{"id":"https://openalex.org/W3136620885","doi":"https://doi.org/10.3390/fi13030073","title":"Deep Model Poisoning Attack on Federated Learning","display_name":"Deep Model Poisoning Attack on Federated Learning","publication_year":2021,"publication_date":"2021-03-14","ids":{"openalex":"https://openalex.org/W3136620885","doi":"https://doi.org/10.3390/fi13030073","mag":"3136620885"},"language":"en","primary_location":{"id":"doi:10.3390/fi13030073","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi13030073","pdf_url":"https://www.mdpi.com/1999-5903/13/3/73/pdf?version=1615975400","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1999-5903/13/3/73/pdf?version=1615975400","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101451332","display_name":"Xingchen Zhou","orcid":"https://orcid.org/0009-0001-9524-3130"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xingchen Zhou","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041210918","display_name":"Ming Xu","orcid":"https://orcid.org/0000-0001-9332-5258"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Ming Xu","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":"https://orcid.org/0000-0001-9332-5258","affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047431460","display_name":"Yiming Wu","orcid":"https://orcid.org/0000-0001-9766-2307"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yiming Wu","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047378832","display_name":"Ning Zheng","orcid":"https://orcid.org/0000-0003-3503-8167"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ning Zheng","raw_affiliation_strings":["School of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China","School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]},{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China","institution_ids":["https://openalex.org/I50760025"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5041210918"],"corresponding_institution_ids":["https://openalex.org/I50760025"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":16.5121,"has_fulltext":true,"cited_by_count":164,"citation_normalized_percentile":{"value":0.99309255,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"13","issue":"3","first_page":"73","last_page":"73"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.979200005531311,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.909039318561554},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.6612235903739929},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6222683787345886},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.6029815673828125},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.6012654900550842},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.5283651351928711},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5246855616569519},{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.49621468782424927},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.39057594537734985},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.33032476902008057},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.20796772837638855}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.909039318561554},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.6612235903739929},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6222683787345886},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.6029815673828125},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.6012654900550842},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.5283651351928711},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5246855616569519},{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.49621468782424927},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.39057594537734985},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.33032476902008057},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.20796772837638855},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/fi13030073","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi13030073","pdf_url":"https://www.mdpi.com/1999-5903/13/3/73/pdf?version=1615975400","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:gam:jftint:v:13:y:2021:i:3:p:73-:d:516861","is_oa":false,"landing_page_url":"https://www.mdpi.com/1999-5903/13/3/73/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:doaj.org/article:1993c60ff39f4a58890410c77aeb15ea","is_oa":true,"landing_page_url":"https://doaj.org/article/1993c60ff39f4a58890410c77aeb15ea","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 13, Iss 3, p 73 (2021)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1999-5903/13/3/73/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/fi13030073","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet; Volume 13; Issue 3; Pages: 73","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/fi13030073","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi13030073","pdf_url":"https://www.mdpi.com/1999-5903/13/3/73/pdf?version=1615975400","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5400000214576721,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4272018260","display_name":null,"funder_award_id":"61803135","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6896071558","display_name":null,"funder_award_id":"2017C01065","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7805760071","display_name":null,"funder_award_id":"61702150","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3136620885.pdf","grobid_xml":"https://content.openalex.org/works/W3136620885.grobid-xml"},"referenced_works_count":55,"referenced_works":["https://openalex.org/W1772650917","https://openalex.org/W2053637704","https://openalex.org/W2112507308","https://openalex.org/W2121009299","https://openalex.org/W2194775991","https://openalex.org/W2293844262","https://openalex.org/W2541884796","https://openalex.org/W2560647685","https://openalex.org/W2614254310","https://openalex.org/W2618494520","https://openalex.org/W2737492962","https://openalex.org/W2747206364","https://openalex.org/W2752689052","https://openalex.org/W2788816110","https://openalex.org/W2789911054","https://openalex.org/W2794878842","https://openalex.org/W2796004214","https://openalex.org/W2810065831","https://openalex.org/W2886444620","https://openalex.org/W2899551992","https://openalex.org/W2903356604","https://openalex.org/W2912213068","https://openalex.org/W2932484476","https://openalex.org/W2942091739","https://openalex.org/W2949506549","https://openalex.org/W2949995560","https://openalex.org/W2952087428","https://openalex.org/W2962688627","https://openalex.org/W2962763344","https://openalex.org/W2962966271","https://openalex.org/W2963165390","https://openalex.org/W2963334472","https://openalex.org/W2963422767","https://openalex.org/W2963502507","https://openalex.org/W2964043980","https://openalex.org/W2982701845","https://openalex.org/W2990614164","https://openalex.org/W2995164118","https://openalex.org/W2996769125","https://openalex.org/W3012794253","https://openalex.org/W3015609649","https://openalex.org/W3046449784","https://openalex.org/W3048715803","https://openalex.org/W3080261024","https://openalex.org/W3103802018","https://openalex.org/W3113458348","https://openalex.org/W3117599504","https://openalex.org/W3127520698","https://openalex.org/W3138597937","https://openalex.org/W4294106961","https://openalex.org/W6638039622","https://openalex.org/W6752600739","https://openalex.org/W6758757267","https://openalex.org/W6786061324","https://openalex.org/W6787633081"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2935909890","https://openalex.org/W2778153218","https://openalex.org/W2758277628","https://openalex.org/W1531601525","https://openalex.org/W3176279093"],"abstract_inverted_index":{"Federated":[0],"learning":[1,6,18,73],"is":[2,45,114],"a":[3,16,76],"novel":[4,77],"distributed":[5],"framework,":[7],"which":[8],"enables":[9],"thousands":[10],"of":[11,25,95],"participants":[12,35,53],"to":[13,22,39,47,56,118],"collaboratively":[14],"construct":[15],"deep":[17],"model.":[19],"In":[20,61],"order":[21],"protect":[23],"confidentiality":[24],"the":[26,29,52,58,90,101],"training":[27],"data,":[28],"shared":[30],"information":[31],"between":[32],"server":[33],"and":[34,74,93],"are":[36],"only":[37,106],"limited":[38],"model":[40,48,59,79],"parameters.":[41,60],"However,":[42],"this":[43,62],"setting":[44],"vulnerable":[46],"poisoning":[49,80],"attack,":[50],"since":[51],"have":[54],"permission":[55],"modify":[57],"paper,":[63],"we":[64,86],"perform":[65],"systematic":[66],"investigation":[67],"for":[68],"such":[69],"threats":[70],"in":[71],"federated":[72],"propose":[75],"optimization-based":[78],"attack.":[81],"Different":[82],"from":[83],"existing":[84,121],"methods,":[85],"primarily":[87],"focus":[88],"on":[89],"effectiveness,":[91],"persistence":[92],"stealth":[94],"attacks.":[96],"Numerical":[97],"experiments":[98],"demonstrate":[99],"that":[100],"proposed":[102],"method":[103],"can":[104],"not":[105],"achieve":[107],"high":[108],"attack":[109],"success":[110],"rate,":[111],"but":[112],"it":[113],"also":[115],"stealthy":[116],"enough":[117],"bypass":[119],"two":[120],"defense":[122],"methods.":[123]},"counts_by_year":[{"year":2026,"cited_by_count":8},{"year":2025,"cited_by_count":38},{"year":2024,"cited_by_count":53},{"year":2023,"cited_by_count":42},{"year":2022,"cited_by_count":15},{"year":2021,"cited_by_count":8}],"updated_date":"2026-05-13T08:25:38.343686","created_date":"2021-03-29T00:00:00"}