{"id":"https://openalex.org/W4410609089","doi":"https://doi.org/10.1109/satml64287.2025.00030","title":"Targeted Manifold Manipulation Against Adversarial Attacks","display_name":"Targeted Manifold Manipulation Against Adversarial Attacks","publication_year":2025,"publication_date":"2025-04-09","ids":{"openalex":"https://openalex.org/W4410609089","doi":"https://doi.org/10.1109/satml64287.2025.00030"},"language":"en","primary_location":{"id":"doi:10.1109/satml64287.2025.00030","is_oa":false,"landing_page_url":"https://doi.org/10.1109/satml64287.2025.00030","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":null,"any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068143762","display_name":"Banibrata Ghosh","orcid":"https://orcid.org/0000-0001-7306-9402"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Banibrata Ghosh","raw_affiliation_strings":["Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia"],"affiliations":[{"raw_affiliation_string":"Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023077368","display_name":"Haripriya Harikumar","orcid":"https://orcid.org/0000-0001-9918-381X"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Haripriya Harikumar","raw_affiliation_strings":["Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia"],"affiliations":[{"raw_affiliation_string":"Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045540854","display_name":"Svetha Venkatesh","orcid":"https://orcid.org/0000-0001-8675-6631"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Svetha Venkatesh","raw_affiliation_strings":["Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia"],"affiliations":[{"raw_affiliation_string":"Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024215125","display_name":"Santu Rana","orcid":"https://orcid.org/0000-0003-2247-850X"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Santu Rana","raw_affiliation_strings":["Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia"],"affiliations":[{"raw_affiliation_string":"Applied Artificial Intelligence Institute, Deakin University,Waurn Ponds,Australia","institution_ids":["https://openalex.org/I149704539"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5068143762"],"corresponding_institution_ids":["https://openalex.org/I149704539"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.05136738,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"427","last_page":"438"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9757000207901001,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8069092035293579},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6244415640830994},{"id":"https://openalex.org/keywords/manifold","display_name":"Manifold (fluid mechanics)","score":0.6221120953559875},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3636588156223297},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.29751163721084595},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14605477452278137},{"id":"https://openalex.org/keywords/mechanical-engineering","display_name":"Mechanical engineering","score":0.0698544979095459}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8069092035293579},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6244415640830994},{"id":"https://openalex.org/C529865628","wikidata":"https://www.wikidata.org/wiki/Q1790740","display_name":"Manifold (fluid mechanics)","level":2,"score":0.6221120953559875},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3636588156223297},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.29751163721084595},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14605477452278137},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0698544979095459}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/satml64287.2025.00030","is_oa":false,"landing_page_url":"https://doi.org/10.1109/satml64287.2025.00030","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML)","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/29276810","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference contribution"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/29276810","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference contribution"},"sustainable_development_goals":[{"score":0.4000000059604645,"display_name":"Gender equality","id":"https://metadata.un.org/sdg/5"}],"awards":[{"id":"https://openalex.org/G8302127508","display_name":null,"funder_award_id":"DP210102798","funder_id":"https://openalex.org/F4320334704","funder_display_name":"Australian Research Council"}],"funders":[{"id":"https://openalex.org/F4320334704","display_name":"Australian Research Council","ror":"https://ror.org/05mmh0f86"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W2108598243","https://openalex.org/W2117876524","https://openalex.org/W2138011018","https://openalex.org/W2243397390","https://openalex.org/W2607219512","https://openalex.org/W2618043096","https://openalex.org/W2895097814","https://openalex.org/W2942091739","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W3015625436","https://openalex.org/W3035182590","https://openalex.org/W3080297477","https://openalex.org/W3088733693","https://openalex.org/W3116131084","https://openalex.org/W3177410622","https://openalex.org/W4295136046","https://openalex.org/W4303649662","https://openalex.org/W4394597475","https://openalex.org/W6640425456","https://openalex.org/W6733901433","https://openalex.org/W6734483310","https://openalex.org/W6739868092","https://openalex.org/W6746897123","https://openalex.org/W6747819456","https://openalex.org/W6748475379","https://openalex.org/W6748724315","https://openalex.org/W6751575553","https://openalex.org/W6752049347","https://openalex.org/W6752760542","https://openalex.org/W6755310938","https://openalex.org/W6758684365","https://openalex.org/W6759129252","https://openalex.org/W6763049546","https://openalex.org/W6764522968","https://openalex.org/W6764942769","https://openalex.org/W6765597837","https://openalex.org/W6767666165","https://openalex.org/W6773496015","https://openalex.org/W6774469542","https://openalex.org/W6779628750","https://openalex.org/W6780154528","https://openalex.org/W6785480743","https://openalex.org/W6796761702"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492"],"abstract_inverted_index":{"Adversarial":[0],"attacks":[1,63,72,82,174,195],"on":[2],"deep":[3],"models":[4],"are":[5,53],"often":[6],"guaranteed":[7],"to":[8,15,34,60,180,200],"find":[9],"a":[10,22,27,129],"small":[11],"and":[12,135,162,203],"innocuous":[13],"perturbation":[14],"easily":[16,67,111],"alter":[17],"the":[18,36,39,62,78,92,115,141,148,153,189],"class":[19,57],"label":[20,58],"of":[21,117,160],"test":[23],"input.":[24],"We":[25,169],"use":[26,170],"novel":[28],"Targeted":[29],"Manifold":[30],"Manipulation":[31],"(TMM)":[32],"approach":[33],"direct":[35],"gradients":[37],"from":[38,91],"genuine":[40],"data":[41,93,108],"manifold":[42,97],"toward":[43],"carefully":[44],"planted":[45],"traps":[46,52,118],"during":[47],"such":[48,106],"adversarial":[49,149,173],"attacks.":[50,205],"The":[51],"assigned":[54],"an":[55],"additional":[56],"(Trapclass)":[59],"make":[61],"falling":[64],"in":[65,77],"them":[66],"identifiable.":[68],"Whilst":[69],"low-perturbation":[70],"budget":[71,81],"will":[73],"necessarily":[74],"end":[75,87],"up":[76,88],"traps,":[79],"high-perturbation":[80],"may":[83],"escape":[84],"but":[85],"only":[86,101],"far":[89],"away":[90],"manifold.":[94],"Since":[95],"our":[96,182],"manipulation":[98],"is":[99],"enforced":[100],"locally,":[102],"we":[103,146],"show":[104,187],"that":[105,188],"out-of-distribution":[107],"can":[109,192],"be":[110],"detected":[112],"by":[113],"noting":[114],"absence":[116],"around":[119],"them.":[120],"Our":[121,185],"detection":[122,134],"algorithm,":[123],"denoted":[124],"as":[125],"TMM-Def":[126],"avoids":[127,152],"learning":[128],"separate":[130],"model":[131],"for":[132,165],"attack":[133,163],"thus":[136],"remains":[137],"semantically":[138],"aligned":[139],"with":[140,157,175],"original":[142],"classifier.":[143],"Further,":[144],"since":[145],"manipulate":[147],"distribution,":[150],"it":[151],"fundamental":[154],"difficulty":[155],"associated":[156],"overlapping":[158],"distributions":[159],"clean":[161],"samples":[164],"usual,":[166],"unmanipulated":[167],"models.":[168],"nine":[171],"state-of-the-art":[172],"six":[176],"well-known":[177],"image":[178],"datasets":[179],"evaluate":[181],"proposed":[183,190],"defense.":[184],"results":[186],"method":[191],"detect":[193],"~99%":[194],"whilst":[196],"also":[197],"being":[198],"robust":[199],"semantic-preserving,":[201],"transformations,":[202],"adaptive":[204]},"counts_by_year":[],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}