{"id":"https://openalex.org/W3045863126","doi":"https://doi.org/10.1109/icc40277.2020.9149002","title":"Robust Machine Learning against Adversarial Samples at Test Time","display_name":"Robust Machine Learning against Adversarial Samples at Test Time","publication_year":2020,"publication_date":"2020-06-01","ids":{"openalex":"https://openalex.org/W3045863126","doi":"https://doi.org/10.1109/icc40277.2020.9149002","mag":"3045863126"},"language":"en","primary_location":{"id":"doi:10.1109/icc40277.2020.9149002","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc40277.2020.9149002","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100754189","display_name":"Jing Lin","orcid":"https://orcid.org/0000-0002-4606-470X"},"institutions":[{"id":"https://openalex.org/I2613432","display_name":"University of South Florida","ror":"https://ror.org/032db5x82","country_code":"US","type":"education","lineage":["https://openalex.org/I2613432"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jing Lin","raw_affiliation_strings":["ICNS Lab and Cyber Florida, University of South Florida, Tampa, FL, USA"],"affiliations":[{"raw_affiliation_string":"ICNS Lab and Cyber Florida, University of South Florida, Tampa, FL, USA","institution_ids":["https://openalex.org/I2613432"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042072991","display_name":"Laurent Njilla","orcid":"https://orcid.org/0000-0001-8902-7418"},"institutions":[{"id":"https://openalex.org/I1280414376","display_name":"United States Air Force Research Laboratory","ror":"https://ror.org/02e2egq70","country_code":"US","type":"facility","lineage":["https://openalex.org/I1280414376","https://openalex.org/I1330347796","https://openalex.org/I4210102105","https://openalex.org/I4389425425"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Laurent L. Njilla","raw_affiliation_strings":["U.S. Air Force Research Laboratory, Cyber Assurance Branch, Rome, New York, USA"],"affiliations":[{"raw_affiliation_string":"U.S. Air Force Research Laboratory, Cyber Assurance Branch, Rome, New York, USA","institution_ids":["https://openalex.org/I1280414376"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101689516","display_name":"Kaiqi Xiong","orcid":"https://orcid.org/0000-0003-2933-8083"},"institutions":[{"id":"https://openalex.org/I2613432","display_name":"University of South Florida","ror":"https://ror.org/032db5x82","country_code":"US","type":"education","lineage":["https://openalex.org/I2613432"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kaiqi Xiong","raw_affiliation_strings":["ICNS Lab and Cyber Florida, University of South Florida, Tampa, FL, USA"],"affiliations":[{"raw_affiliation_string":"ICNS Lab and Cyber Florida, University of South Florida, Tampa, FL, USA","institution_ids":["https://openalex.org/I2613432"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100754189"],"corresponding_institution_ids":["https://openalex.org/I2613432"],"apc_list":null,"apc_paid":null,"fwci":0.3977,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.68386989,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9620000123977661,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11515","display_name":"Bacillus and Francisella bacterial research","score":0.9467999935150146,"subfield":{"id":"https://openalex.org/subfields/1312","display_name":"Molecular Biology"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.898489236831665},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.7573840022087097},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7314791083335876},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.7176095843315125},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.7146502137184143},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6633388996124268},{"id":"https://openalex.org/keywords/retraining","display_name":"Retraining","score":0.6473711729049683},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6402022838592529},{"id":"https://openalex.org/keywords/test-set","display_name":"Test set","score":0.5981521606445312},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5743579268455505},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5459604859352112},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.5237234234809875},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5144622325897217},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.16797181963920593}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.898489236831665},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.7573840022087097},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7314791083335876},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.7176095843315125},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.7146502137184143},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6633388996124268},{"id":"https://openalex.org/C2778712577","wikidata":"https://www.wikidata.org/wiki/Q3505966","display_name":"Retraining","level":2,"score":0.6473711729049683},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6402022838592529},{"id":"https://openalex.org/C169903167","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Test set","level":2,"score":0.5981521606445312},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5743579268455505},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5459604859352112},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.5237234234809875},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5144622325897217},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.16797181963920593},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0},{"id":"https://openalex.org/C155202549","wikidata":"https://www.wikidata.org/wiki/Q178803","display_name":"International trade","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icc40277.2020.9149002","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc40277.2020.9149002","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6299999952316284,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1883420340","https://openalex.org/W1945616565","https://openalex.org/W2112796928","https://openalex.org/W2183341477","https://openalex.org/W2230740169","https://openalex.org/W2243397390","https://openalex.org/W2543927648","https://openalex.org/W2574797807","https://openalex.org/W2594877703","https://openalex.org/W2761709036","https://openalex.org/W2919115771","https://openalex.org/W2948210185","https://openalex.org/W2949479613","https://openalex.org/W2963097630","https://openalex.org/W2963118571","https://openalex.org/W2963178695","https://openalex.org/W2963207607","https://openalex.org/W2963564844","https://openalex.org/W2963744840","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2964153729","https://openalex.org/W2964253222","https://openalex.org/W2983044655","https://openalex.org/W3015975623","https://openalex.org/W3108235655","https://openalex.org/W4236966694","https://openalex.org/W4240805545","https://openalex.org/W4293584023","https://openalex.org/W4293846201","https://openalex.org/W4297573953","https://openalex.org/W4300511536","https://openalex.org/W4302294892","https://openalex.org/W6637162671","https://openalex.org/W6639568328","https://openalex.org/W6640425456","https://openalex.org/W6689238212","https://openalex.org/W6719080892","https://openalex.org/W6733645847","https://openalex.org/W6734483310","https://openalex.org/W6734547106","https://openalex.org/W6738693630","https://openalex.org/W6739868092","https://openalex.org/W6744800992","https://openalex.org/W6752654261"],"related_works":["https://openalex.org/W4385524141","https://openalex.org/W4297776111","https://openalex.org/W3018979822","https://openalex.org/W3026616975","https://openalex.org/W2989784533","https://openalex.org/W4288018014","https://openalex.org/W2996058201","https://openalex.org/W2987302549","https://openalex.org/W3127679336","https://openalex.org/W4379744580"],"abstract_inverted_index":{"Though":[0],"the":[1,109,138,144,148,156,160,167],"performance":[2],"of":[3,95],"deep":[4,13,45],"learning":[5,14,46],"is":[6,39,164],"remarkable,":[7],"recent":[8],"works":[9],"have":[10,78],"shown":[11],"that":[12,21,132,155],"models":[15,47],"are":[16,22,48,98],"vulnerable":[17],"to":[18,24,28,80,100,125,178,181,185],"adversarial":[19,91,105,122,139],"samples":[20,27],"close":[23],"their":[25],"original":[26],"human":[29],"eyes":[30],"but":[31,141],"misclassified":[32],"by":[33],"Deep":[34],"Neural":[35],"Network":[36],"(DNN).":[37],"This":[38],"a":[40,120,128],"serious":[41],"problem":[42],"as":[43,58,65,67,87,108],"many":[44,94],"used":[49],"in":[50],"physical":[51],"infrastructures":[52],"and":[53,74,90,111,172,183],"critical":[54],"application":[55],"domains":[56],"such":[57,86,107],"medical":[59],"diagnosis,":[60],"self-driving":[61],"cars,":[62],"malware":[63],"detection,":[64],"well":[66],"digital":[68],"assistants":[69],"like":[70],"Google":[71],"Assistant,":[72],"Alexa,":[73],"Siri.":[75],"Many":[76],"researchers":[77],"attempted":[79],"secure":[81],"neural":[82],"networks":[83],"through":[84],"techniques":[85,97],"defensive":[88],"distillation":[89],"retraining.":[92],"Nevertheless,":[93],"these":[96],"ineffective":[99],"new":[101],"or":[102],"slightly":[103],"strong":[104],"attacks":[106,174],"Carlini":[110],"Wagner":[112],"(C&W)'s":[113],"attack.":[114],"In":[115],"this":[116],"paper,":[117],"we":[118],"propose":[119],"robust":[121],"retraining":[123],"method":[124],"iteratively":[126],"retrain":[127],"given":[129],"model":[130],"so":[131],"it":[133],"can":[134],"not":[135],"only":[136],"detect":[137],"examples":[140],"also":[142],"maintain":[143],"prediction":[145,157],"accuracy":[146,158],"for":[147],"normal":[149],"dataset.":[150],"Our":[151],"experimental":[152],"results":[153],"show":[154],"on":[159],"MNIST":[161],"test":[162],"set":[163],"maintained":[165],"while":[166],"accuracies":[168],"under":[169],"FGSM,":[170],"C&W,":[171],"DeepFool":[173],"increase":[175],"from":[176],"29%":[177,184],"91%,":[179,186],"7%":[180],"70%,":[182],"respectively.":[187]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}