{"id":"https://openalex.org/W3134376291","doi":"https://doi.org/10.1109/asianhost51057.2020.9358268","title":"Defending Against Adversarial Attacks in Deep Learning with Robust Auxiliary Classifiers Utilizing Bit Plane Slicing","display_name":"Defending Against Adversarial Attacks in Deep Learning with Robust Auxiliary Classifiers Utilizing Bit Plane Slicing","publication_year":2020,"publication_date":"2020-12-15","ids":{"openalex":"https://openalex.org/W3134376291","doi":"https://doi.org/10.1109/asianhost51057.2020.9358268","mag":"3134376291"},"language":"en","primary_location":{"id":"doi:10.1109/asianhost51057.2020.9358268","is_oa":false,"landing_page_url":"https://doi.org/10.1109/asianhost51057.2020.9358268","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100390946","display_name":"Yuan Liu","orcid":"https://orcid.org/0000-0003-3892-480X"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yuan Liu","raw_affiliation_strings":["University of Chinese Academy of Sciences,Beijing,China","University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081772659","display_name":"Pingqiang Zhou","orcid":"https://orcid.org/0000-0001-9515-9302"},"institutions":[{"id":"https://openalex.org/I30809798","display_name":"ShanghaiTech University","ror":"https://ror.org/030bhh786","country_code":"CN","type":"education","lineage":["https://openalex.org/I30809798"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Pingqiang Zhou","raw_affiliation_strings":["School of Information Science and Technology, ShanghaiTech University,Shanghai,China","School of Information Science and Technology, ShanghaiTech University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"School of Information Science and Technology, ShanghaiTech University,Shanghai,China","institution_ids":["https://openalex.org/I30809798"]},{"raw_affiliation_string":"School of Information Science and Technology, ShanghaiTech University, Shanghai, China","institution_ids":["https://openalex.org/I30809798"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5100390946"],"corresponding_institution_ids":["https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.21009167,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14117","display_name":"Integrated Circuits and Semiconductor Failure Analysis","score":0.9787999987602234,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11307","display_name":"Domain Adaptation and Few-Shot Learning","score":0.9659000039100647,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7752710580825806},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.6513180136680603},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6189077496528625},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5938177108764648},{"id":"https://openalex.org/keywords/rgb-color-model","display_name":"RGB color model","score":0.581000804901123},{"id":"https://openalex.org/keywords/slicing","display_name":"Slicing","score":0.5483905673027039},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5224934220314026},{"id":"https://openalex.org/keywords/convolution","display_name":"Convolution (computer science)","score":0.49616679549217224},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.49371156096458435},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.478874146938324},{"id":"https://openalex.org/keywords/pixel","display_name":"Pixel","score":0.4574742317199707},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.348539263010025}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7752710580825806},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.6513180136680603},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6189077496528625},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5938177108764648},{"id":"https://openalex.org/C82990744","wikidata":"https://www.wikidata.org/wiki/Q166194","display_name":"RGB color model","level":2,"score":0.581000804901123},{"id":"https://openalex.org/C2776190703","wikidata":"https://www.wikidata.org/wiki/Q488148","display_name":"Slicing","level":2,"score":0.5483905673027039},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5224934220314026},{"id":"https://openalex.org/C45347329","wikidata":"https://www.wikidata.org/wiki/Q5166604","display_name":"Convolution (computer science)","level":3,"score":0.49616679549217224},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.49371156096458435},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.478874146938324},{"id":"https://openalex.org/C160633673","wikidata":"https://www.wikidata.org/wiki/Q355198","display_name":"Pixel","level":2,"score":0.4574742317199707},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.348539263010025},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/asianhost51057.2020.9358268","is_oa":false,"landing_page_url":"https://doi.org/10.1109/asianhost51057.2020.9358268","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1945616565","https://openalex.org/W2067713319","https://openalex.org/W2143612262","https://openalex.org/W2243397390","https://openalex.org/W2963207607","https://openalex.org/W2963855133","https://openalex.org/W2963857521","https://openalex.org/W2964153729","https://openalex.org/W2981958729","https://openalex.org/W3013954922","https://openalex.org/W3118608800"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W4383221314","https://openalex.org/W3093978547","https://openalex.org/W2953536436","https://openalex.org/W3203790781","https://openalex.org/W4313346231","https://openalex.org/W2738001131","https://openalex.org/W4285785480","https://openalex.org/W2997056298"],"abstract_inverted_index":{"Deep":[0],"Neural":[1],"Networks":[2],"(DNNs)":[3],"have":[4],"been":[5],"widely":[6],"used":[7],"in":[8,80],"variety":[9],"of":[10,77,88,134],"fields":[11],"with":[12,50],"great":[13],"success.":[14],"However,":[15],"recent":[16],"researches":[17],"indicate":[18],"that":[19,65,111],"DNNs":[20,32],"are":[21],"susceptible":[22],"to":[23,44,55,125],"adversarial":[24,58],"attacks,":[25],"which":[26,71],"can":[27,94,115],"easily":[28],"fool":[29],"the":[30,46,74,118],"well-trained":[31],"without":[33,131],"being":[34],"detected":[35],"by":[36],"human":[37],"eyes.":[38],"In":[39],"this":[40],"paper,":[41],"we":[42],"propose":[43],"combine":[45],"target":[47],"DNN":[48],"model":[49,119],"robust":[51],"bit":[52,85],"plane":[53],"classifiers":[54],"defend":[56],"against":[57],"attacks.":[59],"It":[60],"comes":[61],"from":[62,123],"our":[63,112],"finding":[64],"successful":[66],"attacks":[67,128],"generate":[68],"imperceptible":[69],"perturbations,":[70],"mainly":[72],"affects":[73],"low-order":[75],"bits":[76],"pixel":[78],"value":[79],"clean":[81,135],"images.":[82,136],"Hence,":[83],"using":[84],"planes":[86],"instead":[87],"traditional":[89],"RGB":[90],"channels":[91],"for":[92],"convolution":[93],"effectively":[95,116],"reduce":[96],"channel":[97],"modification":[98],"rate.":[99],"We":[100],"conduct":[101],"experiments":[102],"on":[103,121,129],"dataset":[104],"CIFAR-10":[105,130],"and":[106],"GTSRB.":[107],"The":[108],"results":[109],"show":[110],"defense":[113],"method":[114],"increase":[117],"accuracy":[120,133],"average":[122],"8.72%":[124],"85.99%":[126],"under":[127],"sacrificina":[132]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}