N Truths and a Lie: Consistency-Based Backdoor Defense for Vertical Federated Learning
Summary
This paper addresses backdoor attacks (where attackers secretly poison AI models to make them behave maliciously) in vertical federated learning (VFL, a setup where different organizations train an AI together on their own private data). The researchers propose a defense using a latent masked autoencoder (LMAE, a type of neural network that detects patterns and missing information) to identify when one participant is submitting suspicious, inconsistent data compared to honest participants, allowing the system to reject malicious contributions.
Solution / Mitigation
The paper proposes a novel defense mechanism using a latent masked autoencoder (LMAE) to assess the semantic consistency of embeddings (learned data representations) from different participants. The authors developed an algorithm based on the LMAE that identifies attackers and enables backdoor-resistant predictions. The defense was tested on multiple datasets and backdoor attack types and demonstrated effectiveness at identifying attackers while maintaining high prediction accuracy.
Classification
Related Issues
Original source: http://ieeexplore.ieee.org/document/11442675
First tracked: April 20, 2026 at 08:03 PM
Classified by LLM (prompt v3) · confidence: 88%