{"id":"https://openalex.org/W4200512086","doi":"https://doi.org/10.1145/3485832.3485908","title":"MISA: Online Defense of Trojaned Models using Misattributions","display_name":"MISA: Online Defense of Trojaned Models using Misattributions","publication_year":2021,"publication_date":"2021-12-06","ids":{"openalex":"https://openalex.org/W4200512086","doi":"https://doi.org/10.1145/3485832.3485908"},"language":"en","primary_location":{"id":"doi:10.1145/3485832.3485908","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3485832.3485908","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065967237","display_name":"Panagiota Kiourti","orcid":null},"institutions":[{"id":"https://openalex.org/I111088046","display_name":"Boston University","ror":"https://ror.org/05qwgg493","country_code":"US","type":"education","lineage":["https://openalex.org/I111088046"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Panagiota Kiourti","raw_affiliation_strings":["Boston University, United States of America"],"affiliations":[{"raw_affiliation_string":"Boston University, United States of America","institution_ids":["https://openalex.org/I111088046"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100381719","display_name":"Wenchao Li","orcid":"https://orcid.org/0000-0001-8926-5539"},"institutions":[{"id":"https://openalex.org/I111088046","display_name":"Boston University","ror":"https://ror.org/05qwgg493","country_code":"US","type":"education","lineage":["https://openalex.org/I111088046"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wenchao Li","raw_affiliation_strings":["Boston University, United States of America"],"affiliations":[{"raw_affiliation_string":"Boston University, United States of America","institution_ids":["https://openalex.org/I111088046"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076846018","display_name":"Anirban Roy","orcid":"https://orcid.org/0009-0000-6889-0204"},"institutions":[{"id":"https://openalex.org/I1298353152","display_name":"SRI International","ror":"https://ror.org/05s570m15","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1298353152"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anirban Roy","raw_affiliation_strings":["SRI International, United States of America"],"affiliations":[{"raw_affiliation_string":"SRI International, United States of America","institution_ids":["https://openalex.org/I1298353152"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070457855","display_name":"Karan Sikka","orcid":"https://orcid.org/0000-0002-0187-5322"},"institutions":[{"id":"https://openalex.org/I1298353152","display_name":"SRI International","ror":"https://ror.org/05s570m15","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1298353152"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Karan Sikka","raw_affiliation_strings":["SRI International, United States of America"],"affiliations":[{"raw_affiliation_string":"SRI International, United States of America","institution_ids":["https://openalex.org/I1298353152"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035902535","display_name":"Susmit Jha","orcid":"https://orcid.org/0000-0001-5983-9095"},"institutions":[{"id":"https://openalex.org/I1298353152","display_name":"SRI International","ror":"https://ror.org/05s570m15","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1298353152"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Susmit Jha","raw_affiliation_strings":["SRI International, United States of America"],"affiliations":[{"raw_affiliation_string":"SRI International, United States of America","institution_ids":["https://openalex.org/I1298353152"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5065967237"],"corresponding_institution_ids":["https://openalex.org/I111088046"],"apc_list":null,"apc_paid":null,"fwci":0.6283,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.71228267,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"570","last_page":"585"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9950000047683716,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.977400004863739,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/trojan","display_name":"Trojan","score":0.9770623445510864},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6746529936790466},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.6194582581520081},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6093182563781738},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4939790368080139},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4872056841850281},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.45324647426605225},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3348725438117981},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.21784505248069763},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.10281020402908325}],"concepts":[{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.9770623445510864},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6746529936790466},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.6194582581520081},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6093182563781738},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4939790368080139},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4872056841850281},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.45324647426605225},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3348725438117981},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.21784505248069763},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.10281020402908325},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3485832.3485908","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3485832.3485908","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.4699999988079071,"display_name":"Peace, Justice and strong institutions"},{"id":"https://metadata.un.org/sdg/10","score":0.41999998688697815,"display_name":"Reduced inequalities"}],"awards":[{"id":"https://openalex.org/G577096103","display_name":null,"funder_award_id":"W911NF20C0038","funder_id":"https://openalex.org/F4320333051","funder_display_name":"Intelligence Advanced Research Projects Activity"}],"funders":[{"id":"https://openalex.org/F4320333051","display_name":"Intelligence Advanced Research Projects Activity","ror":"https://ror.org/01v3fsc55"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W1787224781","https://openalex.org/W2096733369","https://openalex.org/W2618851150","https://openalex.org/W2807363941","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2962858109","https://openalex.org/W2962862931","https://openalex.org/W2963749936","https://openalex.org/W2966689772","https://openalex.org/W2969880113","https://openalex.org/W2985913519","https://openalex.org/W2986013765","https://openalex.org/W2996800219","https://openalex.org/W3034971973","https://openalex.org/W3083045783","https://openalex.org/W3092005433","https://openalex.org/W3111943226","https://openalex.org/W3114686421","https://openalex.org/W3156793535","https://openalex.org/W3162804012","https://openalex.org/W3163966458","https://openalex.org/W3175215793","https://openalex.org/W3210377054","https://openalex.org/W4214537185","https://openalex.org/W4300954432"],"related_works":["https://openalex.org/W4253721122","https://openalex.org/W1671033612","https://openalex.org/W4389527383","https://openalex.org/W4206524843","https://openalex.org/W2139923244","https://openalex.org/W2237899707","https://openalex.org/W576137284","https://openalex.org/W2116135171","https://openalex.org/W2057970756","https://openalex.org/W3124616678"],"abstract_inverted_index":{"Recent":[0],"studies":[1],"have":[2],"shown":[3],"that":[4,114,148],"neural":[5,46],"networks":[6,47],"are":[7,136],"vulnerable":[8],"to":[9,17,19,41,99],"Trojan":[10,43,68,105,120,151],"attacks,":[11],"where":[12],"a":[13,37,56,67,104,108,123,150],"network":[14],"is":[15,53],"trained":[16],"respond":[18],"specially":[20],"crafted":[21],"trigger":[22,127,152,158],"patterns":[23],"in":[24,27,70],"the":[25,63,71,79,87,101,157],"inputs":[26],"specific":[28],"and":[29,78],"potentially":[30],"malicious":[31],"ways.":[32],"This":[33],"paper":[34],"proposes":[35],"MISA,":[36],"new":[38],"online":[39],"approach":[40,52],"detect":[42,119],"triggers":[44,121],"for":[45,122,133,145],"at":[48],"inference":[49],"time.":[50],"Our":[51,140],"based":[54],"on":[55,90,156],"novel":[57],"notion":[58],"called":[59],"misattributions,":[60],"which":[61,134],"captures":[62],"anomalous":[64],"manifestation":[65],"of":[66,103,110,126],"activation":[69],"feature":[72],"space.":[73],"Given":[74],"an":[75],"input":[76],"image":[77],"corresponding":[80],"output":[81],"prediction,":[82],"our":[83,115],"algorithm":[84],"first":[85],"computes":[86],"model\u2019s":[88],"attribution":[89],"different":[91],"features.":[92],"It":[93],"then":[94],"statistically":[95],"analyzes":[96],"these":[97],"attributions":[98],"ascertain":[100],"presence":[102],"trigger.":[106],"Across":[107],"set":[109],"benchmarks,":[111],"we":[112],"show":[113],"method":[116,141],"can":[117],"effectively":[118],"wide":[124],"variety":[125],"patterns,":[128],"including":[129],"several":[130],"recent":[131],"ones":[132],"there":[135],"no":[137],"known":[138],"defenses.":[139],"achieves":[142],"96%":[143],"AUC":[144],"detecting":[146],"images":[147],"include":[149],"without":[153],"any":[154],"assumptions":[155],"pattern.":[159]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}