<ul data-eligibleForWebStory="false"><li>Researchers have identified a new backdoor attack, BadSFL, targeting the Scaffold framework used in Federated Learning to address data heterogeneity issues.</li><li>BadSFL manipulates the control variate in Scaffold to steer benign clients' local gradient updates, turning them into unwitting accomplices of the attacker.</li><li>This attack enhances the backdoor persistence and leverages a GAN-enhanced poisoning strategy to maintain high accuracy while remaining stealthy.</li><li>Experiments show that BadSFL has superior attack durability, lasting over 60 global rounds and outperforming existing baselines in maintaining effectiveness even after ceasing malicious injections.</li></ul>

Mind the Cost of Scaffold! Benign Clients May Even Become Accomplices of Backdoor Attack

Discover more