Model Transferring Attacks to Backdoor HyperNetwork in Personalized Federated Learning. (arXiv:2201.07063v2 [cs.LG] UPDATED)

This paper explores previously unknown backdoor risks in HyperNet-based
personalized federated learning (HyperNetFL) through poisoning attacks. Based
upon that, we propose a novel model transferring attack (called HNTROJ), i.e.,
the first of its kind, to transfer a local backdoor infected model to all
legitimate and personalized local models, which are generated by the HyperNetFL
model, through consistent and effective malicious local gradients computed
across all compromised clients in the whole training process. As a result,
HNTROJ reduces the number of …

attacks backdoor lg