Graph Representation-based Model Poisoning on Federated Large Language Models
Hanlin Cai, Haofan Dong, Houtianfu Wang, Kai Li, Ozgur B. Akan
TL;DR
This paper examines the vulnerabilities of federated large language models to sophisticated graph representation-based model poisoning attacks and discusses potential defense strategies to improve robustness.
Contribution
It introduces graph representation-based model poisoning (GRMP) as a novel attack method that bypasses existing defenses in FedLLMs and highlights future research directions for secure aggregation.
Findings
GRMP can bypass current defense mechanisms.
GRMP significantly degrades model performance.
Existing defenses are insufficient against adaptive attacks.
Abstract
Federated large language models (FedLLMs) enable powerful generative capabilities within wireless networks while preserving data privacy. Nonetheless, FedLLMs remain vulnerable to model poisoning attacks. This article first reviews recent advancements in model poisoning techniques and existing defense mechanisms for FedLLMs, underscoring critical limitations, especially when dealing with non-IID textual data distributions. Current defense strategies predominantly employ distance or similarity-based outlier detection mechanisms, relying on the assumption that malicious updates markedly differ from benign statistical patterns. However, this assumption becomes inadequate against adaptive adversaries targeting billion-parameter LLMs. The article further investigates graph representation-based model poisoning (GRMP), an emerging attack paradigm that exploits higher-order correlations among…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Graph Neural Networks