The paper introduces ARES, a novel and practical gradient inversion attack that reconstructs sensitive training samples from large batch updates in Federated Learning without requiring architectural m…

FedSurrogate introduces a novel backdoor defense for Federated Learning that uses layer-criticality analysis and surrogate replacement to significantly reduce false positives while maintaining high mo…

This paper analyzes label inference attacks in Vertical Federated Learning (VFL), demonstrating that existing attacks rely on feature-label distribution alignment, and proposes a zero-overhead defense…

This paper presents a novel data-free Membership Inference Attack (MIA) that uses gradient inversion on Standard Cell Library Layouts (SCLLs) to reconstruct sensitive hardware images from intercepted…

The paper proposes a secure and verifiable aggregation scheme for Federated Learning using a non-colluding dual-server architecture and linear tags, which significantly enhances user privacy and reduc…

This paper empirically evaluates the effectiveness of Differential Privacy (DP) against Membership Inference Attacks (MIAs) in Federated Learning, demonstrating that a stacking attack strategy can det…

The paper introduces DECIFR, a novel two-stage Membership Inference Attack (MIA) that exploits standard cell library layouts to reconstruct sensitive IC training data from intercepted federated model…

FedSpy-LLM introduces a scalable and generalizable data reconstruction attack that can extract private training data from shared gradients of large language models, even when using Parameter-Efficient…

The paper proposes Byz-Clip21-SGD2M, a novel algorithm that achieves high-probability convergence guarantees for Federated Learning by integrating robust aggregation, double momentum, and clipping, re…

The paper introduces Asymmetric Langevin Unlearning (ALU), a novel framework that uses public data to significantly reduce the utility loss typically associated with certified machine unlearning, enab…

The paper proposes VerFU, a client-verifiable federated unlearning framework for low-altitude wireless networks that allows devices to ensure the server accurately removes their historical data contri…

This paper investigates the use of Federated Learning (FL) for hardware assurance, demonstrating that while FL improves model performance over centralized learning, it remains vulnerable to gradient i…

The paper introduces a lightweight, sampling-based cryptographic protocol for verifiable AI inference that drastically reduces proving overhead from minutes to milliseconds by leveraging statistical p…

The paper introduces the Black-Hole Attack, a poisoning vulnerability that exploits geometric defects in high-dimensional embedding spaces to force malicious vectors into the top-k results of vector d…

This paper analyzes and proposes four novel attack methods—based on model parameters and model inversion—to demonstrate that existing machine unlearning techniques can inadvertently leak the categorie…

The paper proposes DIST-FL, a distributed system using multiple TEEs and an append-only ledger to enhance the security and robustness of federated learning aggregation against server-side adversaries.

FedFG introduces a robust federated learning framework using flow-matching generation to simultaneously enhance client privacy and defend against sophisticated poisoning attacks.

The paper introduces GraphIP-Bench, a unified benchmark that demonstrates that stealing Graph Neural Networks (GNNs) is relatively easy, and existing defenses often fail to maintain their integrity af…

This paper analyzes the reliability of efficient membership inference attack (MIA) evaluation methods, demonstrating that standard aggregation techniques introduce biases that compromise accurate vuln…

The paper demonstrates a class of steganographic exfiltration attacks against vector databases by hiding data within embeddings, and proposes VectorPin, a cryptographic provenance protocol to detect s…