Mitigating Backdoor Attacks in Federated IoT Systems via Representative-Attention Mechanism

Chibueze Peace Obioma; Youcheng Sun; Mustafa A. Mustafa

Mitigating Backdoor Attacks in Federated IoT Systems via Representative-Attention Mechanism

Chibueze Peace Obioma, Youcheng Sun, Mustafa A. Mustafa

Research output: Contribution to conference › Poster › peer-review

Abstract

The heterogeneous nature of IoT environments produces diverse, non-independent, and identically distributed (non-IID) data, making the detection of backdoor attacks in federated learning settings more challenging. Traditional defenses, relying on model weights or gradient-based statistical deviations, make restrictive assumptions about attack methods and client data distributions, hence limiting their effectiveness. In this paper, we propose FeRA (Federated Representative-Attention), a novel defense mechanism that leverages cross-client attention over internal feature representations to distinguish benign from malicious clients. Our evaluation demonstrates FeRA’s robustness across various federated learning scenarios, including challenging non-IID data distributions typical of IoT deployments.

Original language	English
Publication status	Accepted/In press - 22 May 2025

Keywords

Federated Learning
IoT
Backdoor Attack

Embargoed Document

eurosp25posters-final8
Accepted author manuscript, 213 KB
Embargo ends: 17/09/26

EnnCore: End-to-End Conceptual Guarding of Neural Architectures
Cordeiro, L. (PI), Brown, G. (CoI), Freitas, A. (CoI), Luján, M. (CoI) & Mustafa, M. (CoI)
1/02/21 → 31/12/25
Project: Research

Cite this

@conference{d3ff100437a0422f8fd858b0d3417e12,

title = "Mitigating Backdoor Attacks in Federated IoT Systems via Representative-Attention Mechanism",

abstract = "The heterogeneous nature of IoT environments produces diverse, non-independent, and identically distributed (non-IID) data, making the detection of backdoor attacks in federated learning settings more challenging. Traditional defenses, relying on model weights or gradient-based statistical deviations, make restrictive assumptions about attack methods and client data distributions, hence limiting their effectiveness. In this paper, we propose FeRA (Federated Representative-Attention), a novel defense mechanism that leverages cross-client attention over internal feature representations to distinguish benign from malicious clients. Our evaluation demonstrates FeRA{\textquoteright}s robustness across various federated learning scenarios, including challenging non-IID data distributions typical of IoT deployments. ",

keywords = "Federated Learning, IoT, Backdoor Attack",

author = "Obioma, \{Chibueze Peace\} and Youcheng Sun and Mustafa, \{Mustafa A.\}",

year = "2025",

month = may,

day = "22",

language = "English",

}

TY - CONF

T1 - Mitigating Backdoor Attacks in Federated IoT Systems via Representative-Attention Mechanism

AU - Obioma, Chibueze Peace

AU - Sun, Youcheng

AU - Mustafa, Mustafa A.

PY - 2025/5/22

Y1 - 2025/5/22

N2 - The heterogeneous nature of IoT environments produces diverse, non-independent, and identically distributed (non-IID) data, making the detection of backdoor attacks in federated learning settings more challenging. Traditional defenses, relying on model weights or gradient-based statistical deviations, make restrictive assumptions about attack methods and client data distributions, hence limiting their effectiveness. In this paper, we propose FeRA (Federated Representative-Attention), a novel defense mechanism that leverages cross-client attention over internal feature representations to distinguish benign from malicious clients. Our evaluation demonstrates FeRA’s robustness across various federated learning scenarios, including challenging non-IID data distributions typical of IoT deployments.

AB - The heterogeneous nature of IoT environments produces diverse, non-independent, and identically distributed (non-IID) data, making the detection of backdoor attacks in federated learning settings more challenging. Traditional defenses, relying on model weights or gradient-based statistical deviations, make restrictive assumptions about attack methods and client data distributions, hence limiting their effectiveness. In this paper, we propose FeRA (Federated Representative-Attention), a novel defense mechanism that leverages cross-client attention over internal feature representations to distinguish benign from malicious clients. Our evaluation demonstrates FeRA’s robustness across various federated learning scenarios, including challenging non-IID data distributions typical of IoT deployments.

KW - Federated Learning

KW - IoT

KW - Backdoor Attack

M3 - Poster

ER -

Mitigating Backdoor Attacks in Federated IoT Systems via Representative-Attention Mechanism

Abstract

Keywords

Embargoed Document

Fingerprint

Projects

EnnCore: End-to-End Conceptual Guarding of Neural Architectures

Cite this