{"id":"https://openalex.org/W4414271590","doi":"https://doi.org/10.1109/tpami.2025.3611340","title":"Defenses in Adversarial Machine Learning: A Systematic Survey From the Lifecycle Perspective","display_name":"Defenses in Adversarial Machine Learning: A Systematic Survey From the Lifecycle Perspective","publication_year":2025,"publication_date":"2025-09-17","ids":{"openalex":"https://openalex.org/W4414271590","doi":"https://doi.org/10.1109/tpami.2025.3611340","pmid":"https://pubmed.ncbi.nlm.nih.gov/40960970"},"language":"en","primary_location":{"id":"doi:10.1109/tpami.2025.3611340","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2025.3611340","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","pubmed"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068027800","display_name":"Baoyuan Wu","orcid":"https://orcid.org/0000-0003-2183-5990"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Baoyuan Wu","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Mingli Zhu","orcid":"https://orcid.org/0009-0004-5159-239X"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingli Zhu","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028139500","display_name":"Meixi Zheng","orcid":null},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meixi Zheng","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101190196","display_name":"Zihao Zhu","orcid":"https://orcid.org/0000-0002-1225-1718"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zihao Zhu","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Shaokui Wei","orcid":"https://orcid.org/0009-0007-7021-5145"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shaokui Wei","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Mingda Zhang","orcid":"https://orcid.org/0000-0001-5322-0988"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingda Zhang","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002810045","display_name":"Hongrui Chen","orcid":"https://orcid.org/0009-0007-5997-3041"},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hongrui Chen","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023267854","display_name":"Danni Yuan","orcid":null},"institutions":[{"id":"https://openalex.org/I4210116924","display_name":"Chinese University of Hong Kong, Shenzhen","ror":"https://ror.org/02d5ks197","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633","https://openalex.org/I180726961","https://openalex.org/I4210116924"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Danni Yuan","raw_affiliation_strings":["Chinese University of Hong Kong, Shenzhen, China","School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Chinese University of Hong Kong, Shenzhen, China","institution_ids":["https://openalex.org/I4210116924"]},{"raw_affiliation_string":"School of Data Science, The Chinese University of Hong Kong, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I4210116924"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Li Liu","orcid":"https://orcid.org/0000-0002-4497-0135"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li Liu","raw_affiliation_strings":["Hong Kong University of Science and Technology, Guangzhou, China","Hong Kong University of Science and Technology (Guangzhou), China"],"affiliations":[{"raw_affiliation_string":"Hong Kong University of Science and Technology, Guangzhou, China","institution_ids":[]},{"raw_affiliation_string":"Hong Kong University of Science and Technology (Guangzhou), China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100404959","display_name":"Qingshan Liu","orcid":"https://orcid.org/0000-0002-5512-6984"},"institutions":[{"id":"https://openalex.org/I41198531","display_name":"Nanjing University of Posts and Telecommunications","ror":"https://ror.org/043bpky34","country_code":"CN","type":"education","lineage":["https://openalex.org/I41198531"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qingshan Liu","raw_affiliation_strings":["Nanjing University of Posts and Telecommunications, Nanjing, China","Nanjing University of Posts and Telecommunications, China"],"affiliations":[{"raw_affiliation_string":"Nanjing University of Posts and Telecommunications, Nanjing, China","institution_ids":["https://openalex.org/I41198531"]},{"raw_affiliation_string":"Nanjing University of Posts and Telecommunications, China","institution_ids":["https://openalex.org/I41198531"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5068027800"],"corresponding_institution_ids":["https://openalex.org/I4210116924"],"apc_list":null,"apc_paid":null,"fwci":9.4273,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.97713093,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"48","issue":"1","first_page":"876","last_page":"895"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9643999934196472,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11515","display_name":"Bacillus and Francisella bacterial research","score":0.9154999852180481,"subfield":{"id":"https://openalex.org/subfields/1312","display_name":"Molecular Biology"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8671000003814697},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.7053999900817871},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6363000273704529},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.5814999938011169},{"id":"https://openalex.org/keywords/taxonomy","display_name":"Taxonomy (biology)","score":0.5715000033378601},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.5479000210762024},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.47130000591278076}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8671000003814697},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.7053999900817871},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6761999726295471},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6363000273704529},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.5814999938011169},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.5715000033378601},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.5479000210762024},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5236999988555908},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.47130000591278076},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3813999891281128},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3662000000476837},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3483999967575073},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.2912999987602234},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.2863999903202057},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.28139999508857727},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.2768000066280365},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.2754000127315521},{"id":"https://openalex.org/C35651441","wikidata":"https://www.wikidata.org/wiki/Q625303","display_name":"Independence (probability theory)","level":2,"score":0.2653999924659729},{"id":"https://openalex.org/C2779267917","wikidata":"https://www.wikidata.org/wiki/Q170028","display_name":"Deception","level":2,"score":0.25540000200271606},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.25060001015663147}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tpami.2025.3611340","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tpami.2025.3611340","pdf_url":null,"source":{"id":"https://openalex.org/S199944782","display_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","issn_l":"0162-8828","issn":["0162-8828","1939-3539","2160-9292"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Pattern Analysis and Machine Intelligence","raw_type":"journal-article"},{"id":"pmid:40960970","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/40960970","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE transactions on pattern analysis and machine intelligence","raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2037785589","display_name":null,"funder_award_id":"U21B2044","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4221860282","display_name":null,"funder_award_id":"62471420","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5191358174","display_name":null,"funder_award_id":"2025A1515012296","funder_id":"https://openalex.org/F4320337111","funder_display_name":"Basic and Applied Basic Research Foundation of Guangdong Province"},{"id":"https://openalex.org/G6479059842","display_name":null,"funder_award_id":"2024B1515020095","funder_id":"https://openalex.org/F4320337111","funder_display_name":"Basic and Applied Basic Research Foundation of Guangdong Province"},{"id":"https://openalex.org/G6862892202","display_name":null,"funder_award_id":"U24B20155","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320337111","display_name":"Basic and Applied Basic Research Foundation of Guangdong Province","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":135,"referenced_works":["https://openalex.org/W151377110","https://openalex.org/W1987971958","https://openalex.org/W2063368770","https://openalex.org/W2561975083","https://openalex.org/W2607219512","https://openalex.org/W2611576673","https://openalex.org/W2618043096","https://openalex.org/W2774018344","https://openalex.org/W2798626461","https://openalex.org/W2807363941","https://openalex.org/W2934843808","https://openalex.org/W2963100962","https://openalex.org/W2963384482","https://openalex.org/W2963636205","https://openalex.org/W2963671728","https://openalex.org/W2963771536","https://openalex.org/W2966689772","https://openalex.org/W2969695741","https://openalex.org/W2974383094","https://openalex.org/W2985987886","https://openalex.org/W2986013765","https://openalex.org/W2990237009","https://openalex.org/W2990270730","https://openalex.org/W2998600476","https://openalex.org/W3004155269","https://openalex.org/W3034190247","https://openalex.org/W3034258347","https://openalex.org/W3034537217","https://openalex.org/W3034665124","https://openalex.org/W3034900101","https://openalex.org/W3035182590","https://openalex.org/W3035467354","https://openalex.org/W3087086069","https://openalex.org/W3090787324","https://openalex.org/W3091857398","https://openalex.org/W3092411122","https://openalex.org/W3108535146","https://openalex.org/W3109235236","https://openalex.org/W3110617944","https://openalex.org/W3114686421","https://openalex.org/W3117572899","https://openalex.org/W3143848010","https://openalex.org/W3150450875","https://openalex.org/W3152758407","https://openalex.org/W3155048100","https://openalex.org/W3163839567","https://openalex.org/W3174346308","https://openalex.org/W3175402282","https://openalex.org/W3175919946","https://openalex.org/W3177409747","https://openalex.org/W3177410622","https://openalex.org/W3183847497","https://openalex.org/W3185879101","https://openalex.org/W3190601614","https://openalex.org/W3198300623","https://openalex.org/W3201579356","https://openalex.org/W3202320739","https://openalex.org/W3205297166","https://openalex.org/W3206581298","https://openalex.org/W3208328782","https://openalex.org/W3209561377","https://openalex.org/W3210158641","https://openalex.org/W3213831029","https://openalex.org/W3217116278","https://openalex.org/W4200095626","https://openalex.org/W4200525399","https://openalex.org/W4200633541","https://openalex.org/W4210508597","https://openalex.org/W4212968594","https://openalex.org/W4213059850","https://openalex.org/W4214537185","https://openalex.org/W4220822151","https://openalex.org/W4221141431","https://openalex.org/W4226239489","https://openalex.org/W4230172274","https://openalex.org/W4283321310","https://openalex.org/W4283702393","https://openalex.org/W4285602371","https://openalex.org/W4293846201","https://openalex.org/W4294982857","https://openalex.org/W4295441398","https://openalex.org/W4304080842","https://openalex.org/W4306407446","https://openalex.org/W4312229863","https://openalex.org/W4312329503","https://openalex.org/W4312527108","https://openalex.org/W4312536478","https://openalex.org/W4312596145","https://openalex.org/W4312633378","https://openalex.org/W4312702974","https://openalex.org/W4312877401","https://openalex.org/W4313120717","https://openalex.org/W4313192591","https://openalex.org/W4319596548","https://openalex.org/W4375869280","https://openalex.org/W4380607137","https://openalex.org/W4382467140","https://openalex.org/W4385767783","https://openalex.org/W4385805173","https://openalex.org/W4386065356","https://openalex.org/W4386065735","https://openalex.org/W4386066154","https://openalex.org/W4386071506","https://openalex.org/W4386072159","https://openalex.org/W4386075973","https://openalex.org/W4386076050","https://openalex.org/W4386076236","https://openalex.org/W4386076555","https://openalex.org/W4386076627","https://openalex.org/W4387633173","https://openalex.org/W4389794056","https://openalex.org/W4390871715","https://openalex.org/W4390871934","https://openalex.org/W4390873065","https://openalex.org/W4390874351","https://openalex.org/W4390874361","https://openalex.org/W4390904993","https://openalex.org/W4390970376","https://openalex.org/W4392091283","https://openalex.org/W4392359562","https://openalex.org/W4393147367","https://openalex.org/W4393212485","https://openalex.org/W4393973474","https://openalex.org/W4397023214","https://openalex.org/W4399118820","https://openalex.org/W4402727400","https://openalex.org/W4403021927","https://openalex.org/W4404612882","https://openalex.org/W4404672353","https://openalex.org/W4404689981","https://openalex.org/W4407638561","https://openalex.org/W4408749941","https://openalex.org/W4413146337","https://openalex.org/W4413147467","https://openalex.org/W4413320419"],"related_works":[],"abstract_inverted_index":{"Adversarial":[0],"phenomena":[1,18],"have":[2,60,80],"been":[3,61,81],"widely":[4],"observed":[5],"in":[6,34],"machine":[7],"learning":[8],"(ML)":[9],"systems,":[10],"especially":[11],"those":[12],"using":[13],"deep":[14],"neural":[15],"networks.":[16],"These":[17],"describe":[19],"situations":[20],"where":[21],"ML":[22,50,114,143],"systems":[23],"may":[24],"produce":[25],"predictions":[26],"that":[27],"are":[28],"inconsistent":[29],"and":[30,69,98,152,171,188,202],"incomprehensible":[31],"to":[32,45,83,95,107,123,160,184,198],"humans":[33],"certain":[35],"specific":[36],"cases.":[37],"Such":[38],"behavior":[39],"poses":[40],"a":[41,125,134,141,157],"serious":[42],"security":[43],"threat":[44],"the":[46,85,90,96,109,186],"practical":[47],"application":[48],"of":[49,87,100,112,128],"systems.":[51],"To":[52],"exploit":[53],"this":[54],"vulnerability,":[55],"several":[56],"advanced":[57,201],"attack":[58,75,118],"paradigms":[59,132],"developed,":[62],"mainly":[63],"including":[64],"backdoor":[65],"attacks,":[66,68],"weight":[67],"adversarial":[70],"examples.":[71],"For":[72],"each":[73,166],"individual":[74],"paradigm,":[76],"various":[77],"defense":[78,102,131,163,178,192,204],"mechanisms":[79,179],"proposed":[82],"enhance":[84],"robustness":[86,111],"models":[88],"against":[89,116],"corresponding":[91],"attacks.":[92],"However,":[93],"due":[94],"independence":[97],"diversity":[99],"these":[101],"paradigms,":[103],"it":[104],"is":[105],"challenging":[106],"assess":[108],"overall":[110],"an":[113],"system":[115,144],"different":[117,191],"paradigms.":[119,193],"This":[120],"survey":[121],"aims":[122],"provide":[124],"systematic":[126],"review":[127],"all":[129],"existing":[130],"from":[133],"unified":[135,169],"lifecycle":[136],"perspective.":[137],"Specifically,":[138],"we":[139],"decompose":[140],"complete":[142],"into":[145],"five":[146],"stages:":[147],"pre-training,":[148],"training,":[149],"post-training,":[150],"deployment,":[151],"inference.":[153],"We":[154],"then":[155],"present":[156],"clear":[158],"taxonomy":[159,172],"categorize":[161],"representative":[162],"methods":[164],"at":[165],"stage.":[167],"The":[168],"perspective":[170],"not":[173],"only":[174],"help":[175],"us":[176,183],"analyze":[177],"but":[180],"also":[181],"enable":[182],"understand":[185],"connections":[187],"differences":[189],"among":[190],"It":[194],"inspires":[195],"future":[196],"research":[197],"develop":[199],"more":[200],"comprehensive":[203],"strategies.":[205]},"counts_by_year":[{"year":2025,"cited_by_count":4}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}