{"id":"https://openalex.org/W4414359223","doi":"https://doi.org/10.24963/ijcai.2025/646","title":"Generic Adversarial Attack Framework Against Vertical Federated Learning","display_name":"Generic Adversarial Attack Framework Against Vertical Federated Learning","publication_year":2025,"publication_date":"2025-09-01","ids":{"openalex":"https://openalex.org/W4414359223","doi":"https://doi.org/10.24963/ijcai.2025/646"},"language":"en","primary_location":{"id":"doi:10.24963/ijcai.2025/646","is_oa":false,"landing_page_url":"https://doi.org/10.24963/ijcai.2025/646","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirty-Fourth International Joint Conference on Artificial Intelligence","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103089519","display_name":"Yimin Liu","orcid":"https://orcid.org/0000-0002-1547-1177"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yimin Liu","raw_affiliation_strings":["Beijing Institute of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101563136","display_name":"Peng Jiang","orcid":"https://orcid.org/0000-0002-4382-5542"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Peng Jiang","raw_affiliation_strings":["Beijing Institute of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology","institution_ids":["https://openalex.org/I125839683"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.11838995,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"5806","last_page":"5814"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9933000206947327,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8695999979972839},{"id":"https://openalex.org/keywords/salient","display_name":"Salient","score":0.7060999870300293},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6858000159263611},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5442000031471252},{"id":"https://openalex.org/keywords/fidelity","display_name":"Fidelity","score":0.5195000171661377},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.5094000101089478},{"id":"https://openalex.org/keywords/proxy","display_name":"Proxy (statistics)","score":0.4896000027656555},{"id":"https://openalex.org/keywords/forcing","display_name":"Forcing (mathematics)","score":0.478300005197525}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8695999979972839},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7796000242233276},{"id":"https://openalex.org/C2780719617","wikidata":"https://www.wikidata.org/wiki/Q1030752","display_name":"Salient","level":2,"score":0.7060999870300293},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6858000159263611},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5442000031471252},{"id":"https://openalex.org/C2776459999","wikidata":"https://www.wikidata.org/wiki/Q2119376","display_name":"Fidelity","level":2,"score":0.5195000171661377},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.5094000101089478},{"id":"https://openalex.org/C2780148112","wikidata":"https://www.wikidata.org/wiki/Q1432581","display_name":"Proxy (statistics)","level":2,"score":0.4896000027656555},{"id":"https://openalex.org/C197115733","wikidata":"https://www.wikidata.org/wiki/Q1003136","display_name":"Forcing (mathematics)","level":2,"score":0.478300005197525},{"id":"https://openalex.org/C18555067","wikidata":"https://www.wikidata.org/wiki/Q8375051","display_name":"Joint (building)","level":2,"score":0.4431000053882599},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.44040000438690186},{"id":"https://openalex.org/C117797892","wikidata":"https://www.wikidata.org/wiki/Q286363","display_name":"Shadow (psychology)","level":2,"score":0.3684000074863434},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.3547999858856201},{"id":"https://openalex.org/C169903167","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Test set","level":2,"score":0.34769999980926514},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3452000021934509},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.33250001072883606},{"id":"https://openalex.org/C113364801","wikidata":"https://www.wikidata.org/wiki/Q26674","display_name":"High fidelity","level":2,"score":0.3319000005722046},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.3287000060081482},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30489999055862427},{"id":"https://openalex.org/C2777267654","wikidata":"https://www.wikidata.org/wiki/Q3519023","display_name":"Test (biology)","level":2,"score":0.2838999927043915},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.2678999900817871}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.24963/ijcai.2025/646","is_oa":false,"landing_page_url":"https://doi.org/10.24963/ijcai.2025/646","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirty-Fourth International Joint Conference on Artificial Intelligence","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Vertical":[0],"federated":[1],"learning":[2],"(VFL)":[3],"enables":[4],"feature-level":[5],"collaboration":[6],"by":[7,121,157],"incorporating":[8],"scattered":[9],"attributes":[10],"from":[11,75,128],"aligned":[12],"samples,":[13,70],"and":[14,26,50,97,136,179],"allows":[15],"each":[16],"party":[17],"to":[18,23,46,105,125,142],"contribute":[19],"its":[20],"personalized":[21],"input":[22,169,180],"joint":[24,36,107],"training":[25,77],"inference.":[27],"The":[28],"injection":[29],"of":[30,56,67,195],"adversarial":[31,103,185],"inputs":[32,104],"can":[33],"mislead":[34],"the":[35,39,54,76,114,150,193],"inference":[37],"towards":[38],"attacker\u2019s":[40],"will,":[41],"forcing":[42],"other":[43],"benign":[44],"parties":[45],"make":[47],"negligible":[48],"contributions":[49],"losing":[51],"rewards":[52],"regarding":[53],"importance":[55],"their":[57],"contributions.":[58],"However,":[59],"most":[60],"attacks":[61,120],"require":[62],"server":[63,151],"model":[64,146,190],"queries,":[65],"subsets":[66],"complete":[68],"test":[69,174],"or":[71],"labeled":[72],"auxiliary":[73,126],"images":[74,127,156],"domain.":[78],"These":[79],"extra":[80],"requirements":[81],"are":[82],"not":[83,111],"practical":[84,98],"for":[85,101],"real-world":[86],"VFL":[87],"applications.":[88],"In":[89],"this":[90],"paper,":[91],"we":[92],"propose":[93],"PGAC,":[94],"a":[95,144,166],"novel":[96],"attack":[99],"framework":[100],"crafting":[102],"dominate":[106],"inference,":[108],"which":[109],"does":[110],"rely":[112],"on":[113,188],"above":[115],"requirements.":[116],"PGAC":[117,131,153,182],"advances":[118],"prior":[119],"requiring":[122],"only":[123],"access":[124],"non-training":[129],"domains.":[130],"learns":[132],"generalized":[133],"label-indicative":[134],"embeddings":[135],"estimates":[137],"class-transferable":[138],"probabilities":[139],"across":[140],"domains":[141],"generate":[143],"proxy":[145,177],"that":[147,171],"closely":[148],"approximates":[149],"model.":[152],"then":[154],"augments":[155],"emphasizing":[158],"salient":[159],"regions":[160],"with":[161],"class":[162],"activation":[163],"maps,":[164],"creating":[165],"diverse":[167,189],"shadow":[168],"set":[170],"resembles":[172],"influential":[173],"inputs.":[175,186],"With":[176],"fidelity":[178],"diversity,":[181],"crafts":[183],"transferable":[184],"Evaluation":[187],"architectures":[191],"confirms":[192],"effectiveness":[194],"PGAC.":[196]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}