{"id":"https://openalex.org/W4406612479","doi":"https://doi.org/10.1109/smc54092.2024.10832063","title":"MCD: Defense Against Query-Based Black-Box Surrogate Attacks","display_name":"MCD: Defense Against Query-Based Black-Box Surrogate Attacks","publication_year":2024,"publication_date":"2024-10-06","ids":{"openalex":"https://openalex.org/W4406612479","doi":"https://doi.org/10.1109/smc54092.2024.10832063"},"language":"en","primary_location":{"id":"doi:10.1109/smc54092.2024.10832063","is_oa":false,"landing_page_url":"https://doi.org/10.1109/smc54092.2024.10832063","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Systems, Man, and Cybernetics (SMC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Yiwen Zou","orcid":null},"institutions":[{"id":"https://openalex.org/I90610280","display_name":"South China University of Technology","ror":"https://ror.org/0530pts50","country_code":"CN","type":"education","lineage":["https://openalex.org/I90610280"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yiwen Zou","raw_affiliation_strings":["School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006","institution_ids":["https://openalex.org/I90610280"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105759393","display_name":"Wing W. Y. Ng","orcid":"https://orcid.org/0000-0003-0783-3585"},"institutions":[{"id":"https://openalex.org/I90610280","display_name":"South China University of Technology","ror":"https://ror.org/0530pts50","country_code":"CN","type":"education","lineage":["https://openalex.org/I90610280"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wing W. Y. Ng","raw_affiliation_strings":["School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006","institution_ids":["https://openalex.org/I90610280"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100777373","display_name":"Xueli Zhang","orcid":"https://orcid.org/0000-0001-5963-9261"},"institutions":[{"id":"https://openalex.org/I90610280","display_name":"South China University of Technology","ror":"https://ror.org/0530pts50","country_code":"CN","type":"education","lineage":["https://openalex.org/I90610280"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xueli Zhang","raw_affiliation_strings":["School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006","institution_ids":["https://openalex.org/I90610280"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Brick Loo","orcid":null},"institutions":[{"id":"https://openalex.org/I90610280","display_name":"South China University of Technology","ror":"https://ror.org/0530pts50","country_code":"CN","type":"education","lineage":["https://openalex.org/I90610280"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Brick Loo","raw_affiliation_strings":["School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, South China University of Technology,Guangzhou,China,510006","institution_ids":["https://openalex.org/I90610280"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043759295","display_name":"Xingfu Yan","orcid":null},"institutions":[{"id":"https://openalex.org/I187400657","display_name":"South China Normal University","ror":"https://ror.org/01kq0pv72","country_code":"CN","type":"education","lineage":["https://openalex.org/I187400657"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xingfu Yan","raw_affiliation_strings":["School of Computer Science, South China Normal University,Guangzhou,China,510006"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, South China Normal University,Guangzhou,China,510006","institution_ids":["https://openalex.org/I187400657"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5115595161","display_name":"Ran Wang","orcid":"https://orcid.org/0000-0002-7580-9109"},"institutions":[{"id":"https://openalex.org/I180726961","display_name":"Shenzhen University","ror":"https://ror.org/01vy4gh70","country_code":"CN","type":"education","lineage":["https://openalex.org/I180726961"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ran Wang","raw_affiliation_strings":["School of Mathematical Sciences, Shenzhen University,Shenzhen,China,518060"],"affiliations":[{"raw_affiliation_string":"School of Mathematical Sciences, Shenzhen University,Shenzhen,China,518060","institution_ids":["https://openalex.org/I180726961"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I90610280"],"apc_list":null,"apc_paid":null,"fwci":0.3345,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.69891401,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"5359","last_page":"5366"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.7338334918022156},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6894185543060303},{"id":"https://openalex.org/keywords/query-optimization","display_name":"Query optimization","score":0.46667778491973877},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.24950402975082397},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2293270230293274}],"concepts":[{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.7338334918022156},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6894185543060303},{"id":"https://openalex.org/C157692150","wikidata":"https://www.wikidata.org/wiki/Q2919848","display_name":"Query optimization","level":2,"score":0.46667778491973877},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.24950402975082397},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2293270230293274}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/smc54092.2024.10832063","is_oa":false,"landing_page_url":"https://doi.org/10.1109/smc54092.2024.10832063","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Systems, Man, and Cybernetics (SMC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5026819754","display_name":null,"funder_award_id":"62302173,62176160","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W12634471","https://openalex.org/W2047643928","https://openalex.org/W2112796928","https://openalex.org/W2145607950","https://openalex.org/W2551176409","https://openalex.org/W2963303354","https://openalex.org/W2969695741","https://openalex.org/W2973414778","https://openalex.org/W3035379805","https://openalex.org/W3164111940","https://openalex.org/W3178659068","https://openalex.org/W3206880386","https://openalex.org/W4319878939","https://openalex.org/W4367191550","https://openalex.org/W4367368092","https://openalex.org/W6625168331","https://openalex.org/W6703116779","https://openalex.org/W6743688258","https://openalex.org/W6757615711","https://openalex.org/W6770411749","https://openalex.org/W6774150056","https://openalex.org/W6784323503","https://openalex.org/W6790544463","https://openalex.org/W6838637662"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"(DNNs)":[3],"is":[4,68,156],"susceptible":[5],"to":[6,21,59,70,87,100,114,164],"surrogate":[7,12],"attacks,":[8,141],"where":[9],"adversaries":[10],"use":[11],"data":[13],"and":[14,33,55,89,104,133,139,199],"corresponding":[15],"outputs":[16],"from":[17,62],"the":[18,49,65,72,109,116,124,142,168,174,183,186,193,201],"target":[19],"model":[20,31,34,107,194],"build":[22],"their":[23],"own":[24],"stolen":[25],"model.":[26],"Model":[27],"stealing":[28],"attacks":[29],"jeopardize":[30],"privacy":[32],"owners'":[35],"commercial":[36],"benefits.":[37],"To":[38],"address":[39],"this":[40,42],"issue,":[41],"paper":[43],"proposes":[44],"a":[45,112,128,157],"hybrid":[46],"protection":[47],"approach-Maximize":[48],"confidence":[50],"differences":[51],"between":[52],"benign":[53],"samples":[54,57,80,206],"adversarial":[56],"(MCD),":[58],"protect":[60],"models":[61,132],"theft.":[63],"Firstly,":[64],"LogitNorm":[66],"approach":[67],"used":[69],"overcome":[71],"overconfidence":[73,190],"problem":[74],"in":[75,196],"adversary":[76],"query":[77],"classification.":[78],"Then,":[79],"are":[81,93],"divided":[82],"into":[83],"four":[84],"groups":[85,92],"according":[86],"ES":[88],"RS.":[90],"Different":[91],"poisoned":[94],"by":[95,177],"different":[96],"degrees.":[97],"In":[98],"addition":[99],"enhancing":[101],"defensive":[102],"performance":[103,148],"accounting":[105],"for":[106,207],"integrity,":[108],"MCD":[110,125,143,184],"uses":[111],"trigger":[113],"confirm":[115],"cloned":[117],"model's":[118],"owner.":[119],"Experimental":[120],"results":[121],"show":[122],"that":[123],"defends":[126],"against":[127],"variety":[129],"of":[130,149,188,204],"original":[131],"attack":[134],"techniques":[135],"well.":[136],"Against":[137],"KnockoffNets":[138],"DFME":[140],"yields":[144],"an":[145],"average":[146],"defense":[147],"54.58":[150],"%":[151,179],"on":[152,180],"five":[153],"datasets,":[154],"which":[155],"great":[158],"improvement":[159],"over":[160],"other":[161,165],"defenses.":[162],"Compared":[163],"poisoning":[166],"techniques,":[167],"Strong":[169],"Poisoning":[170],"(SP)":[171],"module":[172],"reduces":[173,200],"adversary's":[175],"accuracy":[176,195],"48.23":[178],"average.":[181],"Additionally,":[182],"overcomes":[185],"issue":[187],"OOD":[189,197,209],"while":[191],"safeguarding":[192],"detection":[198],"misclassification":[202],"rate":[203],"ID":[205],"multiple":[208],"datasets.":[210]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}