{"id":"https://openalex.org/W7140224551","doi":"https://doi.org/10.1145/3799889","title":"PadNet: Defending Neural Networks Against Adversarial Examples","display_name":"PadNet: Defending Neural Networks Against Adversarial Examples","publication_year":2026,"publication_date":"2026-03-24","ids":{"openalex":"https://openalex.org/W7140224551","doi":"https://doi.org/10.1145/3799889"},"language":"en","primary_location":{"id":"doi:10.1145/3799889","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3799889","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1145/3799889","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Armon Barton","orcid":"https://orcid.org/0000-0002-8227-3621"},"institutions":[{"id":"https://openalex.org/I35364215","display_name":"Naval Postgraduate School","ror":"https://ror.org/033yfkj90","country_code":"US","type":"education","lineage":["https://openalex.org/I1330347796","https://openalex.org/I3130687028","https://openalex.org/I35364215"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Armon Barton","raw_affiliation_strings":["Computer Science, Naval Postgraduate School"],"raw_orcid":"https://orcid.org/0000-0002-8227-3621","affiliations":[{"raw_affiliation_string":"Computer Science, Naval Postgraduate School","institution_ids":["https://openalex.org/I35364215"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Matthew Wright","orcid":"https://orcid.org/0000-0002-8489-6347"},"institutions":[{"id":"https://openalex.org/I155173764","display_name":"Rochester Institute of Technology","ror":"https://ror.org/00v4yb702","country_code":"US","type":"education","lineage":["https://openalex.org/I155173764"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Matthew Wright","raw_affiliation_strings":["Computer Science, Rochester Institute of Technology"],"raw_orcid":"https://orcid.org/0000-0002-8489-6347","affiliations":[{"raw_affiliation_string":"Computer Science, Rochester Institute of Technology","institution_ids":["https://openalex.org/I155173764"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Shaikh Akib Shahriyar","orcid":"https://orcid.org/0000-0002-5791-2794"},"institutions":[{"id":"https://openalex.org/I155173764","display_name":"Rochester Institute of Technology","ror":"https://ror.org/00v4yb702","country_code":"US","type":"education","lineage":["https://openalex.org/I155173764"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shaikh Akib Shahriyar","raw_affiliation_strings":["Computer Science, Rochester Institute of Technology"],"raw_orcid":"https://orcid.org/0000-0002-5791-2794","affiliations":[{"raw_affiliation_string":"Computer Science, Rochester Institute of Technology","institution_ids":["https://openalex.org/I155173764"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Edgar Jatho","orcid":"https://orcid.org/0000-0001-6626-2458"},"institutions":[{"id":"https://openalex.org/I189158971","display_name":"United States Naval Academy","ror":"https://ror.org/00znex860","country_code":"US","type":"education","lineage":["https://openalex.org/I1330347796","https://openalex.org/I189158971","https://openalex.org/I3130687028"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Edgar Jatho","raw_affiliation_strings":["Computer Science, US Naval Academy"],"raw_orcid":"https://orcid.org/0000-0001-6626-2458","affiliations":[{"raw_affiliation_string":"Computer Science, US Naval Academy","institution_ids":["https://openalex.org/I189158971"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Mohammad Saidur Rahman","orcid":"https://orcid.org/0000-0001-6673-171X"},"institutions":[{"id":"https://openalex.org/I155173764","display_name":"Rochester Institute of Technology","ror":"https://ror.org/00v4yb702","country_code":"US","type":"education","lineage":["https://openalex.org/I155173764"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mohammad Saidur Rahman","raw_affiliation_strings":["Computer Science, Rochester Institute of Technology"],"raw_orcid":"https://orcid.org/0000-0001-6673-171X","affiliations":[{"raw_affiliation_string":"Computer Science, Rochester Institute of Technology","institution_ids":["https://openalex.org/I155173764"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Kantha Girish Gangadhara","orcid":"https://orcid.org/0009-0008-0185-3220"},"institutions":[{"id":"https://openalex.org/I155173764","display_name":"Rochester Institute of Technology","ror":"https://ror.org/00v4yb702","country_code":"US","type":"education","lineage":["https://openalex.org/I155173764"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kantha Girish Gangadhara","raw_affiliation_strings":["Computer Science, Rochester Institute of Technology"],"raw_orcid":"https://orcid.org/0009-0008-0185-3220","affiliations":[{"raw_affiliation_string":"Computer Science, Rochester Institute of Technology","institution_ids":["https://openalex.org/I155173764"]}]},{"author_position":"last","author":{"id":null,"display_name":"Jiang Ming","orcid":"https://orcid.org/0000-0001-9682-0502"},"institutions":[{"id":"https://openalex.org/I114832834","display_name":"Tulane University","ror":"https://ror.org/04vmvtb21","country_code":"US","type":"education","lineage":["https://openalex.org/I114832834"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiang Ming","raw_affiliation_strings":["Tulane University"],"raw_orcid":"https://orcid.org/0000-0001-9682-0502","affiliations":[{"raw_affiliation_string":"Tulane University","institution_ids":["https://openalex.org/I114832834"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.40712524,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"29","issue":"2","first_page":"1","last_page":"26"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.0005000000237487257,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.00039999998989515007,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8605999946594238},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7498000264167786},{"id":"https://openalex.org/keywords/decision-boundary","display_name":"Decision boundary","score":0.6486999988555908},{"id":"https://openalex.org/keywords/regularization","display_name":"Regularization (linguistics)","score":0.48539999127388},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.47690001130104065},{"id":"https://openalex.org/keywords/boundary","display_name":"Boundary (topology)","score":0.4632999897003174},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.4375999867916107}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8605999946594238},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7498000264167786},{"id":"https://openalex.org/C42023084","wikidata":"https://www.wikidata.org/wiki/Q5249231","display_name":"Decision boundary","level":3,"score":0.6486999988555908},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6252999901771545},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6129999756813049},{"id":"https://openalex.org/C2776135515","wikidata":"https://www.wikidata.org/wiki/Q17143721","display_name":"Regularization (linguistics)","level":2,"score":0.48539999127388},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.47690001130104065},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4733999967575073},{"id":"https://openalex.org/C62354387","wikidata":"https://www.wikidata.org/wiki/Q875399","display_name":"Boundary (topology)","level":2,"score":0.4632999897003174},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.4375999867916107},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4011000096797943},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.3246999979019165},{"id":"https://openalex.org/C2984634286","wikidata":"https://www.wikidata.org/wiki/Q1331926","display_name":"Decision process","level":2,"score":0.2833999991416931},{"id":"https://openalex.org/C28901747","wikidata":"https://www.wikidata.org/wiki/Q177571","display_name":"Decision theory","level":2,"score":0.2766999900341034},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.2667999863624573},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.2639999985694885},{"id":"https://openalex.org/C87007009","wikidata":"https://www.wikidata.org/wiki/Q210832","display_name":"Statistical hypothesis testing","level":2,"score":0.2630000114440918},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.2590000033378601}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3799889","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3799889","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3799889","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3799889","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5552066564559937,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W2112594540","https://openalex.org/W2243397390","https://openalex.org/W2618043096","https://openalex.org/W2768346313","https://openalex.org/W2891021639","https://openalex.org/W2947133760","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2992308087","https://openalex.org/W3034670940","https://openalex.org/W3090897510","https://openalex.org/W3173859330","https://openalex.org/W3200113267","https://openalex.org/W4386083049","https://openalex.org/W4394597475","https://openalex.org/W4404612305"],"related_works":[],"abstract_inverted_index":{"Machine":[0],"learning":[1],"(ML)":[2],"suffers":[3],"from":[4],"a":[5,58,63,74,78,107,140],"persistent":[6],"and":[7,22,154,167],"critical":[8],"flaw:":[9],"adversarial":[10,16],"examples.":[11],"Many":[12],"new":[13],"forms":[14],"of":[15,57,80,102,117,142],"example":[17],"attacks":[18,166],"have":[19,26],"been":[20,27],"invented":[21],"many":[23],"narrow":[24],"defenses":[25],"proposed.":[28],"Unfortunately,":[29],"no":[30],"defensive":[31],"approach":[32],"can":[33,43],"withstand":[34],"current":[35,158],"attacks.":[36],"We":[37,66,136,160],"hypothesize":[38],"that":[39,48,72,83,111,149,169],"ML":[40],"model":[41],"robustness":[42,153],"be":[44],"improved":[45],"with":[46,100],"approaches":[47],"delineate":[49],"the":[50,115,118,122,143],"data-point-sparse":[51],"latent":[52],"space":[53,61],"between":[54,97,134],"data-dense":[55],"regions":[56,101],"model\u2019s":[59],"classification":[60],"as":[62],"barrier":[64,75,91,119],"class.":[65],"introduce":[67],"one":[68],"such":[69],"defense,":[70],"PadNet,":[71],"builds":[73],"class":[76,92],"using":[77],"combination":[79],"training":[81,129],"samples":[82,130],"mix":[84],"multiple":[85],"classes":[86,99],"together.":[87],"It":[88],"leverages":[89],"this":[90],"to":[93,125,157],"separate":[94],"decision":[95,123],"boundaries":[96],"benign":[98],"padding.":[103],"PadNet":[104,138,170],"then":[105],"implements":[106],"gradient":[108],"regularization":[109],"strategy":[110],"penalizes":[112],"gradients":[113],"in":[114],"direction":[116],"class,":[120],"causing":[121],"boundary":[124,132],"draw":[126],"tighter":[127],"around":[128],"increasing":[131],"thickness":[133],"classes.":[135],"evaluate":[137],"against":[139,164,173],"sampling":[141],"most":[144],"effective":[145],"state-of-the-art":[146],"attacks,":[147],"demonstrating":[148],"it":[150,163],"offers":[151],"significant":[152],"reliability":[155],"compared":[156],"defenses.":[159],"also":[161],"test":[162],"adaptive":[165],"find":[168],"remains":[171],"robust":[172],"them.":[174]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-03-25T00:00:00"}