{"id":"https://openalex.org/W3213785680","doi":"https://doi.org/10.1145/3460120.3485378","title":"Feature-Indistinguishable Attack to Circumvent Trapdoor-Enabled Defense","display_name":"Feature-Indistinguishable Attack to Circumvent Trapdoor-Enabled Defense","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3213785680","doi":"https://doi.org/10.1145/3460120.3485378","mag":"3213785680"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3485378","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3485378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047690196","display_name":"Chaoxiang He","orcid":null},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Chaoxiang He","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, Hubei, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, Hubei, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081758219","display_name":"Bin Zhu","orcid":"https://orcid.org/0000-0002-0716-6105"},"institutions":[{"id":"https://openalex.org/I4210113369","display_name":"Microsoft Research Asia (China)","ror":"https://ror.org/0300m5276","country_code":"CN","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210113369"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bin Benjamin Zhu","raw_affiliation_strings":["Microsoft Research Asia, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Microsoft Research Asia, Beijing, China","institution_ids":["https://openalex.org/I4210113369"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109792165","display_name":"Xiaojing Ma","orcid":"https://orcid.org/0000-0001-6363-3209"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaojing Ma","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, Hubei, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, Hubei, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022262922","display_name":"Hai Jin","orcid":"https://orcid.org/0000-0002-3934-7605"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hai Jin","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, Hubei, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, Hubei, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081287468","display_name":"Shengshan Hu","orcid":"https://orcid.org/0000-0003-0042-9045"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shengshan Hu","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, Hubei, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, Hubei, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5047690196"],"corresponding_institution_ids":["https://openalex.org/I47720641"],"apc_list":null,"apc_paid":null,"fwci":0.5439,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73448451,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"3159","last_page":"3176"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14117","display_name":"Integrated Circuits and Semiconductor Failure Analysis","score":0.9469000101089478,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11515","display_name":"Bacillus and Francisella bacterial research","score":0.9204000234603882,"subfield":{"id":"https://openalex.org/subfields/1312","display_name":"Molecular Biology"},"field":{"id":"https://openalex.org/fields/13","display_name":"Biochemistry, Genetics and Molecular Biology"},"domain":{"id":"https://openalex.org/domains/1","display_name":"Life Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.940321683883667},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7898422479629517},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.7428026795387268},{"id":"https://openalex.org/keywords/feature-vector","display_name":"Feature vector","score":0.6490973830223083},{"id":"https://openalex.org/keywords/constraint","display_name":"Constraint (computer-aided design)","score":0.5707342028617859},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.545062243938446},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.540077805519104},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5355662107467651},{"id":"https://openalex.org/keywords/scheme","display_name":"Scheme (mathematics)","score":0.4640677571296692},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.41005268692970276},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.37976986169815063},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3461224436759949},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.32455143332481384},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3232244551181793},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.10589689016342163},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.07440260052680969},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.06167185306549072}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.940321683883667},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7898422479629517},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.7428026795387268},{"id":"https://openalex.org/C83665646","wikidata":"https://www.wikidata.org/wiki/Q42139305","display_name":"Feature vector","level":2,"score":0.6490973830223083},{"id":"https://openalex.org/C2776036281","wikidata":"https://www.wikidata.org/wiki/Q48769818","display_name":"Constraint (computer-aided design)","level":2,"score":0.5707342028617859},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.545062243938446},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.540077805519104},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5355662107467651},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.4640677571296692},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.41005268692970276},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.37976986169815063},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3461224436759949},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.32455143332481384},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3232244551181793},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.10589689016342163},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.07440260052680969},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.06167185306549072},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3485378","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3485378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1450373789","display_name":null,"funder_award_id":"2017KFYXJJ064","funder_id":"https://openalex.org/F4320335787","funder_display_name":"Fundamental Research Funds for the Central Universities"},{"id":"https://openalex.org/G2888477317","display_name":null,"funder_award_id":"61771211","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320335787","display_name":"Fundamental Research Funds for the Central Universities","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":58,"referenced_works":["https://openalex.org/W569478347","https://openalex.org/W1673310716","https://openalex.org/W1883420340","https://openalex.org/W2019464758","https://openalex.org/W2180612164","https://openalex.org/W2194775991","https://openalex.org/W2230740169","https://openalex.org/W2269778407","https://openalex.org/W2342045095","https://openalex.org/W2395317528","https://openalex.org/W2460937040","https://openalex.org/W2535873859","https://openalex.org/W2552767274","https://openalex.org/W2561498661","https://openalex.org/W2593390416","https://openalex.org/W2603766943","https://openalex.org/W2607219512","https://openalex.org/W2611576673","https://openalex.org/W2618043096","https://openalex.org/W2738001131","https://openalex.org/W2747329762","https://openalex.org/W2765233338","https://openalex.org/W2765384636","https://openalex.org/W2765424254","https://openalex.org/W2774644650","https://openalex.org/W2786118190","https://openalex.org/W2787733970","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2947133760","https://openalex.org/W2947874337","https://openalex.org/W2962759300","https://openalex.org/W2962847335","https://openalex.org/W2963070423","https://openalex.org/W2963143631","https://openalex.org/W2963149332","https://openalex.org/W2963158386","https://openalex.org/W2963207607","https://openalex.org/W2963431851","https://openalex.org/W2963564844","https://openalex.org/W2963612069","https://openalex.org/W2963626858","https://openalex.org/W2963857521","https://openalex.org/W2963894448","https://openalex.org/W2963920068","https://openalex.org/W2963952467","https://openalex.org/W2964082701","https://openalex.org/W2964153729","https://openalex.org/W2964253222","https://openalex.org/W2969542116","https://openalex.org/W3020621865","https://openalex.org/W3035345420","https://openalex.org/W3088733693","https://openalex.org/W3102103184","https://openalex.org/W3103557498","https://openalex.org/W3105806188","https://openalex.org/W3118608800","https://openalex.org/W4289038676"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W4383221314","https://openalex.org/W3093978547","https://openalex.org/W2953536436","https://openalex.org/W3203790781","https://openalex.org/W2997056298","https://openalex.org/W4313346231","https://openalex.org/W2738001131","https://openalex.org/W4285785480"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"(DNNs)":[3],"are":[4],"vulnerable":[5],"to":[6,15,42,107,124,129,140],"adversarial":[7,20,46,59,69,82,126,149,194],"attacks.":[8,60,195],"A":[9,28,136],"great":[10],"effort":[11],"has":[12],"been":[13],"directed":[14],"developing":[16,190],"effective":[17],"defenses":[18],"against":[19],"attacks":[21],"and":[22,44,120,172],"finding":[23],"vulnerabilities":[24],"of":[25,110,113,146,155,158,174],"proposed":[26,30,179],"defenses.":[27],"recently":[29],"defense":[31],"called":[32,73],"Trapdoor-enabled":[33],"Detection":[34],"(TeD)":[35],"deliberately":[36],"injects":[37],"trapdoors":[38],"into":[39],"DNN":[40],"models":[41],"trap":[43],"detect":[45,56],"examples":[47,83,93,127,160],"targeting":[48],"categories":[49],"protected":[50],"by":[51,80],"TeD.":[52,184],"TeD":[53,79,131,175],"can":[54,181],"effectively":[55,182],"existing":[57],"state-of-the-art":[58],"In":[61],"this":[62,100],"paper,":[63],"we":[64],"propose":[65],"a":[66,147,187],"novel":[67],"black-box":[68],"attack":[70],"on":[71],"TeD,":[72],"Feature-Indistinguishable":[74],"Attack":[75],"(FIA).":[76],"It":[77],"circumvents":[78],"crafting":[81],"indistinguishable":[84],"in":[85,94,116,132,161],"the":[86,95,105,108,117,122,133,143,153,162],"feature":[87,111,144,156],"(i.e.,":[88],"neuron-activation)":[89],"space":[90],"from":[91],"benign":[92,114,159],"target":[96,118,163],"category.":[97,164],"To":[98],"achieve":[99],"goal,":[101],"FIA":[102,180,185,197],"jointly":[103],"minimizes":[104],"distance":[106],"expectation":[109],"representations":[112],"samples":[115],"category":[119],"maximizes":[121],"distances":[123],"positive":[125],"generated":[128,148],"query":[130],"preparation":[134],"phase.":[135],"constraint":[137],"is":[138,151,199],"used":[139],"ensure":[141],"that":[142,177],"vector":[145],"example":[150],"within":[152],"distribution":[154],"vectors":[157],"Our":[165],"extensive":[166],"empirical":[167],"evaluation":[168],"with":[169],"different":[170],"configurations":[171],"variants":[173],"indicates":[176],"our":[178],"circumvent":[183],"opens":[186],"door":[188],"for":[189],"much":[191],"more":[192],"powerful":[193],"The":[196],"code":[198],"available":[200],"at:":[201],"https://github.com/CGCL-codes/FeatureIndistinguishableAttack.":[202]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}