Brief · PulseAugur

RESEARCH · arXiv cs.LG English(EN) · 18h · [2 sources]

Your Privacy My Cloak: Backdoor Attacks on Differentially Private Federated Learning

Researchers have developed a new attack method called RING that exploits differential privacy (DP) in federated learning (FL) to conceal malicious updates. Contrary to prior assumptions, DP can mask the statistical characteristics of backdoor attacks, rendering existing defenses ineffective. RING achieves a 90.3% attack success rate against state-of-the-art defenses, highlighting a significant security vulnerability in DP-FL deployments that comes with substantial utility trade-offs. AI

IMPACT Exposes a fundamental security gap in differentially private federated learning, potentially requiring new defense mechanisms.

Hugging Face
arXiv
DagsHub
federated learning
differential privacy
alphaXiv
ScienceCast
CatalyzeX
Gotit.pub
RING
IArxiv
DP-FL
Backdoor Attacks