Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning

Aiting YAO; Chengzu DONG; Shantanu PAL; Frank JIANG; Haiyan WANG; Ruonan LI; Wenying FENG; Lichen LIU; Zhaoquan GU

doi:10.1007/978-981-95-3456-2_30

Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning

Aiting YAO
, Chengzu DONG
, Shantanu PAL
, Frank JIANG
, Haiyan WANG
, Ruonan LI
, Wenying FENG
, Lichen LIU
, Zhaoquan GU^*

^*Corresponding author for this work

School of Data Science

Research output: Book Chapters | Papers in Conference Proceedings › Conference paper (refereed) › Research › peer-review

Abstract

Federated learning allows multiple parties to collaboratively train AI models without sharing raw data—but this privacy advantage comes with risks. A major threat is poisoning attacks, where malicious participants submit fake model updates to sabotage the global model. Current defenses typically use statistical methods to filter out suspicious updates, but these approaches struggle to detect subtle attacks in real time and offer little insight into why an update was flagged. To address this, we introduce Incremental Provenance Analysis (IPA), a new defense framework that monitors how model updates evolve over time ΔW. Unlike traditional methods, IPA doesn’t just look for outliers—it learns the typical “provenance” of benign updates. When an update deviates suspiciously, IPA not only detects it but also traces the attack source and adjusts the aggregation strategy dynamically. Our experiments show IPA effectively thwarts poisoning attempts while maintaining model accuracy, offering a more transparent and adaptive solution for secure federated learning.

Original language	English
Title of host publication	Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings
Editors	Masatoshi YOSHIKAWA, Xiaofeng MENG, Yang CAO, Chuan XIAO, Weitong CHEN, Yanda WANG
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	431-445
Number of pages	15
ISBN (Electronic)	9789819534562
ISBN (Print)	9789819534555
DOIs	https://doi.org/10.1007/978-981-95-3456-2_30
Publication status	Published - 17 Oct 2025
Event	21st International Conference on Advanced Data Mining and Applications, ADMA 2025 - Kyoto, Japan Duration: 22 Oct 2025 → 24 Oct 2025

Publication series

Name	Lecture Notes in Computer Science
Volume	16198
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st International Conference on Advanced Data Mining and Applications, ADMA 2025
Country/Territory	Japan
City	Kyoto
Period	22/10/25 → 24/10/25

Bibliographical note

Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.

Funding

This work was conducted at the Research Institute for Artificial Intelligence of Things (RIAIoT) and supported by PolyU Internal Research Fund (No.BDZ3) and PolyU External Research Fund (No. ZDH5). Also, this work has benefited from the financial support of the EdUHK project under Grant No. RG 67/2024-2025R and Lingnan University (SDS24A5).

Keywords

Anomaly Detection
Federated Learning
Incremental Provenance Analysis
Model Security
Poisoning Attack
Source Attribution

Access to Document

10.1007/978-981-95-3456-2_30

Cite this

YAO, A., DONG, C., PAL, S., JIANG, F., WANG, H., LI, R., FENG, W., LIU, L., & GU, Z. (2025). Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning. In M. YOSHIKAWA, X. MENG, Y. CAO, C. XIAO, W. CHEN, & Y. WANG (Eds.), Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings (pp. 431-445). (Lecture Notes in Computer Science; Vol. 16198). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-95-3456-2_30

YAO, Aiting ; DONG, Chengzu ; PAL, Shantanu et al. / Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning. Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings. editor / Masatoshi YOSHIKAWA ; Xiaofeng MENG ; Yang CAO ; Chuan XIAO ; Weitong CHEN ; Yanda WANG. Springer Science and Business Media Deutschland GmbH, 2025. pp. 431-445 (Lecture Notes in Computer Science).

@inproceedings{a723833e48f944e5977faeed93cfd64e,

title = "Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning",

abstract = "Federated learning allows multiple parties to collaboratively train AI models without sharing raw data—but this privacy advantage comes with risks. A major threat is poisoning attacks, where malicious participants submit fake model updates to sabotage the global model. Current defenses typically use statistical methods to filter out suspicious updates, but these approaches struggle to detect subtle attacks in real time and offer little insight into why an update was flagged. To address this, we introduce Incremental Provenance Analysis (IPA), a new defense framework that monitors how model updates evolve over time ΔW. Unlike traditional methods, IPA doesn{\textquoteright}t just look for outliers—it learns the typical “provenance” of benign updates. When an update deviates suspiciously, IPA not only detects it but also traces the attack source and adjusts the aggregation strategy dynamically. Our experiments show IPA effectively thwarts poisoning attempts while maintaining model accuracy, offering a more transparent and adaptive solution for secure federated learning.",

keywords = "Anomaly Detection, Federated Learning, Incremental Provenance Analysis, Model Security, Poisoning Attack, Source Attribution",

author = "Aiting YAO and Chengzu DONG and Shantanu PAL and Frank JIANG and Haiyan WANG and Ruonan LI and Wenying FENG and Lichen LIU and Zhaoquan GU",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.; 21st International Conference on Advanced Data Mining and Applications, ADMA 2025 ; Conference date: 22-10-2025 Through 24-10-2025",

year = "2025",

month = oct,

day = "17",

doi = "10.1007/978-981-95-3456-2\_30",

language = "English",

isbn = "9789819534555",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "431--445",

editor = "Masatoshi YOSHIKAWA and Xiaofeng MENG and Yang CAO and Chuan XIAO and Weitong CHEN and Yanda WANG",

booktitle = "Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings",

address = "Germany",

}

YAO, A, DONG, C, PAL, S, JIANG, F, WANG, H, LI, R, FENG, W, LIU, L & GU, Z 2025, Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning. in M YOSHIKAWA, X MENG, Y CAO, C XIAO, W CHEN & Y WANG (eds), Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings. Lecture Notes in Computer Science, vol. 16198, Springer Science and Business Media Deutschland GmbH, pp. 431-445, 21st International Conference on Advanced Data Mining and Applications, ADMA 2025, Kyoto, Japan, 22/10/25. https://doi.org/10.1007/978-981-95-3456-2_30

Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning. / YAO, Aiting; DONG, Chengzu; PAL, Shantanu et al.
Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings. ed. / Masatoshi YOSHIKAWA; Xiaofeng MENG; Yang CAO; Chuan XIAO; Weitong CHEN; Yanda WANG. Springer Science and Business Media Deutschland GmbH, 2025. p. 431-445 (Lecture Notes in Computer Science; Vol. 16198).

Research output: Book Chapters | Papers in Conference Proceedings › Conference paper (refereed) › Research › peer-review

TY - GEN

T1 - Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning

AU - YAO, Aiting

AU - DONG, Chengzu

AU - PAL, Shantanu

AU - JIANG, Frank

AU - WANG, Haiyan

AU - LI, Ruonan

AU - FENG, Wenying

AU - LIU, Lichen

AU - GU, Zhaoquan

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.

PY - 2025/10/17

Y1 - 2025/10/17

N2 - Federated learning allows multiple parties to collaboratively train AI models without sharing raw data—but this privacy advantage comes with risks. A major threat is poisoning attacks, where malicious participants submit fake model updates to sabotage the global model. Current defenses typically use statistical methods to filter out suspicious updates, but these approaches struggle to detect subtle attacks in real time and offer little insight into why an update was flagged. To address this, we introduce Incremental Provenance Analysis (IPA), a new defense framework that monitors how model updates evolve over time ΔW. Unlike traditional methods, IPA doesn’t just look for outliers—it learns the typical “provenance” of benign updates. When an update deviates suspiciously, IPA not only detects it but also traces the attack source and adjusts the aggregation strategy dynamically. Our experiments show IPA effectively thwarts poisoning attempts while maintaining model accuracy, offering a more transparent and adaptive solution for secure federated learning.

AB - Federated learning allows multiple parties to collaboratively train AI models without sharing raw data—but this privacy advantage comes with risks. A major threat is poisoning attacks, where malicious participants submit fake model updates to sabotage the global model. Current defenses typically use statistical methods to filter out suspicious updates, but these approaches struggle to detect subtle attacks in real time and offer little insight into why an update was flagged. To address this, we introduce Incremental Provenance Analysis (IPA), a new defense framework that monitors how model updates evolve over time ΔW. Unlike traditional methods, IPA doesn’t just look for outliers—it learns the typical “provenance” of benign updates. When an update deviates suspiciously, IPA not only detects it but also traces the attack source and adjusts the aggregation strategy dynamically. Our experiments show IPA effectively thwarts poisoning attempts while maintaining model accuracy, offering a more transparent and adaptive solution for secure federated learning.

KW - Anomaly Detection

KW - Federated Learning

KW - Incremental Provenance Analysis

KW - Model Security

KW - Poisoning Attack

KW - Source Attribution

UR - https://www.scopus.com/pages/publications/105020728923

U2 - 10.1007/978-981-95-3456-2_30

DO - 10.1007/978-981-95-3456-2_30

M3 - Conference paper (refereed)

AN - SCOPUS:105020728923

SN - 9789819534555

T3 - Lecture Notes in Computer Science

SP - 431

EP - 445

BT - Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings

A2 - YOSHIKAWA, Masatoshi

A2 - MENG, Xiaofeng

A2 - CAO, Yang

A2 - XIAO, Chuan

A2 - CHEN, Weitong

A2 - WANG, Yanda

PB - Springer Science and Business Media Deutschland GmbH

T2 - 21st International Conference on Advanced Data Mining and Applications, ADMA 2025

Y2 - 22 October 2025 through 24 October 2025

ER -

YAO A, DONG C, PAL S, JIANG F, WANG H, LI R et al. Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning. In YOSHIKAWA M, MENG X, CAO Y, XIAO C, CHEN W, WANG Y, editors, Advanced Data Mining and Applications - 21st International Conference, ADMA 2025, Proceedings. Springer Science and Business Media Deutschland GmbH. 2025. p. 431-445. (Lecture Notes in Computer Science). Epub 2025 Oct 17. doi: 10.1007/978-981-95-3456-2_30

Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning

Abstract

Publication series

Conference

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Advancing Personality-Aware Conversational AI: Dataset Development and Dialogue Transformation Using Large Language Models

Cite this

Adaptive Incremental Provenance Analysis for Trustworthy Federated Learning

Abstract

Publication series

Conference

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Projects

Advancing Personality-Aware Conversational AI: Dataset Development and Dialogue Transformation Using Large Language Models

Cite this