{"id":"https://openalex.org/W4320024149","doi":"https://doi.org/10.1109/bigdata55660.2022.10021089","title":"Exploring the Target Distribution for Surrogate-Based Black-Box Attacks","display_name":"Exploring the Target Distribution for Surrogate-Based Black-Box Attacks","publication_year":2022,"publication_date":"2022-12-17","ids":{"openalex":"https://openalex.org/W4320024149","doi":"https://doi.org/10.1109/bigdata55660.2022.10021089"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata55660.2022.10021089","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/bigdata55660.2022.10021089","pdf_url":null,"source":{"id":"https://openalex.org/S4363607709","display_name":"2022 IEEE International Conference on Big Data (Big Data)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047078657","display_name":"Raha Moraffah","orcid":"https://orcid.org/0000-0002-6891-2925"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Raha Moraffah","raw_affiliation_strings":["Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA"],"affiliations":[{"raw_affiliation_string":"Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084131728","display_name":"Paras Sheth","orcid":"https://orcid.org/0000-0002-6186-6946"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Paras Sheth","raw_affiliation_strings":["Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA"],"affiliations":[{"raw_affiliation_string":"Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100338946","display_name":"Huan Liu","orcid":"https://orcid.org/0000-0002-3264-7904"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Huan Liu","raw_affiliation_strings":["Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA"],"affiliations":[{"raw_affiliation_string":"Arizona State University,Computer Science &#x0026; Engineering,Tempe,AZ,USA","institution_ids":["https://openalex.org/I55732556"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5047078657"],"corresponding_institution_ids":["https://openalex.org/I55732556"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.20572075,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1310","last_page":"1315"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9341999888420105,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.906499981880188,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/surrogate-model","display_name":"Surrogate model","score":0.8169496655464172},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.73764568567276},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.6602147221565247},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.6376475691795349},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.612250804901123},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5772498250007629},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5278059244155884},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.41735172271728516},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.36431363224983215}],"concepts":[{"id":"https://openalex.org/C131675550","wikidata":"https://www.wikidata.org/wiki/Q7646884","display_name":"Surrogate model","level":2,"score":0.8169496655464172},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.73764568567276},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.6602147221565247},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.6376475691795349},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.612250804901123},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5772498250007629},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5278059244155884},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.41735172271728516},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.36431363224983215},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata55660.2022.10021089","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/bigdata55660.2022.10021089","pdf_url":null,"source":{"id":"https://openalex.org/S4363607709","display_name":"2022 IEEE International Conference on Big Data (Big Data)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320316514","display_name":"Arm","ror":"https://ror.org/04mmhzs81"},{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W1686810756","https://openalex.org/W1945616565","https://openalex.org/W1959608418","https://openalex.org/W2108501770","https://openalex.org/W2194775991","https://openalex.org/W2461943168","https://openalex.org/W2570685808","https://openalex.org/W2603766943","https://openalex.org/W2621357189","https://openalex.org/W2947874337","https://openalex.org/W2950782995","https://openalex.org/W2962847335","https://openalex.org/W2963303354","https://openalex.org/W2963844355","https://openalex.org/W2963857521","https://openalex.org/W2964318098","https://openalex.org/W2969542116","https://openalex.org/W3020621865","https://openalex.org/W3022021750","https://openalex.org/W3034530016","https://openalex.org/W3036001318","https://openalex.org/W3107235539","https://openalex.org/W3118608800","https://openalex.org/W3167676691","https://openalex.org/W3171288285","https://openalex.org/W3174097268","https://openalex.org/W3175685622","https://openalex.org/W4313140285","https://openalex.org/W6637373629","https://openalex.org/W6640425456","https://openalex.org/W6640963894","https://openalex.org/W6675944832","https://openalex.org/W6731927902","https://openalex.org/W6759580348","https://openalex.org/W6770674618","https://openalex.org/W6771961379","https://openalex.org/W6776690448","https://openalex.org/W6780010867","https://openalex.org/W6787972765"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W4246396837","https://openalex.org/W2482350142","https://openalex.org/W3176240006","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4379538695","https://openalex.org/W4225799919","https://openalex.org/W2341136212"],"abstract_inverted_index":{"Deep":[0],"Neural":[1],"Networks":[2],"are":[3],"shown":[4],"to":[5,8,35,46,61,99,245],"be":[6],"prone":[7],"adversarial":[9,48,101,146,222,242],"attacks.":[10],"In":[11],"the":[12,19,33,37,64,72,94,121,132,136,151,155,161,185,195,213,218,227,233],"black-box":[13,24],"setting,":[14],"where":[15],"no":[16],"information":[17],"about":[18],"target":[20,34,122,137,186,214],"is":[21,43,203],"available,":[22],"surrogate-based":[23,51,106,176],"attacks":[25,52],"train":[26],"a":[27,76,104,116,174,180,206],"surrogate":[28,42,117,181,219],"on":[29,86,167],"samples":[30],"queried":[31],"from":[32,54,198],"imitate":[36],"black-box\u2019s":[38],"behavior.":[39],"The":[40,201],"trained":[41],"then":[44],"attacked":[45],"generate":[47,100],"examples.":[49,102],"Existing":[50],"suffer":[53],"low":[55],"success":[56],"rates":[57],"because":[58],"they":[59],"fail":[60],"accurately":[62,119],"capture":[63],"target\u2019s":[65,73,162],"behavior,":[66],"i.e.,":[67,131,157],"their":[68,82],"surrogates":[69],"only":[70],"mimic":[71],"outputs":[74,192],"for":[75,124],"given":[77],"set":[78],"of":[79,89,127,135,154,170,235],"inputs.":[80],"Moreover,":[81],"attack":[83,107,177,208,237],"strategy":[84,209],"relies":[85],"noisy":[87,168],"estimations":[88,169],"high":[90],"dimensional":[91],"gradients":[92],"w.r.t.":[93],"inputs":[95,190],"(i.e.,":[96],"surrogate\u2019s":[97],"gradients)":[98],"Ideally,":[103],"successful":[105,241],"should":[108],"possess":[109],"two":[110],"properties:":[111],"(1)":[112],"Train":[113],"and":[114,129,141,143,191],"employ":[115],"that":[118,159,183,210],"imitates":[120],"behavior":[123],"every":[125],"pair":[126],"input":[128,140],"output,":[130,163],"joint":[133],"distribution":[134,187,215],"over":[138,188],"its":[139,189],"outputs;":[142],"(2)":[144],"Generate":[145],"examples":[147,223,243],"by":[148,217,224],"directly":[149,225],"manipulating":[150,226],"class-dependent":[152,196,228],"factors":[153,158,197],"input,":[156],"affect":[160],"rather":[164],"than":[165],"relying":[166],"gradients.":[171],"We":[172],"propose":[173],"novel":[175,207],"framework":[178,202],"with":[179,205],"architecture":[182],"learns":[184],"while":[193,220],"disentangling":[194],"class-irrelevant":[199],"ones.":[200],"equipped":[204],"fully":[211],"utilizes":[212],"captured":[216],"generating":[221,239],"factors.":[229],"Extensive":[230],"experiments":[231],"demonstrate":[232],"efficacy":[234],"our":[236],"in":[238],"highly":[240],"compared":[244],"state-of-the-art":[246],"methods.":[247]},"counts_by_year":[],"updated_date":"2025-12-21T23:12:01.093139","created_date":"2025-10-10T00:00:00"}