{"id":"https://openalex.org/W4389279189","doi":"https://doi.org/10.1145/3627106.3627204","title":"DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietary Dataset Use in Deep Neural Networks","display_name":"DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietary Dataset Use in Deep Neural Networks","publication_year":2023,"publication_date":"2023-12-02","ids":{"openalex":"https://openalex.org/W4389279189","doi":"https://doi.org/10.1145/3627106.3627204"},"language":"en","primary_location":{"id":"doi:10.1145/3627106.3627204","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3627106.3627204","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005193297","display_name":"Seonhye Park","orcid":"https://orcid.org/0009-0000-9849-9599"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Seonhye Park","raw_affiliation_strings":["Sungkyunkwan University, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, Republic of Korea","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086357020","display_name":"Alsharif Abuadbba","orcid":"https://orcid.org/0000-0001-9695-7947"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Alsharif Abuadbba","raw_affiliation_strings":["CSIRO's Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO's Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400133","display_name":"Shuo Wang","orcid":"https://orcid.org/0000-0001-8938-2364"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Shuo Wang","raw_affiliation_strings":["CSIRO's Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO's Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037106850","display_name":"Kristen Moore","orcid":"https://orcid.org/0000-0002-9962-5080"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Kristen Moore","raw_affiliation_strings":["CSIRO's Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO's Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101863680","display_name":"Yansong Gao","orcid":"https://orcid.org/0000-0001-5783-2172"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yansong Gao","raw_affiliation_strings":["CSIRO's Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO's Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016563574","display_name":"Hyoungshick Kim","orcid":"https://orcid.org/0000-0002-1605-3866"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Hyoungshick Kim","raw_affiliation_strings":["Sungkyunkwan University, South Korea"],"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, South Korea","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082256444","display_name":"\u202aSurya Nepal\u202c","orcid":"https://orcid.org/0000-0002-3289-6599"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["CSIRO's Data61, Australia"],"affiliations":[{"raw_affiliation_string":"CSIRO's Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5005193297"],"corresponding_institution_ids":["https://openalex.org/I848706"],"apc_list":null,"apc_paid":null,"fwci":0.2261,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.42894326,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"535","last_page":"549"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9853000044822693,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8715691566467285},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6708252429962158},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.6092276573181152},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.540712833404541},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5084120631217957},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.32558315992355347},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.32298335433006287}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8715691566467285},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6708252429962158},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.6092276573181152},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.540712833404541},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5084120631217957},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.32558315992355347},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.32298335433006287}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3627106.3627204","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3627106.3627204","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7400000095367432,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W569478347","https://openalex.org/W2108598243","https://openalex.org/W2112796928","https://openalex.org/W2194775991","https://openalex.org/W2579318729","https://openalex.org/W2603766943","https://openalex.org/W2806082141","https://openalex.org/W2934843808","https://openalex.org/W2935349488","https://openalex.org/W2942091739","https://openalex.org/W2994624247","https://openalex.org/W3164111940","https://openalex.org/W3173962029","https://openalex.org/W3192504716","https://openalex.org/W3201579356","https://openalex.org/W3206880386","https://openalex.org/W4200633448","https://openalex.org/W4255421341","https://openalex.org/W4288057808","https://openalex.org/W4308410741","https://openalex.org/W4385567795"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W4383221314","https://openalex.org/W3093978547","https://openalex.org/W2953536436","https://openalex.org/W3203790781","https://openalex.org/W4313346231","https://openalex.org/W2738001131","https://openalex.org/W4285785480","https://openalex.org/W2997056298"],"abstract_inverted_index":{"Training":[0],"deep":[1],"neural":[2],"networks":[3],"(DNNs)":[4],"requires":[5],"large":[6],"datasets":[7,203],"and":[8,42,64,151,206,214,228],"powerful":[9],"computing":[10],"resources,":[11],"which":[12],"has":[13],"led":[14],"some":[15],"owners":[16],"to":[17,33,45,57,101,111,156,240,252],"restrict":[18],"redistribution":[19],"without":[20],"permission.":[21],"Watermarking":[22],"techniques":[23],"that":[24,169],"embed":[25],"confidential":[26],"data":[27,107,229],"into":[28,146],"DNNs":[29,178],"have":[30],"been":[31],"used":[32,110,160],"protect":[34],"ownership,":[35],"but":[36],"these":[37,153],"can":[38,117,172],"degrade":[39],"model":[40,85,122,210],"performance":[41],"are":[43],"vulnerable":[44],"watermark":[46],"removal":[47],"attacks.":[48],"Recently,":[49],"DeepJudge":[50,69,250],"was":[51,238],"introduced":[52],"as":[53],"an":[54],"alternative":[55],"approach":[56],"measuring":[58],"the":[59,74,83,87,127,133,147,158,174,186,192,233,243,256],"similarity":[60],"between":[61],"a":[62,65,96,105,113,162,181],"suspect":[63,84,114,128,163],"victim":[66],"model.":[67,115,164],"While":[68],"shows":[70],"promise":[71],"in":[72,161,232],"addressing":[73],"shortcomings":[75],"of":[76,177,188,194,255],"watermarking,":[77],"it":[78],"primarily":[79],"addresses":[80],"situations":[81],"where":[82,104],"copies":[86],"victim\u2019s":[88,106],"architecture.":[89],"In":[90],"this":[91],"study,":[92],"we":[93,190],"introduce":[94],"DeepTaster,":[95,189],"novel":[97],"DNN":[98,121],"fingerprinting":[99],"technique,":[100],"address":[102],"scenarios":[103],"is":[108,168],"unlawfully":[109],"build":[112],"DeepTaster":[116,138,195,237],"effectively":[118],"identify":[119,157,241],"such":[120],"theft":[123],"attacks,":[124],"even":[125],"when":[126],"model\u2019s":[129],"architecture":[130],"deviates":[131],"from":[132],"victim\u2019s.":[134],"To":[135,184],"accomplish":[136],"this,":[137],"generates":[139],"adversarial":[140,170],"images":[141,155,171],"with":[142,180],"perturbations,":[143],"transforms":[144],"them":[145],"Fourier":[148],"frequency":[149],"domain,":[150],"uses":[152],"transformed":[154],"dataset":[159],"The":[165],"underlying":[166],"premise":[167],"capture":[173],"unique":[175],"characteristics":[176],"built":[179],"specific":[182],"dataset.":[183],"demonstrate":[185],"effectiveness":[187,193],"evaluated":[191],"by":[196],"assessing":[197],"its":[198],"detection":[199],"accuracy":[200],"on":[201],"three":[202,209],"(CIFAR10,":[204],"MNIST,":[205],"Tiny-ImageNet)":[207],"across":[208,246],"architectures":[211],"(ResNet18,":[212],"VGG16,":[213],"DenseNet161).":[215],"We":[216],"conducted":[217],"experiments":[218],"under":[219],"various":[220],"attack":[221],"scenarios,":[222],"including":[223],"transfer":[224],"learning,":[225],"pruning,":[226],"fine-tuning,":[227],"augmentation.":[230],"Specifically,":[231],"Multi-Architecture":[234],"Attack":[235],"scenario,":[236],"able":[239],"all":[242,247],"stolen":[244],"cases":[245],"datasets,":[248],"while":[249],"failed":[251],"detect":[253],"any":[254],"cases.":[257]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2023-12-03T00:00:00"}