What question did this study set out to answer?

The aim is to develop a method that improves backdoor attack effectiveness in federated learning systems.

February 14, 2026

GCBA : Gradient Compensated Backdoor Attack Against Federated Learning

Key Points

The aim is to develop a method that improves backdoor attack effectiveness in federated learning systems.
Proposed the GCBA mechanism for embedding backdoors in federated learning models.
Compensated for honest client gradients to align updates with the attacker's goals.
Limited perturbations to low variance coordinates to enhance stealth and durability.
GCBA demonstrates significantly higher success rates compared to previous backdoor attacks.
The attack exhibits longer operational lifespans than existing methods.
GCBA successfully avoids detection by common defense mechanisms in federated learning.

Abstract

ABSTRACT Federated learning (FL) enables distributed model training while keeping user data private. However, its decentralized structure makes it vulnerable to backdoor attacks. Prior studies show that adversaries can implant backdoors, but these are often weakened by subsequent benign updates, reducing their persistence. In this paper, we propose GCBA, a new backdoor mechanism for FL. GCBA compensates for the average gradient of honest clients, forcing the aggregated update to match the attacker's target. It also restricts perturbations to coordinates with low historical variance, improving durability and stealth. Experiments on three large‐scale datasets show that GCBA achieves higher success rates and longer lifespans than existing attacks. It also evades several representative defenses. These results highlight the urgent need for stronger protection in practical FL systems.

Bookmark

GCBA : Gradient Compensated Backdoor Attack Against Federated Learning

Key Points

Abstract

Cite This Study