This paper investigates the vulnerability of spiking neural networks (SNNs) and federated learning (FL) to backdoor attacks using neuromorphic data. Despite the efficiency of SNNs and the privacy advantages of FL, particularly in low-powered devices, we demonstrate that these systems are susceptible to such attacks. We first assess the viability of using FL with SNNs using neuromorphic data, showing its potential usage. Then, we evaluate the transferability of known FL attack methods to SNNs, finding that these lead to suboptimal attack performance. Therefore, we explore backdoor attacks involving single and multiple attackers to improve the attack performance. Our primary contribution is developing a novel attack strategy tailored to SNNs and FL, which distributes the backdoor trigger temporally and across malicious devices, enhancing the attack's effectiveness and stealthiness. In the best case, we achieve a 100 attack success rate, 0.13 MSE, and 98.9 SSIM. Moreover, we adapt and evaluate an existing defense against backdoor attacks, revealing its inadequacy in protecting SNNs. This study underscores the need for robust security measures in deploying SNNs and FL, particularly in the context of backdoor attacks.

翻译：本文研究了尖峰神经网络（SNN）和联邦学习（FL）在神经形态数据下面对后门攻击的脆弱性。尽管SNN具有高效性，且FL在低功耗设备中具备隐私优势，但我们证明了这些系统容易遭受此类攻击。首先，我们评估了使用神经形态数据将FL与SNN结合的可行性，展示了其潜在应用价值。接着，我们检验了已知FL攻击方法对SNN的可迁移性，发现这些方法会导致次优的攻击性能。因此，我们探索了涉及单个和多个攻击者的后门攻击，以提升攻击效果。我们的主要贡献是开发了一种针对SNN和FL的新型攻击策略，该策略在时间上并跨恶意设备分布后门触发器，增强了攻击的有效性和隐蔽性。在最佳情况下，我们实现了100%的攻击成功率、0.13的均方误差和98.9的SSIM。此外，我们调整并评估了一种现有的后门攻击防御方法，揭示了其在保护SNN方面的不足。本研究强调了在部署SNN和FL时，特别是在后门攻击背景下，需要采取稳健的安全措施。