信息安全研究2026,Vol.12Issue(3):210-219,10.DOI:10.12379/j.issn.2096-1057.2026.03.02
基于约束扰动与损失调控的联邦学习后门攻击
Federated Learning Backdoor Attack Based on Constrained Perturbation and Loss Regulation
摘要
Abstract
Federated learning,as a distributed machine learning framework,enables multi-party collaborative training with data isolation and privacy protection,However,its decentralized architecture makes it vulnerable to backdoor attacks.This paper proposes a federated learning backdoor attack method based on the constrained perturbation and loss regulation(CPR).The method realizes backdoor implantation and proliferation through three modules:input perturbation,dynamic weight regulation,and secondary perturbation reinforcement.Input perturbation introduces constraint-based noise to poison the training samples.Dynamic weight regulation dynamically adjusts the task weights by introducing cosine annealing,which realizes the balance between backdoor feature learning and main task performance.Secondary perturbation reinforcement utilizes dynamic loss values to further perturb the poisoned samples and reinforce its backdoor features.The CPR backdoor attack is evaluated on MNIST,Fashion-MNIST and CIFAR10 datasets,and the experimental results show that the CPR backdoor attack is able to significantly improve the success rate of the attack while maintaining the accuracy of the model's primary task and exhibits higher stealth and persistence under a variety of data distribution conditions,as compared to pixel,label-flipping and hybrid attacks.关键词
联邦学习/后门攻击/约束扰动/损失调控/动态权重调控Key words
federated learning/backdoor attack/constraint perturbation/loss regulation/dynamic weight regulation分类
信息技术与安全科学引用本文复制引用
张镇博,张淑芬,屈昌盛,钟琪,李涛..基于约束扰动与损失调控的联邦学习后门攻击[J].信息安全研究,2026,12(3):210-219,10.基金项目
国家自然科学基金项目(U20A20179) (U20A20179)
