{"id":"https://openalex.org/W3080986739","doi":"https://doi.org/10.1145/3394486.3406467","title":"Adversarial Attacks and Defenses","display_name":"Adversarial Attacks and Defenses","publication_year":2020,"publication_date":"2020-08-20","ids":{"openalex":"https://openalex.org/W3080986739","doi":"https://doi.org/10.1145/3394486.3406467","mag":"3080986739"},"language":"en","primary_location":{"id":"doi:10.1145/3394486.3406467","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3394486.3406467","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3394486.3406467","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery &amp; Data Mining","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3394486.3406467","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043650155","display_name":"Han Xu","orcid":"https://orcid.org/0000-0002-4016-6748"},"institutions":[{"id":"https://openalex.org/I87216513","display_name":"Michigan State University","ror":"https://ror.org/05hs6h993","country_code":"US","type":"education","lineage":["https://openalex.org/I87216513"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Han Xu","raw_affiliation_strings":["Michigan State University, East Lansing, MI, USA"],"affiliations":[{"raw_affiliation_string":"Michigan State University, East Lansing, MI, USA","institution_ids":["https://openalex.org/I87216513"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001591701","display_name":"Yaxin Li","orcid":"https://orcid.org/0000-0002-6227-7844"},"institutions":[{"id":"https://openalex.org/I87216513","display_name":"Michigan State University","ror":"https://ror.org/05hs6h993","country_code":"US","type":"education","lineage":["https://openalex.org/I87216513"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yaxin Li","raw_affiliation_strings":["Michigan State University, East Lansing, MI, USA"],"affiliations":[{"raw_affiliation_string":"Michigan State University, East Lansing, MI, USA","institution_ids":["https://openalex.org/I87216513"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100758371","display_name":"Wei Jin","orcid":"https://orcid.org/0000-0002-5054-954X"},"institutions":[{"id":"https://openalex.org/I87216513","display_name":"Michigan State University","ror":"https://ror.org/05hs6h993","country_code":"US","type":"education","lineage":["https://openalex.org/I87216513"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wei Jin","raw_affiliation_strings":["Michigan State University, East Lansing, MI, USA"],"affiliations":[{"raw_affiliation_string":"Michigan State University, East Lansing, MI, USA","institution_ids":["https://openalex.org/I87216513"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040639891","display_name":"Jiliang Tang","orcid":"https://orcid.org/0000-0001-7125-3898"},"institutions":[{"id":"https://openalex.org/I87216513","display_name":"Michigan State University","ror":"https://ror.org/05hs6h993","country_code":"US","type":"education","lineage":["https://openalex.org/I87216513"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiliang Tang","raw_affiliation_strings":["Michigan State University, East Lansing, MI, USA"],"affiliations":[{"raw_affiliation_string":"Michigan State University, East Lansing, MI, USA","institution_ids":["https://openalex.org/I87216513"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5043650155"],"corresponding_institution_ids":["https://openalex.org/I87216513"],"apc_list":null,"apc_paid":null,"fwci":1.6313,"has_fulltext":true,"cited_by_count":20,"citation_normalized_percentile":{"value":0.87424377,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"3541","last_page":"3542"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9796000123023987,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9722999930381775,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9481521248817444},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.753491997718811},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6788552403450012},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5821157097816467},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5387812852859497},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5296825170516968},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5287717580795288},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.48783352971076965},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.47931280732154846},{"id":"https://openalex.org/keywords/field","display_name":"Field (mathematics)","score":0.4325326681137085},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.42284905910491943},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.4200395941734314},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.37036505341529846},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.18708062171936035}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9481521248817444},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.753491997718811},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6788552403450012},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5821157097816467},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5387812852859497},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5296825170516968},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5287717580795288},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.48783352971076965},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.47931280732154846},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.4325326681137085},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.42284905910491943},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.4200395941734314},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.37036505341529846},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.18708062171936035},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3394486.3406467","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3394486.3406467","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3394486.3406467","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery &amp; Data Mining","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3394486.3406467","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3394486.3406467","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3394486.3406467","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery &amp; Data Mining","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.5099999904632568,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1201744633","display_name":"III: Small: Collaborative Research: Effective Labeled Data Generation via Generative Adversarial Learning","funder_award_id":"1907704","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3412060240","display_name":"CAREER: Real-World Networks: Modeling and Analysis of Signed Networks with Positive and Negative Links","funder_award_id":"1845081","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3565905726","display_name":"SaTC: CORE: Small: Side-channel Attacks Against Mobile Users: Singularity Detection, Behavior Identification, and Automated Rectification","funder_award_id":"1815636","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4014752699","display_name":null,"funder_award_id":"IIS1715940","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4171557291","display_name":null,"funder_award_id":"IIS1907704","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G434729842","display_name":null,"funder_award_id":"1928278","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5495925939","display_name":"III: Small: Unsupervised Feature Selection in the Era of Big Data","funder_award_id":"1714741","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5921281487","display_name":null,"funder_award_id":"number","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7334269182","display_name":null,"funder_award_id":"IIS1907704, IIS1928278, IIS1714741, IIS1715940, IIS1845081 and CNS1815636.","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7710557890","display_name":null,"funder_award_id":"IIS1845081","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7773032749","display_name":"III: Small: Collaborative Research: A General Feature Learning Framework for Dynamic Attributed Networks","funder_award_id":"1715940","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3080986739.pdf","grobid_xml":"https://content.openalex.org/works/W3080986739.grobid-xml"},"referenced_works_count":1,"referenced_works":["https://openalex.org/W3013520104"],"related_works":["https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W1599449514","https://openalex.org/W4387298227","https://openalex.org/W2526398307","https://openalex.org/W2470029541","https://openalex.org/W4387065217","https://openalex.org/W4285357721","https://openalex.org/W4368275542"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"(DNN)":[3],"have":[4],"achieved":[5],"unprecedented":[6],"success":[7],"in":[8,13,50,100,182,187],"numerous":[9],"machine":[10],"learning":[11,198],"tasks":[12,33],"various":[14],"domains.":[15],"However,":[16],"the":[17,51,59,112,152,175,217,238,245],"existence":[18],"of":[19,116,129,132,177,244],"adversarial":[20,42,77,91,117,178,197,227,248],"examples":[21,43],"leaves":[22],"us":[23],"a":[24,108,126,195,204],"big":[25],"hesitation":[26],"when":[27],"applying":[28],"DNN":[29,60],"models":[30,61,74],"on":[31,111,221],"safety-critical":[32],"such":[34],"as":[35],"autonomous":[36],"vehicles":[37],"and":[38,93,114,119,139,143,161,180,206,224,229,241,250],"malware":[39],"detection.":[40],"These":[41],"are":[44,68,82],"intentionally":[45],"crafted":[46],"instances,":[47],"either":[48],"appearing":[49],"train":[52],"or":[53],"test":[54],"phase,":[55],"which":[56,200],"can":[57,236],"fool":[58],"to":[62,70,75,156,167,202,209],"make":[63],"severe":[64],"mistakes.":[65],"Therefore,":[66],"people":[67],"dedicated":[69],"devising":[71],"more":[72],"robust":[73],"resist":[76],"examples,":[78],"but":[79],"usually":[80],"they":[81],"broken":[83],"by":[84],"new":[85,163],"stronger":[86],"attacks.":[87,146],"This":[88],"arms-race":[89],"between":[90,247],"attacks":[92,118,133,164,179,228,249],"defenses":[94,181],"has":[95],"been":[96],"drawn":[97],"increasing":[98],"attention":[99],"recent":[101],"years.":[102],"In":[103,122],"this":[104,211],"tutorial,":[105,233],"we":[106,124,172,192,215],"provide":[107],"comprehensive":[109,205],"overview":[110],"frontiers":[113],"advances":[115],"their":[120],"countermeasures.":[121],"particular,":[123],"give":[125],"detailed":[127],"introduction":[128],"different":[130,135],"types":[131],"under":[134],"scenarios,":[136],"including":[137],"evasion":[138],"poisoning":[140],"attacks,":[141,160],"white-box":[142],"black":[144],"box":[145],"We":[147],"will":[148,173],"also":[149],"discuss":[150,174],"how":[151,162],"defending":[153],"strategies":[154],"develop":[155],"compete":[157],"against":[158],"these":[159,169],"come":[165],"out":[166],"break":[168],"defenses.":[170,230,251],"Moreover,":[171],"story":[176],"other":[183],"data":[184],"domains,":[185],"especially":[186],"graph":[188],"structured":[189],"data.":[190],"Then,":[191],"introduce":[193],"DeepRobust,":[194],"Pytorch":[196],"library":[199],"aims":[201],"build":[203],"easy-to-use":[207],"platform":[208],"foster":[210],"research":[212],"field.":[213],"Finally,":[214],"summarize":[216],"tutorial":[218],"with":[219],"discussions":[220],"open":[222],"issues":[223],"challenges":[225],"about":[226],"Via":[231],"our":[232,234],"audience":[235],"grip":[237],"main":[239],"idea":[240],"key":[242],"approaches":[243],"game":[246]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":3}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}