{"id":"https://openalex.org/W3047856150","doi":"https://doi.org/10.1109/tdsc.2020.3014390","title":"Defending Against Adversarial Attack Towards Deep Neural Networks Via Collaborative Multi-Task Training","display_name":"Defending Against Adversarial Attack Towards Deep Neural Networks Via Collaborative Multi-Task Training","publication_year":2020,"publication_date":"2020-08-05","ids":{"openalex":"https://openalex.org/W3047856150","doi":"https://doi.org/10.1109/tdsc.2020.3014390","mag":"3047856150"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2020.3014390","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2020.3014390","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081805488","display_name":"Derui Wang","orcid":"https://orcid.org/0000-0003-1388-7715"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Derui Wang","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","Data 61, CSRIO, Canberra, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]},{"raw_affiliation_string":"Data 61, CSRIO, Canberra, ACT, Australia","institution_ids":["https://openalex.org/I42894916"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006173142","display_name":"Chaoran Li","orcid":"https://orcid.org/0000-0001-9118-5386"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Chaoran Li","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","Data 61, CSRIO, Canberra, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]},{"raw_affiliation_string":"Data 61, CSRIO, Canberra, ACT, Australia","institution_ids":["https://openalex.org/I42894916"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076576641","display_name":"Sheng Wen","orcid":"https://orcid.org/0000-0003-0655-666X"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Sheng Wen","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082256444","display_name":"\u202aSurya Nepal\u202c","orcid":"https://orcid.org/0000-0002-3289-6599"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["Data 61, CSRIO, Canberra, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"Data 61, CSRIO, Canberra, ACT, Australia","institution_ids":["https://openalex.org/I42894916"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100666554","display_name":"Yang Xiang","orcid":"https://orcid.org/0000-0001-5252-0831"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yang Xiang","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Hawthorn, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5081805488"],"corresponding_institution_ids":["https://openalex.org/I42894916","https://openalex.org/I57093077"],"apc_list":null,"apc_paid":null,"fwci":2.3321,"has_fulltext":false,"cited_by_count":34,"citation_normalized_percentile":{"value":0.90753575,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"19","issue":"2","first_page":"953","last_page":"965"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8470070362091064},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7112675905227661},{"id":"https://openalex.org/keywords/notation","display_name":"Notation","score":0.6053361892700195},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5910556316375732},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5529902577400208},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.527219295501709},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.497083455324173},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4719116985797882},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4414902925491333},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.43875160813331604},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.42962753772735596},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4017432928085327},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.16501688957214355},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.12653934955596924},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09563413262367249}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8470070362091064},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7112675905227661},{"id":"https://openalex.org/C45357846","wikidata":"https://www.wikidata.org/wiki/Q2001982","display_name":"Notation","level":2,"score":0.6053361892700195},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5910556316375732},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5529902577400208},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.527219295501709},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.497083455324173},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4719116985797882},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4414902925491333},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.43875160813331604},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.42962753772735596},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4017432928085327},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.16501688957214355},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.12653934955596924},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09563413262367249},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tdsc.2020.3014390","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2020.3014390","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:researchbank.swinburne.edu.au:b6248027-0be3-4b7d-a6b8-ed7055c9f1e4/1","is_oa":false,"landing_page_url":"http://hdl.handle.net/1959.3/459703","pdf_url":null,"source":{"id":"https://openalex.org/S4306401157","display_name":"Swinburne Research Bank (Swinburne University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I57093077","host_organization_name":"Swinburne University of Technology","host_organization_lineage":["https://openalex.org/I57093077"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing (2021)","raw_type":""}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":61,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1883420340","https://openalex.org/W1934410531","https://openalex.org/W1945616565","https://openalex.org/W2143104527","https://openalex.org/W2180612164","https://openalex.org/W2183182206","https://openalex.org/W2243397390","https://openalex.org/W2269778407","https://openalex.org/W2570685808","https://openalex.org/W2603766943","https://openalex.org/W2604505099","https://openalex.org/W2607219512","https://openalex.org/W2611576673","https://openalex.org/W2618043096","https://openalex.org/W2620038827","https://openalex.org/W2735607295","https://openalex.org/W2736899637","https://openalex.org/W2744095836","https://openalex.org/W2773726006","https://openalex.org/W2775467454","https://openalex.org/W2786118190","https://openalex.org/W2799194071","https://openalex.org/W2888062646","https://openalex.org/W2962759300","https://openalex.org/W2963001136","https://openalex.org/W2963158386","https://openalex.org/W2963341057","https://openalex.org/W2963542245","https://openalex.org/W2963564844","https://openalex.org/W2963744840","https://openalex.org/W2963857521","https://openalex.org/W2963969878","https://openalex.org/W2964077693","https://openalex.org/W2964082701","https://openalex.org/W2983498217","https://openalex.org/W3102720581","https://openalex.org/W3120052154","https://openalex.org/W4293584023","https://openalex.org/W4293846201","https://openalex.org/W4297573953","https://openalex.org/W6637162671","https://openalex.org/W6639568328","https://openalex.org/W6640425456","https://openalex.org/W6731927902","https://openalex.org/W6733645847","https://openalex.org/W6734483310","https://openalex.org/W6734787559","https://openalex.org/W6736987314","https://openalex.org/W6739360251","https://openalex.org/W6740998807","https://openalex.org/W6741036071","https://openalex.org/W6744679260","https://openalex.org/W6745272055","https://openalex.org/W6746307094","https://openalex.org/W6746449270","https://openalex.org/W6747819456","https://openalex.org/W6747920752","https://openalex.org/W6748475379","https://openalex.org/W6751839145","https://openalex.org/W6766725774"],"related_works":["https://openalex.org/W2950475743","https://openalex.org/W4320018150","https://openalex.org/W2918664383","https://openalex.org/W2040808657","https://openalex.org/W4320855730","https://openalex.org/W106056076","https://openalex.org/W2135200719","https://openalex.org/W4293874330","https://openalex.org/W2805380858","https://openalex.org/W4379538695"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"(DNNs)":[3],"are":[4,49,60],"known":[5],"to":[6,9,167,226,238],"be":[7],"vulnerable":[8],"adversarial":[10,64,68,153,172,191,233,245],"examples":[11,65,173,192],"which":[12,96],"contain":[13],"human-imperceptible":[14],"perturbations.":[15],"A":[16],"series":[17],"of":[18,36,84,99,136,241],"defending":[19,47,58,222],"methods,":[20,104],"either":[21],"proactive":[22,46,101],"defence":[23,132,140,162,195,205],"or":[24,53,66],"reactive":[25,57,103],"defence,":[26],"have":[27,81,105],"been":[28,106],"proposed":[29,119,139,182],"in":[30],"the":[31,37,82,157,176,181,194,200,242,250,261],"recent":[32],"years.":[33],"However,":[34],"most":[35],"methods":[38,48,59],"can":[39,185],"only":[40,248],"handle":[41],"specific":[42],"attacks.":[43,112,137],"For":[44],"example,":[45],"invalid":[50],"against":[51,206],"grey-box":[52],"white-box":[54],"attacks,":[55],"while":[56],"challenged":[61],"by":[62,156,257],"low-distortion":[63],"transferring":[67,111],"examples.":[69,246],"This":[70],"becomes":[71],"a":[72,76,120,165],"critical":[73],"problem":[74],"since":[75],"defender":[77],"usually":[78],"does":[79],"not":[80],"type":[83],"attack":[85],"as":[86,108],"<i>a":[87],"priori</i>":[88],"knowledge.":[89],"Moreover,":[90],"existing":[91],"two-pronged":[92],"defences":[93],"(e.g.,":[94],"MagNet),":[95],"take":[97],"advantage":[98],"both":[100],"and":[102,148,169,213,235],"reported":[107],"broken":[109],"under":[110],"To":[113],"address":[114],"this":[115,117],"problem,":[116],"article":[118],"novel":[121],"defensive":[122],"framework":[123],"based":[124],"on":[125,210,231,253],"collaborative":[126,183],"multi-task":[127],"training,":[128],"aiming":[129],"at":[130],"providing":[131],"for":[133,260],"different":[134],"types":[135],"The":[138,161,217],"first":[141],"encodes":[142],"training":[143,154],"labels":[144],"into":[145],"label":[146,159],"pairs":[147],"counters":[149],"black-box":[150,177,232],"attacks":[151,209],"leveraging":[152],"supervised":[155],"encoded":[158],"pairs.":[160],"further":[163],"constructs":[164],"detector":[166],"identify":[168],"reject":[170],"high-confidence":[171],"that":[174,220],"bypass":[175],"defence.":[178],"In":[179,199],"addition,":[180],"architecture":[184],"prevent":[186],"adversaries":[187],"from":[188],"finding":[189],"valid":[190],"when":[193],"strategy":[196],"is":[197],"exposed.":[198],"experiments,":[201],"we":[202],"evaluated":[203],"our":[204,221],"four":[207],"state-of-the-art":[208],"<inline-formula><tex-math":[211,214,262],"notation=\"LaTeX\">$MNIST$</tex-math></inline-formula>":[212],"notation=\"LaTeX\">$CIFAR10$</tex-math></inline-formula>":[215,263],"datasets.":[216],"results":[218],"showed":[219],"method":[223],"achieved":[224],"up":[225,237],"96.3":[227],"percent":[228,240,259],"classification":[229,256],"accuracy":[230,252],"examples,":[234],"detected":[236],"98.7":[239],"high":[243],"confidence":[244],"It":[247],"decreased":[249],"model":[251],"benign":[254],"example":[255],"2.1":[258],"dataset.":[264]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}