{"id":"https://openalex.org/W4386634675","doi":"https://doi.org/10.1109/tai.2023.3314398","title":"A Survey of Security Protection Methods for Deep Learning Model","display_name":"A Survey of Security Protection Methods for Deep Learning Model","publication_year":2023,"publication_date":"2023-09-12","ids":{"openalex":"https://openalex.org/W4386634675","doi":"https://doi.org/10.1109/tai.2023.3314398"},"language":"en","primary_location":{"id":"doi:10.1109/tai.2023.3314398","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tai.2023.3314398","pdf_url":null,"source":{"id":"https://openalex.org/S4210169448","display_name":"IEEE Transactions on Artificial Intelligence","issn_l":"2691-4581","issn":["2691-4581"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Artificial Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016214742","display_name":"Haipeng Peng","orcid":"https://orcid.org/0000-0003-4415-0126"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Haipeng Peng","raw_affiliation_strings":["Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]},{"raw_affiliation_string":"National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070992149","display_name":"Shuang Bao","orcid":"https://orcid.org/0000-0003-3889-855X"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuang Bao","raw_affiliation_strings":["Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]},{"raw_affiliation_string":"National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100734103","display_name":"Lixiang Li","orcid":"https://orcid.org/0000-0001-9949-8731"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lixiang Li","raw_affiliation_strings":["Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]},{"raw_affiliation_string":"National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5016214742"],"corresponding_institution_ids":["https://openalex.org/I139759216"],"apc_list":null,"apc_paid":null,"fwci":1.3917,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.85093685,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":"5","issue":"4","first_page":"1533","last_page":"1553"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.45433667302131653},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4258020222187042}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.45433667302131653},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4258020222187042}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tai.2023.3314398","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tai.2023.3314398","pdf_url":null,"source":{"id":"https://openalex.org/S4210169448","display_name":"IEEE Transactions on Artificial Intelligence","issn_l":"2691-4581","issn":["2691-4581"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Artificial Intelligence","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1010105751","display_name":null,"funder_award_id":"61932005","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2396152343","display_name":null,"funder_award_id":"62032002","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7731347309","display_name":null,"funder_award_id":"B21049","funder_id":"https://openalex.org/F4320327912","funder_display_name":"Higher Education Discipline Innovation Project"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320327912","display_name":"Higher Education Discipline Innovation Project","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":151,"referenced_works":["https://openalex.org/W1968411139","https://openalex.org/W2006387561","https://openalex.org/W2022350629","https://openalex.org/W2051267297","https://openalex.org/W2053637704","https://openalex.org/W2104692292","https://openalex.org/W2117636524","https://openalex.org/W2128599397","https://openalex.org/W2137130182","https://openalex.org/W2142733395","https://openalex.org/W2145185087","https://openalex.org/W2151298633","https://openalex.org/W2159059513","https://openalex.org/W2171928131","https://openalex.org/W2180612164","https://openalex.org/W2243397390","https://openalex.org/W2317339301","https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2579318729","https://openalex.org/W2597998853","https://openalex.org/W2625013748","https://openalex.org/W2745565856","https://openalex.org/W2753783305","https://openalex.org/W2757528734","https://openalex.org/W2768064608","https://openalex.org/W2770743368","https://openalex.org/W2774423163","https://openalex.org/W2785405530","https://openalex.org/W2788963265","https://openalex.org/W2789876780","https://openalex.org/W2804368608","https://openalex.org/W2807363941","https://openalex.org/W2810278044","https://openalex.org/W2860338957","https://openalex.org/W2884320726","https://openalex.org/W2884943453","https://openalex.org/W2887995258","https://openalex.org/W2889402930","https://openalex.org/W2890139949","https://openalex.org/W2892226435","https://openalex.org/W2913293643","https://openalex.org/W2919115771","https://openalex.org/W2929084559","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2944794792","https://openalex.org/W2945186677","https://openalex.org/W2948030332","https://openalex.org/W2952270003","https://openalex.org/W2956355137","https://openalex.org/W2962294318","https://openalex.org/W2962700793","https://openalex.org/W2962763344","https://openalex.org/W2963165363","https://openalex.org/W2963378725","https://openalex.org/W2963456518","https://openalex.org/W2963461515","https://openalex.org/W2964043980","https://openalex.org/W2964082701","https://openalex.org/W2964881778","https://openalex.org/W2966520658","https://openalex.org/W2966689772","https://openalex.org/W2970408908","https://openalex.org/W2971544778","https://openalex.org/W2972714212","https://openalex.org/W2972997402","https://openalex.org/W2980245856","https://openalex.org/W2983140679","https://openalex.org/W2985525905","https://openalex.org/W2990270730","https://openalex.org/W2993782690","https://openalex.org/W2997357271","https://openalex.org/W3002562626","https://openalex.org/W3012798016","https://openalex.org/W3013199714","https://openalex.org/W3013779627","https://openalex.org/W3014775455","https://openalex.org/W3016075089","https://openalex.org/W3035237749","https://openalex.org/W3035379805","https://openalex.org/W3035616549","https://openalex.org/W3035644192","https://openalex.org/W3047371394","https://openalex.org/W3080297477","https://openalex.org/W3087391814","https://openalex.org/W3088249606","https://openalex.org/W3095437012","https://openalex.org/W3096692244","https://openalex.org/W3097981673","https://openalex.org/W3101962329","https://openalex.org/W3102733833","https://openalex.org/W3102834148","https://openalex.org/W3104218734","https://openalex.org/W3107089345","https://openalex.org/W3107235539","https://openalex.org/W3107337211","https://openalex.org/W3114686421","https://openalex.org/W3118138297","https://openalex.org/W3118600567","https://openalex.org/W3120218917","https://openalex.org/W3125963848","https://openalex.org/W3128839796","https://openalex.org/W3135438101","https://openalex.org/W3136620885","https://openalex.org/W3137379361","https://openalex.org/W3141043040","https://openalex.org/W3155199404","https://openalex.org/W3163168187","https://openalex.org/W3163222347","https://openalex.org/W3173746294","https://openalex.org/W3186732165","https://openalex.org/W3191817707","https://openalex.org/W3196546979","https://openalex.org/W3196987074","https://openalex.org/W3208646583","https://openalex.org/W3214399478","https://openalex.org/W3217417806","https://openalex.org/W4210749966","https://openalex.org/W4213119756","https://openalex.org/W4214502238","https://openalex.org/W4220774602","https://openalex.org/W4223504954","https://openalex.org/W4229455429","https://openalex.org/W4230172274","https://openalex.org/W4252979261","https://openalex.org/W6632184740","https://openalex.org/W6637162671","https://openalex.org/W6640425456","https://openalex.org/W6713134421","https://openalex.org/W6739088070","https://openalex.org/W6746897123","https://openalex.org/W6748204703","https://openalex.org/W6748526662","https://openalex.org/W6750462152","https://openalex.org/W6752609924","https://openalex.org/W6760759230","https://openalex.org/W6763393573","https://openalex.org/W6764483423","https://openalex.org/W6766725774","https://openalex.org/W6768610993","https://openalex.org/W6774150056","https://openalex.org/W6775078712","https://openalex.org/W6775941530","https://openalex.org/W6780010867","https://openalex.org/W6780093097","https://openalex.org/W6784558051","https://openalex.org/W6784833035","https://openalex.org/W6794487020","https://openalex.org/W6796570360","https://openalex.org/W6797096170"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W4395014643","https://openalex.org/W4391913857","https://openalex.org/W2350741829"],"abstract_inverted_index":{"In":[0,115],"recent":[1],"years,":[2],"deep":[3,176],"learning":[4],"(DL)":[5],"models":[6,66,105,118,156,188],"have":[7,54,119],"attracted":[8],"widespread":[9],"concern.":[10],"Due":[11],"to":[12,38,58,108],"its":[13],"own":[14],"characteristics,":[15],"DL":[16,65,104,117,155,187],"has":[17],"been":[18,55],"successfully":[19],"applied":[20],"in":[21,62,124],"the":[22,45,125,149,162,166,183],"fields":[23],"of":[24,47,91,103,147,154,164,169,186],"object":[25],"detection,":[26],"superresolution":[27],"reconstruction,":[28],"speech":[29],"recognition,":[30],"natural":[31],"language":[32],"processing,":[33],"etc.,":[34,136],"bringing":[35],"high":[36],"efficiency":[37],"industrial":[39],"production":[40],"and":[41,50,85,93,111,151,161,199],"daily":[42],"life.":[43],"With":[44],"Internet":[46],"Things,":[48],"6G":[49],"other":[51],"new":[52],"technologies":[53],"proposed,":[56],"leading":[57],"an":[59],"exponential":[60],"growth":[61],"data":[63,78,90,102,152],"volume.":[64],"currently":[67],"suffer":[68],"from":[69],"some":[70],"security":[71,140,150,168,185],"issues,":[72],"such":[73,128,193],"as":[74,100,129,194],"privacy":[75,113,153,167,184],"issues":[76,81],"during":[77,82],"collection,":[79],"defense":[80],"model":[83,139],"training":[84,101],"deployment,":[86],"etc.":[87],"The":[88],"sensitive":[89],"users":[92],"special":[94],"institutions":[95],"that":[96],"are":[97],"directly":[98],"used":[99],"may":[106],"lead":[107],"information":[109],"leakage":[110],"serious":[112],"problems.":[114,141],"addition,":[116],"encountered":[120],"many":[121],"malicious":[122],"attacks":[123],"real":[126],"world,":[127],"poisoning":[130],"attack,":[131,133,135],"exploratory":[132],"adversarial":[134],"which":[137],"caused":[138],"Therefore,":[142],"this":[143,180],"article":[144,181],"discusses":[145],"ways":[146,163],"ensuring":[148,165],"under":[157],"diversified":[158],"attack":[159],"methods":[160],"edge":[170,196],"mobile":[171,197],"devices":[172],"equipped":[173],"with":[174],"pretrained":[175],"neural":[177],"networks.":[178],"Alternatively,":[179],"analyzes":[182],"for":[189],"typical":[190],"deployment":[191],"platforms":[192],"server/cloud,":[195],"device,":[198],"web":[200],"browser":[201],"and,":[202],"then,":[203],"summarizes":[204],"future":[205],"research":[206],"direction.":[207]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}