{"id":"https://openalex.org/W3107089345","doi":"https://doi.org/10.1109/tse.2020.3034721","title":"Towards Security Threats of Deep Learning Systems: A Survey","display_name":"Towards Security Threats of Deep Learning Systems: A Survey","publication_year":2020,"publication_date":"2020-11-09","ids":{"openalex":"https://openalex.org/W3107089345","doi":"https://doi.org/10.1109/tse.2020.3034721","mag":"3107089345"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2020.3034721","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2020.3034721","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5064823863","display_name":"Yingzhe He","orcid":"https://orcid.org/0000-0003-1238-1106"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yingzhe He","raw_affiliation_strings":["Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017417068","display_name":"Guozhu Meng","orcid":"https://orcid.org/0000-0001-6388-2571"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guozhu Meng","raw_affiliation_strings":["Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100437976","display_name":"Kai Chen","orcid":"https://orcid.org/0000-0002-5624-2987"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kai Chen","raw_affiliation_strings":["Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010197002","display_name":"Xingbo Hu","orcid":"https://orcid.org/0000-0001-5963-3513"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xingbo Hu","raw_affiliation_strings":["Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101735243","display_name":"Jinwen He","orcid":"https://orcid.org/0000-0003-0629-9800"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jinwen He","raw_affiliation_strings":["Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Institute of Information Engineering, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cybersecurity, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5064823863"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":6.0371,"has_fulltext":false,"cited_by_count":94,"citation_normalized_percentile":{"value":0.96975223,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"48","issue":"5","first_page":"1743","last_page":"1770"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7912431955337524},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.7561886310577393},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.6579420566558838},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6208315491676331},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6105663776397705},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5702093243598938},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.555417537689209},{"id":"https://openalex.org/keywords/popularity","display_name":"Popularity","score":0.5159143209457397},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.510282039642334},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.44385701417922974},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.43037179112434387},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.41350629925727844},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.08639770746231079}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7912431955337524},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.7561886310577393},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.6579420566558838},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6208315491676331},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6105663776397705},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5702093243598938},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.555417537689209},{"id":"https://openalex.org/C2780586970","wikidata":"https://www.wikidata.org/wiki/Q1357284","display_name":"Popularity","level":2,"score":0.5159143209457397},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.510282039642334},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.44385701417922974},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.43037179112434387},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.41350629925727844},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.08639770746231079},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tse.2020.3034721","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2020.3034721","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1992562646","display_name":null,"funder_award_id":"U1836211","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G661783314","display_name":null,"funder_award_id":"61902395","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8753374989","display_name":null,"funder_award_id":"JQ18011","funder_id":"https://openalex.org/F4320322919","funder_display_name":"Natural Science Foundation of Beijing Municipality"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322847","display_name":"Youth Innovation Promotion Association of the Chinese Academy of Sciences","ror":"https://ror.org/031141b54"},{"id":"https://openalex.org/F4320322919","display_name":"Natural Science Foundation of Beijing Municipality","ror":null},{"id":"https://openalex.org/F4320334978","display_name":"Beijing Nova Program","ror":"https://ror.org/034k14f91"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":321,"referenced_works":["https://openalex.org/W150223756","https://openalex.org/W1488996941","https://openalex.org/W1545528966","https://openalex.org/W1557833142","https://openalex.org/W1582126688","https://openalex.org/W1664169458","https://openalex.org/W1673923490","https://openalex.org/W1873763122","https://openalex.org/W1883420340","https://openalex.org/W1945616565","https://openalex.org/W1985511977","https://openalex.org/W1992926795","https://openalex.org/W2013783830","https://openalex.org/W2051267297","https://openalex.org/W2053637704","https://openalex.org/W2054888947","https://openalex.org/W2089103284","https://openalex.org/W2097895487","https://openalex.org/W2107397716","https://openalex.org/W2119885577","https://openalex.org/W2125908420","https://openalex.org/W2142753309","https://openalex.org/W2145962650","https://openalex.org/W2180612164","https://openalex.org/W2230740169","https://openalex.org/W2243397390","https://openalex.org/W2293844262","https://openalex.org/W2408141691","https://openalex.org/W2435473771","https://openalex.org/W2462906003","https://openalex.org/W2473418344","https://openalex.org/W2476429474","https://openalex.org/W2516373086","https://openalex.org/W2535690855","https://openalex.org/W2536155658","https://openalex.org/W2543927648","https://openalex.org/W2557044351","https://openalex.org/W2572504188","https://openalex.org/W2591788621","https://openalex.org/W2591882872","https://openalex.org/W2594717275","https://openalex.org/W2596378825","https://openalex.org/W2602110945","https://openalex.org/W2603766943","https://openalex.org/W2605258322","https://openalex.org/W2607219512","https://openalex.org/W2612637113","https://openalex.org/W2617174679","https://openalex.org/W2618043096","https://openalex.org/W2618492571","https://openalex.org/W2620038827","https://openalex.org/W2620758585","https://openalex.org/W2745565856","https://openalex.org/W2753783305","https://openalex.org/W2754049786","https://openalex.org/W2754537581","https://openalex.org/W2757528734","https://openalex.org/W2765200655","https://openalex.org/W2765325683","https://openalex.org/W2766898821","https://openalex.org/W2766979629","https://openalex.org/W2767023880","https://openalex.org/W2767951891","https://openalex.org/W2768346313","https://openalex.org/W2772008372","https://openalex.org/W2774607536","https://openalex.org/W2774644650","https://openalex.org/W2776514146","https://openalex.org/W2776884785","https://openalex.org/W2781091734","https://openalex.org/W2781800156","https://openalex.org/W2786233556","https://openalex.org/W2788848944","https://openalex.org/W2789304371","https://openalex.org/W2789477769","https://openalex.org/W2791319131","https://openalex.org/W2794609696","https://openalex.org/W2799137713","https://openalex.org/W2799420851","https://openalex.org/W2802945484","https://openalex.org/W2803872338","https://openalex.org/W2804337238","https://openalex.org/W2805104469","https://openalex.org/W2808195004","https://openalex.org/W2809523935","https://openalex.org/W2809943552","https://openalex.org/W2810278044","https://openalex.org/W2811323882","https://openalex.org/W2811973125","https://openalex.org/W2884280357","https://openalex.org/W2884943453","https://openalex.org/W2885216147","https://openalex.org/W2885673189","https://openalex.org/W2886462939","https://openalex.org/W2886533716","https://openalex.org/W2887198767","https://openalex.org/W2888307014","https://openalex.org/W2888824816","https://openalex.org/W2888975495","https://openalex.org/W2889746123","https://openalex.org/W2891555102","https://openalex.org/W2891719429","https://openalex.org/W2892341857","https://openalex.org/W2893099989","https://openalex.org/W2897830718","https://openalex.org/W2898435086","https://openalex.org/W2905526464","https://openalex.org/W2923095117","https://openalex.org/W2927692314","https://openalex.org/W2930926105","https://openalex.org/W2934843808","https://openalex.org/W2936674544","https://openalex.org/W2942091739","https://openalex.org/W2946363484","https://openalex.org/W2947072673","https://openalex.org/W2947129602","https://openalex.org/W2947133760","https://openalex.org/W2949103145","https://openalex.org/W2949128310","https://openalex.org/W2950651087","https://openalex.org/W2950808778","https://openalex.org/W2954629067","https://openalex.org/W2957905354","https://openalex.org/W2962700793","https://openalex.org/W2962759300","https://openalex.org/W2962763344","https://openalex.org/W2962818281","https://openalex.org/W2962835266","https://openalex.org/W2962847335","https://openalex.org/W2963001136","https://openalex.org/W2963068442","https://openalex.org/W2963158386","https://openalex.org/W2963165363","https://openalex.org/W2963184668","https://openalex.org/W2963303354","https://openalex.org/W2963327228","https://openalex.org/W2963366334","https://openalex.org/W2963378725","https://openalex.org/W2963384482","https://openalex.org/W2963389226","https://openalex.org/W2963456518","https://openalex.org/W2963465081","https://openalex.org/W2963612069","https://openalex.org/W2963626623","https://openalex.org/W2963626858","https://openalex.org/W2963744840","https://openalex.org/W2963823140","https://openalex.org/W2963834268","https://openalex.org/W2963844355","https://openalex.org/W2963857521","https://openalex.org/W2963859254","https://openalex.org/W2963913218","https://openalex.org/W2963920068","https://openalex.org/W2963952467","https://openalex.org/W2964040431","https://openalex.org/W2964043980","https://openalex.org/W2964082701","https://openalex.org/W2964151798","https://openalex.org/W2964159373","https://openalex.org/W2964164993","https://openalex.org/W2964261135","https://openalex.org/W2964301649","https://openalex.org/W2964540166","https://openalex.org/W2964583308","https://openalex.org/W2964734139","https://openalex.org/W2964814686","https://openalex.org/W2964971928","https://openalex.org/W2965198951","https://openalex.org/W2965653989","https://openalex.org/W2965677914","https://openalex.org/W2965921687","https://openalex.org/W2965929808","https://openalex.org/W2966149470","https://openalex.org/W2966764754","https://openalex.org/W2967682612","https://openalex.org/W2968596832","https://openalex.org/W2968940383","https://openalex.org/W2969542116","https://openalex.org/W2969695741","https://openalex.org/W2971848556","https://openalex.org/W2973114647","https://openalex.org/W2977099891","https://openalex.org/W2983042735","https://openalex.org/W2983140679","https://openalex.org/W2983371255","https://openalex.org/W2984260944","https://openalex.org/W2984488829","https://openalex.org/W2985580374","https://openalex.org/W2985913519","https://openalex.org/W2986013765","https://openalex.org/W2986674980","https://openalex.org/W2988194011","https://openalex.org/W2989885118","https://openalex.org/W2990270730","https://openalex.org/W2990595670","https://openalex.org/W2992233710","https://openalex.org/W3004298045","https://openalex.org/W3007157104","https://openalex.org/W3009751875","https://openalex.org/W3034397670","https://openalex.org/W3035367371","https://openalex.org/W3035736465","https://openalex.org/W3036286896","https://openalex.org/W3099785009","https://openalex.org/W3101903411","https://openalex.org/W3102360395","https://openalex.org/W3102720581","https://openalex.org/W3103245149","https://openalex.org/W3103932910","https://openalex.org/W3104224589","https://openalex.org/W3105009650","https://openalex.org/W3105155462","https://openalex.org/W3141585064","https://openalex.org/W4288953700","https://openalex.org/W4293846201","https://openalex.org/W4295837449","https://openalex.org/W4298140072","https://openalex.org/W4300511536","https://openalex.org/W6606067566","https://openalex.org/W6606968511","https://openalex.org/W6634810422","https://openalex.org/W6637162671","https://openalex.org/W6637304703","https://openalex.org/W6639568328","https://openalex.org/W6640425456","https://openalex.org/W6676639149","https://openalex.org/W6676935882","https://openalex.org/W6683272254","https://openalex.org/W6684011098","https://openalex.org/W6684559340","https://openalex.org/W6689238212","https://openalex.org/W6692940648","https://openalex.org/W6697966207","https://openalex.org/W6712691055","https://openalex.org/W6712837096","https://openalex.org/W6714069269","https://openalex.org/W6718836005","https://openalex.org/W6718865826","https://openalex.org/W6719080892","https://openalex.org/W6726264252","https://openalex.org/W6729756640","https://openalex.org/W6733049761","https://openalex.org/W6734028196","https://openalex.org/W6738397735","https://openalex.org/W6738406820","https://openalex.org/W6738685452","https://openalex.org/W6739088070","https://openalex.org/W6739868092","https://openalex.org/W6741036071","https://openalex.org/W6743732567","https://openalex.org/W6744679260","https://openalex.org/W6745272055","https://openalex.org/W6745795967","https://openalex.org/W6746077254","https://openalex.org/W6746261426","https://openalex.org/W6746402973","https://openalex.org/W6746921180","https://openalex.org/W6747553010","https://openalex.org/W6747819456","https://openalex.org/W6747920752","https://openalex.org/W6748082217","https://openalex.org/W6748111160","https://openalex.org/W6748288002","https://openalex.org/W6748382702","https://openalex.org/W6750404860","https://openalex.org/W6750462152","https://openalex.org/W6750670179","https://openalex.org/W6751070894","https://openalex.org/W6751161574","https://openalex.org/W6751219861","https://openalex.org/W6751312068","https://openalex.org/W6751573770","https://openalex.org/W6751762734","https://openalex.org/W6751912496","https://openalex.org/W6752346538","https://openalex.org/W6752600739","https://openalex.org/W6752609924","https://openalex.org/W6752985256","https://openalex.org/W6753280856","https://openalex.org/W6753342801","https://openalex.org/W6753384464","https://openalex.org/W6753474897","https://openalex.org/W6754272107","https://openalex.org/W6754682691","https://openalex.org/W6755007867","https://openalex.org/W6755233895","https://openalex.org/W6756840679","https://openalex.org/W6760326341","https://openalex.org/W6760630825","https://openalex.org/W6760684019","https://openalex.org/W6760759230","https://openalex.org/W6760919268","https://openalex.org/W6761231816","https://openalex.org/W6762235582","https://openalex.org/W6762427411","https://openalex.org/W6762518091","https://openalex.org/W6762572962","https://openalex.org/W6762703810","https://openalex.org/W6762749081","https://openalex.org/W6762814303","https://openalex.org/W6762970624","https://openalex.org/W6763077247","https://openalex.org/W6763091886","https://openalex.org/W6764550947","https://openalex.org/W6766152126","https://openalex.org/W6766725774","https://openalex.org/W6767095891","https://openalex.org/W6767183785","https://openalex.org/W6767212563","https://openalex.org/W6770634426","https://openalex.org/W6770635715","https://openalex.org/W6771533808","https://openalex.org/W6771683604","https://openalex.org/W6771809012","https://openalex.org/W6772101090","https://openalex.org/W6772186977","https://openalex.org/W6772367552","https://openalex.org/W6779739866","https://openalex.org/W6804628532","https://openalex.org/W6863619753","https://openalex.org/W6898611122"],"related_works":["https://openalex.org/W4362599004","https://openalex.org/W2522301850","https://openalex.org/W4293865127","https://openalex.org/W2797142180","https://openalex.org/W2588995807","https://openalex.org/W4248052496","https://openalex.org/W4251088474","https://openalex.org/W2952919291","https://openalex.org/W43121067","https://openalex.org/W4380925710"],"abstract_inverted_index":{"Deep":[0,31],"learning":[1,16,29,100],"has":[2,47],"gained":[3],"tremendous":[4],"success":[5,226],"and":[6,39,58,73,91,111,146,164,181,191,224,230,239],"great":[7],"popularity":[8],"in":[9,80,93,119,194,247],"the":[10,26,37,51,88,94,173,185],"past":[11],"few":[12,64],"years.":[13],"However,":[14],"deep":[15,82,99,109,136],"systems":[17],"are":[18,65,71,79,169],"suffering":[19],"several":[20],"inherent":[21],"weaknesses,":[22],"which":[23,177,242],"can":[24,243],"threaten":[25],"security":[27,89,133,237],"of":[28,45,53,96,129,135,152],"models.":[30],"learning\u2019s":[32],"wide":[33],"use":[34],"further":[35],"magnifies":[36],"impact":[38],"consequences.":[40],"To":[41],"this":[42,248],"end,":[43],"lots":[44],"research":[46,246],"been":[48],"conducted":[49],"with":[50,132],"purpose":[52],"exhaustively":[54],"identifying":[55],"intrinsic":[56],"weaknesses":[57,70,90,238],"subsequently":[59],"proposing":[60],"feasible":[61],"mitigation.":[62],"Yet":[63],"clear":[66],"about":[67],"how":[68,74,199],"these":[69,76,113,221],"incurred":[72],"effective":[75],"attack":[77,145,165,174,196],"approaches":[78],"assaulting":[81],"learning.":[83],"In":[84,122],"order":[85],"to":[86,115,200,203],"unveil":[87],"aid":[92],"development":[95],"a":[97],"robust":[98],"system,":[101],"we":[102,124,154,178,187,233],"undertake":[103],"an":[104,195],"investigation":[105],"on":[106,126,217],"attacks":[107,114,130],"towards":[108],"learning,":[110],"analyze":[112],"conclude":[116],"some":[117],"findings":[118,219],"multiple":[120],"views.":[121],"particular,":[123],"focus":[125],"four":[127],"types":[128],"associated":[131],"threats":[134],"learning:":[137],"model":[138,141],"extraction":[139],"attack,":[140,143,153],"inversion":[142],"poisoning":[144],"adversarial":[147],"attack.":[148],"For":[149],"each":[150],"type":[151],"construct":[155],"its":[156],"essential":[157],"workflow":[158],"as":[159,161],"well":[160],"adversary":[162],"capabilities":[163],"goals.":[166],"Pivot":[167],"metrics":[168],"devised":[170],"for":[171,211],"comparing":[172],"approaches,":[175],"by":[176],"perform":[179],"quantitative":[180],"qualitative":[182],"analyses.":[183],"From":[184],"analysis,":[186],"have":[188],"identified":[189],"significant":[190],"indispensable":[192],"factors":[193],"vector,":[197],"e.g.,":[198],"reduce":[201],"queries":[202],"target":[204],"models,":[205],"what":[206],"distance":[207],"should":[208],"be":[209],"used":[210],"measuring":[212],"perturbation.":[213],"We":[214],"shed":[215],"light":[216],"18":[218],"covering":[220],"approaches\u2019":[222],"merits":[223],"demerits,":[225],"probability,":[227],"deployment":[228],"complexity":[229],"prospects.":[231],"Moreover,":[232],"discuss":[234],"other":[235],"potential":[236],"possible":[240],"mitigation":[241],"inspire":[244],"relevant":[245],"area.":[249]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":20},{"year":2024,"cited_by_count":24},{"year":2023,"cited_by_count":15},{"year":2022,"cited_by_count":15},{"year":2021,"cited_by_count":11},{"year":2020,"cited_by_count":3}],"updated_date":"2026-03-26T15:22:09.906841","created_date":"2025-10-10T00:00:00"}