{"id":"https://openalex.org/W4390481012","doi":"https://doi.org/10.1109/tse.2023.3348515","title":"Safety and Performance, Why Not Both? Bi-Objective Optimized Model Compression Against Heterogeneous Attacks Toward AI Software Deployment","display_name":"Safety and Performance, Why Not Both? Bi-Objective Optimized Model Compression Against Heterogeneous Attacks Toward AI Software Deployment","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4390481012","doi":"https://doi.org/10.1109/tse.2023.3348515"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2023.3348515","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2023.3348515","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101599150","display_name":"Jie Zhu","orcid":"https://orcid.org/0000-0003-3490-4131"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jie Zhu","raw_affiliation_strings":["Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","School of Computer Science, Peking University, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I20231570"]},{"raw_affiliation_string":"School of Computer Science, Peking University, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055087680","display_name":"Leye Wang","orcid":"https://orcid.org/0000-0002-7627-8485"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Leye Wang","raw_affiliation_strings":["Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","School of Computer Science, Peking University, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I20231570"]},{"raw_affiliation_string":"School of Computer Science, Peking University, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075148478","display_name":"Xiao Han","orcid":"https://orcid.org/0000-0003-1331-0860"},"institutions":[{"id":"https://openalex.org/I181679659","display_name":"Shanghai University of Finance and Economics","ror":"https://ror.org/00wtvfq62","country_code":"CN","type":"education","lineage":["https://openalex.org/I181679659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiao Han","raw_affiliation_strings":["Shanghai University of Finance and Economics, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Shanghai University of Finance and Economics, Shanghai, China","institution_ids":["https://openalex.org/I181679659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114114527","display_name":"Anmin Liu","orcid":"https://orcid.org/0000-0003-1138-3660"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Anmin Liu","raw_affiliation_strings":["Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","School of Computer Science, Peking University, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I20231570"]},{"raw_affiliation_string":"School of Computer Science, Peking University, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048118068","display_name":"Tao Xie","orcid":"https://orcid.org/0000-0002-6731-216X"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Xie","raw_affiliation_strings":["Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","School of Computer Science, Peking University, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I20231570"]},{"raw_affiliation_string":"School of Computer Science, Peking University, China","institution_ids":["https://openalex.org/I20231570"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5101599150"],"corresponding_institution_ids":["https://openalex.org/I20231570","https://openalex.org/I4210128818"],"apc_list":null,"apc_paid":null,"fwci":1.3901,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.82596477,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":97},"biblio":{"volume":"50","issue":"3","first_page":"376","last_page":"390"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8275743722915649},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6232572793960571},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6205632090568542},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5661953687667847},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.524383008480072},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.45177146792411804},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.4488438367843628},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.43296363949775696},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3090180456638336},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.24574002623558044},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.17189839482307434}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8275743722915649},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6232572793960571},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6205632090568542},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5661953687667847},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.524383008480072},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.45177146792411804},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.4488438367843628},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.43296363949775696},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3090180456638336},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.24574002623558044},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.17189839482307434}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tse.2023.3348515","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2023.3348515","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3695564058","display_name":null,"funder_award_id":"72031001","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7469815063","display_name":null,"funder_award_id":"61972008","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8641176576","display_name":null,"funder_award_id":"72071125","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8821883043","display_name":null,"funder_award_id":"62161146003","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":87,"referenced_works":["https://openalex.org/W1821462560","https://openalex.org/W2029886881","https://openalex.org/W2093223485","https://openalex.org/W2108598243","https://openalex.org/W2119144962","https://openalex.org/W2194775991","https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2551176409","https://openalex.org/W2738104193","https://openalex.org/W2795435272","https://openalex.org/W2798657499","https://openalex.org/W2808133870","https://openalex.org/W2884943453","https://openalex.org/W2887995258","https://openalex.org/W2896457183","https://openalex.org/W2923014074","https://openalex.org/W2930926105","https://openalex.org/W2956434358","https://openalex.org/W2962793481","https://openalex.org/W2963122961","https://openalex.org/W2963378725","https://openalex.org/W2963456518","https://openalex.org/W2965373594","https://openalex.org/W2983140679","https://openalex.org/W2984991263","https://openalex.org/W3003257820","https://openalex.org/W3012561096","https://openalex.org/W3016375081","https://openalex.org/W3038428716","https://openalex.org/W3091473186","https://openalex.org/W3094502228","https://openalex.org/W3096738375","https://openalex.org/W3096831136","https://openalex.org/W3103245149","https://openalex.org/W3105966348","https://openalex.org/W3115042282","https://openalex.org/W3118608800","https://openalex.org/W3126152116","https://openalex.org/W3138815606","https://openalex.org/W3153405813","https://openalex.org/W3158803559","https://openalex.org/W3188079459","https://openalex.org/W3189551349","https://openalex.org/W3212600502","https://openalex.org/W3212827350","https://openalex.org/W4284678610","https://openalex.org/W4293846201","https://openalex.org/W4295362399","https://openalex.org/W4300996741","https://openalex.org/W4308410741","https://openalex.org/W4382202942","https://openalex.org/W6637373629","https://openalex.org/W6638523607","https://openalex.org/W6638632666","https://openalex.org/W6677580257","https://openalex.org/W6684191040","https://openalex.org/W6685053522","https://openalex.org/W6693397755","https://openalex.org/W6730161283","https://openalex.org/W6739868092","https://openalex.org/W6742011783","https://openalex.org/W6746082227","https://openalex.org/W6750182894","https://openalex.org/W6755207826","https://openalex.org/W6757914502","https://openalex.org/W6761100157","https://openalex.org/W6763077247","https://openalex.org/W6763393573","https://openalex.org/W6763736615","https://openalex.org/W6765532259","https://openalex.org/W6766673545","https://openalex.org/W6770699648","https://openalex.org/W6772013979","https://openalex.org/W6775482175","https://openalex.org/W6778883912","https://openalex.org/W6785386067","https://openalex.org/W6787972765","https://openalex.org/W6789723219","https://openalex.org/W6790057022","https://openalex.org/W6796487566","https://openalex.org/W6802444496","https://openalex.org/W6803578126","https://openalex.org/W6810027437","https://openalex.org/W6838539104","https://openalex.org/W6843021419","https://openalex.org/W6847315595"],"related_works":["https://openalex.org/W2770234245","https://openalex.org/W96612179","https://openalex.org/W4229499248","https://openalex.org/W2566006169","https://openalex.org/W1567818861","https://openalex.org/W2987774938","https://openalex.org/W4390608645","https://openalex.org/W4256492088","https://openalex.org/W632915154","https://openalex.org/W1980614089"],"abstract_inverted_index":{"The":[0,224],"size":[1,44],"of":[2,83,158,231,249],"deep":[3],"learning":[4],"models":[5,75],"in":[6,53,79,113],"artificial":[7],"intelligence":[8],"(AI)":[9],"software":[10,33,114],"is":[11],"increasing":[12],"rapidly,":[13],"which":[14,39],"hinders":[15],"the":[16,50,54,61,73,95,108,130,134,149,196,227,247],"large-scale":[17],"deployment":[18],"on":[19,212],"resource-restricted":[20],"devices":[21,84],"(":[22],"<italic":[23,124],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[24,125],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">e.g.</i>":[25],",":[26],"smartphones).":[27],"To":[28],"mitigate":[29],"this":[30,89],"issue,":[31],"AI":[32],"compression":[34,98],"plays":[35],"a":[36,80,101,118,141,145],"crucial":[37],"role,":[38],"aims":[40],"to":[41,93,144,193,238,241],"compress":[42,140],"model":[43,56,97,143],"while":[45],"keeping":[46],"high":[47],"performance.":[48],"However,":[49],"intrinsic":[51],"defects":[52,65],"big":[55,142],"may":[57,66],"be":[58,67],"inherited":[59],"by":[60,70,107,190],"compressed":[62,74],"one.":[63],"Such":[64],"easily":[68],"leveraged":[69],"attackers,":[71],"since":[72],"are":[76,210],"usually":[77],"deployed":[78],"large":[81],"number":[82],"without":[85],"adequate":[86],"protection.":[87],"In":[88],"paper,":[90],"we":[91,116,174,184],"try":[92],"address":[94],"safe":[96],"problem":[99],"from":[100],"safety-performance":[102],"co-optimization":[103],"perspective.":[104],"Specifically,":[105],"inspired":[106],"test-driven":[109,119],"development":[110],"(TDD)":[111],"paradigm":[112],"engineering,":[115],"propose":[117],"sparse":[120,151],"training":[121,152],"framework":[122],"called":[123,179,188],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">SafeCompress</i>":[126],".":[127],"By":[128],"simulating":[129],"attack":[131,162,168],"mechanism":[132],"as":[133],"safety":[135],"test,":[136],"SafeCompress":[137,192,240],"can":[138],"automatically":[139],"small":[146],"one":[147],"following":[148],"dynamic":[150],"paradigm.":[153],"Then,":[154],"considering":[155],"two":[156,176],"kinds":[157],"representative":[159],"and":[160,169,181,202,219,229],"heterogeneous":[161],"mechanisms":[163],"i.e.,":[164],"black-box":[165,201],"membership":[166,171,204],"inference":[167,172,205],"white-box":[170,203],"attack,":[173],"develop":[175],"concrete":[177],"instances":[178],"BMIA-SafeCompress":[180],"WMIA-SafeCompress.":[182],"Further,":[183],"implement":[185],"another":[186],"instance":[187],"MMIA-SafeCompress":[189],"extending":[191],"defend":[194],"against":[195],"occasion":[197],"when":[198],"attackers":[199],"conduct":[200],"attacks":[206,243],"simultaneously.":[207],"Extensive":[208],"experiments":[209],"conducted":[211],"five":[213],"datasets":[214],"for":[215],"both":[216],"computer":[217],"vision":[218],"natural":[220],"language":[221],"processing":[222],"tasks.":[223],"results":[225],"verify":[226],"effectiveness":[228],"generalizability":[230],"our":[232],"method.":[233],"We":[234],"also":[235],"discuss":[236],"how":[237],"adapt":[239],"other":[242],"besides":[244],"MIA,":[245],"demonstrating":[246],"flexibility":[248],"SafeCompress.":[250]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":3}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}