Act in Collusion: Distributed Multi-Target Backdoor Attacks in Federated Learning

arXiv:2411.03926v3 Announce Type: replace Abstract: Federated learning (FL) is widely used in Internet-of-Things (IoT) systems, but its distributed training process also exposes it to backdoor attacks. Existing studies mainly consider single-target or centralized multi-target settings, while coordinated distributed multi-target attacks remain underexplored. In practical IoT scenarios, one adversarial entity may control multiple distributed malicious clients and assign each client distinct triggers and target labels. Under this setting, existing distributed backdoor methods often fail to preserve the effectiveness of all backdoors because malicious updates conflict during aggregation. To address this issue, we propose a Distributed Multi-Target Backdoor Attack (DMBA) for FL. DMBA introduces a Backdoor Replay (BR) mechanism to reduce discrepancies among malicious gradients and a Channel-Frequency Composite Trigger (CFCT) strategy to improve trigger distinguishability and alleviate local interference. Experiments on multiple datasets show that DMBA ensures attack success rates above 80% for all implanted backdoors, whereas some baseline backdoors fall below 50% and may even approach 0.