Index-only Backdoor Vetting for Secure Federated PEFT of Large Language Models
| dc.contributor.author | Dogani, Javad | |
| dc.contributor.author | İşler, Devriş | |
| dc.contributor.author | Laoutaris, Nikolaos | |
| dc.date.accessioned | 2026-07-07T12:05:26Z | |
| dc.date.available | 2026-07-07T12:05:26Z | |
| dc.date.issued | 2026-07-06 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12761/2048 | |
| dc.description.abstract | Federated parameter-efficient fine-tuning (PEFT) enables customizing large language models on private data, yet it is vulnerable to backdoor poisoning—especially when privacy constraints prevent inspection of per-client real-valued updates. We exploit the intuition that poisoning leaves a similar backdoor imprint in which adapter coordinates become salient, so overlap in salient-index supports remains informative even without values. We introduce INDEXGUARD, an unsupervised index-only vetting primitive in which clients send only Top-$K$ salient update indices and the server operates on the induced overlap geometry, clustering clients and filtering cohesion-outlier groups before aggregation. We analyze support stability under bounded rescaling and separability under shared-trigger poisoning under non-IID drift. Across attacks, backbones, and PEFT variants, INDEXGUARD provides end-to-end mitigation, preserving clean accuracy while achieving performance comparable to centralized methods. | es |
| dc.language.iso | eng | es |
| dc.title | Index-only Backdoor Vetting for Secure Federated PEFT of Large Language Models | es |
| dc.type | conference object | es |
| dc.conference.date | 6-11 July 2026 | es |
| dc.conference.place | Seoul, South Korea | es |
| dc.conference.title | International Conference on Machine Learning | * |
| dc.event.type | conference | es |
| dc.pres.type | paper | es |
| dc.type.hasVersion | AM | es |
| dc.rights.accessRights | open access | es |
| dc.acronym | ICML | * |
| dc.rank | A* | * |
| dc.relation.projectName | GenAI4ED | es |
| dc.subject.keyword | Federated learning; Parameter-efficient fine-tuning; PEFT security; Large language models; Backdoor attacks; Backdoor detection; Secure aggregation | es |
| dc.description.refereed | TRUE | es |
| dc.description.status | pub | es |


