Awesome Adversarial Attacks
Adversarial Attacks is one of the most active areas in Awesome Federated Learning β 1,338 papers in this collection, evaluated on datasets like CIFAR-10, MNIST, Fashion-MNIST. A strong starting point is "Federated Adversarial Domain Adaptation".
Datasets & benchmarks
Key papers
- Federated Adversarial Domain Adaptation (2019)Xingchao Peng et al.10.99
- Exploiting Defenses against GAN-Based Feature Inference Attacks in
Federated Learning (2020)Xinjian Luo et al.6.66
- Do We Really Need to Design New Byzantine-robust Aggregation Rules? (2025)Minghong Fang et al.6.58
- Energy-Latency Attacks via Sponge Poisoning (2022)Antonio Emanuele Cin\`a et al.5.72
- FedDTG:Federated Data-Free Knowledge Distillation via Three-Player Generative Adversarial Networks (2022)Lingzhi Gao et al.5.06
- Federated Learning for Smart Grid: A Survey on Applications and Potential Vulnerabilities (2024)Zikai Zhang et al.4.54
- Federated Multi-Armed Bandits Under Byzantine Attacks (2022)Artun Saday et al.4.48
- Federated Learning in Adversarial Environments: Testbed Design and Poisoning Resilience in Cybersecurity (2024)Hao Jian Huang et al.4.41
- AI Security Research Should Better Incentivize Defense Research (2026)Youqian Zhang4.33
- Multi-Factor Trust-Driven Secure Communication Model for Cloud-Based Digital Twins (2026)Deepika Saxena et al.4.33
- When AI Meets Wall Street: A Survey on Trustworthy AI in Fintech (2026)Qingwen Zeng et al.4.33
- BoBa: Boosting Backdoor Detection through Data Distribution Inference in Federated Learning (2024)Zhengyuan Jiang et al.4.30
- Robust Knowledge Distillation in Federated Learning: Counteracting
Backdoor Attacks (2025)Ebtisaam Alharbi et al.4.30
- Model Poisoning Attacks to Federated Learning via Multi-Round Consistency (2024)Yueqi Xie et al.4.26
- FedMUA: Exploring the Vulnerabilities of Federated Learning to Malicious
Unlearning Attacks (2025)Jian Chen et al.4.25
- CENSOR: Defense Against Gradient Inversion via Orthogonal Subspace
Bayesian Sampling (2025)Kaiyuan Zhang et al.4.25
- SAFE: Secure and Accurate Federated Learning for Privacy-Preserving Brain-Computer Interfaces (2026)Tianwang Jia et al.3.98
- FL-Defender: Combating Targeted Attacks in Federated Learning (2022)Najeeb Jebreel and Josep Domingo-Ferrer3.71
- Exploring the Vulnerabilities of Federated Learning: A Deep Dive into Gradient Inversion Attacks (2025)Pengxin Guo et al.3.70
- Dual Defense: Enhancing Privacy and Mitigating Poisoning Attacks in
Federated Learning (2025)Runhua Xu et al.3.64
- Bad-PFL: Exploring Backdoor Attacks against Personalized Federated
Learning (2025)Mingyuan Fan et al.3.59
- Privacy in Fine-tuning Large Language Models: Attacks, Defenses, and
Future Directions (2024)Hao Du et al.3.53
- From Data Heterogeneity to Convergence: A Data-Centric Review of Federated Learning (2026)Huong Nguyen et al.3.51
- A Unified Framework for Gradient Aggregation in Multi-Objective Optimization (2026)Zeou Hu et al.3.45
- Partner in Crime: Boosting Targeted Poisoning Attacks against Federated
Learning (2024)Shihua Sun et al.3.25
- LOGSAFE: Logic-Guided Verification for Trustworthy Federated Time-Series Learning (2024)Dung Thuy Nguyen et al.3.20
- Poisoning Deep Learning Based Recommender Model in Federated Learning Scenarios (2022)Dazhong Rong et al.3.19
- Enhancing Cyber Resilience of Networked Microgrids using Vertical Federated Reinforcement Learning (2022)Sayak Mukherjee et al.3.19
- The Federation Strikes Back: A Survey of Federated Learning Privacy
Attacks, Defenses, Applications, and Policy Landscape (2024)Joshua C. Zhao et al.3.14
- Hammer and Anvil: A Principled Defense Against Backdoors in Federated Learning (2025)Lucas Fenaux et al.3.10
- Self-Adaptive and Robust Federated Spectrum Sensing without Benign Majority for Cellular Networks (2025)Ngoc Duy Pham et al.2.99
- FedMIA: An Effective Membership Inference Attack Exploiting "All for
One" Principle in Federated Learning (2024)Gongxi Zhu et al.2.97
- Privacy and Accuracy Implications of Model Complexity and Integration in
Heterogeneous Federated Learning (2023)Gergely D\'aniel N\'emeth et al.2.81
- Approaching the Harm of Gradient Attacks While Only Flipping Labels (2025)Abdessamad El-Kabid et al.2.76
- SoK: Benchmarking Poisoning Attacks and Defenses in Federated Learning (2025)Heyi Zhang et al.2.71
- The Gradient Puppeteer: Adversarial Domination in Gradient Leakage
Attacks through Model Poisoning (2025)Kunlan Xiang et al.2.71
- Krum Federated Chain (KFC): Using blockchain to defend against
adversarial attacks in Federated Learning (2025)Mario Garc\'ia-M\'arquez and Nuria Rodr\'iguez-Barroso and M.Victoria Luz\'on and Francisco Herrera2.71
- DROP: Poison Dilution via Knowledge Distillation for Federated Learning (2025)Georgios Syros et al.2.71
- Secure Federated Data Distillation (2025)Marco Arazzi et al.2.71
- TrustChain: A Blockchain Framework for Auditing and Verifying Aggregators in Decentralized Federated Learning (2025)Ehsan Hallaji et al.2.71
- Mingling with the Good to Backdoor Federated Learning (2025)Nuno Neves2.65
- From Models to Network Topologies: A Topology Inference Attack in Decentralized Federated Learning (2025)Chao Feng et al.2.65
- Rethinking Byzantine Robustness in Federated Recommendation from Sparse
Aggregation Perspective (2025)Zhongjian Zhang et al.2.65
- TAPFed: Threshold Secure Aggregation for Privacy-Preserving Federated
Learning (2025)Runhua Xu et al.2.65
- KeTS: Kernel-based Trust Segmentation against Model Poisoning Attacks (2025)Ankit Gangwal et al.2.65
- Cooperative Decentralized Backdoor Attacks on Vertical Federated Learning (2025)Seohyun Lee et al.2.65
- Federated Testing (FedTest): A New Scheme to Enhance Convergence and
Mitigate Adversarial Attacks in Federating Learning (2025)Mustafa Ghaleb et al.2.65
- DBA-DFL: Towards Distributed Backdoor Attacks with Network Detection in Decentralized Federated Learning (2025)Bohan Liu et al.2.65
- Poisoning Attacks and Defenses to Federated Unlearning (2025)Wenbin Wang et al.2.65
- FilterFL: Knowledge Filtering-based Data-Free Backdoor Defense for Federated Learning (2023)Yanxin Yang et al.2.64
- DeTrigger: A Gradient-Centric Approach to Backdoor Attack Mitigation in
Federated Learning (2024)Kichang Lee et al.2.54
- Using Anomaly Detection to Detect Poisoning Attacks in Federated
Learning Applications (2022)Ali Raza et al.2.53
- WW-FL: Secure and Private Large-Scale Federated Learning (2023)Felix Marx et al.2.53
- Advancing Hybrid Defense for Byzantine Attacks in Federated Learning (2024)Kai Yue et al.2.43
- Byzantine-Robust Aggregation for Securing Decentralized Federated Learning (2024)Diego Cajaraville-Aboy et al.2.43
- Threats and Defenses in Federated Learning Life Cycle: A Comprehensive Survey and Challenges (2024)Yanli Li et al.2.32
- Tracing Back the Malicious Clients in Poisoning Attacks to Federated Learning (2024)Yuqi Jia and Minghong Fang and Hongbin Liu and Jinghuai Zhang and Neil Zhenqiang Gong2.32
- UIFV: Data Reconstruction Attack in Vertical Federated Learning (2024)Jirui Yang et al.2.26
- Robust Decentralized Learning with Local Updates and Gradient Tracking (2024)Sajjad Ghiasvand et al.2.21
- SoK: On Gradient Leakage in Federated Learning (2024)Jiacheng Du et al.2.15