{"id":"https://openalex.org/W2910317047","doi":"https://doi.org/10.1145/3287624.3288751","title":"A system-level perspective to understand the vulnerability of deep learning systems","display_name":"A system-level perspective to understand the vulnerability of deep learning systems","publication_year":2019,"publication_date":"2019-01-18","ids":{"openalex":"https://openalex.org/W2910317047","doi":"https://doi.org/10.1145/3287624.3288751","mag":"2910317047"},"language":"en","primary_location":{"id":"doi:10.1145/3287624.3288751","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3287624.3288751","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th Asia and South Pacific Design Automation Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028842878","display_name":"Tao Liu","orcid":"https://orcid.org/0000-0002-3568-4882"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Tao Liu","raw_affiliation_strings":["Florida International University"],"affiliations":[{"raw_affiliation_string":"Florida International University","institution_ids":["https://openalex.org/I19700959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048064145","display_name":"Nuo Xu","orcid":"https://orcid.org/0000-0001-6148-2830"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nuo Xu","raw_affiliation_strings":["Florida International University"],"affiliations":[{"raw_affiliation_string":"Florida International University","institution_ids":["https://openalex.org/I19700959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100453144","display_name":"Qi Liu","orcid":"https://orcid.org/0000-0001-5378-6404"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Qi Liu","raw_affiliation_strings":["Florida International University"],"affiliations":[{"raw_affiliation_string":"Florida International University","institution_ids":["https://openalex.org/I19700959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100651384","display_name":"Yanzhi Wang","orcid":"https://orcid.org/0000-0002-3024-7990"},"institutions":[{"id":"https://openalex.org/I87182695","display_name":"Universidad del Noreste","ror":"https://ror.org/02ahky613","country_code":"MX","type":"education","lineage":["https://openalex.org/I87182695"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Yanzhi Wang","raw_affiliation_strings":["Northeastern University"],"affiliations":[{"raw_affiliation_string":"Northeastern University","institution_ids":["https://openalex.org/I87182695"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067226050","display_name":"Wujie Wen","orcid":"https://orcid.org/0000-0003-0011-0675"},"institutions":[{"id":"https://openalex.org/I19700959","display_name":"Florida International University","ror":"https://ror.org/02gz6gg07","country_code":"US","type":"education","lineage":["https://openalex.org/I19700959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wujie Wen","raw_affiliation_strings":["Florida International University"],"affiliations":[{"raw_affiliation_string":"Florida International University","institution_ids":["https://openalex.org/I19700959"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5028842878"],"corresponding_institution_ids":["https://openalex.org/I19700959"],"apc_list":null,"apc_paid":null,"fwci":0.7001,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.76886385,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.991599977016449,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7741279602050781},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7402697801589966},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5614559650421143},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.537514865398407},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5319861173629761},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5312642455101013},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.5171858072280884},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5115028619766235},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.507204532623291},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5003104209899902},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.4512374699115753},{"id":"https://openalex.org/keywords/damages","display_name":"Damages","score":0.4505019783973694},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.44763076305389404},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.38443630933761597},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.19752392172813416},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11483868956565857}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7741279602050781},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7402697801589966},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5614559650421143},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.537514865398407},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5319861173629761},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5312642455101013},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.5171858072280884},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5115028619766235},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.507204532623291},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5003104209899902},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.4512374699115753},{"id":"https://openalex.org/C2777381055","wikidata":"https://www.wikidata.org/wiki/Q308922","display_name":"Damages","level":2,"score":0.4505019783973694},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.44763076305389404},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.38443630933761597},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.19752392172813416},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11483868956565857},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3287624.3288751","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3287624.3288751","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th Asia and South Pacific Design Automation Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1945616565","https://openalex.org/W2040924693","https://openalex.org/W2132874238","https://openalex.org/W2160815625","https://openalex.org/W2180612164","https://openalex.org/W2603766943","https://openalex.org/W2618530766","https://openalex.org/W2757528734","https://openalex.org/W2793747643","https://openalex.org/W2808426733","https://openalex.org/W2884199749","https://openalex.org/W2919115771","https://openalex.org/W2963671154","https://openalex.org/W2964082701","https://openalex.org/W2964276371","https://openalex.org/W3007346474"],"related_works":["https://openalex.org/W3048732067","https://openalex.org/W4383468834","https://openalex.org/W4384648009","https://openalex.org/W4303645823","https://openalex.org/W4285263558","https://openalex.org/W2900159906","https://openalex.org/W4287828318","https://openalex.org/W2406556600","https://openalex.org/W4283221438","https://openalex.org/W2899811703"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"network":[2],"(DNN)":[3],"is":[4],"nowadays":[5],"achieving":[6],"the":[7,34,40,49,61,69,72,131,144],"human-level":[8],"performance":[9],"on":[10,138],"many":[11],"machine":[12,43],"learning":[13,44],"applications":[14],"like":[15,95],"self-driving":[16],"car,":[17],"gaming":[18],"and":[19,81,83,146],"computer-aided":[20],"diagnosis.":[21],"However,":[22],"recent":[23],"studies":[24],"show":[25],"that":[26],"such":[27,110,152],"a":[28],"promising":[29],"technique":[30],"has":[31],"gradually":[32],"become":[33],"major":[35],"attack":[36,119],"target,":[37],"significantly":[38],"threatening":[39],"safety":[41],"of":[42,97,109,133],"services.":[45],"On":[46,68],"one":[47],"hand,":[48,71],"adversarial":[50],"or":[51],"poisoning":[52],"attacks":[53,75,114],"incurred":[54],"by":[55,115],"DNN":[56,74,86,113,135,155],"algorithm":[57],"vulnerabilities":[58],"can":[59],"cause":[60],"decision":[62],"misleading":[63],"with":[64],"very":[65],"high":[66],"confidence.":[67],"other":[70],"system-level":[73,112,134,154],"built":[76],"upon":[77],"models,":[78],"training/inference":[79],"algorithms":[80],"hardware":[82],"software":[84],"in":[85,126],"execution,":[87],"have":[88],"also":[89],"emerged":[90],"for":[91],"more":[92],"diversified":[93],"damages":[94],"denial":[96],"service,":[98],"private":[99],"data":[100],"stealing.":[101],"In":[102],"this":[103],"paper,":[104],"we":[105,141],"present":[106],"an":[107],"overview":[108],"emerging":[111,153],"systematically":[116],"formulating":[117],"their":[118],"routines.":[120],"Several":[121],"representative":[122],"cases":[123],"are":[124],"selected":[125],"our":[127,139],"study":[128],"to":[129,150],"summarize":[130],"characteristics":[132],"attacks.":[136,156],"Based":[137],"formulation,":[140],"further":[142],"discuss":[143],"challenges":[145],"several":[147],"possible":[148],"techniques":[149],"mitigate":[151]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}