{"id":"https://openalex.org/W4312822216","doi":"https://doi.org/10.1109/ijcnn55064.2022.9891900","title":"ACTSS: Input Detection Defense against Backdoor Attacks via Activation Subset Scanning","display_name":"ACTSS: Input Detection Defense against Backdoor Attacks via Activation Subset Scanning","publication_year":2022,"publication_date":"2022-07-18","ids":{"openalex":"https://openalex.org/W4312822216","doi":"https://doi.org/10.1109/ijcnn55064.2022.9891900"},"language":"en","primary_location":{"id":"doi:10.1109/ijcnn55064.2022.9891900","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn55064.2022.9891900","pdf_url":null,"source":{"id":"https://openalex.org/S4363607707","display_name":"2022 International Joint Conference on Neural Networks (IJCNN)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074107460","display_name":"Yuexin Xuan","orcid":"https://orcid.org/0000-0001-7887-2309"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuexin Xuan","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100369438","display_name":"Xiaojun Chen","orcid":"https://orcid.org/0000-0002-2818-4652"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaojun Chen","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041204026","display_name":"Zhendong Zhao","orcid":"https://orcid.org/0000-0002-8851-4246"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhendong Zhao","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044233054","display_name":"Yangyang Ding","orcid":"https://orcid.org/0000-0003-1588-2571"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yangyang Ding","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences,Beijing,China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083333420","display_name":"Jianming Lv","orcid":"https://orcid.org/0000-0003-3691-4755"},"institutions":[{"id":"https://openalex.org/I1327237609","display_name":"Ministry of Education of the People's Republic of China","ror":"https://ror.org/01mv9t934","country_code":"CN","type":"government","lineage":["https://openalex.org/I1327237609","https://openalex.org/I4210127390"]},{"id":"https://openalex.org/I90610280","display_name":"South China University of Technology","ror":"https://ror.org/0530pts50","country_code":"CN","type":"education","lineage":["https://openalex.org/I90610280"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianming Lv","raw_affiliation_strings":["School of Computer Science and Engineering, South China University of Technology,Guangzhou,China","Key Laboratory of Big Data and Intelligent Robot, Ministry of Education, Guangzhou, China","School of Computer Science and Engineering, South China University of Technology, Guangzhou, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology,Guangzhou,China","institution_ids":["https://openalex.org/I90610280"]},{"raw_affiliation_string":"Key Laboratory of Big Data and Intelligent Robot, Ministry of Education, Guangzhou, China","institution_ids":["https://openalex.org/I1327237609"]},{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology, Guangzhou, China","institution_ids":["https://openalex.org/I90610280"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.167771,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"4","issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9796521663665771},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5767019391059875},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45843300223350525}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9796521663665771},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5767019391059875},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45843300223350525}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ijcnn55064.2022.9891900","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn55064.2022.9891900","pdf_url":null,"source":{"id":"https://openalex.org/S4363607707","display_name":"2022 International Joint Conference on Neural Networks (IJCNN)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3511899757","display_name":null,"funder_award_id":"2021YFB3101400","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8817924637","display_name":null,"funder_award_id":"XDC02040400","funder_id":"https://openalex.org/F4320321133","funder_display_name":"Chinese Academy of Sciences"}],"funders":[{"id":"https://openalex.org/F4320321133","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W1686810756","https://openalex.org/W2040975718","https://openalex.org/W2067713319","https://openalex.org/W2117539524","https://openalex.org/W2119112357","https://openalex.org/W2143612262","https://openalex.org/W2146022760","https://openalex.org/W2194775991","https://openalex.org/W2581082771","https://openalex.org/W2618530766","https://openalex.org/W2748789698","https://openalex.org/W2753783305","https://openalex.org/W2774423163","https://openalex.org/W2896457183","https://openalex.org/W2898759955","https://openalex.org/W2934843808","https://openalex.org/W2970335439","https://openalex.org/W2971661634","https://openalex.org/W2990270730","https://openalex.org/W3020531607","https://openalex.org/W3093239278","https://openalex.org/W3112001526","https://openalex.org/W3114686421","https://openalex.org/W3118608800","https://openalex.org/W4289300166","https://openalex.org/W4298140072","https://openalex.org/W6637373629","https://openalex.org/W6681425521","https://openalex.org/W6743581629","https://openalex.org/W6746897123","https://openalex.org/W6750462152","https://openalex.org/W6755207826","https://openalex.org/W6756074407","https://openalex.org/W6756333562","https://openalex.org/W6784558051"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4386080799","https://openalex.org/W4401407399"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"are":[3,91,158],"vulnerable":[4],"to":[5,17,49,64,127,141],"backdoor":[6,46],"attacks":[7,47],"where":[8],"adversaries":[9],"inject":[10],"the":[11,19,25,34,40,58,66,72,75,82,95,116,136,142],"trigger":[12,42],"into":[13],"partial":[14],"training":[15],"data":[16,151],"manipulate":[18],"trained":[20],"model":[21,27],"misclassification.":[22],"In":[23,98],"addition,":[24],"poisoned":[26,67,89,96,150],"behaves":[28],"normally":[29],"on":[30,160],"clean":[31],"inputs,":[32,68],"and":[33,62,88,105,121,133,149,166,178],"malicious":[35,129],"behavior":[36],"only":[37],"occurs":[38],"when":[39],"secret":[41],"is":[43],"present,":[44],"making":[45],"hard":[48],"be":[50],"detected.":[51],"Most":[52],"existing":[53],"input":[54,107],"detection":[55,108,125],"methods":[56],"leverage":[57],"link":[59],"between":[60,147],"triggers":[61],"outputs":[63],"reveal":[65],"which":[69,114,181],"suffer":[70],"from":[71],"trigger-size":[73],"or":[74],"\u201call-to-all\u201d":[76],"attack":[77],"scenario.":[78],"We":[79,131],"show":[80],"that":[81],"internal":[83],"activations":[84,117,146],"produced":[85],"by":[86],"benign":[87,148],"inputs":[90,120],"significantly":[92],"different":[93,189],"in":[94],"model.":[97],"this":[99],"paper,":[100],"we":[101],"propose":[102],"a":[103],"novel":[104],"run-time":[106],"algorithm,":[109],"Activation":[110],"Subset":[111],"Scanning":[112],"(ACTSS),":[113],"extracts":[115],"of":[118,145,191],"incoming":[119],"leverages":[122],"an":[123],"anomaly":[124],"algorithm":[126],"identify":[128],"inputs.":[130],"search":[132],"score":[134],"for":[135,188],"abnormal":[137],"activation":[138],"subset":[139],"according":[140],"statistical":[143],"difference":[144],"using":[152],"nonparametric":[153],"statistics":[154],"technology.":[155],"Extensive":[156],"experiments":[157],"conducted":[159],"three":[161,169],"public":[162],"datasets:":[163],"CIFAR10,":[164],"GTSRB,":[165],"ImageNet,":[167],"with":[168],"representative":[170],"models.":[171],"The":[172],"results":[173],"verify":[174],"our":[175],"approach's":[176],"effectiveness":[177],"state-of-the-art":[179],"performance,":[180],"achieve":[182],"over":[183],"98%":[184],"false":[185],"rejection":[186],"rate":[187],"types":[190],"triggers.":[192]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}