{"id":"https://openalex.org/W2985763070","doi":"https://doi.org/10.1145/3338466.3358928","title":"ABSTRACT","display_name":"ABSTRACT","publication_year":2019,"publication_date":"2019-11-11","ids":{"openalex":"https://openalex.org/W2985763070","doi":"https://doi.org/10.1145/3338466.3358928","mag":"2985763070"},"language":"en","primary_location":{"id":"doi:10.1145/3338466.3358928","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338466.3358928","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002146122","display_name":"Dou Goodman","orcid":null},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Dou Goodman","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035412970","display_name":"Hao Xin","orcid":null},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xin Hao","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100322887","display_name":"Yang Wang","orcid":"https://orcid.org/0000-0003-1029-9280"},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yang Wang","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101064715","display_name":"Jiawei Tang","orcid":null},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiawei Tang","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010879885","display_name":"Yunhan Jia","orcid":"https://orcid.org/0009-0004-6324-7630"},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yunhan Jia","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022085280","display_name":"pPei Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"pPei Wang","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102921233","display_name":"Tao Wei","orcid":"https://orcid.org/0000-0002-7086-8935"},"institutions":[{"id":"https://openalex.org/I98301712","display_name":"Baidu (China)","ror":"https://ror.org/03vs3wt56","country_code":"CN","type":"company","lineage":["https://openalex.org/I98301712"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Wei","raw_affiliation_strings":["Baidu X-Lab, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Baidu X-Lab, Beijing, China","institution_ids":["https://openalex.org/I98301712"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5002146122"],"corresponding_institution_ids":["https://openalex.org/I98301712"],"apc_list":null,"apc_paid":null,"fwci":0.14,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.58246296,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"43","last_page":"43"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9690999984741211,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8275187015533447},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.7757372260093689},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.66704261302948},{"id":"https://openalex.org/keywords/affine-transformation","display_name":"Affine transformation","score":0.6601627469062805},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.596738874912262},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5344829559326172},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5159004926681519},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.49024254083633423},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4021662473678589}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8275187015533447},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.7757372260093689},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.66704261302948},{"id":"https://openalex.org/C92757383","wikidata":"https://www.wikidata.org/wiki/Q382497","display_name":"Affine transformation","level":2,"score":0.6601627469062805},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.596738874912262},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5344829559326172},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5159004926681519},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.49024254083633423},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4021662473678589},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3338466.3358928","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338466.3358928","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.8399999737739563}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W4226493464","https://openalex.org/W4312417841","https://openalex.org/W3133861977","https://openalex.org/W2951211570","https://openalex.org/W3103566983","https://openalex.org/W3029198973"],"abstract_inverted_index":{"Many":[0],"recent":[1],"works":[2],"demonstrated":[3],"that":[4,108,137],"Deep":[5],"Learning":[6],"models":[7,38,153],"are":[8],"vulnerable":[9],"to":[10,20,58,76,119,131,156],"adversarial":[11,14],"examples.Fortunately,":[12],"generating":[13],"examples":[15],"usually":[16,43],"requires":[17],"white-box":[18],"access":[19,29],"the":[21,25,30,40,73,113,148,161,168],"victim":[22],"model,":[23],"and":[24,66,104,165],"attacker":[26],"can":[27,42,111,141],"only":[28],"APIs":[31],"opened":[32],"by":[33],"cloud":[34,41,99],"platforms.":[35],"Thus,":[36],"keeping":[37],"in":[39],"give":[44],"a":[45],"(false)":[46],"sense":[47],"of":[48,82,151,163,170],"security.":[49],"Unfortunately,":[50],"cloud-based":[51,91],"image":[52],"classification":[53,92],"service":[54],"is":[55],"not":[56],"robust":[57],"Affine":[59,83],"Transformation":[60,84],"such":[61],"as":[62],"translation,":[63],"rotation,":[64],"scaling":[65],"shearing.":[67],"In":[68],"this":[69],"paper,(1)":[70],"we":[71,106,146],"make":[72],"first":[74],"attempt":[75],"conduct":[77],"an":[78],"extensive":[79],"empirical":[80],"study":[81],"(AT)":[85],"attacks":[86],"against":[87],"main":[88],"stream":[89],"real-world":[90],"services.":[93,124],"Through":[94],"evaluations":[95],"on":[96],"three":[97],"popular":[98],"platforms":[100],"including":[101],"Amazon,":[102],"Google":[103],"Microsoft,":[105],"demonstrate":[107],"AT":[109,144],"attack":[110,164],"reduce":[112],"top-1":[114,149],"accuracy":[115,150],"from":[116,154,167],"approximately":[117,157],"100%":[118],"30%":[120],"among":[121],"different":[122],"classifier":[123],"(2)":[125],"We":[126],"propose":[127],"two":[128],"defense":[129,139,166],"algorithms":[130],"address":[132],"these":[133],"security":[134],"challenges.Experiments":[135],"show":[136],"our":[138],"technology":[140],"effectively":[142],"defend":[143],"attack,":[145],"improve":[147],"state-of-the-art":[152],"50%":[155],"90%.":[158],"(3)We":[159],"visualize":[160],"process":[162],"perspective":[169],"convolutional":[171],"neural":[172],"network.":[173]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2019-11-22T00:00:00"}