Questions on the motivation of medical clients to perform attacks

[Bayesanctury]

Hello, many thanks for your great work. The idea is very interesting. I have a question regarding the problem setting.

This work focuses on poisoning attacks on FL for medical imaging, where the clients should be hospitals/medical institutions. When we talk about attacks, I think the mobile phone users or some dishonest users in a public FL project may have the motivation to make the attack. However, for medical imaging, clients typically are big authorities; they aim to collaboratively train a high-quality model, they cannot gain further benefits by attacking. Here the assumption that clients may not be honest does not make a lot of sense to me. Could you please explain more? Many thanks for your time, and look forward to your reply.

[Naiftt]

Thank you for your interest in our work. You are right, medical institutions are very unlikely to be malicious. However, they are susceptible to attacks where they can get hacked from another malicious party that can take full control of the local model training. And that will give the hackers the chance to deteriorate the global model performance. I hope this answers your question.

[Bayesanctury]

Many thanks for your reply! This assumption makes more sense for me.