{"id":"https://openalex.org/W4403511091","doi":"https://doi.org/10.1109/tdsc.2024.3482707","title":"On Security Weaknesses and Vulnerabilities in Deep Learning Systems","display_name":"On Security Weaknesses and Vulnerabilities in Deep Learning Systems","publication_year":2024,"publication_date":"2024-10-17","ids":{"openalex":"https://openalex.org/W4403511091","doi":"https://doi.org/10.1109/tdsc.2024.3482707"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2024.3482707","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3482707","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087147012","display_name":"Zhongzheng Lai","orcid":"https://orcid.org/0000-0001-5093-2832"},"institutions":[{"id":"https://openalex.org/I129604602","display_name":"The University of Sydney","ror":"https://ror.org/0384j8v12","country_code":"AU","type":"education","lineage":["https://openalex.org/I129604602"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Zhongzheng Lai","raw_affiliation_strings":["School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","School of Electrical and Computer Engineering, The University of Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","institution_ids":["https://openalex.org/I129604602"]},{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Australia","institution_ids":["https://openalex.org/I129604602"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101987301","display_name":"Huaming Chen","orcid":"https://orcid.org/0000-0001-5678-472X"},"institutions":[{"id":"https://openalex.org/I129604602","display_name":"The University of Sydney","ror":"https://ror.org/0384j8v12","country_code":"AU","type":"education","lineage":["https://openalex.org/I129604602"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Huaming Chen","raw_affiliation_strings":["School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","School of Electrical and Computer Engineering, The University of Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","institution_ids":["https://openalex.org/I129604602"]},{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Australia","institution_ids":["https://openalex.org/I129604602"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023380459","display_name":"Ruoxi Sun","orcid":"https://orcid.org/0000-0001-5404-8550"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Ruoxi Sun","raw_affiliation_strings":["CSIRO&#x2019;s Data61, Eveleigh, NSW, Australia","CSIRO&#x0027;s Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO&#x2019;s Data61, Eveleigh, NSW, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]},{"raw_affiliation_string":"CSIRO&#x0027;s Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100707101","display_name":"Yu Zhang","orcid":"https://orcid.org/0000-0002-2842-6340"},"institutions":[{"id":"https://openalex.org/I129604602","display_name":"The University of Sydney","ror":"https://ror.org/0384j8v12","country_code":"AU","type":"education","lineage":["https://openalex.org/I129604602"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yu Zhang","raw_affiliation_strings":["School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","School of Electrical and Computer Engineering, The University of Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","institution_ids":["https://openalex.org/I129604602"]},{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Australia","institution_ids":["https://openalex.org/I129604602"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009850797","display_name":"Minhui Xue","orcid":"https://orcid.org/0000-0002-9172-4252"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Minhui Xue","raw_affiliation_strings":["CSIRO&#x2019;s Data61, Eveleigh, NSW, Australia","CSIRO&#x0027;s Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO&#x2019;s Data61, Eveleigh, NSW, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]},{"raw_affiliation_string":"CSIRO&#x0027;s Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5054168288","display_name":"Dong Yuan","orcid":null},"institutions":[{"id":"https://openalex.org/I129604602","display_name":"The University of Sydney","ror":"https://ror.org/0384j8v12","country_code":"AU","type":"education","lineage":["https://openalex.org/I129604602"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Dong Yuan","raw_affiliation_strings":["School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","School of Electrical and Computer Engineering, The University of Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Camperdown, NSW, Australia","institution_ids":["https://openalex.org/I129604602"]},{"raw_affiliation_string":"School of Electrical and Computer Engineering, The University of Sydney, Australia","institution_ids":["https://openalex.org/I129604602"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5087147012"],"corresponding_institution_ids":["https://openalex.org/I129604602"],"apc_list":null,"apc_paid":null,"fwci":1.7376,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.87249759,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"22","issue":"3","first_page":"2243","last_page":"2257"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9412000179290771,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9380999803543091,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7456594109535217},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5731490850448608},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.4500954747200012},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.33170491456985474},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.11663147807121277}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7456594109535217},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5731490850448608},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.4500954747200012},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.33170491456985474},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.11663147807121277},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2024.3482707","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3482707","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5299999713897705,"display_name":"Reduced inequalities","id":"https://metadata.un.org/sdg/10"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":52,"referenced_works":["https://openalex.org/W1986222079","https://openalex.org/W2041650849","https://openalex.org/W2076898331","https://openalex.org/W2087419855","https://openalex.org/W2155893237","https://openalex.org/W2486569932","https://openalex.org/W2740329368","https://openalex.org/W2850992922","https://openalex.org/W2896069478","https://openalex.org/W2897892437","https://openalex.org/W2946895418","https://openalex.org/W2954903132","https://openalex.org/W2968594320","https://openalex.org/W2980482960","https://openalex.org/W2990790810","https://openalex.org/W2999072931","https://openalex.org/W3007157104","https://openalex.org/W3014641072","https://openalex.org/W3022435406","https://openalex.org/W3080722001","https://openalex.org/W3088735455","https://openalex.org/W3099333834","https://openalex.org/W3100925971","https://openalex.org/W3104663419","https://openalex.org/W3107089345","https://openalex.org/W3121354948","https://openalex.org/W3125572247","https://openalex.org/W3135347465","https://openalex.org/W3149731118","https://openalex.org/W3161493619","https://openalex.org/W3162285135","https://openalex.org/W3163780238","https://openalex.org/W3163930010","https://openalex.org/W3166268753","https://openalex.org/W3174909074","https://openalex.org/W3176115515","https://openalex.org/W3177562315","https://openalex.org/W3195618452","https://openalex.org/W3199980055","https://openalex.org/W3217652614","https://openalex.org/W4211096536","https://openalex.org/W4211182661","https://openalex.org/W4304128419","https://openalex.org/W4384026546","https://openalex.org/W4390317578","https://openalex.org/W6713134421","https://openalex.org/W6766978945","https://openalex.org/W6780856297","https://openalex.org/W6792056520","https://openalex.org/W6810871271","https://openalex.org/W6843508673","https://openalex.org/W6992124315"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4295769391","https://openalex.org/W2972220648","https://openalex.org/W2332667808","https://openalex.org/W1997921863","https://openalex.org/W3112960490","https://openalex.org/W2390279801","https://openalex.org/W93605524"],"abstract_inverted_index":{"The":[0],"security":[1],"guarantee":[2],"of":[3,35,84,93,185,194],"AI-enabled":[4],"software":[5,23,48,156],"systems":[6,88,176],"(particularly":[7],"using":[8],"deep":[9,52,72],"learning":[10,53,60,73],"techniques":[11],"as":[12],"a":[13,32,90,115,181],"functional":[14],"core)":[15],"is":[16,50,164],"pivotal":[17],"against":[18],"the":[19,45,78,129,146,154,171,174,192,197],"adversarial":[20],"attacks":[21],"exploiting":[22],"vulnerabilities.":[24],"However,":[25],"little":[26],"attention":[27],"has":[28],"been":[29],"paid":[30],"to":[31,120,139,167,189],"systematic":[33],"investigation":[34],"vulnerabilities":[36,85,95,172,188],"in":[37,86,199],"such":[38],"systems.":[39],"A":[40],"common":[41],"situation":[42],"learned":[43],"from":[44,96,124],"open":[46],"source":[47],"community":[49],"that":[51,137,162],"engineers":[54],"frequently":[55],"integrate":[56],"off-the-shelf":[57],"or":[58],"open-source":[59,103],"frameworks":[61,132],"into":[62,71],"their":[63],"ecosystems.":[64],"In":[65],"this":[66],"work,":[67],"we":[68,160,179],"specifically":[69],"look":[70],"(DL)":[74],"framework":[75,119],"and":[76,99,102,111,133,142,169,196],"perform":[77],"first":[79],"<italic":[80],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[81],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">systematic</i>":[82],"study":[83,184],"DL":[87,104,131,175,187],"through":[89],"comprehensive":[91],"analysis":[92,118],"identified":[94],"Common":[97,147],"Vulnerabilities":[98],"Exposures":[100],"(CVE)":[101],"tools,":[105],"including":[106],"TensorFlow,":[107],"Caffe,":[108],"OpenCV,":[109],"Keras,":[110],"PyTorch.":[112],"We":[113,127],"propose":[114],"two-stream":[116],"data":[117],"explore":[121],"vulnerability":[122,157,195],"patterns":[123,193],"various":[125],"databases.":[126],"investigate":[128],"unique":[130],"libraries":[134],"development":[135],"ecosystems":[136],"appear":[138],"be":[140],"decentralized":[141],"fragmented.":[143],"By":[144],"revisiting":[145],"Weakness":[148],"Enumeration":[149],"(CWE)":[150],"List,":[151],"which":[152],"provides":[153],"traditional":[155],"related":[158],"practices,":[159],"observed":[161],"it":[163],"more":[165],"challenging":[166],"detect":[168],"fix":[170],"throughout":[173],"lifecycle.":[177],"Moreover,":[178],"conducted":[180],"large-scale":[182],"empirical":[183],"3,049":[186],"better":[190],"understand":[191],"challenges":[198],"fixing":[200],"them.":[201]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}