{"id":"https://openalex.org/W4410640053","doi":"https://doi.org/10.1109/tpami.2025.3573237","title":"Robustness-Congruent Adversarial Training for Secure Machine Learning Model Updates","display_name":"Robustness-Congruent Adversarial Training for Secure Machine Learning Model Updates","publication_year":2025,"publication_date":"2025-05-23","ids":{"openalex":"https://openalex.org/W4410640053","doi":"https://doi.org/10.1109/tpami.2025.3573237","pmid":"https://pubmed.ncbi.nlm.nih.gov/40408194"},"language":"en","primary_location":{"id":"doi:10.1109/tpami.2025.3573237","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2025.3573237","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","pubmed"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://ieeexplore.ieee.org/document/11014530","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068390197","display_name":"Daniele Angioni","orcid":"https://orcid.org/0000-0003-4008-2314"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Daniele Angioni","raw_affiliation_strings":["Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy"],"raw_orcid":"https://orcid.org/0000-0003-4008-2314","affiliations":[{"raw_affiliation_string":"Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy","institution_ids":["https://openalex.org/I172446870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069663380","display_name":"Luca Demetrio","orcid":"https://orcid.org/0000-0001-5104-1476"},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Luca Demetrio","raw_affiliation_strings":["Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy"],"raw_orcid":"https://orcid.org/0000-0001-5104-1476","affiliations":[{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","institution_ids":["https://openalex.org/I83816512"]},{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021496483","display_name":"Maura Pintor","orcid":"https://orcid.org/0000-0002-1944-2875"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Maura Pintor","raw_affiliation_strings":["Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy"],"raw_orcid":"https://orcid.org/0000-0002-1944-2875","affiliations":[{"raw_affiliation_string":"Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy","institution_ids":["https://openalex.org/I172446870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045802198","display_name":"Luca Oneto","orcid":"https://orcid.org/0000-0002-8445-395X"},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Luca Oneto","raw_affiliation_strings":["Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy"],"raw_orcid":"https://orcid.org/0000-0002-8445-395X","affiliations":[{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","institution_ids":["https://openalex.org/I83816512"]},{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036611143","display_name":"Davide Anguita","orcid":"https://orcid.org/0000-0001-7523-5291"},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Davide Anguita","raw_affiliation_strings":["Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy"],"raw_orcid":"https://orcid.org/0000-0001-7523-5291","affiliations":[{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Genova, Italy","institution_ids":["https://openalex.org/I83816512"]},{"raw_affiliation_string":"Department of Informatics, Bioengineering, Robotics and Systems Engineering, University of Genova, Italy","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008367647","display_name":"Battista Biggio","orcid":"https://orcid.org/0000-0001-7752-509X"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Battista Biggio","raw_affiliation_strings":["Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy"],"raw_orcid":"https://orcid.org/0000-0001-7752-509X","affiliations":[{"raw_affiliation_string":"Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy","institution_ids":["https://openalex.org/I172446870"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065359946","display_name":"Fabio Roli","orcid":"https://orcid.org/0000-0003-4103-9190"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Fabio Roli","raw_affiliation_strings":["Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy"],"raw_orcid":"https://orcid.org/0000-0003-4103-9190","affiliations":[{"raw_affiliation_string":"Department of Electrical and Electronic Engineering, University of Cagliari, Cagliari, Italy","institution_ids":["https://openalex.org/I172446870"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":8.7939,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.9733662,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"47","issue":"9","first_page":"7457","last_page":"7469"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9528999924659729,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8377171158790588},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7593929171562195},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7397346496582031},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6813181638717651},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5746968984603882}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8377171158790588},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7593929171562195},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7397346496582031},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6813181638717651},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5746968984603882},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tpami.2025.3573237","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2025.3573237","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},{"id":"pmid:40408194","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/40408194","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE transactions on pattern analysis and machine intelligence","raw_type":null},{"id":"pmh:oai:iris.unica.it:11584/446685","is_oa":true,"landing_page_url":"https://ieeexplore.ieee.org/document/11014530","pdf_url":null,"source":{"id":"https://openalex.org/S4377196293","display_name":"UNICA IRIS Institutional Research Information System (University of Cagliari)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172446870","host_organization_name":"University of Cagliari","host_organization_lineage":["https://openalex.org/I172446870"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:iris.unige.it:11567/1261819","is_oa":false,"landing_page_url":"https://hdl.handle.net/11567/1261819","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"pmh:oai:iris.unica.it:11584/446685","is_oa":true,"landing_page_url":"https://ieeexplore.ieee.org/document/11014530","pdf_url":null,"source":{"id":"https://openalex.org/S4377196293","display_name":"UNICA IRIS Institutional Research Information System (University of Cagliari)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172446870","host_organization_name":"University of Cagliari","host_organization_lineage":["https://openalex.org/I172446870"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":45,"referenced_works":["https://openalex.org/W2100483895","https://openalex.org/W2210716609","https://openalex.org/W2225981128","https://openalex.org/W2560647685","https://openalex.org/W2565989828","https://openalex.org/W2787894218","https://openalex.org/W2896556344","https://openalex.org/W2963072899","https://openalex.org/W3030364939","https://openalex.org/W3034594226","https://openalex.org/W3081036064","https://openalex.org/W3103836116","https://openalex.org/W3173747377","https://openalex.org/W3177924560","https://openalex.org/W3178138002","https://openalex.org/W4205551177","https://openalex.org/W4214924370","https://openalex.org/W4236362309","https://openalex.org/W4285606245","https://openalex.org/W4293846201","https://openalex.org/W4312529624","https://openalex.org/W4392359562","https://openalex.org/W4395029315","https://openalex.org/W4401450512","https://openalex.org/W6637162671","https://openalex.org/W6640425456","https://openalex.org/W6674330103","https://openalex.org/W6692563690","https://openalex.org/W6732517885","https://openalex.org/W6747837551","https://openalex.org/W6755829279","https://openalex.org/W6757248479","https://openalex.org/W6758930985","https://openalex.org/W6758975236","https://openalex.org/W6761283764","https://openalex.org/W6762707182","https://openalex.org/W6763195353","https://openalex.org/W6771809012","https://openalex.org/W6773424267","https://openalex.org/W6774469542","https://openalex.org/W6774681163","https://openalex.org/W6780973103","https://openalex.org/W6784493056","https://openalex.org/W6790529436","https://openalex.org/W6799503532"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W4387369504","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W3107602296","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"Machine-learning":[0],"models":[1,165],"demand":[2],"periodic":[3],"updates":[4],"to":[5,34,57,74,108,114,124,157],"improve":[6,75],"their":[7],"average":[8],"accuracy,":[9],"exploiting":[10],"novel":[11,102],"architectures":[12],"and":[13,173,187],"additional":[14],"data.":[15],"However,":[16],"a":[17,42,72,90,101,116,154],"newly":[18],"updated":[19],"model":[20,26,65,73,117,179],"may":[21,86],"commit":[22],"mistakes":[23],"the":[24,61,93,97,129,139,194],"previous":[25],"did":[27],"not":[28],"make.":[29],"Such":[30],"misclassifications":[31],"are":[32],"referred":[33],"as":[35,41],"negative":[36,185],"flips,":[37,186],"experienced":[38],"by":[39,184],"users":[40],"regression":[43,91],"of":[44,63,96],"performance.":[45],"In":[46,68],"this":[47,52,110],"work,":[48],"we":[49],"show":[50,142],"that":[51,143,170],"problem":[53],"also":[54],"affects":[55],"robustness":[56,127],"adversarial":[58,77,81,106,119,134,190],"examples,":[59],"hindering":[60],"development":[62],"secure":[64],"update":[66],"practices.":[67],"particular,":[69],"when":[70],"updating":[71],"its":[76],"robustness,":[78,174],"previously":[79],"ineffective":[80],"attacks":[82],"on":[83,128,163],"some":[84],"inputs":[85],"become":[87],"successful,":[88],"causing":[89],"in":[92],"perceived":[94],"security":[95],"system.":[98],"We":[99,141],"propose":[100],"technique,":[103],"named":[104],"robustness-congruent":[105,189],"training,":[107,120],"address":[109],"issue.":[111],"It":[112],"amounts":[113],"fine-tuning":[115],"with":[118,150],"while":[121],"constraining":[122],"it":[123],"retain":[125],"higher":[126],"samples":[130],"for":[131,166],"which":[132],"no":[133],"example":[135],"was":[136],"found":[137],"before":[138],"update.":[140],"our":[144,188],"algorithm":[145],"and,":[146],"more":[147],"generally,":[148],"learning":[149],"non-regression":[151],"constraints,":[152],"provides":[153],"theoretically-grounded":[155],"framework":[156],"train":[158],"consistent":[159],"estimators.":[160],"Our":[161],"experiments":[162],"robust":[164],"computer":[167],"vision":[168],"confirm":[169],"both":[171],"accuracy":[172],"even":[175],"if":[176],"improved":[177],"after":[178],"update,":[180],"can":[181,192],"be":[182],"affected":[183],"training":[191],"mitigate":[193],"problem,":[195],"outperforming":[196],"competing":[197],"baseline":[198],"methods.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}