{"title":"Backdoor attack based on feature in federated learning","authors":"Laicheng Cao, F. Li","doi":"10.1117/12.2653697","DOIUrl":null,"url":null,"abstract":"Federated learning enables participants to construct a better model without sharing their private local data with each other. In the context of the continuous introduction of laws and regulations aimed at protecting data and privacy security, such as the \"Data Security Law\", federated learning has been more valued and more widely used. However, federated learning is vulnerable to attacks, one is backdoor attack. Here, we propose a backdoor attack method based on feature, used the CIFAR-10 data set and the ResNet18 model to research in the two different scenarios which one used the data that malicious participant participate in normal training as a backdoor and another used the data that implanting during the training as a backdoor. Especially, when we used the data that malicious participant participate in normal training as a backdoor, the attack success rate is about 50% while the attack does not affect the training process.","PeriodicalId":32903,"journal":{"name":"JITeCS Journal of Information Technology and Computer Science","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"JITeCS Journal of Information Technology and Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2653697","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Federated learning enables participants to construct a better model without sharing their private local data with each other. In the context of the continuous introduction of laws and regulations aimed at protecting data and privacy security, such as the "Data Security Law", federated learning has been more valued and more widely used. However, federated learning is vulnerable to attacks, one is backdoor attack. Here, we propose a backdoor attack method based on feature, used the CIFAR-10 data set and the ResNet18 model to research in the two different scenarios which one used the data that malicious participant participate in normal training as a backdoor and another used the data that implanting during the training as a backdoor. Especially, when we used the data that malicious participant participate in normal training as a backdoor, the attack success rate is about 50% while the attack does not affect the training process.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
