{"title":"基于联邦学习特征的后门攻击","authors":"Laicheng Cao, F. Li","doi":"10.1117/12.2653697","DOIUrl":null,"url":null,"abstract":"Federated learning enables participants to construct a better model without sharing their private local data with each other. In the context of the continuous introduction of laws and regulations aimed at protecting data and privacy security, such as the \"Data Security Law\", federated learning has been more valued and more widely used. However, federated learning is vulnerable to attacks, one is backdoor attack. Here, we propose a backdoor attack method based on feature, used the CIFAR-10 data set and the ResNet18 model to research in the two different scenarios which one used the data that malicious participant participate in normal training as a backdoor and another used the data that implanting during the training as a backdoor. Especially, when we used the data that malicious participant participate in normal training as a backdoor, the attack success rate is about 50% while the attack does not affect the training process.","PeriodicalId":32903,"journal":{"name":"JITeCS Journal of Information Technology and Computer Science","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Backdoor attack based on feature in federated learning\",\"authors\":\"Laicheng Cao, F. Li\",\"doi\":\"10.1117/12.2653697\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Federated learning enables participants to construct a better model without sharing their private local data with each other. In the context of the continuous introduction of laws and regulations aimed at protecting data and privacy security, such as the \\\"Data Security Law\\\", federated learning has been more valued and more widely used. However, federated learning is vulnerable to attacks, one is backdoor attack. Here, we propose a backdoor attack method based on feature, used the CIFAR-10 data set and the ResNet18 model to research in the two different scenarios which one used the data that malicious participant participate in normal training as a backdoor and another used the data that implanting during the training as a backdoor. Especially, when we used the data that malicious participant participate in normal training as a backdoor, the attack success rate is about 50% while the attack does not affect the training process.\",\"PeriodicalId\":32903,\"journal\":{\"name\":\"JITeCS Journal of Information Technology and Computer Science\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"JITeCS Journal of Information Technology and Computer Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2653697\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"JITeCS Journal of Information Technology and Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2653697","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Backdoor attack based on feature in federated learning
Federated learning enables participants to construct a better model without sharing their private local data with each other. In the context of the continuous introduction of laws and regulations aimed at protecting data and privacy security, such as the "Data Security Law", federated learning has been more valued and more widely used. However, federated learning is vulnerable to attacks, one is backdoor attack. Here, we propose a backdoor attack method based on feature, used the CIFAR-10 data set and the ResNet18 model to research in the two different scenarios which one used the data that malicious participant participate in normal training as a backdoor and another used the data that implanting during the training as a backdoor. Especially, when we used the data that malicious participant participate in normal training as a backdoor, the attack success rate is about 50% while the attack does not affect the training process.