{"id":"https://openalex.org/W4388624485","doi":"https://doi.org/10.1109/tsc.2023.3329081","title":"Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization","display_name":"Resisting Deep Learning Models Against Adversarial Attack Transferability via Feature Randomization","publication_year":2023,"publication_date":"2023-11-13","ids":{"openalex":"https://openalex.org/W4388624485","doi":"https://doi.org/10.1109/tsc.2023.3329081"},"language":"en","primary_location":{"id":"doi:10.1109/tsc.2023.3329081","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsc.2023.3329081","pdf_url":null,"source":{"id":"https://openalex.org/S204223317","display_name":"IEEE Transactions on Services Computing","issn_l":"1939-1374","issn":["1939-1374","2372-0204"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Services Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014302355","display_name":"Ehsan Nowroozi","orcid":"https://orcid.org/0000-0002-5714-8378"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Ehsan Nowroozi","raw_affiliation_strings":["Centre for Secure Information Technologies (CSIT), Queen's University Belfast (QUB), Belfast, U.K"],"raw_orcid":"https://orcid.org/0000-0002-5714-8378","affiliations":[{"raw_affiliation_string":"Centre for Secure Information Technologies (CSIT), Queen's University Belfast (QUB), Belfast, U.K","institution_ids":["https://openalex.org/I126231945"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091829885","display_name":"Mohammadreza Mohammadi","orcid":"https://orcid.org/0000-0002-8470-3277"},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Mohammadreza Mohammadi","raw_affiliation_strings":["Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy"],"raw_orcid":"https://orcid.org/0000-0002-8470-3277","affiliations":[{"raw_affiliation_string":"Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy","institution_ids":["https://openalex.org/I138689650"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010244326","display_name":"Pargol Golmohammadi","orcid":null},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Pargol Golmohammadi","raw_affiliation_strings":["Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy","institution_ids":["https://openalex.org/I138689650"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065205555","display_name":"Yassine Mekdad","orcid":"https://orcid.org/0000-0003-3860-8057"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yassine Mekdad","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Cyber-Physical Systems Security Lab, Florida International University, Miami, FL, USA"],"raw_orcid":"https://orcid.org/0000-0003-3860-8057","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Cyber-Physical Systems Security Lab, Florida International University, Miami, FL, USA","institution_ids":["https://openalex.org/I19700959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063847107","display_name":"Mauro Conti","orcid":"https://orcid.org/0000-0002-3612-1934"},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Mauro Conti","raw_affiliation_strings":["Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy"],"raw_orcid":"https://orcid.org/0000-0002-3612-1934","affiliations":[{"raw_affiliation_string":"Department of Mathematics, Security and Privacy Research Group (SPRITZ), University of Padua, Padua, Italy","institution_ids":["https://openalex.org/I138689650"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019145852","display_name":"A. Selcuk Uluagac","orcid":"https://orcid.org/0000-0002-9823-3464"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Selcuk Uluagac","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Cyber-Physical Systems Security Lab, Florida International University, Miami, FL, USA"],"raw_orcid":"https://orcid.org/0000-0002-9823-3464","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Cyber-Physical Systems Security Lab, Florida International University, Miami, FL, USA","institution_ids":["https://openalex.org/I19700959"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5014302355"],"corresponding_institution_ids":["https://openalex.org/I126231945"],"apc_list":null,"apc_paid":null,"fwci":3.0674,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.93191957,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"17","issue":"1","first_page":"18","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11515","display_name":"Bacillus and Francisella bacterial research","score":0.9635000228881836,"subfield":{"id":"https://openalex.org/subfields/1312","display_name":"Molecular Biology"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9377999901771545,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9323996305465698},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8487396240234375},{"id":"https://openalex.org/keywords/transferability","display_name":"Transferability","score":0.7490682005882263},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6716489791870117},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6238462924957275},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5549406409263611},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.5517114996910095},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5473003387451172},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.5069591999053955}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9323996305465698},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8487396240234375},{"id":"https://openalex.org/C61272859","wikidata":"https://www.wikidata.org/wiki/Q7834031","display_name":"Transferability","level":3,"score":0.7490682005882263},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6716489791870117},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6238462924957275},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5549406409263611},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.5517114996910095},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5473003387451172},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.5069591999053955},{"id":"https://openalex.org/C140331021","wikidata":"https://www.wikidata.org/wiki/Q1868104","display_name":"Logit","level":2,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tsc.2023.3329081","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsc.2023.3329081","pdf_url":null,"source":{"id":"https://openalex.org/S204223317","display_name":"IEEE Transactions on Services Computing","issn_l":"1939-1374","issn":["1939-1374","2372-0204"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Services Computing","raw_type":"journal-article"},{"id":"pmh:oai:usiena-air.unisi.it:11365/1284834","is_oa":false,"landing_page_url":"https://ieeexplore.ieee.org/document/10315205","pdf_url":null,"source":{"id":"https://openalex.org/S4377196319","display_name":"Use Siena air (University of Siena)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I102064193","host_organization_name":"University of Siena","host_organization_lineage":["https://openalex.org/I102064193"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:www.research.unipd.it:11577/3506414","is_oa":false,"landing_page_url":"https://hdl.handle.net/11577/3506414","pdf_url":null,"source":{"id":"https://openalex.org/S4377196283","display_name":"Research Padua  Archive (University of Padua)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138689650","host_organization_name":"University of Padua","host_organization_lineage":["https://openalex.org/I138689650"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W13771663","https://openalex.org/W1945616565","https://openalex.org/W2074727269","https://openalex.org/W2153635508","https://openalex.org/W2180612164","https://openalex.org/W2243397390","https://openalex.org/W2296509296","https://openalex.org/W2735607295","https://openalex.org/W2766825913","https://openalex.org/W2798117183","https://openalex.org/W2806156052","https://openalex.org/W2943919788","https://openalex.org/W2962700793","https://openalex.org/W2962738629","https://openalex.org/W2962770929","https://openalex.org/W2962972208","https://openalex.org/W2963542245","https://openalex.org/W2963857521","https://openalex.org/W2963920068","https://openalex.org/W3005096353","https://openalex.org/W3093904722","https://openalex.org/W3094138310","https://openalex.org/W3106788038","https://openalex.org/W3134971133","https://openalex.org/W3205752464","https://openalex.org/W3207267053","https://openalex.org/W4205744046","https://openalex.org/W4224321652","https://openalex.org/W4225539131","https://openalex.org/W4293846201","https://openalex.org/W4312703971","https://openalex.org/W6637162671","https://openalex.org/W6640425456","https://openalex.org/W6739868092","https://openalex.org/W6740998807","https://openalex.org/W6746402973","https://openalex.org/W6773297551","https://openalex.org/W6893668996"],"related_works":["https://openalex.org/W4288055406","https://openalex.org/W3137894200","https://openalex.org/W3092178728","https://openalex.org/W3132910851","https://openalex.org/W4377864639","https://openalex.org/W4392340763","https://openalex.org/W2997056298","https://openalex.org/W2950864148","https://openalex.org/W4200630034","https://openalex.org/W4226402597"],"abstract_inverted_index":{"In":[0,44,73],"the":[1,4,12,16,92,101,105,116,126,135,141,158,164,172,182,188,207],"past":[2],"decades,":[3],"rise":[5],"of":[6,99,130,137,170,184,195],"artificial":[7],"intelligence":[8],"has":[9],"given":[10],"us":[11],"capabilities":[13],"to":[14,62,124],"solve":[15],"most":[17,127],"challenging":[18],"problems":[19],"in":[20,91,104],"our":[21,138,155,185,198,203],"day-to-day":[22],"lives,":[23],"such":[24,64,162],"as":[25,163],"cancer":[26],"prediction":[27],"and":[28,109,121,148,210],"autonomous":[29],"navigation.":[30],"However,":[31],"these":[32],"applications":[33],"might":[34],"not":[35,39],"be":[36],"reliable":[37],"if":[38],"secured":[40],"against":[41,175],"adversarial":[42,51,71,85,131,177,212],"attacks.":[43,132,150,178],"addition,":[45],"recent":[46],"works":[47],"demonstrated":[48],"that":[49,69,82,145,154,202],"some":[50],"examples":[52],"are":[53],"transferable":[54],"across":[55],"different":[56],"models.":[57],"Therefore,":[58],"it":[59],"is":[60],"crucial":[61],"avoid":[63],"transferability":[65,214],"via":[66],"robust":[67],"models":[68,90],"resist":[70],"manipulations.":[72],"this":[74],"paper,":[75],"we":[76,152,180],"propose":[77],"a":[78,119,192],"feature":[79,112],"randomization-based":[80],"approach":[81,97,139,186],"resists":[83,211],"eight":[84],"attacks":[86],"targeting":[87],"deep":[88],"learning":[89],"testing":[93],"phase.":[94],"Our":[95],"novel":[96],"consists":[98,169],"changing":[100],"training":[102],"strategy":[103,156],"target":[106,208],"network":[107,173,209],"classifier":[108],"selecting":[110],"random":[111],"samples.":[113],"We":[114,133],"consider":[115],"attacker":[117],"with":[118],"Limited-Knowledge":[120],"Semi-Knowledge":[122],"conditions":[123],"undertake":[125],"prevalent":[128],"types":[129],"evaluate":[134],"robustness":[136],"using":[140,187],"well-known":[142],"UNSW-NB15":[143],"datasets":[144],"include":[146],"realistic":[147],"synthetic":[149],"Afterward,":[151],"demonstrate":[153,181],"outperforms":[157],"existing":[159],"state-of-the-art":[160],"approach,":[161],"Most":[165],"Powerful":[166],"Attack,":[167],"which":[168],"fine-tuning":[171],"model":[174],"specific":[176],"Further,":[179],"practicality":[183],"VIPPrint":[189],"dataset":[190],"through":[191],"comprehensive":[193],"set":[194],"experiments.":[196],"Finally,":[197],"experimental":[199],"results":[200],"show":[201],"methodology":[204],"can":[205],"secure":[206],"attack":[213],"by":[215],"over":[216],"60%.":[217]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}