{"id":"https://openalex.org/W7140197044","doi":"https://doi.org/10.48550/arxiv.2603.20615","title":"Unveiling the Security Risks of Federated Learning in the Wild: From Research to Practice","display_name":"Unveiling the Security Risks of Federated Learning in the Wild: From Research to Practice","publication_year":2026,"publication_date":"2026-03-21","ids":{"openalex":"https://openalex.org/W7140197044","doi":"https://doi.org/10.48550/arxiv.2603.20615"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.20615","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20615","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.20615","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5130473421","display_name":"Jiahao Chen","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Chen, Jiahao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109515584","display_name":"Zhiming Zhao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhao, Zhiming","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130445533","display_name":"Yuwen Pu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Pu, Yuwen","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130531490","display_name":"Chunyi Zhou","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhou, Chunyi","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101949719","display_name":"Zhou Feng","orcid":"https://orcid.org/0000-0003-2181-8867"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Feng, Zhou","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5130411950","display_name":"Songze Li","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li, Songze","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5130525416","display_name":"Shouling Ji","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ji, Shouling","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5130473421"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.39010000228881836,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.39010000228881836,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.33980000019073486,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.05660000070929527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/collateral","display_name":"Collateral","score":0.5782999992370605},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.5600000023841858},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.3910999894142151},{"id":"https://openalex.org/keywords/stability","display_name":"Stability (learning theory)","score":0.3898000121116638},{"id":"https://openalex.org/keywords/empirical-research","display_name":"Empirical research","score":0.38839998841285706},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.3702000081539154},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.3682999908924103},{"id":"https://openalex.org/keywords/collateral-damage","display_name":"Collateral damage","score":0.3646000027656555}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7264000177383423},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.640500009059906},{"id":"https://openalex.org/C2777910564","wikidata":"https://www.wikidata.org/wiki/Q694563","display_name":"Collateral","level":2,"score":0.5782999992370605},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.5600000023841858},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.5099999904632568},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.3910999894142151},{"id":"https://openalex.org/C112972136","wikidata":"https://www.wikidata.org/wiki/Q7595718","display_name":"Stability (learning theory)","level":2,"score":0.3898000121116638},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.38839998841285706},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.3702000081539154},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.3682999908924103},{"id":"https://openalex.org/C2993632694","wikidata":"https://www.wikidata.org/wiki/Q45939","display_name":"Collateral damage","level":2,"score":0.3646000027656555},{"id":"https://openalex.org/C166052673","wikidata":"https://www.wikidata.org/wiki/Q83021","display_name":"Empirical evidence","level":2,"score":0.31839999556541443},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.313400000333786},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.29600000381469727},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.273499995470047},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.27160000801086426},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.2709999978542328},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.2687999904155731},{"id":"https://openalex.org/C2776157020","wikidata":"https://www.wikidata.org/wiki/Q851598","display_name":"Physical security","level":2,"score":0.2572999894618988},{"id":"https://openalex.org/C52420254","wikidata":"https://www.wikidata.org/wiki/Q7445028","display_name":"Security convergence","level":5,"score":0.25519999861717224},{"id":"https://openalex.org/C3017944768","wikidata":"https://www.wikidata.org/wiki/Q1450463","display_name":"Poison control","level":2,"score":0.25360000133514404}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.20615","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20615","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.20615","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.20615","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Federated":[0],"learning":[1],"(FL)":[2],"has":[3],"attracted":[4],"substantial":[5],"attention":[6],"in":[7,50,153,201],"both":[8],"academia":[9],"and":[10,38,72,83,94,112,116,144,146,190,218,240],"industry,":[11],"yet":[12],"its":[13],"practical":[14,122,136,164,182],"security":[15,46,58,133,180,233,247],"posture":[16],"remains":[17],"poorly":[18],"understood.":[19],"In":[20],"particular,":[21],"a":[22,60,104,227],"large":[23],"body":[24],"of":[25,68,80,231],"poisoning":[26,75,119,204],"research":[27,71],"is":[28,177,251],"evaluated":[29],"under":[30,121],"idealized":[31,129,154],"assumptions":[32],"about":[33],"attacker":[34],"participation,":[35],"client":[36],"homogeneity,":[37],"success":[39,90,175],"metrics,":[40],"which":[41],"can":[42],"substantially":[43],"distort":[44],"how":[45],"risks":[47,234],"are":[48,166,206],"perceived":[49],"deployed":[51],"FL":[52,57,114,155,203,238,246],"systems.":[53],"This":[54],"paper":[55],"revisits":[56],"from":[59],"measurement":[61,183,220],"perspective.":[62],"We":[63],"systematize":[64],"three":[65],"major":[66],"sources":[67],"mismatch":[69],"between":[70],"practice:":[73],"unrealistic":[74],"threat":[76,216],"models,":[77],"the":[78,202,215,232],"omission":[79],"hybrid":[81],"heterogeneity,":[82],"incomplete":[84],"metrics":[85],"that":[86,108,128,149,172,198],"overemphasize":[87],"peak":[88],"attack":[89,138,174],"while":[91],"ignoring":[92],"stability":[93],"utility":[95,192],"cost.":[96],"To":[97],"study":[98,126],"these":[99],"gaps,":[100],"we":[101,225],"build":[102],"TFLlib,":[103],"uniform":[105],"evaluation":[106,130],"framework":[107],"supports":[109],"image,":[110],"text,":[111],"tabular":[113],"tasks":[115],"re-implements":[117],"representative":[118],"attacks":[120,148],"settings.":[123],"Our":[124,249],"empirical":[125],"shows":[127],"often":[131],"overstates":[132],"risk.":[134],"Under":[135],"settings,":[137],"performance":[139],"becomes":[140],"markedly":[141],"more":[142,228],"dataset-dependent":[143],"unstable,":[145],"several":[147],"appear":[150],"consistently":[151],"strong":[152],"lose":[156],"effectiveness":[157],"or":[158],"incur":[159],"clear":[160],"benign-task":[161],"degradation":[162],"once":[163],"constraints":[165],"enforced.":[167],"These":[168],"findings":[169],"further":[170],"show":[171],"final-round":[173],"alone":[176],"insufficient":[178],"for":[179,244],"assessment;":[181],"must":[184],"jointly":[185],"consider":[186],"effectiveness,":[187],"temporal":[188],"stability,":[189],"collateral":[191],"loss.":[193],"Overall,":[194],"this":[195],"work":[196],"argues":[197],"many":[199],"conclusions":[200],"literature":[205],"not":[207],"directly":[208],"transferable":[209],"to":[210],"real":[211],"deployments.":[212],"By":[213],"tightening":[214],"model":[217],"using":[219],"protocols":[221],"aligned":[222],"with":[223],"practice,":[224],"provide":[226],"realistic":[229],"view":[230],"faced":[235],"by":[236],"contemporary":[237],"systems":[239],"distill":[241],"concrete":[242],"guidance":[243],"future":[245],"evaluation.":[248],"code":[250],"available":[252],"at":[253],"https://github.com/xaddwell/TFLlib":[254]},"counts_by_year":[],"updated_date":"2026-03-25T13:09:30.665167","created_date":"2026-03-25T00:00:00"}