{"id":"https://openalex.org/W3154565254","doi":"https://doi.org/10.1145/3422337.3447841","title":"Using Single-Step Adversarial Training to Defend Iterative Adversarial Examples","display_name":"Using Single-Step Adversarial Training to Defend Iterative Adversarial Examples","publication_year":2021,"publication_date":"2021-04-10","ids":{"openalex":"https://openalex.org/W3154565254","doi":"https://doi.org/10.1145/3422337.3447841","mag":"3154565254"},"language":"en","primary_location":{"id":"doi:10.1145/3422337.3447841","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3422337.3447841","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001112865","display_name":"Guanxiong Liu","orcid":"https://orcid.org/0000-0001-7620-5836"},"institutions":[{"id":"https://openalex.org/I118118575","display_name":"New Jersey Institute of Technology","ror":"https://ror.org/05e74xb87","country_code":"US","type":"education","lineage":["https://openalex.org/I118118575"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Guanxiong Liu","raw_affiliation_strings":["New Jersey Institute of Technology, Newark, NJ, USA"],"affiliations":[{"raw_affiliation_string":"New Jersey Institute of Technology, Newark, NJ, USA","institution_ids":["https://openalex.org/I118118575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008374141","display_name":"Issa Khalil","orcid":"https://orcid.org/0000-0002-7660-9512"},"institutions":[{"id":"https://openalex.org/I1301390666","display_name":"Qatar Airways (Qatar)","ror":"https://ror.org/01hx00y13","country_code":"QA","type":"company","lineage":["https://openalex.org/I1301390666"]}],"countries":["QA"],"is_corresponding":false,"raw_author_name":"Issa Khalil","raw_affiliation_strings":["Qatar Computing Research Institute, Doha, Qatar"],"affiliations":[{"raw_affiliation_string":"Qatar Computing Research Institute, Doha, Qatar","institution_ids":["https://openalex.org/I1301390666"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062119199","display_name":"Abdallah Khreishah","orcid":"https://orcid.org/0000-0003-1583-713X"},"institutions":[{"id":"https://openalex.org/I118118575","display_name":"New Jersey Institute of Technology","ror":"https://ror.org/05e74xb87","country_code":"US","type":"education","lineage":["https://openalex.org/I118118575"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Abdallah Khreishah","raw_affiliation_strings":["New Jersey Institute of Technology, Newark, NJ, USA"],"affiliations":[{"raw_affiliation_string":"New Jersey Institute of Technology, Newark, NJ, USA","institution_ids":["https://openalex.org/I118118575"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5001112865"],"corresponding_institution_ids":["https://openalex.org/I118118575"],"apc_list":null,"apc_paid":null,"fwci":1.3597,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.84171011,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"17","last_page":"27"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9493034482002258},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7773818969726562},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6464632749557495},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6310056447982788},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6167521476745605},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6127005815505981},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.43700727820396423},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.42401647567749023},{"id":"https://openalex.org/keywords/training","display_name":"Training (meteorology)","score":0.4139370322227478},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.3651745319366455}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9493034482002258},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7773818969726562},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6464632749557495},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6310056447982788},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6167521476745605},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6127005815505981},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.43700727820396423},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.42401647567749023},{"id":"https://openalex.org/C2777211547","wikidata":"https://www.wikidata.org/wiki/Q17141490","display_name":"Training (meteorology)","level":2,"score":0.4139370322227478},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.3651745319366455},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C153294291","wikidata":"https://www.wikidata.org/wiki/Q25261","display_name":"Meteorology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3422337.3447841","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3422337.3447841","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2108598243","https://openalex.org/W2112796928","https://openalex.org/W2164943005","https://openalex.org/W2187089797","https://openalex.org/W2194775991","https://openalex.org/W2618043096","https://openalex.org/W2940648411","https://openalex.org/W2963076808","https://openalex.org/W2963857521","https://openalex.org/W2964082701"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W4383221314","https://openalex.org/W3093978547","https://openalex.org/W2953536436","https://openalex.org/W3203790781","https://openalex.org/W4313346231","https://openalex.org/W2738001131","https://openalex.org/W4285785480","https://openalex.org/W2997056298"],"abstract_inverted_index":{"Adversarial":[0,15],"examples":[1,16,182],"are":[2,17],"among":[3],"the":[4,45,132,151,186,211,216],"biggest":[5],"challenges":[6],"for":[7,154],"machine":[8,30],"learning":[9,31],"models,":[10],"especially":[11],"neural":[12],"network":[13],"classifiers.":[14],"inputs":[18],"manipulated":[19],"with":[20,148,175,199,210],"perturbations":[21],"insignificant":[22],"to":[23,28,57,76,194],"humans":[24],"while":[25],"being":[26],"able":[27],"fool":[29],"models.":[32],"Researchers":[33],"achieve":[34],"great":[35],"progress":[36],"in":[37,163,170,196,204],"utilizing":[38],"adversarial":[39,62,80,95,108,119,144],"training":[40,63,109,138,145,171,197],"as":[41,68],"a":[42,105,160,167],"defense.":[43],"However,":[44],"overwhelming":[46],"computational":[47],"cost":[48],"degrades":[49],"its":[50,222],"applicability,":[51],"and":[52,117,140,166,221],"little":[53],"has":[54],"been":[55,66],"done":[56],"overcome":[58],"this":[59,83],"issue.":[60],"Single-Step":[61],"methods":[64,176],"have":[65],"proposed":[67,128,157,190],"computationally":[69],"viable":[70],"solutions;":[71],"however,":[72],"they":[73],"still":[74],"fail":[75],"defend":[77,113],"against":[78,94,114],"iterative":[79,118,141],"examples.":[81,96,120],"In":[82],"work,":[84],"we":[85,103,124],"first":[86],"experimentally":[87],"analyze":[88],"several":[89],"different":[90],"state-of-the-art":[91],"(SOTA)":[92],"defenses":[93],"Then,":[97],"based":[98],"on":[99,150,185],"observations":[100],"from":[101],"experiments,":[102],"propose":[104],"novel":[106],"single-step":[107,116,136,227],"method":[110,129,158,191],"that":[111,126,177],"can":[112],"both":[115,135],"Through":[121],"extensive":[122],"evaluations,":[123],"demonstrate":[125],"our":[127,156,189,208,219],"successfully":[130],"combines":[131],"advantages":[133,224],"of":[134,218],"(low":[137],"overhead)":[139],"(high":[142],"robustness)":[143],"defenses.":[146],"Compared":[147],"ATDA":[149],"CIFAR-10":[152,187],"dataset,":[153,188],"example,":[155],"achieves":[159],"35.67%":[161],"enhancement":[162],"test":[164,205],"accuracy":[165],"19.14%":[168],"reduction":[169],"time.":[172],"When":[173],"compared":[174],"use":[178],"BIM":[179],"or":[180],"Madry":[181],"(iterative":[183],"methods)":[184],"saves":[192],"up":[193],"76.03%":[195],"time,":[198],"less":[200],"than":[201],"3.78%":[202],"degeneration":[203],"accuracy.":[206],"Finally,":[207],"experiments":[209],"ImageNet":[212],"dataset":[213],"clearly":[214],"show":[215],"scalability":[217],"approach":[220],"performance":[223],"over":[225],"SOTA":[226],"approaches.":[228]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}