What problem does this paper attempt to address?

The problem that this paper attempts to solve is the new back - door attack threat in the Federated Neuromorphic Learning (FedNL) system. Specifically, the paper explores the Temporal Spike Backdoor Attacks based on Time Division Multiplexing (TDM), namely Spikewhisper attacks. ### Problem Background 1. **Federated Neuromorphic Learning (FedNL)** - It combines Federated Learning (FL) and Spiking Neural Networks (SNNs), enabling low - power devices to efficiently collaborate in training large - scale AI models while protecting data privacy. 2. **Existing Threats** - Traditional Deep Neural Networks (DNNs) are vulnerable to back - door attacks, which manipulate model behavior by injecting specific triggers into the training set. However, in FedNL, since SNNs process discrete events and have temporal characteristics, unknown threats may be hidden in time - varying spike signals. ### Research Motivation - Existing back - door attack research mainly focuses on traditional DNNs, while there is less research on back - door attacks in SNNs, especially in FedNL. - The paper aims to explore and verify a new back - door attack method - Spikewhisper, to reveal the potential security vulnerabilities of the FedNL system and provide references for future defense mechanisms. ### Main Contributions 1. **Proposed a new Temporal Spike Backdoor Attack Scheme** - The Spikewhisper attack uses the concept of time division multiplexing to split the global trigger into multiple time slices. Each malicious client only injects a local trigger within a specific time slice, thereby improving the stealth and effectiveness of the attack. 2. **Identified the Sensitivity of the Attack Effect** - It depends not only on the size and position of the local trigger but also is closely related to the time duration. Experiments show that the Attack Success Rate (ASR) of Spikewhisper varies significantly under different time utilization rates. 3. **Experimentally Proved the Effectiveness of Spikewhisper** - Experiments were carried out using two different neuromorphic datasets (N - MNIST and CIFAR10 - DVS). The results show that Spikewhisper has a higher attack success rate compared to the traditional Temporally Centralized Attack (TCA), while having less impact on the main task accuracy. ### Key Technical Points - **Time Division Multiplexing (TDM)** : Disperse the global trigger into multiple time slices. Each malicious client is responsible for one or more time slices, avoiding the exposure risk of a single trigger throughout the entire time period. - **Trigger Design** : Allows attackers to configure the polarity and motion trajectory of local triggers, making them more in line with the characteristics of neuromorphic data and enhancing stealth. - **Experimental Verification** : By adjusting the time utilization rate (U), study its impact on the attack effect, and find that a higher time utilization rate can significantly improve the attack success rate. In conclusion, this paper reveals the new security threats in the FedNL system by introducing the Spikewhisper attack and provides an important reference direction for future research.