| Product Name: BART-FL: A Backdoor Attack-Resilient Federated Aggregation Technique for Cross-Silo Applications [1]
Product Type: Software/Code, Algorithm Summary:
Paper: https://ieeexplore.ieee.org/document/11172307
|
| Product Name: QuanCrypt-FL: Quantized Homomorphic Encryption with Pruning for Secure and Efficient Federated Learning [1]
Product Type: Software/Code, Algorithm Summary:
|
| Product Name: FedShield-LLM: A Secure and Scalable Federated Fine-Tuned Large Language Model [1]
Product Type: Software/Code, Algorithm Summary: Paper: https://arxiv.org/abs/2506.05640 |
| Product Name: AIGunDetect: Accurate and Efficient Two-Stage Gun Detection in Videos [2]
Product Type: Software/Code, Algorithm |
| Product Name: SPE-LLM: System Prompt Extraction Attacks and Defenses in Large Language Models [3]
Product Type: Software/Code
Paper link: https://arxiv.org/pdf/2505.23817 |
| Product Name: Audit-VLM: A Security Risk Analysis and Defense Framework for Vision-Language Models in Intelligent Transportation Systems [1][3]
Product Type: Software/Code, Framework
Paper link: https://arxiv.org/pdf/2511.13892 |
| Product Name: MedPFL: A privacy risk analysis and mitigation framework for medical data in federated learning.
Product Type: Software/Code, Framework
Paper link: https://arxiv.org/pdf/2409.18907 |
| Product Name: CorBin-FL: A Differentially Private Federated Learning Mechanism Using Correlated Binary Quantization [1]
Product Type: Software / Code, Algorithm Summary: CorBin-FL is a novel differentially private federated learning mechanism that enables clients to collaboratively train a global model while ensuring privacy guarantees and communication efficiency. The method introduces correlated binary stochastic quantization, where pairs of clients use common randomness to produce negatively correlated quantization noise. This correlation causes noise to cancel out during aggregation at the server, reducing the mean-squared error while still providing formal parameter-level local differential privacy (PLDP). The mechanism is theoretically proven to be unbiased, privacy-preserving, and to asymptotically optimize the privacy-utility tradeoff. Experiments on MNIST, CIFAR-10, FEMNIST, Shakespeare, and Sentiment140 confirm that CorBin-FL outperforms traditional methods (Gaussian, Laplacian, and LDP-FL) under equal privacy budgets. Paper link: https://arxiv.org/abs/2409.13133 |
| Acknowledgements
[1] This work is based upon the work supported by the National Center for Transportation Cybersecurity and Resiliency (TraCR) (a U.S. Department of Transportation National University Transportation Center) headquartered at Clemson University, Clemson, South Carolina, USA. Any opinions, findings, conclusions, and recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of TraCR, and the U.S. Government assumes no liability for the contents or use thereof.
[2] This material is based upon work supported by the U.S. Department of Homeland Security under Grant Award 22STESE00001-04-00. The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security. [3] The authors acknowledge the National Artificial Intelligence Research Resource (NAIRR) Pilot (NAIRR240244) and OpenAI for partially contributing to this research result. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of funding agencies and companies mentioned above.
|
BART-FL (Backdoor-Aware Robust Training for Federated Learning) is a novel defense-oriented framework that enhances the robustness of Federated Learning (FL) against backdoor and poisoning attacks. It integrates Principal Component Analysis (PCA) and clustering-based filtering to isolate and suppress malicious client updates while maintaining accuracy on clean data. Designed for cross-device federated environments, BART-FL provides explainable and privacy-aware aggregation mechanisms to improve resilience against adversarial behavior.
QuanCrypt-FL is an innovative approach designed to enhance security in federated learning by combining quantization and pruning strategies. This integration strengthens the defense against adversarial attacks while also lowering computational overhead during training. Additionally, the approach includes a mean-based clipping mechanism to address potential quantization overflows and errors. The combination of these techniques results in a communication-efficient FL framework that prioritizes privacy without significantly affecting model accuracy, thereby boosting computational performance and resilience to attacks.
FedShield-LLM is a novel framework that enables secure and efficient federated fine-tuning of Large Language Models (LLMs) across organizations while preserving data privacy. By combining pruning with Fully Homomorphic Encryption (FHE) for Low-Rank Adaptation (LoRA) parameters, FedShield-LLM allows encrypted computation on model updates, reducing the attack surface and mitigating inference attacks like membership inference and gradient inversion. Designed for cross-silo federated environments, the framework optimizes computational and communication efficiency, making it suitable for small and medium-sized organizations.
Summary: AIGunDetect is an AI-driven tool developed to automatically identify the presence and location of guns within video footage. It employs a two-stage deep learning architecture that integrates an image-augmented video classification model and an object detection module. First, the classifier analyzes spatial and temporal features to determine whether a gun is present in the video. Then, at the detection stage, the developed tool pinpoints the region of the gun within individual frames of the video using fine-tuned YOLOv11. This approach achieves high accuracy and computational efficiency as compared to the state-of-the-art methods.
Summary: SPE-LLM is a comprehensive framework that analyzes the susceptibility of Large Language Models (LLMs) to adversarial attacks, aiming to extract system prompts. The system prompt in LLMs plays a crucial role in guiding model behavior in terms of generating responses to the user queries. It contains sensitive information, such as configuration details and user roles. Recent studies have shown that LLMs are susceptible to system prompt extraction attacks via carefully crafted queries, raising major privacy and security concerns. This novel framework, SPE-LLM, systematically evaluates system prompt extraction attacks and defenses in state-of-the-art (SOTA) LLMs, including both open-sourced and closed-sourced models. It offers novel adversarial prompting techniques to extract system prompts from SOTA LLMs, highlighting severe risks, three defense techniques to mitigate extraction attacks, and evaluation metrics to validate the framework’s efficacy.
Summary: Audit-VLM is a security risk analysis and mitigation framework for Large Vision Language Models (LVLMs) integrated in Intelligent Transportation Systems (ITS). Although VLMs enable strong multimodal reasoning for tasks such as visual question answering, they are highly vulnerable to jailbreaking attacks. This framework systematically evaluates these vulnerabilities by creating a curated dataset of transportation-related harmful queries aligned with OpenAI’s prohibited content categories, introducing a novel jailbreak attack that combines image typography manipulation with multi-turn prompting, and proposing a multi-layered response-filtering defense to block unsafe outputs. Audit-VLM includes extensive experiments on state-of-the-art open-source and closed-source LVLMs, using GPT-4-based toxicity scoring and manual verification to assess attack success and defense effectiveness. It also compares the new attack with existing jailbreak methods, highlighting significant security risks for LVLMs integrated in ITS applications.
Summary: MedPFL is a privacy risk analysis and mitigation framework for medical data in federated learning (FL). FL is emerging as a promising machine learning technique in the medical field for analyzing medical images, as it is considered an effective method to safeguard sensitive patient data and comply with privacy regulations. However, the default settings of federated learning may inadvertently expose private training data to privacy attacks. MedPFL is a framework that comprehensively analyzes the privacy risks in FL for medical data and the effectiveness of existing and mitigation techniques for safeguarding sensitive patient information while ensuring regulatory compliance. It identifies vulnerabilities in FL system, demonstrates the limitations of conventional defense mechanisms, and discusses some pressing concerns associated with medical data processing in FL environment.