{"id":"https://openalex.org/W7138332281","doi":"https://doi.org/10.1609/aaai.v40i41.40787","title":"ShadeEdit: A Utility-Preserving and Defense-Evasive Knowledge Manipulation Attack in Federated LLMs","display_name":"ShadeEdit: A Utility-Preserving and Defense-Evasive Knowledge Manipulation Attack in Federated LLMs","publication_year":2026,"publication_date":"2026-03-14","ids":{"openalex":"https://openalex.org/W7138332281","doi":"https://doi.org/10.1609/aaai.v40i41.40787"},"language":null,"primary_location":{"id":"doi:10.1609/aaai.v40i41.40787","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i41.40787","pdf_url":"https://ojs.aaai.org/index.php/AAAI/article/download/40787/44748","source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://ojs.aaai.org/index.php/AAAI/article/download/40787/44748","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5129742590","display_name":"Xu Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I158842170","display_name":"Chongqing University","ror":"https://ror.org/023rhb549","country_code":"CN","type":"education","lineage":["https://openalex.org/I158842170"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xu Zhang","raw_affiliation_strings":["Chongqing University"],"affiliations":[{"raw_affiliation_string":"Chongqing University","institution_ids":["https://openalex.org/I158842170"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129739166","display_name":"Hangcheng Liu","orcid":null},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Hangcheng Liu","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129718222","display_name":"Shangwei Guo","orcid":null},"institutions":[{"id":"https://openalex.org/I158842170","display_name":"Chongqing University","ror":"https://ror.org/023rhb549","country_code":"CN","type":"education","lineage":["https://openalex.org/I158842170"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shangwei Guo","raw_affiliation_strings":["Chongqing University"],"affiliations":[{"raw_affiliation_string":"Chongqing University","institution_ids":["https://openalex.org/I158842170"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129645968","display_name":"Shudong Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shudong Zhang","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5129698063","display_name":"Tianwei Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Tianwei Zhang","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5129751500","display_name":"Tao Xiang","orcid":null},"institutions":[{"id":"https://openalex.org/I158842170","display_name":"Chongqing University","ror":"https://ror.org/023rhb549","country_code":"CN","type":"education","lineage":["https://openalex.org/I158842170"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Xiang","raw_affiliation_strings":["Chongqing University"],"affiliations":[{"raw_affiliation_string":"Chongqing University","institution_ids":["https://openalex.org/I158842170"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5129742590"],"corresponding_institution_ids":["https://openalex.org/I158842170"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.54182206,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"40","issue":"41","first_page":"34845","last_page":"34853"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.7835999727249146,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.7835999727249146,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.08129999786615372,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.02070000022649765,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6601999998092651},{"id":"https://openalex.org/keywords/misinformation","display_name":"Misinformation","score":0.6373000144958496},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5525000095367432},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.3921000063419342},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.3440000116825104},{"id":"https://openalex.org/keywords/clipping","display_name":"Clipping (morphology)","score":0.3425999879837036}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7605000138282776},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6601999998092651},{"id":"https://openalex.org/C2776990098","wikidata":"https://www.wikidata.org/wiki/Q13579947","display_name":"Misinformation","level":2,"score":0.6373000144958496},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6310999989509583},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5525000095367432},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3955000042915344},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.3921000063419342},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3612000048160553},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.3440000116825104},{"id":"https://openalex.org/C2776848632","wikidata":"https://www.wikidata.org/wiki/Q853463","display_name":"Clipping (morphology)","level":2,"score":0.3425999879837036},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.30550000071525574},{"id":"https://openalex.org/C161615301","wikidata":"https://www.wikidata.org/wiki/Q309396","display_name":"Keystroke logging","level":2,"score":0.2815999984741211},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.2766000032424927},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.27570000290870667},{"id":"https://openalex.org/C139807058","wikidata":"https://www.wikidata.org/wiki/Q352374","display_name":"Adaptation (eye)","level":2,"score":0.26190000772476196},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2549999952316284},{"id":"https://openalex.org/C89611455","wikidata":"https://www.wikidata.org/wiki/Q6804646","display_name":"Mechanism (biology)","level":2,"score":0.2506999969482422}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1609/aaai.v40i41.40787","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i41.40787","pdf_url":"https://ojs.aaai.org/index.php/AAAI/article/download/40787/44748","source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1609/aaai.v40i41.40787","is_oa":true,"landing_page_url":"https://doi.org/10.1609/aaai.v40i41.40787","pdf_url":"https://ojs.aaai.org/index.php/AAAI/article/download/40787/44748","source":{"id":"https://openalex.org/S4210191458","display_name":"Proceedings of the AAAI Conference on Artificial Intelligence","issn_l":"2159-5399","issn":["2159-5399","2374-3468"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320058","host_organization_name":"Association for the Advancement of Artificial Intelligence","host_organization_lineage":["https://openalex.org/P4310320058"],"host_organization_lineage_names":["Association for the Advancement of Artificial Intelligence"],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the AAAI Conference on Artificial Intelligence","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5186753273010254,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7726157001","display_name":null,"funder_award_id":"Grant No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8711352089","display_name":null,"funder_award_id":"62472057","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7138332281.pdf","grobid_xml":"https://content.openalex.org/works/W7138332281.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Recent":[0],"studies":[1],"reveal":[2],"that":[3,97],"adversaries":[4],"can":[5,40],"manipulate":[6],"the":[7,30,44,61,93,120,134],"internal":[8],"knowledge":[9,56,104],"of":[10,123],"large":[11],"language":[12],"models":[13],"(LLMs)":[14],"on":[15,43,60,139],"selected":[16],"topics":[17],"through":[18],"model":[19,100],"editing,":[20],"causing":[21],"attacker-specified":[22],"harmful":[23],"or":[24,51],"biased":[25],"outputs":[26],"when":[27],"queried":[28],"about":[29],"edited":[31],"content.":[32],"Once":[33],"such":[34],"tampered":[35],"LLMs":[36],"are":[37],"distributed,":[38],"they":[39],"mislead":[41],"users":[42],"targeted":[45],"topics,":[46],"thereby":[47],"potentially":[48],"propagating":[49],"misinformation":[50],"reinforcing":[52],"stereotypes.":[53],"However,":[54],"existing":[55],"manipulation":[57,105,152],"attacks":[58],"rely":[59],"ability":[62],"to":[63,102,114,132,154],"redistribute":[64],"compromised":[65],"models,":[66],"which":[67],"is":[68],"infeasible":[69],"in":[70,106],"constrained":[71],"settings":[72],"like":[73],"Federated":[74],"Instruction":[75],"Tuning":[76],"(FedIT),":[77],"where":[78],"a":[79,126,144],"central":[80],"server":[81],"controls":[82],"LLM's":[83],"training":[84,121],"and":[85,148,185],"distribution.":[86],"In":[87],"this":[88],"work,":[89],"we":[90],"introduce":[91],"ShadeEdit,":[92],"first":[94],"attack":[95,168,183],"framework":[96],"leverages":[98],"strengthened":[99],"editing":[101,128,146],"enable":[103],"FedIT":[107],"scenarios.":[108],"ShadeEdit":[109,163],"introduces":[110],"two":[111,116],"key":[112],"components":[113],"address":[115],"challenges":[117],"posed":[118],"by":[119,142],"process":[122],"FedIT:":[124],"(1)":[125],"paraphrase-based":[127],"dataset":[129],"selection":[130],"strategy":[131],"mitigate":[133],"dilution":[135],"from":[136],"benign":[137],"updates":[138],"malicious":[140],"ones":[141],"constructing":[143],"high-quality":[145],"dataset,":[147],"(2)":[149],"an":[150,159,165],"adaptive":[151,160],"mechanism":[153],"evade":[155],"aggregation-based":[156],"defenses":[157],"via":[158],"clipping":[161],"strategy.":[162],"achieves":[164],"average":[166],"99.5%":[167],"success":[169],"rate":[170],"over":[171],"eight":[172],"robust":[173],"aggregation":[174],"algorithms":[175],"while":[176],"preserving":[177],"instruction-following":[178],"accuracy,":[179],"demonstrating":[180],"its":[181],"strong":[182],"effectiveness":[184],"model-utility":[186],"preservation.":[187]},"counts_by_year":[],"updated_date":"2026-04-03T22:45:19.894376","created_date":"2026-03-18T00:00:00"}