HEFLGuard: Backdoor Detection in Homomorphic Encryption-Based Federated Learning
Summary
This research presents HEFLGuard, a security system that detects backdoor attacks (hidden malicious behavior injected into AI models) in homomorphic encryption-based federated learning (a privacy-protecting technique where multiple parties train an AI model together using encrypted data). HEFLGuard works by having the server create validation models from encrypted client groups and having clients compare their local model outputs on trusted samples to identify suspicious behavior, while also using Byzantine fault-tolerant aggregation (a method that functions correctly even when some participants act maliciously) to ensure robustness.
Solution / Mitigation
HEFLGuard constructs overlapping validation models from encrypted client groups and clients locally compare logits (output scores) of the global and validation models on benign samples to expose backdoor behavior. The framework combines consistency verification across non-IID validation groups with Byzantine fault-tolerant aggregation of client reports.
Classification
Related Issues
Original source: http://ieeexplore.ieee.org/document/11495226
First tracked: May 18, 2026 at 08:01 PM
Classified by LLM (prompt v3) · confidence: 92%