Congratulations to Prof. Shiqing Ma, who received the best paper award at the 2022 European Conference on Computer Vision (ECCV 2022) AROW Workshop in October 2022 for FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning. The paper is a joint work with researchers from Purdue University and IBM.
The paper introduced a novel, provable defense framework for mitigating backdoor threats in Federated Learning. The key insight is to combine trigger inversion techniques with FL training. As long as the inverted trigger satisfies our given constraint, the method can guarantee the attack success rate will decrease and in the meantime, the prediction accuracy of the global model on clean data can be retained. The researchers also conduct comprehensive experiments across different datasets and attack settings, showing the empirical superiority of their method by comparing it with eight competing SOTA defense techniques.