FLARE: A Wireless Side-Channel Fingerprinting Attack on Federated Learning

Federated Learning (FL) enables collaborative model training across distributed devices while safeguarding data and user privacy. However, FL remains susceptible to privacy threats that can compromise data via direct means. That said, indirectly compromising the confidentiality of the FL model architecture (e.g., a convolutional neural network (CNN) or a recurrent neural network (RNN)) on a client device by an outsider remains unexplored. If leaked, this information can enable next-level attacks tailored to the architecture. This paper proposes a novel side-channel fingerprinting attack, leveraging flow-level and packet-level statistics of encrypted wireless traffic from an FL client to infer its deep learning model architecture. We name it FLARE, a fingerprinting framework based on FL Architecture REconnaissance. Evaluation across various CNN and RNN variants-including pre-trained and custom models trained over IEEE 802.11 Wi-Fi-shows that FLARE achieves over 98% F1-score in closed-world and up to 91% in open-world scenarios. These results reveal that CNN and RNN models leak distinguishable traffic patterns, enabling architecture fingerprinting even under realistic FL settings with hardware, software, and data heterogeneity. To our knowledge, this is the first work to fingerprint FL model architectures by sniffing encrypted wireless traffic, exposing a critical side-channel vulnerability in current FL systems.

Generalizing Biased Backpressure Routing and Scheduling to Wireless Multi-hop Networks with Advanced Air-interfaces

Backpressure (BP) routing and scheduling is a well-established resource allocation method for wireless multi-hop networks, known for its fully distributed operations and proven maximum queue stability. Recent advances in shortest path-biased BP routing (SP-BP) mitigate shortcomings such as slow startup and random walk, but exclusive link-level commodity selection still suffers from the last-packet problem and bandwidth underutilization. Moreover, classic BP routing implicitly assumes single-input-single-output (SISO) transceivers, which can lead to the same packets being scheduled on multiple outgoing links for multiple-input-multiple-output (MIMO) transceivers, causing detouring and looping in MIMO networks. In this paper, we revisit the foundational Lyapunov drift theory underlying BP routing and demonstrate that exclusive commodity selection is unnecessary, and instead propose a Max-Utility link-sharing method. Additionally, we generalize MaxWeight scheduling to MIMO networks by introducing attributed capacity hypergraphs (ACH), an extension of traditional conflict graphs for SISO networks, and by incorporating backlog reassignment into scheduling iterations to prevent redundant packet routing. Numerical evaluations show that our approach substantially mitigates the last-packet problem in state-of-the-art (SOTA) SP-BP under lightweight traffic, and slightly expands the network capacity region for heavier traffic.

Optimal Routing and Link Configuration for Covert Heterogeneous Wireless Networks

Nodes in contemporary radio networks often have multiple interfaces available for communication: WiFi, cellular, LoRa, Zigbee, etc. This motivates understanding both link and network configuration when multiple communication modalities with vastly different capabilities are available to each node. In conjunction, covertness or the hiding of radio communications is often a significant concern in both commercial and military wireless networks. We consider the optimal routing problem in wireless networks when nodes have multiple interfaces available and intend to hide the presence of the transmission from attentive and capable adversaries. We first consider the maximization of the route capacity given an end-to-end covertness constraint against a single adversary and we find a polynomial-time algorithm for optimal route selection and link configuration. We further provide optimal polynomial-time algorithms for two important extensions: (i) statistical uncertainty during optimization about the channel state information for channels from system nodes to the adversary; and, (ii) maintaining covertness against multiple adversaries. Numerical results are included to demonstrate the gains of employing heterogeneous radio resources and to compare the performance of the proposed approach versus alternatives.