{"id":"https://openalex.org/W4389352648","doi":"https://doi.org/10.1109/access.2023.3339542","title":"A Novel Semi-Supervised Adversarially Learned Meta-Classifier for Detecting Neural Trojan Attacks","display_name":"A Novel Semi-Supervised Adversarially Learned Meta-Classifier for Detecting Neural Trojan Attacks","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4389352648","doi":"https://doi.org/10.1109/access.2023.3339542"},"language":"en","primary_location":{"id":"doi:10.1109/access.2023.3339542","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3339542","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10342856.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10342856.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032851268","display_name":"Shahram Ghahremani","orcid":"https://orcid.org/0000-0001-9905-7530"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Shahram Ghahremani","raw_affiliation_strings":["Department of Electrical Engineering and Computer Science, York University, Toronto, Canada","Department of Electrical Engineering and Computer Science, York University, Toronto, Ontario, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]},{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, York University, Toronto, Ontario, Canada","institution_ids":["https://openalex.org/I192455969"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051052335","display_name":"Amir Jalaly Bidgoly","orcid":"https://orcid.org/0000-0002-8574-3537"},"institutions":[{"id":"https://openalex.org/I184468904","display_name":"University of Qom","ror":"https://ror.org/03ddeer04","country_code":"IR","type":"education","lineage":["https://openalex.org/I184468904"]},{"id":"https://openalex.org/I4210157736","display_name":"Qom University of Technology","ror":"https://ror.org/04zepk655","country_code":"IR","type":"education","lineage":["https://openalex.org/I4210157736"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Amir Jalaly Bidgoly","raw_affiliation_strings":["Department of Information Technology and Computer Engineering, University of Qom, Qom, Iran","Department of Information Technology and Computer Engineering, University of Qom, QOM, Iran"],"affiliations":[{"raw_affiliation_string":"Department of Information Technology and Computer Engineering, University of Qom, Qom, Iran","institution_ids":["https://openalex.org/I4210157736","https://openalex.org/I184468904"]},{"raw_affiliation_string":"Department of Information Technology and Computer Engineering, University of Qom, QOM, Iran","institution_ids":["https://openalex.org/I4210157736","https://openalex.org/I184468904"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014092184","display_name":"Uyen Trang Nguyen","orcid":"https://orcid.org/0000-0002-4860-3551"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Uyen Trang Nguyen","raw_affiliation_strings":["Department of Electrical Engineering and Computer Science, York University, Toronto, Canada","Department of Electrical Engineering and Computer Science, York University, Toronto, Ontario, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]},{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, York University, Toronto, Ontario, Canada","institution_ids":["https://openalex.org/I192455969"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063936654","display_name":"David K. Y. Yau","orcid":"https://orcid.org/0000-0001-9061-7423"},"institutions":[{"id":"https://openalex.org/I152815399","display_name":"Singapore University of Technology and Design","ror":"https://ror.org/05j6fvn87","country_code":"SG","type":"education","lineage":["https://openalex.org/I152815399"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"David K. Y. Yau","raw_affiliation_strings":["Information Systems Technology and Design Pillar, Singapore University of Technology and Design, Tampines, Singapore","Information Systems Technology and Design Pillar, Singapore University of Technology and Design, 8 Somapah Rd, Singapore"],"affiliations":[{"raw_affiliation_string":"Information Systems Technology and Design Pillar, Singapore University of Technology and Design, Tampines, Singapore","institution_ids":["https://openalex.org/I152815399"]},{"raw_affiliation_string":"Information Systems Technology and Design Pillar, Singapore University of Technology and Design, 8 Somapah Rd, Singapore","institution_ids":["https://openalex.org/I152815399"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5032851268"],"corresponding_institution_ids":["https://openalex.org/I192455969"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.3426,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.673863,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":"11","issue":null,"first_page":"138303","last_page":"138315"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9771999716758728,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9521999955177307,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8222101926803589},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.7846890687942505},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6936210989952087},{"id":"https://openalex.org/keywords/trojan","display_name":"Trojan","score":0.6927629709243774},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.6168574094772339},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.6136666536331177},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5968281030654907},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5894318222999573},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.4407337009906769},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.4401731491088867},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.43974217772483826},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4317631721496582},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.10808050632476807}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8222101926803589},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.7846890687942505},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6936210989952087},{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.6927629709243774},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.6168574094772339},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.6136666536331177},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5968281030654907},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5894318222999573},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.4407337009906769},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.4401731491088867},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.43974217772483826},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4317631721496582},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.10808050632476807}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2023.3339542","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3339542","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10342856.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f0ce82230348406d8534d8373736b91a","is_oa":true,"landing_page_url":"https://doaj.org/article/f0ce82230348406d8534d8373736b91a","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 138303-138315 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2023.3339542","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3339542","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10342856.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1597412403","display_name":null,"funder_award_id":"RGPIN-","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G2417676328","display_name":null,"funder_award_id":"RGPIN-2018-0","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G2980479518","display_name":null,"funder_award_id":"RGPIN-2018","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G3216283581","display_name":null,"funder_award_id":"RGPIN-201","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G6221715925","display_name":null,"funder_award_id":"RGPIN","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G6477018727","display_name":null,"funder_award_id":"RGPIN-2018-05911","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G8284766523","display_name":null,"funder_award_id":"(NSERC)","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"}],"funders":[{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4389352648.pdf","grobid_xml":"https://content.openalex.org/works/W4389352648.grobid-xml"},"referenced_works_count":42,"referenced_works":["https://openalex.org/W2007339694","https://openalex.org/W2131904035","https://openalex.org/W2748789698","https://openalex.org/W2753783305","https://openalex.org/W2774423163","https://openalex.org/W2777638777","https://openalex.org/W2797583228","https://openalex.org/W2890991187","https://openalex.org/W2897865027","https://openalex.org/W2898759955","https://openalex.org/W2934843808","https://openalex.org/W2947133760","https://openalex.org/W2963061824","https://openalex.org/W2963857521","https://openalex.org/W2966689772","https://openalex.org/W2971661634","https://openalex.org/W2986013765","https://openalex.org/W2990270730","https://openalex.org/W3018286187","https://openalex.org/W3034258347","https://openalex.org/W3108473194","https://openalex.org/W3109235236","https://openalex.org/W3112001526","https://openalex.org/W3114686421","https://openalex.org/W3118608800","https://openalex.org/W3150382221","https://openalex.org/W3152758407","https://openalex.org/W4200174352","https://openalex.org/W4214608799","https://openalex.org/W4246226690","https://openalex.org/W4289300166","https://openalex.org/W4322760095","https://openalex.org/W4378717986","https://openalex.org/W6679539681","https://openalex.org/W6743581629","https://openalex.org/W6746897123","https://openalex.org/W6747133071","https://openalex.org/W6750665317","https://openalex.org/W6756074407","https://openalex.org/W6756333562","https://openalex.org/W6766336336","https://openalex.org/W6851198228"],"related_works":["https://openalex.org/W3194633786","https://openalex.org/W2044488462","https://openalex.org/W2981877337","https://openalex.org/W3203938600","https://openalex.org/W2169074127","https://openalex.org/W2163707935","https://openalex.org/W83146503","https://openalex.org/W202723009","https://openalex.org/W4206462905","https://openalex.org/W2165396616"],"abstract_inverted_index":{"Deep":[0],"neural":[1,8,190],"networks":[2],"(DNNs)":[3],"are":[4],"highly":[5],"vulnerable":[6],"to":[7,29,62,91,121,151,158,231],"Trojan":[9,73,191,209],"attacks.":[10],"To":[11],"carry":[12],"out":[13],"such":[14,196],"an":[15,17],"attack,":[16],"adversary":[18],"retrains":[19],"a":[20,41,55,65,99,116,145,156,172],"DNN":[21],"with":[22,186],"poisoned":[23,94,106,234],"data":[24,107],"or":[25,96,236],"modifies":[26],"its":[27],"parameters":[28,237],"produce":[30],"incorrect":[31],"output.":[32],"These":[33],"attacks":[34],"can":[35],"remain":[36],"unnoticed":[37],"until":[38],"triggered":[39],"by":[40],"specific":[42],"pattern":[43],"in":[44,212,220],"the":[45,79,85,103,111,126,131,135,167,176,182,239],"input,":[46],"making":[47],"detection":[48,74,210,215],"challenging.":[49],"In":[50,102],"this":[51],"article,":[52],"we":[53,114],"propose":[54],"novel":[56],"semi-supervised":[57,146],"adversarially":[58],"learned":[59,130,168],"meta-classifier":[60],"(SESALME)":[61],"detect":[63,152],"if":[64,161],"target":[66,100,127,136,240],"model":[67,157,177],"has":[68,81],"been":[69],"trojaned.":[70,179],"Unlike":[71],"previous":[72],"methods,":[75],"SESALME":[76,138,185,206],"assumes":[77],"that":[78,164,175,187,205],"defender":[80],"no":[82,89,229],"knowledge":[83,109],"of":[84,98,105,110,118,125,134,155,184,188,214,238],"attack":[86,112],"mechanisms,":[87,113],"and":[88,108,200,217,227],"access":[90,230],"training":[92,232],"data,":[93,95,233,235],"parameters/layers":[97],"model.":[101,128,241],"absence":[104],"use":[115],"set":[117],"shadow":[119],"models":[120],"emulate":[122],"normal":[123,132,169],"behavior":[124,133,154,170],"Having":[129],"model,":[137],"then":[139],"uses":[140],"one-class":[141],"learning,":[142],"implemented":[143],"within":[144],"generative":[147],"adversarial":[148],"network":[149],"(GAN),":[150],"abnormal":[153],"be":[159],"investigated,":[160],"any.":[162],"Behavior":[163],"deviates":[165],"from":[166],"indicates":[171],"high":[173],"likelihood":[174],"is":[178],"We":[180],"compare":[181],"performance":[183,216],"state-of-the-art":[189,208],"detectors":[192],"using":[193],"popular":[194],"datasets":[195],"as":[197],"MNIST,":[198],"CIFAR-10,":[199],"SC.":[201],"Experimental":[202],"results":[203],"show":[204],"outperforms":[207],"methods":[211],"terms":[213],"inference":[218],"time":[219],"almost":[221],"all":[222],"cases,":[223],"while":[224],"being":[225],"attack-agnostic":[226],"requiring":[228]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}