{"id":"https://openalex.org/W4415371524","doi":"https://doi.org/10.1186/s42400-025-00375-4","title":"EGRTE: adversarially training a self-explaining smoothed classifier for certified robustness","display_name":"EGRTE: adversarially training a self-explaining smoothed classifier for certified robustness","publication_year":2025,"publication_date":"2025-10-21","ids":{"openalex":"https://openalex.org/W4415371524","doi":"https://doi.org/10.1186/s42400-025-00375-4"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-025-00375-4","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00375-4","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-025-00375-4","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-025-00375-4","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100313169","display_name":"Zijin Lin","orcid":"https://orcid.org/0009-0006-8171-7418"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zijin Lin","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, 100085, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0006-8171-7418","affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, 100085, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101195667","display_name":"Jinwen He","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jinwen He","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, 100085, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, 100085, Beijing, China","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037049534","display_name":"Yue Zhao","orcid":"https://orcid.org/0000-0003-0342-2797"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Zhao","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072373338","display_name":"Ruigang Liang","orcid":"https://orcid.org/0000-0002-8751-9918"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruigang Liang","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, 100049, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100444602","display_name":"Hu Li","orcid":"https://orcid.org/0000-0002-0420-855X"},"institutions":[{"id":"https://openalex.org/I2802541053","display_name":"Academy of Military Medical Sciences","ror":"https://ror.org/02bv3c993","country_code":"CN","type":"facility","lineage":["https://openalex.org/I2802541053"]},{"id":"https://openalex.org/I4210158522","display_name":"PLA Academy of Military Science","ror":"https://ror.org/05ct4s596","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210158522"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hu Li","raw_affiliation_strings":["Institute of Systems Engineering, Academy of Military Science, 100101, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Systems Engineering, Academy of Military Science, 100101, Beijing, China","institution_ids":["https://openalex.org/I2802541053","https://openalex.org/I4210158522"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5106920852","display_name":"Zhendong Wu","orcid":"https://orcid.org/0000-0002-6875-8817"},"institutions":[{"id":"https://openalex.org/I2802541053","display_name":"Academy of Military Medical Sciences","ror":"https://ror.org/02bv3c993","country_code":"CN","type":"facility","lineage":["https://openalex.org/I2802541053"]},{"id":"https://openalex.org/I4210158522","display_name":"PLA Academy of Military Science","ror":"https://ror.org/05ct4s596","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210158522"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhendong Wu","raw_affiliation_strings":["Institute of Systems Engineering, Academy of Military Science, 100101, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Systems Engineering, Academy of Military Science, 100101, Beijing, China","institution_ids":["https://openalex.org/I2802541053","https://openalex.org/I4210158522"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.14007564,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"8","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9585000276565552,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9553999900817871,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7732999920845032},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6700000166893005},{"id":"https://openalex.org/keywords/overfitting","display_name":"Overfitting","score":0.5498999953269958},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.49309998750686646},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.45489999651908875}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7732999920845032},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7644000053405762},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6700000166893005},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5931000113487244},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.588100016117096},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.5498999953269958},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.49309998750686646},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.45489999651908875},{"id":"https://openalex.org/C2778869765","wikidata":"https://www.wikidata.org/wiki/Q6028363","display_name":"Inefficiency","level":2,"score":0.45339998602867126},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3230000138282776},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.29330000281333923},{"id":"https://openalex.org/C2986577269","wikidata":"https://www.wikidata.org/wiki/Q11306265","display_name":"Random noise","level":2,"score":0.2558000087738037}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-025-00375-4","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00375-4","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-025-00375-4","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f24d6b7011f948fab01f14991121404f","is_oa":true,"landing_page_url":"https://doaj.org/article/f24d6b7011f948fab01f14991121404f","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 8, Iss 1, Pp 1-22 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-025-00375-4","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00375-4","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-025-00375-4","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2810539030","display_name":null,"funder_award_id":"NSFC 62302498","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5854585536","display_name":null,"funder_award_id":"62302498","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G92584902","display_name":null,"funder_award_id":"NSFC 62302497","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4415371524.pdf","grobid_xml":"https://content.openalex.org/works/W4415371524.grobid-xml"},"referenced_works_count":19,"referenced_works":["https://openalex.org/W1849277567","https://openalex.org/W2108598243","https://openalex.org/W2112796928","https://openalex.org/W2117876524","https://openalex.org/W2194775991","https://openalex.org/W2240067561","https://openalex.org/W2243397390","https://openalex.org/W2607219512","https://openalex.org/W2618043096","https://openalex.org/W2884585870","https://openalex.org/W2947133760","https://openalex.org/W2963542245","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2989696285","https://openalex.org/W3102720581","https://openalex.org/W4226443069","https://openalex.org/W4402352723","https://openalex.org/W4404643460"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"Deep":[1],"learning":[2],"has":[3],"transformed":[4],"fields":[5],"such":[6,76],"as":[7,34,77,231],"computer":[8],"vision,":[9],"natural":[10],"language":[11],"processing,":[12],"and":[13,21,55,68,80,101,118,128,138,169,216,238],"audio":[14],"analysis":[15],"through":[16],"its":[17],"powerful":[18],"pattern":[19],"recognition":[20],"predictive":[22],"capabilities.":[23],"However,":[24],"the":[25,102,123,133,139,146,196],"robustness":[26,96,168,217],"of":[27,105,135],"these":[28],"models":[29],"remains":[30],"a":[31,87,112,154,172,222,232],"major":[32],"concern,":[33],"they":[35,62],"are":[36],"highly":[37,233],"vulnerable":[38],"to":[39,46,59,93,98,161],"adversarial":[40,53,107,159,191,219],"attacks-subtle,":[41],"intentional":[42],"perturbations":[43],"that":[44,175],"lead":[45],"incorrect":[47],"predictions.":[48],"While":[49],"recent":[50],"defenses":[51,117],"like":[52],"training":[54,79,160,204],"defensive":[56],"distillation":[57],"aim":[58],"improve":[60],"robustness,":[61],"have":[63],"notable":[64],"drawbacks,":[65],"including":[66,190],"overfitting":[67],"degraded":[69],"performance":[70],"under":[71],"strong":[72],"attacks.":[73,108],"Certified":[74],"defenses,":[75],"robust":[78,142,237],"Randomized":[81],"Smoothing,":[82],"offer":[83],"theoretical":[84],"guarantees":[85],"within":[86],"specific":[88],"perturbation":[89],"radius,":[90],"yet":[91],"struggle":[92],"reflect":[94],"real-world":[95,119],"due":[97],"efficiency":[99,224],"bottlenecks":[100],"unpredictable":[103],"nature":[104],"actual":[106],"These":[109],"challenges":[110,134],"reveal":[111],"critical":[113],"gap":[114],"between":[115],"current":[116],"attack":[120],"scenarios,":[121],"highlighting":[122],"need":[124,197],"for":[125,166,179,198,236],"more":[126],"practical":[127],"resilient":[129],"solutions.":[130],"To":[131],"address":[132],"defense-attack":[136],"gaps":[137],"inefficiency":[140],"in":[141],"training,":[143],"we":[144],"introduce":[145],"Explanation-Guided":[147],"Robust":[148],"Training":[149],"Enhancer":[150],"(EGRTE).":[151],"EGRTE":[152,230],"combines":[153],"self-explaining":[155],"mechanism,":[156],"which":[157],"guides":[158],"focus":[162],"on":[163,208],"generalized":[164],"features":[165],"improved":[167],"accuracy,":[170],"with":[171,221],"masking":[173],"mechanism":[174],"transforms":[176],"noised":[177],"data":[178],"easier":[180],"model":[181],"learning.":[182,241],"This":[183],"approach":[184],"not":[185],"only":[186],"mitigates":[187],"noise":[188],"effects,":[189],"perturbations,":[192],"but":[193],"also":[194],"eliminates":[195],"time-intensive":[199],"gradient":[200],"calculations,":[201],"greatly":[202],"enhancing":[203],"efficiency.":[205],"Comprehensive":[206],"experiments":[207],"several":[209],"datasets":[210],"show":[211],"EGRTE\u2019s":[212],"superior":[213],"certified":[214],"accuracy":[215],"against":[218],"attacks,":[220],"6.24-fold":[223],"increase":[225],"over":[226],"comparable":[227],"methods,":[228],"positioning":[229],"effective":[234],"solution":[235],"efficient":[239],"deep":[240]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-21T00:00:00"}