{"ID":3050018,"CreatedAt":"2026-06-04T02:13:16.786527022Z","UpdatedAt":"2026-06-06T13:50:50.55850089Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2606.04899","arxiv_id":"2606.04899","title":"DIST-FL: Enhancing Security for TEE-based Aggregation in Federated Learning","abstract":"Trusted Execution Environments (TEEs)-aided federated learning protocols emerge as promising solutions to counter server-side adversaries and ensure the trustworthiness of the server. In this paper, we dissect existing protocols and demonstrate that server-side adversaries can still manipulate client selection and replay aggregation to compromise system robustness and privacy, by exploiting TEE limitations, i.e., state rollback and I/O manipulation. To this end, we present DIST-FL, a distributed system of servers guarded by multiple TEEs forming an append-only ledger for privacy-preserved, robust FL aggregation. Specifically, DIST-FL ensures operation linearizability to thwart state rollback attacks and incorporates inputs from reliable servers to mitigate I/O manipulation threats. We implement DIST-FL and conduct evaluations in WAN settings. Experimental results demonstrate that DIST-FL can effectively counter the proposed attacks and match the single-TEE's performance while offering a 6x throughput boost over its counterparts, leveraging TEE's computational advantages.","short_abstract":"Trusted Execution Environments (TEEs)-aided federated learning protocols emerge as promising solutions to counter server-side adversaries and ensure the trustworthiness of the server. In this paper, we dissect existing protocols and demonstrate that server-side adversaries can still manipulate client selection and repl...","url_abs":"https://arxiv.org/abs/2606.04899","url_pdf":"https://arxiv.org/pdf/2606.04899v1","authors":"[\"Guanlong Wu\",\"Ju Yang\",\"Zhen Huang\",\"Jianyu Niu\",\"Guoxing Chen\",\"Jianzong Wang\",\"Yinqian Zhang\"]","published":"2026-06-03T14:01:10Z","proceeding":"cs.CR","tasks":"[\"cs.CR\"]","methods":"[]","has_code":false}