attack_defense.md

Attack

An Overview of Federated Deep Learning Privacy Attacks and Defensive Strategies. 2020-04-01

Backdoor Attack

• How To Backdoor Federated Learning

• Can You Really Backdoor Federated Learning?

• Attack of the Tails: Yes, You Really Can Backdoor Federated Learning

• DBA: Distributed Backdoor Attacks against Federated Learning

• CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. ICML 2021.

• NeurIPS 2020 Submission: Backdoor Attacks on Federated Meta-Learning

Gradients Attack

• Deep Leakage from Gradients

• Gradient Disaggregation: Breaking Privacy in Federated Learning by Reconstructing the User Participant Matrix

• iDLG: Improved Deep Leakage from Gradients

• Inverting Gradients - How easy is it to break Privacy in Federated Learning?

• CAFE: Catastrophic Data Leakage in Vertical Federated Learning

• Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning.

• A Framework for Evaluating Gradient Leakage Attacks in Federated Learning

• Gradient Inversion with Generative Image Prior. NeurIPS 2021.

• Evaluating Gradient Inversion Attacks and Defenses in Federated Learning. NeurIPS 2021.

Model Poison Attack

• Analyzing Federated Learning through an Adversarial Lens
• (*) Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. 2019-11-26
• Data Poisoning Attacks on Federated Machine Learning. 2020-04-19

Free Rider Attack

• NeurIPS 2020 submission: Free-rider Attacks on Model Aggregation in Federated Learning
• Free-riders in Federated Learning: Attacks and Defenses. 2019-11-28

Membership Inference Attack

• Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning. S&P 2019.

Feature Inference Attack

Label Inference Attack

• Label Inference Attacks Against Vertical Federated Learning. USENIX Security 2022.

Defense

With DP

• Differentially Private Federated Learning: A Client Level Perspective. NIPS 2017 Workshop

• Federated Learning with Bayesian Differential Privacy.

• FedSel: Federated SGD under Local Differential Privacy with Top-k Dimension Selection.

• LDP-Fed: Federated Learning with Local Differential Privacy.

• Differentially Private Learning with Adaptive Clipping

With HE

With TEE

Algorithm

• RSA: Byzantine-Robust Stochastic Aggregation Methods for Distributed Learning from Heterogeneous Datasets, AAAI 2019

• Towards Realistic Byzantine-Robust Federated Learning. 2020-04-10

• Secure Byzantine-Robust Machine Learning. 2020-06-08

• Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates

Fairness

• Fair Resource Allocation in Federated Learning. ICLR 2020.

• Hierarchically Fair Federated Learning

• Towards Fair and Privacy-Preserving Federated Deep Models