{"id":"https://openalex.org/W4390874545","doi":"https://doi.org/10.1109/iccv51070.2023.00021","title":"The Victim and The Beneficiary: Exploiting a Poisoned Model to Train a Clean Model on Poisoned Data","display_name":"The Victim and The Beneficiary: Exploiting a Poisoned Model to Train a Clean Model on Poisoned Data","publication_year":2023,"publication_date":"2023-10-01","ids":{"openalex":"https://openalex.org/W4390874545","doi":"https://doi.org/10.1109/iccv51070.2023.00021"},"language":"en","primary_location":{"id":"doi:10.1109/iccv51070.2023.00021","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccv51070.2023.00021","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE/CVF International Conference on Computer Vision (ICCV)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2404.11265","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102922399","display_name":"Zixuan Zhu","orcid":"https://orcid.org/0009-0003-0678-3405"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zixuan Zhu","raw_affiliation_strings":["Institute of Information Engineering, CAS,SKLOIS,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","SKLOIS, Institute of Information Engineering, CAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, CAS,SKLOIS,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100431257","display_name":"Rui Wang","orcid":"https://orcid.org/0009-0003-8935-3119"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Rui Wang","raw_affiliation_strings":["Institute of Information Engineering, CAS,SKLOIS,Beijing,China","SKLOIS, Institute of Information Engineering, CAS, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, CAS,SKLOIS,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066214523","display_name":"C.L. Zou","orcid":"https://orcid.org/0000-0002-1901-5363"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Cong Zou","raw_affiliation_strings":["Institute of Information Engineering, CAS,SKLOIS,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","SKLOIS, Institute of Information Engineering, CAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, CAS,SKLOIS,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013812973","display_name":"Lihua Jing","orcid":"https://orcid.org/0009-0005-6369-7890"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lihua Jing","raw_affiliation_strings":["Institute of Information Engineering, CAS,SKLOIS,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","SKLOIS, Institute of Information Engineering, CAS, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, CAS,SKLOIS,Beijing,China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5102922399"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.2186,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.55594406,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"155","last_page":"164"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10800","display_name":"Forensic Toxicology and Drug Analysis","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/3005","display_name":"Toxicology"},"field":{"id":"https://openalex.org/fields/30","display_name":"Pharmacology, Toxicology and Pharmaceutics"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}},"topics":[{"id":"https://openalex.org/T10800","display_name":"Forensic Toxicology and Drug Analysis","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/3005","display_name":"Toxicology"},"field":{"id":"https://openalex.org/fields/30","display_name":"Pharmacology, Toxicology and Pharmaceutics"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10751","display_name":"Forensic and Genetic Research","score":0.9804999828338623,"subfield":{"id":"https://openalex.org/subfields/1311","display_name":"Genetics"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/beneficiary","display_name":"Beneficiary","score":0.6248344779014587},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5038778185844421},{"id":"https://openalex.org/keywords/data-modeling","display_name":"Data modeling","score":0.48591628670692444},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4427884817123413},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2065693736076355},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.16804540157318115}],"concepts":[{"id":"https://openalex.org/C26869875","wikidata":"https://www.wikidata.org/wiki/Q2596417","display_name":"Beneficiary","level":2,"score":0.6248344779014587},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5038778185844421},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.48591628670692444},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4427884817123413},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2065693736076355},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.16804540157318115},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/iccv51070.2023.00021","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccv51070.2023.00021","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE/CVF International Conference on Computer Vision (ICCV)","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2404.11265","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2404.11265","pdf_url":"https://arxiv.org/pdf/2404.11265","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2404.11265","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2404.11265","pdf_url":"https://arxiv.org/pdf/2404.11265","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2178665478","display_name":null,"funder_award_id":"6217625","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G34267490","display_name":null,"funder_award_id":"62176253","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5566207747","display_name":null,"funder_award_id":"U20B2066","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8863666567","display_name":null,"funder_award_id":"and No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4390874545.pdf","grobid_xml":"https://content.openalex.org/works/W4390874545.grobid-xml"},"referenced_works_count":40,"referenced_works":["https://openalex.org/W2154455818","https://openalex.org/W2159291644","https://openalex.org/W2194775991","https://openalex.org/W2748789698","https://openalex.org/W2774423163","https://openalex.org/W2807363941","https://openalex.org/W2934843808","https://openalex.org/W2970335439","https://openalex.org/W2971661634","https://openalex.org/W2978426779","https://openalex.org/W2992308087","https://openalex.org/W2996108195","https://openalex.org/W3007930164","https://openalex.org/W3015233197","https://openalex.org/W3023868144","https://openalex.org/W3093239278","https://openalex.org/W3107337211","https://openalex.org/W3112001526","https://openalex.org/W3130788031","https://openalex.org/W3158240034","https://openalex.org/W3162804012","https://openalex.org/W3163966458","https://openalex.org/W3206057312","https://openalex.org/W3214636874","https://openalex.org/W4214680449","https://openalex.org/W4214737857","https://openalex.org/W4285605767","https://openalex.org/W4287998266","https://openalex.org/W4289300166","https://openalex.org/W4293057377","https://openalex.org/W4307823382","https://openalex.org/W4312233756","https://openalex.org/W4312700692","https://openalex.org/W6682494755","https://openalex.org/W6762913911","https://openalex.org/W6774314701","https://openalex.org/W6784558051","https://openalex.org/W6788876066","https://openalex.org/W6803053407","https://openalex.org/W6809890637"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2498172402","https://openalex.org/W2961132505","https://openalex.org/W3125209538","https://openalex.org/W2570014772","https://openalex.org/W2943271199","https://openalex.org/W2896392936","https://openalex.org/W4301210218"],"abstract_inverted_index":{"Recently,":[0],"backdoor":[1,43,150,209],"attacks":[2,200,215],"have":[3],"posed":[4],"a":[5,28,91,104,109,124,153,176],"serious":[6],"security":[7],"threat":[8],"to":[9,49,59,89,107,122,148,168,213],"the":[10,32,39,74,119,137,141,146,218],"training":[11,94,130],"process":[12],"of":[13,42],"deep":[14],"neural":[15],"networks":[16],"(DNNs).":[17],"The":[18,96,99],"attacked":[19],"model":[20,106,111,165],"behaves":[21],"normally":[22],"on":[23,131,140,192,220],"benign":[24,57,78,114,221],"samples":[25,58,76,79,143],"but":[26],"outputs":[27],"specific":[29],"result":[30],"when":[31],"trigger":[33],"is":[34,157,205,225],"present.":[35],"However,":[36],"compared":[37],"with":[38,51,83,185],"rocketing":[40],"progress":[41],"attacks,":[44],"existing":[45],"defenses":[46],"are":[47],"difficult":[48],"deal":[50],"these":[52],"threats":[53],"effectively":[54],"or":[55],"require":[56],"work,":[60],"which":[61,102,182],"may":[62],"be":[63,81,123],"unavailable":[64],"in":[65,207],"real":[66],"scenarios.":[67],"In":[68],"this":[69],"paper,":[70],"we":[71,117,135,174],"find":[72],"that":[73,202],"poisoned":[75,105,126,172],"and":[77,98,163,211],"can":[80],"distinguished":[82],"prediction":[84],"entropy.":[85],"This":[86],"inspires":[87],"us":[88],"propose":[90,175],"novel":[92],"dual-network":[93],"framework:":[95],"Victim":[97,120,147],"Beneficiary":[100,138],"(V&B),":[101],"exploits":[103],"train":[108,136],"clean":[110],"without":[112],"extra":[113],"samples.":[115,133,222],"Firstly,":[116],"sacrifice":[118],"network":[121,139],"powerful":[125],"sample":[127],"detector":[128],"by":[129,145],"suspicious":[132],"Secondly,":[134],"credible":[142],"selected":[144],"inhibit":[149,170],"injection.":[151],"Thirdly,":[152],"semi-supervised":[154],"suppression":[155],"strategy":[156],"adopted":[158],"for":[159],"erasing":[160],"potential":[161],"backdoors":[162],"improving":[164],"performance.":[166],"Furthermore,":[167],"better":[169],"missed":[171],"samples,":[173],"strong":[177],"data":[178],"augmentation":[179],"method,":[180],"AttentionMix,":[181],"works":[183],"well":[184],"our":[186,203],"proposed":[187],"V&B":[188],"framework.":[189],"Extensive":[190],"experiments":[191],"two":[193],"widely":[194],"used":[195],"datasets":[196],"against":[197],"6":[198],"state-of-the-art":[199],"demonstrate":[201],"framework":[204],"effective":[206],"preventing":[208],"injection":[210],"robust":[212],"various":[214],"while":[216],"maintaining":[217],"performance":[219],"Our":[223],"code":[224],"available":[226],"at":[227],"https://github.com/Zixuan-Zhu/VaB.":[228]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2024-01-16T00:00:00"}