{"id":"https://openalex.org/W4409445865","doi":"https://doi.org/10.1007/s40747-025-01876-y","title":"Effective defense against physically embedded backdoor attacks via clustering-based filtering","display_name":"Effective defense against physically embedded backdoor attacks via clustering-based filtering","publication_year":2025,"publication_date":"2025-04-15","ids":{"openalex":"https://openalex.org/W4409445865","doi":"https://doi.org/10.1007/s40747-025-01876-y"},"language":"en","primary_location":{"id":"doi:10.1007/s40747-025-01876-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s40747-025-01876-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s40747-025-01876-y.pdf","source":{"id":"https://openalex.org/S3035462843","display_name":"Complex & Intelligent Systems","issn_l":"2198-6053","issn":["2198-6053","2199-4536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Complex &amp; Intelligent Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://link.springer.com/content/pdf/10.1007/s40747-025-01876-y.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014087042","display_name":"Mohammed Kutbi","orcid":"https://orcid.org/0000-0002-3815-8028"},"institutions":[{"id":"https://openalex.org/I120238654","display_name":"Saudi Electronic University","ror":"https://ror.org/05ndh7v49","country_code":"SA","type":"education","lineage":["https://openalex.org/I120238654"]}],"countries":["SA"],"is_corresponding":true,"raw_author_name":"Mohammed Kutbi","raw_affiliation_strings":["College of Computing and Informatics, Saudi Electronic University, Riyadh, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"College of Computing and Informatics, Saudi Electronic University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I120238654"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5014087042"],"corresponding_institution_ids":["https://openalex.org/I120238654"],"apc_list":{"value":1320,"currency":"GBP","value_usd":1619},"apc_paid":{"value":1320,"currency":"GBP","value_usd":1619},"fwci":1.5532,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.8006648,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"11","issue":"6","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9950000047683716,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9883607625961304},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.7342317700386047},{"id":"https://openalex.org/keywords/computational-intelligence","display_name":"Computational intelligence","score":0.691665768623352},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5007874965667725},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4717092216014862},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3251475393772125}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9883607625961304},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.7342317700386047},{"id":"https://openalex.org/C139502532","wikidata":"https://www.wikidata.org/wiki/Q1122090","display_name":"Computational intelligence","level":2,"score":0.691665768623352},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5007874965667725},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4717092216014862},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3251475393772125}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s40747-025-01876-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s40747-025-01876-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s40747-025-01876-y.pdf","source":{"id":"https://openalex.org/S3035462843","display_name":"Complex & Intelligent Systems","issn_l":"2198-6053","issn":["2198-6053","2199-4536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Complex &amp; Intelligent Systems","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:9e93cc67c4fd475fbcf44711c8408b3d","is_oa":true,"landing_page_url":"https://doaj.org/article/9e93cc67c4fd475fbcf44711c8408b3d","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Complex & Intelligent Systems, Vol 11, Iss 6, Pp 1-12 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1007/s40747-025-01876-y","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s40747-025-01876-y","pdf_url":"https://link.springer.com/content/pdf/10.1007/s40747-025-01876-y.pdf","source":{"id":"https://openalex.org/S3035462843","display_name":"Complex & Intelligent Systems","issn_l":"2198-6053","issn":["2198-6053","2199-4536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Complex &amp; Intelligent Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4409445865.pdf","grobid_xml":"https://content.openalex.org/works/W4409445865.grobid-xml"},"referenced_works_count":24,"referenced_works":["https://openalex.org/W2108598243","https://openalex.org/W2593676900","https://openalex.org/W2747329762","https://openalex.org/W2807363941","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2963163009","https://openalex.org/W2966104011","https://openalex.org/W2990270730","https://openalex.org/W3002562626","https://openalex.org/W3010216907","https://openalex.org/W3048339221","https://openalex.org/W3114686421","https://openalex.org/W3162804012","https://openalex.org/W3179442871","https://openalex.org/W3211740276","https://openalex.org/W3214399478","https://openalex.org/W3215171287","https://openalex.org/W4220685868","https://openalex.org/W4225688943","https://openalex.org/W4322736917","https://openalex.org/W4391589287","https://openalex.org/W4410583120","https://openalex.org/W6600210674"],"related_works":["https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4386080799","https://openalex.org/W3140988292","https://openalex.org/W4317672133","https://openalex.org/W4401407399"],"abstract_inverted_index":{"Backdoor":[0],"attacks":[1],"pose":[2],"a":[3,46,58,83,87,106,179],"severe":[4],"threat":[5],"to":[6,36,98,126,151],"the":[7,31,39,111,146,152],"integrity":[8],"of":[9,60,145],"machine":[10],"learning":[11],"models,":[12],"especially":[13],"in":[14,30],"real-world":[15,92],"image":[16],"classification":[17,161],"tasks.":[18],"In":[19],"such":[20],"attacks,":[21],"adversaries":[22],"embed":[23],"malicious":[24],"behaviors":[25],"triggered":[26],"by":[27],"specific":[28],"patterns":[29],"training":[32],"data,":[33,177],"causing":[34],"models":[35],"misclassify":[37],"whenever":[38],"trigger":[40,147],"is":[41],"present.":[42],"This":[43],"paper":[44],"introduces":[45],"novel,":[47],"model-agnostic":[48],"defense":[49,165],"that":[50,70,163],"systematically":[51],"detects":[52],"and":[53,63,94,119,132,181],"removes":[54],"backdoor-infected":[55],"samples":[56],"using":[57],"synergy":[59],"dimensionality":[61,113],"reduction":[62],"unsupervised":[64],"clustering.":[65],"Unlike":[66],"most":[67],"existing":[68],"methods":[69],"address":[71],"digitally":[72],"added":[73],"triggers,":[74],"our":[75,164],"approach":[76],"specifically":[77],"targets":[78],"physically":[79],"embedded":[80],"triggers":[81],"(e.g.,":[82],"bandage":[84],"placed":[85],"on":[86,157,175],"face),":[88],"which":[89],"closely":[90],"resemble":[91],"occlusions":[93],"are":[95],"therefore":[96],"harder":[97],"detect.":[99],"We":[100],"first":[101],"extract":[102],"high-level":[103],"features":[104],"from":[105],"trusted,":[107],"pre-trained":[108],"model,":[109],"reduce":[110],"feature":[112],"via":[114],"Principal":[115],"Component":[116],"Analysis":[117],"(PCA),":[118],"then":[120],"fit":[121],"Gaussian":[122],"Mixture":[123],"Models":[124],"(GMMs)":[125],"cluster":[127],"suspicious":[128],"samples.":[129],"By":[130],"identifying":[131],"filtering":[133],"out":[134],"outlying":[135],"clusters,":[136],"we":[137],"effectively":[138],"isolate":[139],"poisoned":[140],"images":[141],"without":[142],"assuming":[143],"knowledge":[144],"or":[148],"requiring":[149],"access":[150],"victim":[153],"model.":[154],"Extensive":[155],"experiments":[156],"face":[158],"versus":[159],"non-face":[160],"demonstrate":[162],"substantially":[166],"reduces":[167],"attack":[168],"success":[169],"rates":[170],"while":[171],"preserving":[172],"high":[173],"accuracy":[174],"clean":[176],"offering":[178],"practical":[180],"robust":[182],"solution":[183],"against":[184],"challenging":[185],"backdoor":[186],"scenarios.":[187]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}