{"id":"https://openalex.org/W4362690135","doi":"https://doi.org/10.1109/tcss.2023.3262289","title":"GUARDIAN: A Hardware-Assisted Distributed Framework to Enhance Deep Learning Security","display_name":"GUARDIAN: A Hardware-Assisted Distributed Framework to Enhance Deep Learning Security","publication_year":2023,"publication_date":"2023-04-06","ids":{"openalex":"https://openalex.org/W4362690135","doi":"https://doi.org/10.1109/tcss.2023.3262289"},"language":"en","primary_location":{"id":"doi:10.1109/tcss.2023.3262289","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcss.2023.3262289","pdf_url":null,"source":{"id":"https://openalex.org/S2490693980","display_name":"IEEE Transactions on Computational Social Systems","issn_l":"2329-924X","issn":["2329-924X","2373-7476"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computational Social Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010791300","display_name":"Zinuo Cai","orcid":"https://orcid.org/0000-0001-9373-8474"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zinuo Cai","raw_affiliation_strings":["School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China"],"raw_orcid":"https://orcid.org/0000-0001-9373-8474","affiliations":[{"raw_affiliation_string":"School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045522530","display_name":"Bojun Ren","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bojun Ren","raw_affiliation_strings":["School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036789442","display_name":"Ruhui Ma","orcid":"https://orcid.org/0000-0001-9592-8490"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruhui Ma","raw_affiliation_strings":["School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China"],"raw_orcid":"https://orcid.org/0000-0001-9592-8490","affiliations":[{"raw_affiliation_string":"School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049487451","display_name":"Haibing Guan","orcid":"https://orcid.org/0000-0002-4714-7400"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haibing Guan","raw_affiliation_strings":["School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China"],"raw_orcid":"https://orcid.org/0000-0002-4714-7400","affiliations":[{"raw_affiliation_string":"School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068815719","display_name":"Mengke Tian","orcid":"https://orcid.org/0000-0003-4849-5535"},"institutions":[{"id":"https://openalex.org/I4210089056","display_name":"Beijing Microelectronics Technology Institute","ror":"https://ror.org/007y7ej30","country_code":"CN","type":"other","lineage":["https://openalex.org/I4210089056"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mengke Tian","raw_affiliation_strings":["Beijing Microelectronics Technology Institute, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-4849-5535","affiliations":[{"raw_affiliation_string":"Beijing Microelectronics Technology Institute, Beijing, China","institution_ids":["https://openalex.org/I4210089056"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103139649","display_name":"Yong Wang","orcid":"https://orcid.org/0000-0002-5905-3022"},"institutions":[{"id":"https://openalex.org/I4210089056","display_name":"Beijing Microelectronics Technology Institute","ror":"https://ror.org/007y7ej30","country_code":"CN","type":"other","lineage":["https://openalex.org/I4210089056"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yong Wang","raw_affiliation_strings":["Beijing Microelectronics Technology Institute, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Beijing Microelectronics Technology Institute, Beijing, China","institution_ids":["https://openalex.org/I4210089056"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5010791300"],"corresponding_institution_ids":["https://openalex.org/I183067930"],"apc_list":null,"apc_paid":null,"fwci":1.8745,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.88097006,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":"10","issue":"6","first_page":"3012","last_page":"3020"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9552000164985657,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8214017152786255},{"id":"https://openalex.org/keywords/homomorphic-encryption","display_name":"Homomorphic encryption","score":0.6383417844772339},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5800742506980896},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5442020297050476},{"id":"https://openalex.org/keywords/guard","display_name":"Guard (computer science)","score":0.537455141544342},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5315999984741211},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.4982640743255615},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.4955247640609741},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.48598727583885193},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.46355998516082764},{"id":"https://openalex.org/keywords/guardian","display_name":"Guardian","score":0.4175994396209717},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3769926428794861},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.298885703086853},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.10618743300437927}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8214017152786255},{"id":"https://openalex.org/C158338273","wikidata":"https://www.wikidata.org/wiki/Q2154943","display_name":"Homomorphic encryption","level":3,"score":0.6383417844772339},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5800742506980896},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5442020297050476},{"id":"https://openalex.org/C141141315","wikidata":"https://www.wikidata.org/wiki/Q2379942","display_name":"Guard (computer science)","level":2,"score":0.537455141544342},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5315999984741211},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.4982640743255615},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.4955247640609741},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.48598727583885193},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.46355998516082764},{"id":"https://openalex.org/C2776680780","wikidata":"https://www.wikidata.org/wiki/Q15964604","display_name":"Guardian","level":2,"score":0.4175994396209717},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3769926428794861},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.298885703086853},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.10618743300437927},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tcss.2023.3262289","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcss.2023.3262289","pdf_url":null,"source":{"id":"https://openalex.org/S2490693980","display_name":"IEEE Transactions on Computational Social Systems","issn_l":"2329-924X","issn":["2329-924X","2373-7476"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Computational Social Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.49000000953674316,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":62,"referenced_works":["https://openalex.org/W1995903777","https://openalex.org/W2007339694","https://openalex.org/W2084392717","https://openalex.org/W2112796928","https://openalex.org/W2125283600","https://openalex.org/W2168809519","https://openalex.org/W2279098554","https://openalex.org/W2397486072","https://openalex.org/W2572504188","https://openalex.org/W2605470470","https://openalex.org/W2606882085","https://openalex.org/W2626970695","https://openalex.org/W2701059868","https://openalex.org/W2883780447","https://openalex.org/W2900773116","https://openalex.org/W2930508541","https://openalex.org/W2964162474","https://openalex.org/W2964236337","https://openalex.org/W2969388332","https://openalex.org/W2973727699","https://openalex.org/W2987486320","https://openalex.org/W3001001866","https://openalex.org/W3012501605","https://openalex.org/W3021475380","https://openalex.org/W3021654819","https://openalex.org/W3035617116","https://openalex.org/W3042006926","https://openalex.org/W3081450266","https://openalex.org/W3082158078","https://openalex.org/W3086105743","https://openalex.org/W3086590218","https://openalex.org/W3086809868","https://openalex.org/W3105175523","https://openalex.org/W3107100345","https://openalex.org/W3113852572","https://openalex.org/W3118608800","https://openalex.org/W3134441556","https://openalex.org/W3135347465","https://openalex.org/W3189867278","https://openalex.org/W3211010549","https://openalex.org/W4205761438","https://openalex.org/W4210968720","https://openalex.org/W4236786653","https://openalex.org/W4244143958","https://openalex.org/W4283828760","https://openalex.org/W4286493958","https://openalex.org/W4288593403","https://openalex.org/W4289300273","https://openalex.org/W4320002812","https://openalex.org/W6679154944","https://openalex.org/W6695314431","https://openalex.org/W6712237015","https://openalex.org/W6718865826","https://openalex.org/W6730426483","https://openalex.org/W6742578501","https://openalex.org/W6756592394","https://openalex.org/W6756718674","https://openalex.org/W6758686700","https://openalex.org/W6759226220","https://openalex.org/W6761088107","https://openalex.org/W6767997687","https://openalex.org/W6797785253"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2935909890","https://openalex.org/W2778153218","https://openalex.org/W2758277628","https://openalex.org/W1531601525","https://openalex.org/W2024521118"],"abstract_inverted_index":{"The":[0,45],"ubiquity":[1],"of":[2,38,115,143],"artificial":[3],"intelligence":[4],"(AI)":[5],"has":[6],"led":[7],"to":[8,62,96],"its":[9],"extensive":[10,151],"research":[11],"and":[12,24,41,113,147],"application":[13],"in":[14,98,169],"various":[15],"fields,":[16],"such":[17,103],"as":[18,53,59,104],"computer":[19],"vision,":[20],"natural":[21],"language":[22],"processing,":[23],"medical":[25],"image":[26],"analysis.":[27],"However,":[28],"responsible":[29],"AI":[30],"faces":[31],"severe":[32],"security":[33,65,132,158],"challenges,":[34],"including":[35],"the":[36,111,134,140,170],"leakage":[37],"pretrained":[39],"models":[40],"valuable":[42],"training":[43,127,135],"data.":[44,116],"existing":[46],"solutions":[47],"adopt":[48],"new":[49],"algorithm":[50],"designs":[51],"(such":[52,58],"federated":[54],"learning)":[55],"or":[56],"cryptography":[57],"homomorphic":[60],"encryption)":[61],"prevent":[63],"possible":[64],"vulnerabilities.":[66],"We":[67,137],"observe":[68],"that":[69,92,129,156],"hardware-assisted":[70,123],"trusted":[71,89],"execution":[72,90,101],"environments":[73],"(TEEs)":[74],"can":[75],"further":[76],"improve":[77],"machine":[78,125,144],"learning":[79,126,145],"responsibility.":[80],"Intel":[81],"Software":[82],"Guard":[83],"Extension":[84],"(SGX)":[85],"is":[86],"a":[87,105,122,165],"popular,":[88],"hardware":[91],"enables":[93],"users\u2019":[94],"programs":[95],"run":[97],"an":[99],"untrusted":[100],"environment,":[102],"malicious":[106],"operating":[107],"system,":[108],"but":[109],"ensures":[110],"confidentiality":[112],"integrity":[114],"Therefore,":[117],"we":[118],"have":[119,138],"designed":[120],"GUARDIAN,":[121],"secure":[124],"framework":[128],"protects":[130],"data":[131],"during":[133],"process.":[136],"analyzed":[139],"typical":[141],"characteristics":[142],"applications":[146],"characterized":[148],"GUARDIAN":[149],"through":[150],"experiments.":[152],"Our":[153],"findings":[154],"demonstrate":[155],"introducing":[157],"guarantees":[159],"causes":[160],"performance":[161],"degradation,":[162],"which":[163],"provides":[164],"feasible":[166],"optimization":[167],"direction":[168],"near":[171],"future.":[172]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}