Moyeen, M A 
ORCID: https://orcid.org/0009-0006-5429-7403
(2025)
Securing Federated Learning: A Comprehensive Defence Against Privacy Attacks.
PhD thesis, Concordia University.
![[thumbnail of MOYEEN_PhD_F2025.pdf]](https://spectrum.library.concordia.ca/style/images/fileicons/text.png) |
Text (application/pdf)
4MBMOYEEN_PhD_F2025.pdf - Accepted Version Available under License Spectrum Terms of Access. |
Abstract
In this information age, machine learning (ML) applications drive smart living through innovations such as personalized healthcare, intelligent transportation, and smart homes. However, despite these advancements, businesses and industries continue to face significant challenges in safeguarding data privacy, as ML systems increasingly rely on vast amounts of user data. In this direction, Federated Learning (FL) has emerged as a promising solution, enabling collaborative model training while keeping user data on local premises without the need to share raw data. However, FL faces significant challenges also, including expensive communication costs, system heterogeneity, and vulnerability to various attacks. In particular, it is susceptible to poisoning attacks, where malicious participants corrupt models and data as well as inference attacks that exploit gradients to reveal sensitive information through membership inference or model inversion techniques. These attacks can extract sensitive information from shared gradients, undermining the fundamental privacy guarantees of federated systems. Thus, effective defence mechanisms are fundamental for fully leveraging the advantages of FL. Numerous defences, such as FoolsGold, Flod, Flad, MADDPG, and others,
are in place to secure the FL systems.
However, the majority of the defence mechanisms suffer from accuracy degradation, computational overhead, and inadequate attack prevention. Most client selection methods cannot reliably separate malicious and straggler clients, with even cutting-edge approaches struggling with herding and cold-start issues. Furthermore, recent state-of-the-art techniques frequently fail to defend against inference attacks adequately. These methods typically employ Secure Multiparty Computation (SMPC), Homomorphic Encryption (HE), or Differential Privacy (DP) as defensive measures. However, SMPC and HE suffer from high computational complexity, while DP often leads to degraded model accuracy.
Thus, this research addresses these limitations by proposing five different defence mechanisms that ensure robust FL with protected gradients. The proposed mechanisms consist of FedChallenger, Fed-Reputed, SignDefence, Ada-Sign, and SignMPC. The proposed FedChallenger introduces a dual-layer defence mechanism that comprises the zero-trust challenge-response-based authentication at the first layer and a variant of Trimmed-Mean aggregation at the second layer that leverages pairwise cosine similarity and Median Absolute Deviation (MAD). Extensive evaluation on MNIST, FMNIST, EMNIST, and CIFAR-10 datasets demonstrates 3-10% accuracy improvement over state-of-the-art approaches with 1.1-2.2 times faster convergence and 2-3% higher F1-scores.
Subsequently, the reputation-based client selection approach, Fed-Reputed, leverages device capability information and a modified Bellman equation within a hierarchical framework, integrated into a Deep Q-Learning Network (DQN)-based Imbalanced Classification Markov Decision Process (ICMDP) classifier for enhanced client selection. Testing on MNIST and FMNIST datasets demonstrates 9-50% accuracy gains and 1.3-1.7 times faster convergence while effectively detecting both malicious and straggler clients.
Moreover, existing methods often suffer from the dying ReLU problem, where neurons permanently deactivate during training. To counter the dying ReLU problem, SignDefence implements a sophisticated aggregation scheme that utilizes sign direction and LeakyReLU-based aggregation, incorporating Jaccard similarity derived from binary-encoded model weights. This technique demonstrates consistent accuracy and F1-score improvements across different attack conditions.
Despite its benefits, SignDefence remains vulnerable to inference attacks and suffers from limited generalization due to its fixed threshold across diverse benchmark datasets. To address these limitations, a lightweight strategy, Ada-Sign, employs adaptive threshold computation and incorporates DP mechanisms. This approach maintains comparable accuracy to SignDefence while providing enhanced gradient protection through adaptive DP. Extensive evaluation on MNIST and HAR datasets reveals 3-20% accuracy improvement for Ada-Sign over the majority of state-of-the-art techniques.
Finally, to enhance the protection of both SignDefence and Ada-Sign against inference attacks, iv SignMPC integrates highly configurable SMPC, HE, and DP algorithms. This combined approach ensures comprehensive communication security and gradient privacy while avoiding significant performance bottlenecks. Comprehensive evaluation on MNIST and HAR datasets demonstrates 4-17% accuracy gains for SignMPC over established approaches while maintaining computational efficiency and robust privacy guarantees.
| Divisions: | Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering |
|---|---|
| Item Type: | Thesis (PhD) |
| Authors: | Moyeen, M A |
| Institution: | Concordia University |
| Degree Name: | Ph. D. |
| Program: | Electrical and Computer Engineering |
| Date: | July 2025 |
| Thesis Supervisor(s): | Agarwal, Dr. Anjali and Kaur, Dr. Kuljeet |
| Keywords: | Differential Privacy, Federated Learning, Homomorphic Encryption, Inference Attacks, Machine Learning, Poisoning Attacks, Robust Aggregation, Secure Multi-Party Computation. |
| ID Code: | 996153 |
| Deposited By: | M A Moyeen |
| Deposited On: | 04 Nov 2025 16:14 |
| Last Modified: | 04 Nov 2025 16:14 |
References:
[1] Gorka Abad, Stjepan Picek, and Aitor Urbieta. "SoK: On the security & privacy in federated learning". In: arXiv preprint arXiv:2112.05423 (2021).[2] Mehdi Salehi Heydar Abad et al. "Hierarchical federated learning across heterogeneous cellular networks". In: ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE. 2020, pp. 8866–8870.
[3] Martin Abadi et al. "Deep learning with differential privacy". In: CCS (2016).
[4] Sawsan AbdulRahman et al. "A survey on federated learning: The journey from centralized to distributed on-site learning and beyond". In: IEEE Internet of Things Journal 8.7 (2020), pp. 5476–5497.
[5] Sawsan AbdulRahman et al. "FedMCCS: Multicriteria client selection model for optimal IoT federated learning". In: IEEE Internet of Things Journal 8.6 (2020), pp. 4723–4735.
[6] Mahmoud A Albreem et al. "Green Internet of Things (GIoT): applications, practices, awareness, and challenges". In: IEEE Access 9 (2021), pp. 38833–38858.
[7] Yasir Ali et al. "An Optimal Two-Step Approach for Defense Against Poisoning Attacks in Federated Learning". In: IEEE Access (2025).
[8] Dan Ben Ami, Kobi Cohen, and Qing Zhao. "Client selection for generalization in accelerated federated learning: A multi-armed bandit approach". In: arXiv preprint arXiv:2303.10373 (2023).
[9] Sebastien Andreina et al. "Baffle: Backdoor detection via feedback-based federated learning". In: 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS). IEEE. 2021, pp. 852–863.
[10] Mohamad Arafeh et al. "Independent and identically distributed (iid) data assessment in federated learning". In: GLOBECOM 2022-2022 IEEE Global Communications Conference. IEEE. 2022, pp. 293–298.
[11] Borja Balle, Gilles Barthe, and Marco Gaboardi. "Privacy amplification by subsampling: Tight analyses via couplings and divergences". In: NeurIPS (2018).
[12] Wugedele Bao et al. "Edge computing-based joint client selection and networking scheme for federated learning in vehicular IoT". In: China Communications 18.6 (2021), pp. 39–52.
[13] Marco Barreno et al. "The security of machine learning". In: Machine Learning 81 (2010), pp. 121–148.
[14] Enrique Tomás Martínez Beltrán et al. "Decentralized federated learning: Fundamentals, state of the art, frameworks, trends, and challenges". In: IEEE Communications Surveys & Tutorials (2023).
[15] Peva Blanchard et al. "Machine learning with adversaries: Byzantine tolerant gradient descent". In: Advances in neural information processing systems 30 (2017).
[16] Keith Bonawitz et al. "Practical secure aggregation for federated learning on user-held data". In: arXiv preprint arXiv:1611.04482 (2016).
[17] Nader Bouacida and Prasant Mohapatra. "Vulnerabilities in federated learning". In: IEEE Access 9 (2021), pp. 63229–63249.
[18] Diego De Siqueira Braga et al. "Survey on computational trust and reputation models". In: ACM Computing Surveys (CSUR) 51.5 (2018), pp. 1–40.
[19] David Byrd and Antigoni Polychroniadou. "Differentially private secure multi-party computation for federated learning in financial applications". In: Proceedings of the First ACM International Conference on AI in Finance. 2020, pp. 1–9.
[20] Di Cao et al. "Understanding distributed poisoning attack in federated learning". In: 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS). IEEE. 2019, pp. 233–240.
[21] Xiaoyu Cao et al. "Fedrecover: Recovering from poisoning attacks in federated learning using historical information". In: 2023 IEEE Symposium on Security and Privacy (SP). IEEE. 2023, pp. 1366–1383.
[22] Xiaoyu Cao et al. "Fltrust: Byzantine-robust federated learning via trust bootstrapping". In: arXiv preprint arXiv:2012.13995 (2020).
[23] Wenlin Chen, Samuel Horvath, and Peter Richtarik. "Optimal client sampling for federated learning". In: arXiv preprint arXiv:2010.13723 (2020).
[24] Xiao Chen, Chao Feng, and Shaohua Wang. "AIDFL: An Information-Driven Anomaly Detector for Data Poisoning in Decentralized Federated Learning". In: IEEE Access (2025).
[25] Yu Chen et al. "A training-integrity privacy-preserving federated learning scheme with trusted execution environment". In: Information Sciences 522 (2020), pp. 69–85.
[26] Jung Hee Cheon et al. "Homomorphic encryption for arithmetic of approximate numbers". In: Advances in cryptology–ASIACRYPT 2017: 23rd international conference on the theory and applications of cryptology and information security, Hong kong, China, December 3-7, 2017, proceedings, part i 23. Springer. 2017, pp. 409–437.
[27] Yae Jee Cho, Jianyu Wang, and Gauri Joshi. "Client selection in federated learning: Convergence analysis and power-of-choice selection strategies". In: arXiv preprint arXiv:2010.01243 (2020).
[28] Antonia Creswell et al. "Generative adversarial networks: An overview". In: IEEE signal processing magazine 35.1 (2018), pp. 53–65.
[29] Ludwig Danwitz et al. "Parameter and model recovery of reinforcement learning models for restless bandit problems". In: Computational Brain & Behavior 5.4 (2022), pp. 547–563.
[30] Ronald Doku and Danda B Rawat. "Mitigating data poisoning attacks on a federated learning-edge computing network". In: 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC). IEEE. 2021, pp. 1–6.
[31] Nanqing Dong et al. "Defending against poisoning attacks in federated learning with blockchain". In: IEEE Transactions on Artificial Intelligence (2024).
[32] Ye Dong et al. "FLOD: Oblivious defender for private Byzantine-robust federated learning with dishonest-majority". In: European Symposium on Research in Computer Security. Springer. 2021, pp. 497–518.
[33] Yarkın Doröz, Yin Hu, and Berk Sunar. "Homomorphic AES evaluation using the modified LTV scheme". In: Designs, Codes and Cryptography 80 (2016), pp. 333–353.
[34] Minghong Fang et al. "Local model poisoning attacks to byzantine-robust federated learning". In: Proceedings of the 29th USENIX Conference on Security Symposium. 2020, pp. 1623–1640.
[35] Z. Feng et al. "Securegbm: secure multi-party gradient boosting". In: 2019 IEEE International Conference on Big Data (Big Data) (2019). DOI: 10.1109/bigdata47090.2019.9006000.
[36] Hossein Fereidooni et al. "SAFELearn: Secure aggregation for private federated learning". In: 2021 IEEE Security and Privacy Workshops (SPW). IEEE. 2021, pp. 56–62.
[37] Yann Fraboni et al. "Clustered sampling: Low-variance and improved representativity for clients selection in federated learning". In: International Conference on Machine Learning. PMLR. 2021, pp. 3407–3416.
[38] Yann Fraboni et al. "On the impact of client sampling on federated learning convergence". In: (2021).
[39] Lei Fu et al. "Client selection in federated learning: Principles, challenges, and opportunities". In: IEEE Internet of Things Journal (2023).
[40] Clement Fung, Chris JM Yoon, and Ivan Beschastnikh. "Mitigating sybils in federated learning poisoning". In: arXiv preprint arXiv:1808.04866 (2018).
[41] Till Gehlhar et al. "SafeFL: MPC-friendly framework for private and robust federated learning". In: 2023 IEEE Security and Privacy Workshops (SPW). IEEE. 2023, pp. 69–76.
[42] Zhipin Gu and Yuexiang Yang. "Detecting malicious model updates from federated learning on conditional variational autoencoder". In: 2021 IEEE international parallel and distributed processing symposium (IPDPS). IEEE. 2021, pp. 671–680.
[43] Prajjwal Gupta et al. "A Novel Data Poisoning Attack in Federated Learning based on Inverted Loss Function". In: Computers & Security 130 (2023), p. 103270.
[44] Jeffrey Hoffstein, Jill Pipher, and Joseph H Silverman. "NTRU: A ring-based public key cryptosystem". In: International algorithmic number theory symposium. Springer. 1998, pp. 267–288.
[45] Md Tamjid Hossain et al. "Desmp: Differential privacy-exploited stealthy model poisoning attacks in federated learning". In: 2021 17th International Conference on Mobility, Sensing and Networking (MSN). IEEE. 2021, pp. 167–174.
[46] David C Howell. "Median absolute deviation". In: Encyclopedia of statistics in behavioral science (2005).
[47] Tiansheng Huang et al. "Stochastic client selection for federated learning with volatile clients". In: IEEE Internet of Things Journal 9.20 (2022), pp. 20055–20070.
[48] Matthew Jagielski et al. "Manipulating machine learning: Poisoning attacks and countermeasures for regression learning". In: 2018 IEEE Symposium on Security and Privacy (SP). IEEE. 2018, pp. 19–35.
[49] Tayyebeh Jahani-Nezhad, Mohammad Ali Maddah-Ali, and Giuseppe Caire. "Byzantine-Resistant Secure Aggregation for Federated Learning Based on Coded Computing and Vector Commitment". In: arXiv preprint arXiv:2302.09913 (2023).
[50] Najeeb Moharram Jebreel et al. "Defending against the label-flipping attack in federated learning". In: arXiv preprint arXiv:2207.01982 (2022).
[51] J Jithish et al. "Distributed anomaly detection in smart grids: a federated learning-based approach". In: IEEE Access 11 (2023), pp. 7157–7179.
[52] Aditya Pribadi Kalapaaking, Ibrahim Khalil, and Xun Yi. "Blockchain-based federated learning with SMPC model verification against poisoning attack for healthcare systems". In: IEEE Transactions on Emerging Topics in Computing 12.1 (2023), pp. 269–280.
[53] Aditya Pribadi Kalapaaking et al. "Smpc-based federated learning for 6g-enabled internet of medical things". In: IEEE Network 36.4 (2022), pp. 182–189.
[54] Keyvan Kazemi, Mohammad Hossein Badiei, and Hamed Kebriaei. "Robust Peer-to-Peer Federated Learning with Deep Reinforcement Learning Based Client Selection Against Data Poisoning Attacks". In: IEEE Transactions on Artificial Intelligence (2025).
[55] Raouf Kerkouche, Gergely Ács, and Claude Castelluccia. "Federated learning in adversarial settings". In: arXiv preprint arXiv:2010.07808 (2020).
[56] Denise-Phi Khuu et al. "Data poisoning detection in federated learning". In: Proceedings of the 39th ACM/SIGAPP Symposium on Applied Computing. 2024, pp. 1549–1558.
[57] Anastasiia Koloskova, Sebastian U Stich, and Martin Jaggi. "Sharper convergence guarantees for asynchronous SGD for distributed and federated learning". In: Advances in Neural Information Processing Systems 35 (2022), pp. 17202–17215.
[58] Satpal Singh Kushwaha et al. "Ethereum smart contract analysis tools: A systematic review". In: Ieee Access 10 (2022), pp. 57037–57062.
[59] D. Li et al. "A nearest neighbor under-sampling strategy for vertical federated learning in financial domain". In: Proceedings of the 2022 ACM Workshop on Information Hiding and Multimedia Security (2022). DOI: 10.1145/3531536.3532960.
[60] Jingtao Li et al. "Ressfl: A resistance transfer framework for defending model inversion attack in split federated learning". In: Proceedings of the IEEE/CVF conference on computer vision and pattern recognition. 2022, pp. 10194–10202.
[61] Q. Li, Z. Wen, and B. He. "Practical federated gradient boosting decision trees". In: (2019). DOI: 10.48550/arxiv.1911.04206.
[62] Xiaoxiao Li, Zhao Song, and Jiaming Yang. "Federated adversarial learning: A framework with convergence analysis". In: International Conference on Machine Learning. PMLR. 2023, pp. 19932–19959.
[63] Zengpeng Li, Vishal Sharma, and Saraju P Mohanty. "Preserving data privacy via federated learning: Challenges and solutions". In: IEEE Consumer Electronics Magazine 9.3 (2020), pp. 8–16.
[64] Zonghang Li et al. "Byzantine resistant secure blockchained federated learning at the edge". In: Ieee Network 35.4 (2021), pp. 295–301.
[65] Enlu Lin, Qiong Chen, and Xiaoming Qi. "Deep reinforcement learning for imbalanced classification". In: Applied Intelligence 50.8 (2020), pp. 2488–2502.
[66] Bo Liu et al. "When machine learning meets privacy: A survey and outlook". In: ACM Computing Surveys (CSUR) 54.2 (2021), pp. 1–36.
[67] Xiaoyuan Liu et al. "Privacy-enhanced federated learning against poisoning adversaries". In: IEEE Transactions on Information Forensics and Security 16 (2021), pp. 4574–4588.
[68] Yang Liu et al. "A secure federated transfer learning framework". In: IEEE Intelligent Systems 35.4 (2020), pp. 70–82.
[69] Zizhen Liu et al. "DHSA: efficient doubly homomorphic secure aggregation for cross-silo federated learning". In: The Journal of Supercomputing 79.3 (2023), pp. 2819–2849.
[70] Yunfei Long et al. "Fedcd: A classifier debiased federated learning framework for non-iid data". In: Proceedings of the 31st ACM International Conference on Multimedia. 2023, pp. 8994–9002.
[71] Adriana López-Alt, Eran Tromer, and Vinod Vaikuntanathan. "On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption". In: Proceedings of the forty-fourth annual ACM symposium on Theory of computing. 2012, pp. 1219–1234.
[72] Bing Luo et al. "Tackling system and statistical heterogeneity for federated learning with adaptive client sampling". In: IEEE INFOCOM 2022-IEEE conference on computer communications. IEEE. 2022, pp. 1739–1748.
[73] Lingjuan Lyu et al. "Privacy and robustness in federated learning: Attacks and defenses". In: IEEE transactions on neural networks and learning systems (2022).
[74] Jing Ma et al. "Privacy-preserving federated learning based on multi-key homomorphic encryption". In: International Journal of Intelligent Systems 37.9 (2022), pp. 5880–5901.
[75] Abbass Madi et al. "A secure federated learning framework using homomorphic encryption and verifiable computing". In: 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge (RDAAPS). IEEE. 2021, pp. 1–8.
[76] Priyanka Mary Mammen. "Federated learning: Opportunities and challenges". In: arXiv preprint arXiv:2101.05428 (2021).
[77] Noora Al-Maslamani, Mohamed Abdallah, and Bekir Sait Ciftler. "Reputation-aware multi-agent DRL for secure hierarchical federated learning in IoT". In: IEEE Open Journal of the Communications Society (2023).
[78] Ankita Maurya et al. "Federated Learning for Privacy-Preserving Severity Classification in Healthcare: A Secure Edge-Aggregated Approach". In: IEEE Access (2025).
[79] Brendan McMahan et al. "Communication-efficient learning of deep networks from decentralized data". In: Artificial intelligence and statistics. PMLR. 2017, pp. 1273–1282.
[80] H Brendan McMahan et al. "Learning differentially private recurrent language models". In: arXiv preprint arXiv:1710.06963 (2017).
[81] El Mahdi El Mhamdi, Rachid Guerraoui, and Sébastien Rouault. "The hidden vulnerability of distributed learning in byzantium". In: arXiv preprint arXiv:1802.07927 (2018).
[82] MA Moyeen et al. "FedChallenger: Challenge-Response-Based Defence for Federated Learning Against Byzantine Attacks". In: GLOBECOM 2023-2023 IEEE Global Communications Conference. IEEE. 2023, pp. 3843–3848.
[83] MA Moyeen et al. "SignDefence: Byzantine-Robust Federated Learning with Sign Direction and Leaky ReLU". In: ICC 2025-2025 IEEE International Conference on Communications. IEEE. 2025.
[84] Shijie Na, Yuzhi Liang, and Siu-Ming Yiu. "GPFL: A Gradient Projection-Based Client Selection Framework for Efficient Federated Learning". In: arXiv preprint arXiv:2403.17833 (2024).
[85] Dinh C Nguyen et al. "Federated learning for internet of things: A comprehensive survey". In: IEEE communications surveys & tutorials 23.3 (2021), pp. 1622–1658.
[86] Thien Duc Nguyen et al. "{FLAME}: Taming backdoors in federated learning". In: 31st USENIX Security Symposium (USENIX Security 22). 2022, pp. 1415–1432.
[87] Rajiv Kumar Pathni. "Artificial Intelligence and the Myth of Objectivity: Need for Regulation of Artificial Intelligence in Healthcare". In: Journal of Healthcare Management Standards (JHMS) 3.1 (2023), pp. 1–14.
[88] Segun I Popoola et al. "Federated Deep Learning for Intrusion Detection in Consumer-Centric Internet of Things". In: IEEE Transactions on Consumer Electronics (2023).
[89] Attia Qammar, Jianguo Ding, and Huansheng Ning. "Federated learning attack surface: taxonomy, cyber defences, challenges, and future directions". In: Artificial Intelligence Review (2022), pp. 1–38.
[90] Attia Qammar et al. "Securing federated learning with blockchain: a systematic literature review". In: Artificial Intelligence Review 56.5 (2023), pp. 3951–3985.
[91] Sumit Rai, Arti Kumari, and Dilip K Prasad. "Client selection in federated learning under imperfections in environment". In: AI 3.1 (2022), pp. 124–145.
[92] Miguel A Ramirez et al. "New data poison attacks on machine learning classifiers for mobile exfiltration". In: arXiv preprint arXiv:2210.11592 (2022).
[93] Yanli Ren et al. "PurifyFL: Non-Interactive Privacy-Preserving Federated Learning Against Poisoning Attacks Based on Single Server". In: IEEE Transactions on Emerging Topics in Computational Intelligence (2025).
[94] Atif Rizwan et al. "Intelligent digital twin for federated learning in aiot networks". In: Internet of Things 22 (2023), p. 100698.
[95] Gaith Rjoub et al. "Trust-augmented deep reinforcement learning for federated learning client selection". In: Information Systems Frontiers (2022), pp. 1–18.
[96] W. Ruan et al. "Private, efficient, and accurate: protecting models trained by multi-party learning with differential privacy". In: (2022). DOI: 10.48550/arxiv.2208.08662.
[97] Sohag Sarkar. "Demystifying Decentralized Storage-A Critical Building Block of Future of Internet or Web 3.0". In: Telecom Business Review 17.1 (2024), p. 18.
[98] Reent Schlegel et al. "CodedPaddedFL and CodedSecAgg: Straggler mitigation and secure aggregation in federated learning". In: IEEE Transactions on Communications (2023).
[99] Devansh Shah et al. "Adversarial training in communication constrained federated learning". In: arXiv preprint arXiv:2103.01319 (2021).
[100] Virat Shejwalkar and Amir Houmansadr. "Manipulating the byzantine: Optimizing model poisoning attacks and defences for federated learning". In: NDSS. 2021.
[101] Haoran Shi et al. "MVFLS: multi-participant vertical federated learning based on secret sharing". In: The Federate Learning (2022), pp. 1–9.
[102] Junyu Shi et al. "Challenges and approaches for mitigating byzantine attacks in federated learning". In: 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE. 2022, pp. 139–146.
[103] Yuxin Shi, Han Yu, and Cyril Leung. "Towards fairness-aware federated learning". In: IEEE Transactions on Neural Networks and Learning Systems (2023).
[104] Kristina P Sinaga and Miin-Shen Yang. "Unsupervised K-means clustering algorithm". In: IEEE access 8 (2020), pp. 80716–80727.
[105] Artificial Intelligence Market Size. "Share & Trends Analysis Report by Solution, By Technology (Deep Learning, Machine Learning, Natural Language Processing, Machine Vision), By End Use, By Region, And Segment Forecasts, 2021-2028". In: San Francisco: Grand View Research (2021).
[106] Jinhyun So et al. "Securing secure aggregation: Mitigating multi-round privacy leakage in federated learning". In: Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 37. 8. 2023, pp. 9864–9873.
[107] Behnaz Soltani et al. "A survey on participant selection for federated learning in mobile networks". In: Proceedings of the 17th ACM Workshop on Mobility in the Evolving Internet Architecture. 2022, pp. 19–24.
[108] Zhendong Song et al. "Reputation-based federated learning for secure wireless networks". In: IEEE Internet of Things Journal 9.2 (2021), pp. 1212–1226.
[109] Ekanut Sotthiwat et al. "Partially encrypted multi-party computation for federated learning". In: 2021 IEEE/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid). IEEE. 2021, pp. 828–835.
[110] Dimitris Stripelis et al. "Secure neuroimaging analysis using federated learning with homomorphic encryption". In: 17th International Symposium on Medical Information Processing and Analysis. Vol. 12088. SPIE. 2021, pp. 351–359.
[111] Octavian Suciu et al. "When does machine learning FAIL? generalized transferability for evasion and poisoning attacks". In: 27th USENIX Security Symposium (USENIX Security 18). 2018, pp. 1299–1316.
[112] Le Sun, Jing Tian, and Ghulam Muhammad. "FedKC: Personalized Federated Learning With Robustness Against Model Poisoning Attacks in the Metaverse for Consumer Health". In: IEEE Transactions on Consumer Electronics (2024).
[113] Xavier Tan et al. "Reputation-aware federated learning client selection based on stochastic integer programming". In: IEEE Transactions on Big Data (2022).
[114] Peng Tang et al. "FLAD: Byzantine-Robust Federated Learning Based on Gradient Feature Anomaly Detection". In: IEEE Transactions on Dependable and Secure Computing (2025).
[115] Jakub Tětek. "Approximate triangle counting via sampling and fast matrix multiplication". In: arXiv preprint arXiv:2104.08501 (2021).
[116] Mark Towers et al. Gymnasium. Mar. 2023. DOI: 10.5281/zenodo.8127026. URL: https://zenodo.org/record/8127025 (visited on 07/08/2023).
[117] Brandon Tran, Jerry Li, and Aleksander Madry. "Spectral signatures in backdoor attacks". In: Advances in neural information processing systems 31 (2018).
[118] Stacey Truex et al. "LDP-Fed: Federated learning with local differential privacy". In: Proceedings of the Third ACM International Workshop on Edge Systems, Analytics and Networking. 2020, pp. 61–66.
[119] Wei Wan et al. "A four-pronged defense against byzantine attacks in federated learning". In: Proceedings of the 31st ACM International Conference on Multimedia. 2023, pp. 7394–7402.
[120] Ning Wang et al. "FLARE: defending federated learning against model poisoning attacks via latent space representations". In: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. 2022, pp. 946–958.
[121] Ruijin Wang et al. "RPIFL: Reliable and Privacy-Preserving Federated Learning for the Internet of Things". In: Journal of Network and Computer Applications 221 (2024), p. 103768.
[122] Xiao Wang, Lina Ge, and Guifeng Zhang. "A Review of Client Selection Mechanisms in Heterogeneous Federated Learning". In: International Conference on Intelligent Computing. Springer. 2023, pp. 761–772.
[123] Xiaofei Wang et al. "In-edge ai: Intelligentizing mobile edge computing, caching and communication by federated learning". In: Ieee Network 33.5 (2019), pp. 156–165.
[124] Yuwei Wang and Burak Kantarci. "A novel reputation-aware client selection scheme for federated learning within mobile environments". In: 2020 IEEE 25th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). IEEE. 2020, pp. 1–6.
[125] Osama Wehbi et al. "Fedmint: Intelligent bilateral client selection in federated learning with newcomer iot devices". In: IEEE Internet of Things Journal (2023).
[126] Kang Wei et al. "Federated learning with differential privacy: Algorithms and performance analysis". In: IEEE Transactions on Information Forensics and Security 15 (2020), pp. 3454–3469.
[127] Febrianti Wibawa et al. "BFV-Based Homomorphic Encryption for Privacy-Preserving CNN Models". In: Cryptography 6.3 (2022), p. 34.
[128] Jiajun Wu, Steve Drew, and Jiayu Zhou. "Fedle: Federated learning client selection with lifespan extension for edge IoT networks". In: ICC 2023-IEEE International Conference on Communications. IEEE. 2023, pp. 985–990.
[129] Qiong Wu et al. "HiFlash: Communication-efficient hierarchical federated learning with adaptive staleness control and heterogeneity-aware client-edge association". In: IEEE Transactions on Parallel and Distributed Systems 34.5 (2023), pp. 1560–1579.
[130] Yusen Wu et al. "Tolerating adversarial attacks and byzantine faults in distributed machine learning". In: 2021 IEEE International Conference on Big Data (Big Data). IEEE. 2021, pp. 3380–3389.
[131] Geming Xia et al. "Poisoning attacks in federated learning: A survey". In: IEEE Access 11 (2023), pp. 10708–10722.
[132] Qi Xia et al. "FABA: an algorithm for fast aggregation against byzantine attacks in distributed neural networks". In: IJCAI. 2019.
[133] Haoran Xie et al. "Verifiable Federated Learning With Privacy-Preserving Data Aggregation for Consumer Electronics". In: IEEE Transactions on Consumer Electronics (2023).
[134] Ao Xiong et al. "A truthful and reliable incentive mechanism for federated learning based on reputation mechanism and reverse auction". In: Electronics 12.3 (2023), p. 517.
[135] Mengchu Xu et al. "FedAG: A Federated Learning Method Based on Data Importance Weighted Aggregation". In: 2023 IEEE/CIC International Conference on Communications in China (ICCC). IEEE. 2023, pp. 1–6.
[136] R. Xu et al. "Detrust-fl: privacy-preserving federated learning in decentralized trust setting". In: (2022). DOI: 10.48550/arxiv.2207.07779.
[137] Runhua Xu et al. "Detrust-FL: Privacy-preserving federated learning in decentralized trust setting". In: 2022 IEEE 15th International Conference on Cloud Computing (CLOUD). IEEE. 2022, pp. 417–426.
[138] Yajing Xu et al. "Besifl: Blockchain empowered secure and incentive federated learning paradigm in iot". In: IEEE Internet of Things Journal (2021).
[139] Zhuoqun Yan et al. "Comments on "VCD-FL: Verifiable, Collusion-Resistant, and Dynamic Federated Learning"". In: IEEE Transactions on Information Forensics and Security (2025).
[140] Li Yang et al. "Enhanced model poisoning attack and Multi-Strategy defense in federated learning". In: IEEE Transactions on Information Forensics and Security (2025).
[141] Ming Yang et al. "Model poisoning attack in differential privacy-based federated learning". In: Information Sciences 630 (2023), pp. 158–172.
[142] Junyu Ye et al. "A Client Detection and Parameter Correction Algorithm for Clustering Defense in Clustered Federated Learning". In: Proceedings of the 30th Annual International Conference on Mobile Computing and Networking. 2024, pp. 2383–2388.
[143] Dong Yin et al. "Byzantine-robust distributed learning: Towards optimal statistical rates". In: International Conference on Machine Learning. PMLR. 2018, pp. 5650–5659.
[144] Bin Yu et al. "A survey on federated learning in data mining". In: Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery 12.1 (2022), e1443.
[145] Menghang Yu et al. "A Comprehensive Study on Personalized Federated Learning with Non-IID Data". In: 2022 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom). IEEE. 2022, pp. 40–49.
[146] Ruihao Yuan et al. "A Variational Auto-Encoder Enabled Multi-Band Channel Prediction Scheme for Indoor Localization". In: ICC 2023-IEEE International Conference on Communications. IEEE. 2023, pp. 571–576.
[147] Kai Yue et al. "Federated learning via plurality vote". In: IEEE Transactions on Neural Networks and Learning Systems (2022).
[148] Chengliang Zhang et al. "{BatchCrypt}: Efficient homomorphic encryption for {Cross-Silo} federated learning". In: 2020 USENIX annual technical conference (USENIX ATC 20). 2020, pp. 493–506.
[149] Hangjia Zhang et al. "Adaptive client selection in resource constrained federated learning systems: A deep reinforcement learning approach". In: IEEE Access 9 (2021), pp. 98423–98432.
[150] Li Zhang et al. "Homomorphic encryption-based privacy-preserving federated learning in IoT-enabled healthcare system". In: IEEE transactions on network science and engineering 10.5 (2022), pp. 2864–2880.
[151] Sai Qian Zhang, Jieyu Lin, and Qi Zhang. "A multi-agent reinforcement learning approach for efficient client selection in federated learning". In: Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 36. 8. 2022, pp. 9091–9099.
[152] Tuo Zhang et al. "Federated learning for the internet of things: Applications, challenges, and opportunities". In: IEEE Internet of Things Magazine 5.1 (2022), pp. 24–29.
[153] Ziqi Zhang et al. "FedSlice: Protecting Federated Learning Models from Malicious Participants with Model Slicing". In: 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE). IEEE. 2023, pp. 460–472.
[154] Ying Zhao et al. "PDGAN: A novel poisoning defense method in federated learning using generative adversarial network". In: Algorithms and Architectures for Parallel Processing: 19th International Conference, ICA3PP 2019, Melbourne, VIC, Australia, December 9–11, 2019, Proceedings, Part I 19. Springer. 2020, pp. 595–609.
[155] Zihao Zhao, Mengen Luo, and Wenbo Ding. "Deep leakage from model in federated learning". In: arXiv preprint arXiv:2206.04887 (2022).
[156] Ian Zhou et al. "Secure multi-party computation for machine learning: A survey". In: IEEE Access 12 (2024), pp. 53881–53899.
[157] Xingjie Zhou et al. "FLGuardian: Defending against Model Poisoning Attacks via Fine-grained Detection in Federated Learning". In: IEEE Transactions on Information Forensics and Security (2025).
[158] Hangyu Zhu et al. "Federated learning on non-IID data: A survey". In: Neurocomputing 465 (2021), pp. 371–390.
[159] Hongbin Zhu et al. "Online client selection for asynchronous federated learning with fairness consideration". In: IEEE Transactions on Wireless Communications 22.4 (2022), pp. 2493–2506.
[160] Giulio Zizzo et al. "Fat: Federated adversarial training". In: arXiv preprint arXiv:2012.01791 (2020).
[161] Shaojun Zuo et al. "ApaPRFL: Robust Privacy-Preserving Federated Learning Scheme Against Poisoning Adversaries for Intelligent Devices Using Edge Computing". In: IEEE Transactions on Consumer Electronics (2024).
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.
Repository Staff Only: item control page
Download Statistics
Download Statistics