{"id":"https://openalex.org/W3025116310","doi":"https://doi.org/10.1145/3493700.3493718","title":"Universalization of Any Adversarial Attack using Very Few Test Examples","display_name":"Universalization of Any Adversarial Attack using Very Few Test Examples","publication_year":2022,"publication_date":"2022-01-07","ids":{"openalex":"https://openalex.org/W3025116310","doi":"https://doi.org/10.1145/3493700.3493718","mag":"3025116310"},"language":"en","primary_location":{"id":"doi:10.1145/3493700.3493718","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3493700.3493718","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th Joint International Conference on Data Science &amp; Management of Data (9th ACM IKDD CODS and 27th COMAD)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018784541","display_name":"Sandesh Kamath","orcid":"https://orcid.org/0000-0001-9260-9777"},"institutions":[{"id":"https://openalex.org/I65181880","display_name":"Indian Institute of Technology Hyderabad","ror":"https://ror.org/01j4v3x97","country_code":"IN","type":"education","lineage":["https://openalex.org/I65181880"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Sandesh Kamath","raw_affiliation_strings":["Indian Institute of Technology, Hyderabad, IN"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology, Hyderabad, IN","institution_ids":["https://openalex.org/I65181880"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029414285","display_name":"Amit Deshpande","orcid":"https://orcid.org/0000-0001-8638-1120"},"institutions":[{"id":"https://openalex.org/I4210124949","display_name":"Microsoft Research (India)","ror":"https://ror.org/02w7f3w92","country_code":"IN","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210124949"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Amit Deshpande","raw_affiliation_strings":["Microsoft Research India, IN"],"affiliations":[{"raw_affiliation_string":"Microsoft Research India, IN","institution_ids":["https://openalex.org/I4210124949"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031047596","display_name":"K. V. Subrahmanyam","orcid":"https://orcid.org/0000-0002-0104-4086"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"K V Subrahmanyam","raw_affiliation_strings":["Chennai Mathematical Institute, Chennai, IN"],"affiliations":[{"raw_affiliation_string":"Chennai Mathematical Institute, Chennai, IN","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038020125","display_name":"Vineeth N Balasubramanian","orcid":"https://orcid.org/0000-0003-2656-0375"},"institutions":[{"id":"https://openalex.org/I65181880","display_name":"Indian Institute of Technology Hyderabad","ror":"https://ror.org/01j4v3x97","country_code":"IN","type":"education","lineage":["https://openalex.org/I65181880"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Vineeth N Balasubramanian","raw_affiliation_strings":["Indian Institute of Technology, Hyderabad, IN"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology, Hyderabad, IN","institution_ids":["https://openalex.org/I65181880"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5018784541"],"corresponding_institution_ids":["https://openalex.org/I65181880"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.0022908,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"72","last_page":"80"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14117","display_name":"Integrated Circuits and Semiconductor Failure Analysis","score":0.9811999797821045,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.9761000275611877,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7337489128112793},{"id":"https://openalex.org/keywords/universalization","display_name":"Universalization","score":0.5721506476402283},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.567694365978241},{"id":"https://openalex.org/keywords/simple","display_name":"Simple (philosophy)","score":0.42093753814697266},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.4013426899909973},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3760662376880646},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3162824511528015}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7337489128112793},{"id":"https://openalex.org/C2778564475","wikidata":"https://www.wikidata.org/wiki/Q7894190","display_name":"Universalization","level":2,"score":0.5721506476402283},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.567694365978241},{"id":"https://openalex.org/C2780586882","wikidata":"https://www.wikidata.org/wiki/Q7520643","display_name":"Simple (philosophy)","level":2,"score":0.42093753814697266},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.4013426899909973},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3760662376880646},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3162824511528015},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C136264566","wikidata":"https://www.wikidata.org/wiki/Q159810","display_name":"Economy","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3493700.3493718","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3493700.3493718","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th Joint International Conference on Data Science &amp; Management of Data (9th ACM IKDD CODS and 27th COMAD)","raw_type":"proceedings-article"},{"id":"pmh:oai:raiith.iith.ac.in:9735","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306400292","display_name":"Research Archive of Indian Institute of Technology Hyderabad (Indian Institute of Technology Hyderabad)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I65181880","host_organization_name":"Indian Institute of Technology Hyderabad","host_organization_lineage":["https://openalex.org/I65181880"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Conference or Workshop Item"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.47999998927116394,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320308943","display_name":"Microsoft Research","ror":"https://ror.org/00d0nc645"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W2023144280","https://openalex.org/W2117539524","https://openalex.org/W2194775991","https://openalex.org/W2243397390","https://openalex.org/W2460937040","https://openalex.org/W2543927648","https://openalex.org/W2560835477","https://openalex.org/W2612637113","https://openalex.org/W2618098489","https://openalex.org/W2738229973","https://openalex.org/W2785887350","https://openalex.org/W2787248994","https://openalex.org/W2902679968","https://openalex.org/W2963047332","https://openalex.org/W2963207607","https://openalex.org/W2963542245","https://openalex.org/W2963809642","https://openalex.org/W2964153729","https://openalex.org/W2964253222","https://openalex.org/W3088300790","https://openalex.org/W4235546643"],"related_works":["https://openalex.org/W1887191277","https://openalex.org/W4366150264","https://openalex.org/W4367722749","https://openalex.org/W2334954212","https://openalex.org/W2776018879","https://openalex.org/W4235288607","https://openalex.org/W2230691193","https://openalex.org/W3024390022","https://openalex.org/W2903917280","https://openalex.org/W4248389398"],"abstract_inverted_index":{"Deep":[0],"learning":[1],"models":[2,177],"are":[3],"known":[4],"to":[5,10,16,82,129,202],"be":[6],"vulnerable":[7],"not":[8,104],"only":[9,62,94],"input-dependent":[11,85,131,159],"adversarial":[12,20,29,86,99,132,160,173],"attacks":[13,205],"but":[14],"also":[15],"input-agnostic":[17],"or":[18],"universal":[19,28,58,91,172,204],"attacks.":[21],"Dezfooli":[22],"et":[23],"al.":[24],"[8,":[25],"9]":[26,207],"construct":[27,89],"attack":[30,59,87,92],"on":[31,162,178],"a":[32,38,78,90,125,163,192],"given":[33,71,109],"model":[34,110],"by":[35,60,93,124],"looking":[36,61,95],"at":[37,63,96],"large":[39],"number":[40],"of":[41,48,69,107,158,185,195,211],"training":[42],"data":[43],"points":[44],"and":[45,66,88,111,141,147,170,180,188],"the":[46,49,70,108,154],"geometry":[47],"decision":[50],"boundary":[51],"near":[52],"them.":[53],"Subsequent":[54],"work":[55],"[5]":[56],"constructs":[57],"test":[64,100,165,193],"examples":[65],"intermediate":[67],"layers":[68],"model.":[72],"In":[73],"this":[74],"paper,":[75],"we":[76,151],"propose":[77],"simple":[79,171,183],"universalization":[80,122,184],"technique":[81,123],"take":[83],"any":[84],"very":[97],"few":[98],"examples.":[101],"We":[102,118],"do":[103],"require":[105],"details":[106],"have":[112],"negligible":[113],"computational":[114],"overhead":[115],"for":[116,208],"universalization.":[117],"theoretically":[119],"justify":[120],"our":[121,182],"spectral":[126,148],"property":[127],"common":[128],"many":[130],"perturbations,":[133],"e.g.,":[134],"gradients,":[135],"Fast":[136],"Gradient":[137],"Sign":[138],"Method":[139],"(FGSM)":[140],"DeepFool.":[142],"Using":[143],"matrix":[144],"concentration":[145],"inequalities":[146],"perturbation":[149],"bounds,":[150],"show":[152],"that":[153],"top":[155],"singular":[156],"vector":[157],"directions":[161],"small":[164],"sample":[166,194],"gives":[167,198],"an":[168],"effective":[169],"attack.":[174],"For":[175],"standard":[176],"CIFAR10":[179],"ImageNet,":[181],"Gradient,":[186],"FGSM,":[187],"DeepFool":[189],"perturbations":[190],"using":[191],"64":[196],"images":[197],"fooling":[199],"rates":[200],"comparable":[201],"state-of-the-art":[203],"[5,":[206],"reasonable":[209],"norms":[210],"perturbation.":[212]},"counts_by_year":[{"year":2020,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}