Institute of Computing Technology, Chinese Academy IR
| Peak-controlled logits poisoning attack in federated distillation | |
| Tang, Yuhan1,2; Wu, Zhiyuan3,4; Gao, Bo1,2; Wen, Tian3; Wang, Yuwei3; Sun, Sheng3 | |
| 2025-10-22 | |
| 发表期刊 | DISCOVER COMPUTING
 |
| ISSN | 2948-2984 |
| 卷号 | 28期号:1页码:18 |
| 摘要 | Federated Distillation (FD) is an innovative distributed machine learning paradigm that enables efficient and flexible cross-device knowledge transfer through knowledge distillation, without the need to upload large-scale model parameters to a central server. Although FD has attracted increasing attention in recent years, its security aspects remain relatively underexplored. Existing attack methods targeting traditional federated learning mainly focus on the transmission of model parameters and gradients, while attacks specifically designed for the unnormalized outputs (logits) in the emerging FD paradigm are still lacking. To fill this research gap and contribute to the enhancement of FD's security, we previously proposed the Federated Distillation Logits Attack (FDLA), which manipulates the logits transmitted during communication to mislead and degrade the performance of client models. However, FDLA has limitations in controlling its impact on participants with different roles or identities and lacks a systematic investigation into the effects of malicious interventions at various stages of knowledge transfer. To overcome these limitations, we propose a more advanced and controllable logits poisoning method-Peak-Controlled Federated Distillation Logits Attack (PCFDLA). PCFDLA enhances the effectiveness of FDLA by precisely controlling the peak values of logits to adjust the intensity of the attack. This method generates highly misleading perturbations that achieve stronger attack performance while maintaining a similar level of stealthiness to FDLA when detection is based on differences in model parameters. Moreover, we introduce a novel evaluation metric to more comprehensively assess the performance of such attacks. Experimental results show that PCFDLA significantly increases the destructive impact on victim models while maintaining high stealth. It consistently achieves superior performance across multiple datasets, highlighting its potential threat to the security of federated distillation systems. |
| 关键词 | Federated learning Knowledge distillation Knowledge transfer Poisoning attack Misleading attack |
| DOI | 10.1007/s10791-025-09742-8 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | Fundamental Research Funds for the Central Universities |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Information Systems |
| WOS记录号 | WOS:001598387200001 |
| 出版者 | SPRINGER |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/41633 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Gao, Bo |
| 作者单位 | 1.Beijing Jiaotong Univ, Engn Res Ctr Network Management Technol High Speed, Sch Comp Sci & Technol, Minist Educ, Beijing, Peoples R China 2.Beijing Jiaotong Univ, Collaborat Innovat Ctr Railway Traff Safety, Beijing, Peoples R China 3.Chinese Acad Sci, Inst Comp Technol, Beijing, Peoples R China 4.Univ Chinese Acad Sci, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tang, Yuhan,Wu, Zhiyuan,Gao, Bo,et al. Peak-controlled logits poisoning attack in federated distillation[J]. DISCOVER COMPUTING,2025,28(1):18. |
| APA | Tang, Yuhan,Wu, Zhiyuan,Gao, Bo,Wen, Tian,Wang, Yuwei,&Sun, Sheng.(2025).Peak-controlled logits poisoning attack in federated distillation.DISCOVER COMPUTING,28(1),18. |
| MLA | Tang, Yuhan,et al."Peak-controlled logits poisoning attack in federated distillation".DISCOVER COMPUTING 28.1(2025):18. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论