Distributed federated learning (DFL) in vehicular networks faces emerging security threats—specifically, targeted data poisoning and backdoor attacks—in fully decentralized, serverless settings with dynamic topology. Method: This paper presents the first systematic modeling and implementation of weight-aggregation-based targeted attacks under such mobile, infrastructure-free vehicular environments, uncovering novel security vulnerabilities inherent to DFL in decentralized systems. It further proposes a defense framework integrating anomaly detection and robust model filtering, explicitly designed to adapt to network dynamics. Contribution/Results: Experiments demonstrate that the proposed attacks effectively manipulate global model behavior with high efficiency. The defense framework significantly enhances resilience against both attack types, outperforming both standalone learning and conventional centralized federated learning in both classification accuracy and robustness. This work establishes foundational theoretical insights and practical defense mechanisms for securing DFL in safety-critical vehicular applications.

In emerging networked systems, mobile edge devices such as ground vehicles and unmanned aerial system (UAS) swarms collectively aggregate vast amounts of data to make machine learning decisions such as threat detection in remote, dynamic, and infrastructure-constrained environments where power and bandwidth are scarce. Federated learning (FL) addresses these constraints and privacy concerns by enabling nodes to share local model weights for deep neural networks instead of raw data, facilitating more reliable decision-making than individual learning. However, conventional FL relies on a central server to coordinate model updates in each learning round, which imposes significant computational burdens on the central node and may not be feasible due to the connectivity constraints. By eliminating dependence on a central server, distributed federated learning (DFL) offers scalability, resilience to node failures, learning robustness, and more effective defense strategies. Despite these advantages, DFL remains vulnerable to increasingly advanced and stealthy cyberattacks. In this paper, we design sophisticated targeted training data poisoning and backdoor (Trojan) attacks, and characterize the emerging vulnerabilities in a vehicular network. We analyze how DFL provides resilience against such attacks compared to individual learning and present effective defense mechanisms to further strengthen DFL against the emerging cyber threats.