作者：Hao Xu; Lei Shi; Huaili Liu; Junyu Ye; Hao Xu

发表刊物：WCCCT 2025

年份：April 2025

摘要：Clustered Federated Learning (CFL) represents a pioneering advancement in federated learning, addressing the issue of suboptimal model performance caused by heterogeneous data. However, the clustering process introduced by CFL can be exploited by potential attackers, leading to serious consequences such as the leakage of private information from clients within the cluster. In this paper, we propose an in-cluster attack against CFL to explore its potential security vulnerabilities. First, we define a threat model to better characterize the training process of CFL and outline the relevant assumptions of our approach. We then investigate a datasets filtering method that constructs a victim-isomorphic datasets using the attacker’s auxiliary datasets and some of the victim’s model parameters. Finally, the attacker uses the constructed victim-isomorphic datasets to train the model parameters and uploads them to the server, misleading the server’s clustering algorithm and generating incorrect clustering results. Through experimental evaluation using four clustering algorithms on three datasets, our results demonstrate the effectiveness of our proposed in-cluster attack algorithms, while comparing them with two existing inference attack methods, proving that our approach possesses a higher precision rate.参考文献拷贝字段：Hao Xu; Lei Shi; Huaili Liu; Junyu Ye; Hao Xu. A Malicious Cluster Entry Method for Clustered Federated Learning [C]. Proceedings of the 8th World Conference on Computing and Communication Technologies (WCCCT), Shenzhen, China, April 11-13, 2025: 290-294