{"id":"https://openalex.org/W2907806598","doi":"https://doi.org/10.1109/milcom.2018.8599814","title":"Towards the Development of Robust Deep Neural Networks in Adversarial Settings","display_name":"Towards the Development of Robust Deep Neural Networks in Adversarial Settings","publication_year":2018,"publication_date":"2018-10-01","ids":{"openalex":"https://openalex.org/W2907806598","doi":"https://doi.org/10.1109/milcom.2018.8599814","mag":"2907806598"},"language":"en","primary_location":{"id":"doi:10.1109/milcom.2018.8599814","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2018.8599814","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026618770","display_name":"Todd Huster","orcid":null},"institutions":[{"id":"https://openalex.org/I2802279603","display_name":"Vencore (United States)","ror":"https://ror.org/00sjx7d61","country_code":"US","type":"company","lineage":["https://openalex.org/I2802279603"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Todd P. Huster","raw_affiliation_strings":["Vencore Labs, Basking Ridge, NJ"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vencore Labs, Basking Ridge, NJ","institution_ids":["https://openalex.org/I2802279603"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110132499","display_name":"Cho\u2010Yu Jason Chiang","orcid":null},"institutions":[{"id":"https://openalex.org/I2802279603","display_name":"Vencore (United States)","ror":"https://ror.org/00sjx7d61","country_code":"US","type":"company","lineage":["https://openalex.org/I2802279603"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cho-Yu Jason Chiang","raw_affiliation_strings":["Vencore Labs, Basking Ridge, NJ"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vencore Labs, Basking Ridge, NJ","institution_ids":["https://openalex.org/I2802279603"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103911831","display_name":"Ritu Chadha","orcid":null},"institutions":[{"id":"https://openalex.org/I2802279603","display_name":"Vencore (United States)","ror":"https://ror.org/00sjx7d61","country_code":"US","type":"company","lineage":["https://openalex.org/I2802279603"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ritu Chadha","raw_affiliation_strings":["Vencore Labs, Basking Ridge, NJ"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vencore Labs, Basking Ridge, NJ","institution_ids":["https://openalex.org/I2802279603"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113663310","display_name":"Ananthram Swami","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ananthram Swami","raw_affiliation_strings":["Army Research Laboratory, Adelphi, MD"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Army Research Laboratory, Adelphi, MD","institution_ids":["https://openalex.org/I166416128"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3379,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.70537331,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"419","last_page":"424"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9473000168800354,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11515","display_name":"Bacillus and Francisella bacterial research","score":0.9175000190734863,"subfield":{"id":"https://openalex.org/subfields/1312","display_name":"Molecular Biology"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.8878637552261353},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8154982328414917},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7268300652503967},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6346043348312378},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.6221668124198914},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5762627720832825},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5753734111785889},{"id":"https://openalex.org/keywords/bounded-function","display_name":"Bounded function","score":0.5685685873031616},{"id":"https://openalex.org/keywords/sigmoid-function","display_name":"Sigmoid function","score":0.5429356694221497},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5350915193557739},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5319664478302002},{"id":"https://openalex.org/keywords/norm","display_name":"Norm (philosophy)","score":0.5121421813964844},{"id":"https://openalex.org/keywords/generalization","display_name":"Generalization","score":0.4988114833831787},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.40389034152030945},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.39558741450309753},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.1499185562133789},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.09445047378540039}],"concepts":[{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.8878637552261353},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8154982328414917},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7268300652503967},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6346043348312378},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.6221668124198914},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5762627720832825},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5753734111785889},{"id":"https://openalex.org/C34388435","wikidata":"https://www.wikidata.org/wiki/Q2267362","display_name":"Bounded function","level":2,"score":0.5685685873031616},{"id":"https://openalex.org/C81388566","wikidata":"https://www.wikidata.org/wiki/Q526668","display_name":"Sigmoid function","level":3,"score":0.5429356694221497},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5350915193557739},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5319664478302002},{"id":"https://openalex.org/C191795146","wikidata":"https://www.wikidata.org/wiki/Q3878446","display_name":"Norm (philosophy)","level":2,"score":0.5121421813964844},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.4988114833831787},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.40389034152030945},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.39558741450309753},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.1499185562133789},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.09445047378540039},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/milcom.2018.8599814","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2018.8599814","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W1665214252","https://openalex.org/W1673923490","https://openalex.org/W2158899491","https://openalex.org/W2160815625","https://openalex.org/W2163605009","https://openalex.org/W2184045248","https://openalex.org/W2194775991","https://openalex.org/W2414564754","https://openalex.org/W2560162835","https://openalex.org/W2603766943","https://openalex.org/W2620038827","https://openalex.org/W2786163515","https://openalex.org/W2884801476","https://openalex.org/W2952230511","https://openalex.org/W2963207607","https://openalex.org/W2963496101","https://openalex.org/W2963744840","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2964153729","https://openalex.org/W2964253222","https://openalex.org/W2964350391","https://openalex.org/W4293846201","https://openalex.org/W6683738474","https://openalex.org/W6753506584"],"related_works":["https://openalex.org/W3082263874","https://openalex.org/W3004759583","https://openalex.org/W4320018150","https://openalex.org/W3173926637","https://openalex.org/W4239582170","https://openalex.org/W4391093647","https://openalex.org/W2918664383","https://openalex.org/W106056076","https://openalex.org/W4320855730","https://openalex.org/W2135200719"],"abstract_inverted_index":{"Building":[0],"robust":[1],"deep":[2],"neural":[3],"network":[4,82],"(DNN)":[5],"machine":[6],"learning":[7,36],"models":[8],"in":[9,27,46],"adversarial":[10,53],"settings":[11],"is":[12,44],"a":[13,65],"problem":[14],"of":[15,34,76],"great":[16],"importance":[17],"to":[18,42,60,71],"communication":[19],"and":[20,94,107,110],"cyber":[21],"security.":[22],"We":[23,84,98],"consider":[24],"white-box":[25],"attacks":[26],"which":[28],"an":[29],"adversary":[30],"has":[31],"full":[32],"knowledge":[33],"the":[35,39,47,61,74,81,100],"architecture,":[37],"but":[38],"adversary's":[40],"ability":[41],"manipulate":[43],"bounded":[45],"Lp":[48],"norm":[49],"sense.":[50],"Given":[51],"that":[52,69],"examples":[54],"are":[55],"generated":[56],"via":[57],"small":[58],"perturbations":[59,79],"input,":[62],"we":[63],"develop":[64],"scalable":[66],"mathematical":[67],"framework":[68],"leads":[70],"bounds":[72],"on":[73,80],"effect":[75],"these":[77],"input":[78],"output.":[83],"study":[85],"several":[86],"typical":[87],"DNN":[88],"components:":[89],"linear":[90],"transformations,":[91],"ReLU,":[92],"sigmoid":[93],"double":[95],"ReLU":[96],"units.":[97],"use":[99],"well-calibrated":[101],"MNIST":[102],"data":[103],"for":[104],"experimental":[105],"validation,":[106],"present":[108],"results":[109],"insights.":[111]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}