The Hidden Adversarial Vulnerabilities of Medical Federated Learning

Download PDF
Open Webpage

Erfan Darzi, Florian Dubost, Nanna Maria Sijtsema, Peter M. A. van Ooijen

Published: 01 Jan 2023, Last Modified: 16 Apr 2025CoRR 2023EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: In this paper, we delve into the susceptibility of federated medical image analysis systems to adversarial attacks. Our analysis uncovers a novel exploitation avenue: using gradient information from prior global model updates, adversaries can enhance the efficiency and transferability of their attacks. Specifically, we demonstrate that single-step attacks (e.g. FGSM), when aptly initialized, can outperform the efficiency of their iterative counterparts but with reduced computational demand. Our findings underscore the need to revisit our understanding of AI security in federated healthcare settings.

OpenReview is a long-term project to advance science through improved peer review with legal nonprofit status. We gratefully acknowledge the support of the OpenReview Sponsors. © 2025 OpenReview