{"id":"https://openalex.org/W4411337249","doi":"https://doi.org/10.1109/sp61157.2025.00006","title":"Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive Patches","display_name":"Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive Patches","publication_year":2025,"publication_date":"2025-05-12","ids":{"openalex":"https://openalex.org/W4411337249","doi":"https://doi.org/10.1109/sp61157.2025.00006"},"language":"en","primary_location":{"id":"doi:10.1109/sp61157.2025.00006","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp61157.2025.00006","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041047743","display_name":"Jianan Feng","orcid":"https://orcid.org/0000-0002-6701-2730"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jianan Feng","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100660733","display_name":"Jiachun Li","orcid":"https://orcid.org/0000-0002-6168-9580"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiachun Li","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080095463","display_name":"Changqing Miao","orcid":"https://orcid.org/0000-0002-9873-4314"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Changqing Miao","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037117080","display_name":"Jianjun Huang","orcid":"https://orcid.org/0000-0003-4403-0060"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianjun Huang","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101927208","display_name":"Wei You","orcid":"https://orcid.org/0000-0003-1009-6627"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei You","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017405627","display_name":"Wenchang Shi","orcid":"https://orcid.org/0000-0002-5160-1223"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wenchang Shi","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100644627","display_name":"Bin Liang","orcid":"https://orcid.org/0000-0002-4818-7164"},"institutions":[{"id":"https://openalex.org/I78988378","display_name":"Renmin University of China","ror":"https://ror.org/041pakw92","country_code":"CN","type":"education","lineage":["https://openalex.org/I78988378"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bin Liang","raw_affiliation_strings":["School of Information, Renmin University of China,Beijing,China"],"affiliations":[{"raw_affiliation_string":"School of Information, Renmin University of China,Beijing,China","institution_ids":["https://openalex.org/I78988378"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5041047743"],"corresponding_institution_ids":["https://openalex.org/I78988378"],"apc_list":null,"apc_paid":null,"fwci":2.8414,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.91346806,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"2133","last_page":"2151"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9872999787330627,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7132139205932617},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5373972654342651},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4735878109931946},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.24482855200767517}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7132139205932617},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5373972654342651},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4735878109931946},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.24482855200767517}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp61157.2025.00006","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp61157.2025.00006","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W639708223","https://openalex.org/W1861492603","https://openalex.org/W2031489346","https://openalex.org/W2111817346","https://openalex.org/W2144506857","https://openalex.org/W2161969291","https://openalex.org/W2336566325","https://openalex.org/W2504335775","https://openalex.org/W2555618208","https://openalex.org/W2570343428","https://openalex.org/W2902867332","https://openalex.org/W2905311601","https://openalex.org/W2905423756","https://openalex.org/W2907051082","https://openalex.org/W2946363484","https://openalex.org/W2959364614","https://openalex.org/W2962818872","https://openalex.org/W2963302614","https://openalex.org/W2963726920","https://openalex.org/W2990075400","https://openalex.org/W3017485054","https://openalex.org/W3034455297","https://openalex.org/W3034638324","https://openalex.org/W3088733693","https://openalex.org/W3107990944","https://openalex.org/W3166089996","https://openalex.org/W3175451538","https://openalex.org/W3180134609","https://openalex.org/W3204155906","https://openalex.org/W3206976809","https://openalex.org/W3211739457","https://openalex.org/W3212077589","https://openalex.org/W3215404543","https://openalex.org/W4221139075","https://openalex.org/W4226232092","https://openalex.org/W4281487639","https://openalex.org/W4283820844","https://openalex.org/W4287851284","https://openalex.org/W4297896551","https://openalex.org/W4304092061","https://openalex.org/W4307965990","https://openalex.org/W4312948371","https://openalex.org/W4377142631","https://openalex.org/W4384948728","https://openalex.org/W4385080309","https://openalex.org/W4385757664","https://openalex.org/W4386076175","https://openalex.org/W4387397209","https://openalex.org/W4388624485","https://openalex.org/W4388867270"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492"],"abstract_inverted_index":{"Object":[0],"detection":[1],"has":[2],"found":[3],"extensive":[4],"applications":[5],"in":[6],"various":[7],"tasks,":[8],"but":[9],"it":[10],"is":[11],"also":[12,153],"susceptible":[13],"to":[14,26,42,69,96,110],"adversarial":[15,51,75,80],"patch":[16,81],"attacks.":[17,33,52,114],"The":[18,115,128],"ideal":[19],"defense":[20],"should":[21],"be":[22,84],"effective,":[23],"efficient,":[24],"easy":[25],"deploy,":[27],"and":[28,46,59,63,106,117,133],"capable":[29],"of":[30,55,119],"withstanding":[31],"adaptive":[32,163],"In":[34,77],"this":[35,78],"paper,":[36],"we":[37,102],"adopt":[38],"a":[39,44],"counterattack":[40],"strategy":[41],"propose":[43],"novel":[45],"general":[47],"methodology":[48],"for":[49],"defending":[50],"Two":[53],"types":[54],"defensive":[56],"patches,":[57],"canary":[58,105,132],"woodpecker,":[60],"are":[61,123],"specially-crafted":[62],"injected":[64],"into":[65],"the":[66,90,94,98,120],"model":[67,91],"input":[68],"proactively":[70],"probe":[71],"or":[72],"counteract":[73],"potential":[74],"patches.":[76],"manner,":[79],"attacks":[82],"can":[83],"effectively":[85],"detected":[86],"by":[87,162],"simply":[88],"analyzing":[89],"output,":[92],"without":[93],"need":[95],"alter":[97],"target":[99],"model.":[100],"Moreover,":[101],"employ":[103],"randomized":[104],"woodpecker":[107,134],"injection":[108],"patterns":[109],"defend":[111],"against":[112,157],"defense-aware":[113,158],"effectiveness":[116],"practicality":[118],"proposed":[121],"method":[122,152],"demonstrated":[124],"through":[125],"comprehensive":[126],"experiments.":[127,165],"results":[129],"illustrate":[130],"that":[131],"achieve":[135],"high":[136],"performance,":[137],"even":[138],"when":[139],"confronted":[140],"with":[141],"unknown":[142],"attack":[143,164],"methods,":[144],"while":[145],"incurring":[146],"limited":[147],"time":[148],"overhead.":[149],"Furthermore,":[150],"our":[151],"exhibits":[154],"sufficient":[155],"robustness":[156],"attacks,":[159],"as":[160],"evidenced":[161]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}