Abstract: Adaptive gradient accumulation backdoor attack (AGABA) framework is designed for federated learning (FL) systems, integrating a parameterized adaptive subblock trigger (AST) with dynamic transparency and a multistage gradient accumulation (MGA) mechanism. This framework effectively addresses the persistent trade-off dilemma between stealthiness and persistence that plagues traditional backdoor attacks in the FL environment. AST decomposes the complete trigger into multiple independent components via dynamic transparency control and distributed subblock superposition technology, allowing malicious clients to collaboratively construct a global trigger pattern while maintaining a high level of attack stealthiness. The MGA mechanism adopts a three-phase attack strategy including initial accumulation, gradient accumulation and attack execution, and combines it with a parameter importance-aware mechanism. It realizes the latent hiding and targeted activation of malicious updates in model aggregation through cross-round progressive gradient accumulation. Moreover, AGABA adopts momentum-accelerated gradient divergence propagation and adaptive memory factor adjustment, ensuring that all malicious gradient updates fall within the legitimate distribution interval of the FL system and thus evading statistical anomaly-based detection mechanisms effectively. Experiments show that with 20% malicious clients participating in FL training, AGABA can maintain a favorable backdoor attack success rate even under the protection of various mainstream defense mechanisms, and its overall performance outperforms single backdoor attack methods.