{"id":"https://openalex.org/W4307964232","doi":"https://doi.org/10.1145/3560830.3563727","title":"Proactive Detection of Query-based Adversarial Scenarios in NLP Systems","display_name":"Proactive Detection of Query-based Adversarial Scenarios in NLP Systems","publication_year":2022,"publication_date":"2022-11-02","ids":{"openalex":"https://openalex.org/W4307964232","doi":"https://doi.org/10.1145/3560830.3563727"},"language":"en","primary_location":{"id":"doi:10.1145/3560830.3563727","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3560830.3563727","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019210055","display_name":"Mohammad Maghsoudimehrabani","orcid":"https://orcid.org/0000-0002-9939-899X"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohammad Maghsoudimehrabani","raw_affiliation_strings":["University of Guelph, Guelph, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Guelph, Guelph, ON, Canada","institution_ids":["https://openalex.org/I79817857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046380826","display_name":"Amin Azmoodeh","orcid":"https://orcid.org/0000-0002-4109-4395"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Amin Azmoodeh","raw_affiliation_strings":["University of Guelph, Guelph, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Guelph, Guelph, ON, Canada","institution_ids":["https://openalex.org/I79817857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038019914","display_name":"Ali Dehghantanha","orcid":"https://orcid.org/0000-0002-9294-7554"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ali Dehghantanha","raw_affiliation_strings":["University of Guelph, Guelph, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Guelph, Guelph, ON, Canada","institution_ids":["https://openalex.org/I79817857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029096455","display_name":"Behrouz Zolfaghari","orcid":"https://orcid.org/0000-0001-6691-0988"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Behrouz Zolfaghari","raw_affiliation_strings":["University of Guelph, Guelph, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Guelph, Guelph, ON, Canada","institution_ids":["https://openalex.org/I79817857"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5041541232","display_name":"Gautam Srivastava","orcid":"https://orcid.org/0000-0001-9851-4103"},"institutions":[{"id":"https://openalex.org/I48890080","display_name":"Brandon University","ror":"https://ror.org/02qp25a50","country_code":"CA","type":"education","lineage":["https://openalex.org/I48890080"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Gautam Srivastava","raw_affiliation_strings":["Brandon University, Brandon, MAN, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brandon University, Brandon, MAN, Canada","institution_ids":["https://openalex.org/I48890080"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.4162,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.68911297,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"103","last_page":"113"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9746000170707703,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9708665609359741},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7907922267913818},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6808398365974426},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.658402681350708},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.5441383719444275},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.4456694722175598},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.44116345047950745},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.423541396856308},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4101380407810211},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.17314711213111877},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08755391836166382}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9708665609359741},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7907922267913818},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6808398365974426},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.658402681350708},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.5441383719444275},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.4456694722175598},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.44116345047950745},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.423541396856308},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4101380407810211},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.17314711213111877},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08755391836166382}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3560830.3563727","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3560830.3563727","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2025589484","https://openalex.org/W2906620585","https://openalex.org/W2954420970","https://openalex.org/W2962818281","https://openalex.org/W2963564844","https://openalex.org/W2964056778","https://openalex.org/W2982054702","https://openalex.org/W2996851481","https://openalex.org/W2997645422","https://openalex.org/W3032170634","https://openalex.org/W3032769455","https://openalex.org/W3035441470","https://openalex.org/W3037045905","https://openalex.org/W3038079676","https://openalex.org/W3084992427","https://openalex.org/W3091857398","https://openalex.org/W3174848559","https://openalex.org/W3175452756"],"related_works":["https://openalex.org/W4320018150","https://openalex.org/W2918664383","https://openalex.org/W2040808657","https://openalex.org/W4320855730","https://openalex.org/W3123119822","https://openalex.org/W106056076","https://openalex.org/W2135200719","https://openalex.org/W4377865163","https://openalex.org/W4379538695","https://openalex.org/W3184396788"],"abstract_inverted_index":{"Adversarial":[0],"attacks":[1,78,116],"can":[2,58,90],"mislead":[3],"a":[4,60,122,153],"Deep":[5],"Learning":[6],"(DL)":[7],"algorithm":[8],"into":[9,101],"generating":[10,139],"erroneous":[11],"predictions":[12],"via":[13],"feeding":[14],"maliciously-disturbed":[15],"inputs":[16],"called":[17],"adversarial":[18,30,35,48,64,77,92,115,141,148,168],"examples.":[19],"DL-based":[20,67],"Natural":[21],"Language":[22],"Processing":[23],"(NLP)":[24],"algorithms":[25],"are":[26,72,83,97],"severely":[27],"threatened":[28],"by":[29,120,147],"attacks.":[31],"In":[32,104],"real-world,":[33],"black-box":[34,167],"attacks,":[36],"the":[37,86,102],"adversary":[38],"needs":[39],"to":[40,51,131,143],"submit":[41],"many":[42],"highly-similar":[43],"queries":[44,136],"before":[45],"drafting":[46],"an":[47],"example.":[49],"Due":[50],"this":[52,105],"long":[53],"process,":[54],"in-progress":[55],"attack":[56,169],"detection":[57,113,154],"play":[59],"significant":[61],"role":[62],"in":[63,66,79,85,117,159],"defense":[65],"NLP":[68,118],"algorithms.":[69],"Although":[70],"there":[71],"several":[73,165],"approaches":[74,82],"for":[75],"detecting":[76],"NLP,":[80],"these":[81],"reactive":[84],"sense":[87],"that":[88],"they":[89,96],"detect":[91],"examples":[93,142],"only":[94],"when":[95],"fabricated":[98],"and":[99],"fed":[100],"algorithm.":[103],"study,":[106],"we":[107,145],"take":[108],"one":[109],"step":[110],"towards":[111],"proactive":[112],"of":[114,135,138,156],"systems":[119],"proposing":[121],"robust,":[123],"history-based":[124],"model":[125,151],"named":[126],"Stateful":[127],"Query":[128],"Analysis":[129],"(SQA)":[130],"identify":[132],"suspiciously-similar":[133],"sequences":[134],"capable":[137],"textual":[140],"which":[144],"refer":[146],"scenarios.":[149],"The":[150],"exhibits":[152],"rate":[155],"over":[157],"99.9%":[158],"our":[160],"extensive":[161],"experimental":[162],"tests":[163],"against":[164],"state-of-the-art":[166],"methods.":[170]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}