all InfoSec news
Learning to Backdoor Federated Learning. (arXiv:2303.03320v2 [cs.LG] UPDATED)
cs.CR updates on arXiv.org arxiv.org
In a federated learning (FL) system, malicious participants can easily embed
backdoors into the aggregated model while maintaining the model's performance
on the main task. To this end, various defenses, including training stage
aggregation-based defenses and post-training mitigation defenses, have been
proposed recently. While these defenses obtain reasonable performance against
existing backdoor attacks, which are mainly heuristics based, we show that they
are insufficient in the face of more advanced attacks. In particular, we
propose a general reinforcement learning-based backdoor …
advanced aggregation attack attacks backdoor backdoor attacks backdoors end federated learning framework general main malicious mitigation non performance policy stage system task training trains