Peak-controlled logits poisoning attack in federated distillation
文献类型:期刊论文
| 作者 | Tang, Yuhan3,4; Wu, Zhiyuan1,2; Gao, Bo3,4; Wen, Tian2; Wang, Yuwei2; Sun, Sheng2 |
| 刊名 | DISCOVER COMPUTING
 |
| 出版日期 | 2025-10-22 |
| 卷号 | 28期号:1页码:18 |
| 关键词 | Federated learning Knowledge distillation Knowledge transfer Poisoning attack Misleading attack |
| ISSN号 | 2948-2984 |
| DOI | 10.1007/s10791-025-09742-8 |
| 英文摘要 | Federated Distillation (FD) is an innovative distributed machine learning paradigm that enables efficient and flexible cross-device knowledge transfer through knowledge distillation, without the need to upload large-scale model parameters to a central server. Although FD has attracted increasing attention in recent years, its security aspects remain relatively underexplored. Existing attack methods targeting traditional federated learning mainly focus on the transmission of model parameters and gradients, while attacks specifically designed for the unnormalized outputs (logits) in the emerging FD paradigm are still lacking. To fill this research gap and contribute to the enhancement of FD's security, we previously proposed the Federated Distillation Logits Attack (FDLA), which manipulates the logits transmitted during communication to mislead and degrade the performance of client models. However, FDLA has limitations in controlling its impact on participants with different roles or identities and lacks a systematic investigation into the effects of malicious interventions at various stages of knowledge transfer. To overcome these limitations, we propose a more advanced and controllable logits poisoning method-Peak-Controlled Federated Distillation Logits Attack (PCFDLA). PCFDLA enhances the effectiveness of FDLA by precisely controlling the peak values of logits to adjust the intensity of the attack. This method generates highly misleading perturbations that achieve stronger attack performance while maintaining a similar level of stealthiness to FDLA when detection is based on differences in model parameters. Moreover, we introduce a novel evaluation metric to more comprehensively assess the performance of such attacks. Experimental results show that PCFDLA significantly increases the destructive impact on victim models while maintaining high stealth. It consistently achieves superior performance across multiple datasets, highlighting its potential threat to the security of federated distillation systems. |
| 资助项目 | Fundamental Research Funds for the Central Universities |
| WOS研究方向 | Computer Science |
| 语种 | 英语 |
| WOS记录号 | WOS:001598387200001 |
| 出版者 | SPRINGER |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/41632]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Gao, Bo |
| 作者单位 | 1.Univ Chinese Acad Sci, Beijing, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing, Peoples R China 3.Beijing Jiaotong Univ, Collaborat Innovat Ctr Railway Traff Safety, Beijing, Peoples R China 4.Beijing Jiaotong Univ, Engn Res Ctr Network Management Technol High Speed, Sch Comp Sci & Technol, Minist Educ, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tang, Yuhan,Wu, Zhiyuan,Gao, Bo,et al. Peak-controlled logits poisoning attack in federated distillation[J]. DISCOVER COMPUTING,2025,28(1):18. |
| APA | Tang, Yuhan,Wu, Zhiyuan,Gao, Bo,Wen, Tian,Wang, Yuwei,&Sun, Sheng.(2025).Peak-controlled logits poisoning attack in federated distillation.DISCOVER COMPUTING,28(1),18. |
| MLA | Tang, Yuhan,et al."Peak-controlled logits poisoning attack in federated distillation".DISCOVER COMPUTING 28.1(2025):18. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。