{"id":"https://openalex.org/W3196769790","doi":"https://doi.org/10.1145/3508398.3511510","title":"EG-Booster: Explanation-Guided Booster of ML Evasion Attacks","display_name":"EG-Booster: Explanation-Guided Booster of ML Evasion Attacks","publication_year":2022,"publication_date":"2022-04-14","ids":{"openalex":"https://openalex.org/W3196769790","doi":"https://doi.org/10.1145/3508398.3511510","mag":"3196769790"},"language":"en","primary_location":{"id":"doi:10.1145/3508398.3511510","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3508398.3511510","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5064849074","display_name":"Abderrahmen Amich","orcid":null},"institutions":[{"id":"https://openalex.org/I4210130704","display_name":"University of Michigan\u2013Dearborn","ror":"https://ror.org/035wtm547","country_code":"US","type":"education","lineage":["https://openalex.org/I4210130704"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Abderrahmen Amich","raw_affiliation_strings":["University of Michigan, Dearborn, MI, USA"],"affiliations":[{"raw_affiliation_string":"University of Michigan, Dearborn, MI, USA","institution_ids":["https://openalex.org/I4210130704"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079219412","display_name":"Birhanu Eshete","orcid":"https://orcid.org/0000-0002-2549-4030"},"institutions":[{"id":"https://openalex.org/I4210130704","display_name":"University of Michigan\u2013Dearborn","ror":"https://ror.org/035wtm547","country_code":"US","type":"education","lineage":["https://openalex.org/I4210130704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Birhanu Eshete","raw_affiliation_strings":["University of Michigan, Dearborn, MI, USA"],"affiliations":[{"raw_affiliation_string":"University of Michigan, Dearborn, MI, USA","institution_ids":["https://openalex.org/I4210130704"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5064849074"],"corresponding_institution_ids":["https://openalex.org/I4210130704"],"apc_list":null,"apc_paid":null,"fwci":1.56639056,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.79743646,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"16","last_page":"28"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9696999788284302,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9417999982833862,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7534326314926147},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.6966609358787537},{"id":"https://openalex.org/keywords/booster","display_name":"Booster (rocketry)","score":0.6570735573768616},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6257671117782593},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6067771911621094},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5933736562728882},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.4975879490375519},{"id":"https://openalex.org/keywords/trustworthiness","display_name":"Trustworthiness","score":0.4659719467163086},{"id":"https://openalex.org/keywords/feature-engineering","display_name":"Feature engineering","score":0.4476993978023529},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.32465994358062744},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.24857231974601746},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11754953861236572}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7534326314926147},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.6966609358787537},{"id":"https://openalex.org/C203165030","wikidata":"https://www.wikidata.org/wiki/Q741745","display_name":"Booster (rocketry)","level":2,"score":0.6570735573768616},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6257671117782593},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6067771911621094},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5933736562728882},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.4975879490375519},{"id":"https://openalex.org/C153701036","wikidata":"https://www.wikidata.org/wiki/Q659974","display_name":"Trustworthiness","level":2,"score":0.4659719467163086},{"id":"https://openalex.org/C2778827112","wikidata":"https://www.wikidata.org/wiki/Q22245680","display_name":"Feature engineering","level":3,"score":0.4476993978023529},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.32465994358062744},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.24857231974601746},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11754953861236572},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3508398.3511510","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3508398.3511510","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W9657784","https://openalex.org/W1562353621","https://openalex.org/W1988720110","https://openalex.org/W2147768505","https://openalex.org/W2243397390","https://openalex.org/W2282821441","https://openalex.org/W2487898712","https://openalex.org/W2560674852","https://openalex.org/W2605409611","https://openalex.org/W2618851150","https://openalex.org/W2640329709","https://openalex.org/W2773446523","https://openalex.org/W2774644650","https://openalex.org/W2786104118","https://openalex.org/W2890991187","https://openalex.org/W2913039310","https://openalex.org/W2962843949","https://openalex.org/W2962851944","https://openalex.org/W2963165251","https://openalex.org/W2963207607","https://openalex.org/W2963382180","https://openalex.org/W2963389226","https://openalex.org/W2963560987","https://openalex.org/W2963572611","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2964152294","https://openalex.org/W2964153729","https://openalex.org/W2970407040","https://openalex.org/W2995277535","https://openalex.org/W3015625436","https://openalex.org/W3034994123","https://openalex.org/W3083155189","https://openalex.org/W3083544013","https://openalex.org/W3096425977","https://openalex.org/W3100944043","https://openalex.org/W3103836116","https://openalex.org/W3130750757","https://openalex.org/W3159758183","https://openalex.org/W3189843092","https://openalex.org/W3213941669","https://openalex.org/W4247200422"],"related_works":["https://openalex.org/W2950475743","https://openalex.org/W4386603768","https://openalex.org/W2886711096","https://openalex.org/W4380078352","https://openalex.org/W3046591097","https://openalex.org/W2590796488","https://openalex.org/W4389249638","https://openalex.org/W2734358244","https://openalex.org/W4388700941","https://openalex.org/W3015200942"],"abstract_inverted_index":{"The":[0,83],"widespread":[1],"usage":[2],"of":[3,10,22,52,80,91,94,159,167,184,215,232,263],"machine":[4],"learning":[5],"(ML)":[6],"in":[7,18,86,109,135],"a":[8,41,60,164,207],"myriad":[9],"domains":[11],"has":[12],"raised":[13],"questions":[14],"about":[15],"its":[16],"trustworthiness":[17],"high-stakes":[19],"environments.":[20],"Part":[21],"the":[23,37,89,136,156,182,213,223,226],"quest":[24],"for":[25,76],"trustworthy":[26,38],"ML":[27,39,70,81,264],"is":[28,49,88,122,244],"assessing":[29],"robustness":[30,47,78,261],"to":[31,44,71,97,107,117,119,124],"test-time":[32],"adversarial":[33,73,99],"examples.":[34],"Inline":[35],"with":[36,250],"goal,":[40],"useful":[42],"input":[43],"potentially":[45],"aid":[46],"evaluation":[48,79],"feature-based":[50,92],"explanations":[51,93],"model":[53,95,110,125,200],"predictions.":[54],"In":[55],"this":[56],"paper,":[57],"we":[58,180,205,253],"present":[59],"novel":[61],"approach,":[62],"called":[63],"EG-Booster,":[64],"that":[65,152,172,241],"leverages":[66],"techniques":[67],"from":[68],"explainable":[69],"guide":[72,98],"example":[74,100],"crafting":[75,101],"improved":[77,260],"models.":[82],"key":[84],"insight":[85],"EG-Booster":[87,121,140,153,185,255],"use":[90],"predictions":[96,228],"by":[102,221],"adding":[103],"consequential":[104],"perturbations":[105,115],"(likely":[106],"result":[108],"evasion)":[111],"and":[112,129,147,176,194,196,211],"avoiding":[113],"non-consequential":[114],"(unlikely":[116],"contribute":[118],"evasion).":[120],"agnostic":[123],"architecture,":[126],"threat":[127],"model,":[128],"supports":[130],"diverse":[131],"distance":[132],"metrics":[133],"used":[134,258],"literature.":[137],"We":[138],"evaluate":[139,212],"using":[141],"image":[142],"classification":[143],"benchmark":[144],"datasets:":[145],"MNIST":[146,193],"CIFAR10.":[148,203],"Our":[149,234],"findings":[150],"suggest":[151,240],"significantly":[154],"improves":[155],"evasion":[157,267],"rate":[158],"state-of-the-art":[160,251],"attacks":[161],"while":[162],"performing":[163],"smaller":[165],"number":[166],"perturbations.":[168],"Through":[169],"extensive":[170],"experiments":[171],"cover":[173],"four":[174],"white-box":[175],"three":[177],"black-box":[178],"attacks,":[179,252],"demonstrate":[181],"effectiveness":[183],"against":[186,266],"two":[187],"undefended":[188],"neural":[189],"networks":[190],"trained":[191,201],"on":[192,202],"CIFAR10,":[195],"an":[197],"adversarially-trained":[198],"ResNet":[199],"Furthermore,":[204],"introduce":[206],"stability":[208],"assessment":[209,262],"metric":[210],"reliability":[214],"our":[216],"explanation-based":[217],"attack":[218],"boosting":[219],"approach":[220],"tracking":[222],"similarity":[224],"between":[225],"model's":[227],"across":[229,246],"multiple":[230],"runs":[231,239],"EG-Booster.":[233],"results":[235],"over":[236],"10":[237],"separate":[238],"EG-Booster's":[242],"output":[243],"stable":[245],"distinct":[247],"runs.":[248],"Combined":[249],"hope":[254],"will":[256],"be":[257],"towards":[259],"models":[265],"attacks.":[268]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1}],"updated_date":"2026-02-20T08:17:22.645390","created_date":"2025-10-10T00:00:00"}