,197,210],"(calculated":[145],"from":[146,198],"result":[149],"ground-truth":[152],"label)":[153],"with":[154],"respect":[155],"feature.":[159],"However,":[160],"inference,":[162],"does":[165],"not":[166],"transmit":[167],"gradients.":[168],"Accordingly,":[169],"trains":[172],"using":[176],"available":[182],"phase,":[186],"then":[189],"used":[190,216],"estimate":[192],"sign":[194,211],"target":[200],"A":[205],"variant":[206],"fast":[209],"method":[212],"(FGSM)":[213],"algorithm":[214],"AEs.":[219],"Our":[220],"experimental":[221],"results":[222],"demonstrate":[223],"generated":[226,235],"significantly":[228],"degrade":[229],"accuracy":[231],"compared":[232],"perturbations":[234],"by":[236],"random":[237],"noise.":[238]},"counts_by_year":[],"updated_date":"2026-03-11T06:11:40.159057","created_date":"2025-11-25T00:00:00"}