[2603.23574] PoiCGAN: A Targeted Poisoning Based on Feature-Label Joint Perturbation in Federated Learning

Computer Science > Machine Learning arXiv:2603.23574 (cs) [Submitted on 24 Mar 2026] Title:PoiCGAN: A Targeted Poisoning Based on Feature-Label Joint Perturbation in Federated Learning Authors:Tao Liu, Jiguang Lv, Dapeng Man, Weiye Xi, Yaole Li, Feiyu Zhao, Kuiming Wang, Yingchao Bian, Chen Xu, Wu Yang View a PDF of the paper titled PoiCGAN: A Targeted Poisoning Based on Feature-Label Joint Perturbation in Federated Learning, by Tao Liu and 9 other authors View PDF HTML (experimental) Abstract:Federated Learning (FL), as a popular distributed learning paradigm, has shown outstanding performance in improving computational efficiency and protecting data privacy, and is widely applied in industrial image classification. However, due to its distributed nature, FL is vulnerable to threats from malicious clients, with poisoning attacks being a common threat. A major limitation of existing poisoning attack methods is their difficulty in bypassing model performance tests and defense mechanisms based on model anomaly detection. This often results in the detection and removal of poisoned models, which undermines their practical utility. To ensure both the performance of industrial image classification and attacks, we propose a targeted poisoning attack, PoiCGAN, based on feature-label collaborative perturbation. Our method modifies the inputs of the discriminator and generator in the Conditional Generative Adversarial Network (CGAN) to influence the training process, generating an i...