{"id":"https://openalex.org/W4386815553","doi":"https://doi.org/10.14428/esann/2023.es2023-5","title":"Towards Machine Learning Models that We Can Trust: Testing, Improving, and Explaining Robustness","display_name":"Towards Machine Learning Models that We Can Trust: Testing, Improving, and Explaining Robustness","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4386815553","doi":"https://doi.org/10.14428/esann/2023.es2023-5"},"language":"en","primary_location":{"id":"doi:10.14428/esann/2023.es2023-5","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2023.es2023-5","pdf_url":"https://doi.org/10.14428/esann/2023.es2023-5","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2023 proceesdings","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.14428/esann/2023.es2023-5","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021496483","display_name":"Maura Pintor","orcid":"https://orcid.org/0000-0002-1944-2875"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Maura Pintor","raw_affiliation_strings":["-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy"],"affiliations":[{"raw_affiliation_string":"-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy","institution_ids":["https://openalex.org/I172446870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005227623","display_name":"Ambra Demontis","orcid":"https://orcid.org/0000-0001-9318-6913"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Ambra Demontis","raw_affiliation_strings":["-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy"],"affiliations":[{"raw_affiliation_string":"-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy","institution_ids":["https://openalex.org/I172446870"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008367647","display_name":"Battista Biggio","orcid":"https://orcid.org/0000-0001-7752-509X"},"institutions":[{"id":"https://openalex.org/I172446870","display_name":"University of Cagliari","ror":"https://ror.org/003109y17","country_code":"IT","type":"education","lineage":["https://openalex.org/I172446870"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Battista Biggio","raw_affiliation_strings":["-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy"],"affiliations":[{"raw_affiliation_string":"-University of Cagliari -Dept of Electrical and Electronic Engineering Cagliari -Italy","institution_ids":["https://openalex.org/I172446870"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5021496483"],"corresponding_institution_ids":["https://openalex.org/I172446870"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.11783531,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"113","last_page":"120"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9815999865531921,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8103231191635132},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7769825458526611},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.7640911340713501},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6973303556442261},{"id":"https://openalex.org/keywords/unsupervised-learning","display_name":"Unsupervised learning","score":0.4492723047733307},{"id":"https://openalex.org/keywords/robustness-testing","display_name":"Robustness testing","score":0.432338148355484},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4205147624015808},{"id":"https://openalex.org/keywords/data-stream-mining","display_name":"Data stream mining","score":0.41245919466018677},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.34628501534461975}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8103231191635132},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7769825458526611},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.7640911340713501},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6973303556442261},{"id":"https://openalex.org/C8038995","wikidata":"https://www.wikidata.org/wiki/Q1152135","display_name":"Unsupervised learning","level":2,"score":0.4492723047733307},{"id":"https://openalex.org/C137726913","wikidata":"https://www.wikidata.org/wiki/Q7353550","display_name":"Robustness testing","level":3,"score":0.432338148355484},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4205147624015808},{"id":"https://openalex.org/C89198739","wikidata":"https://www.wikidata.org/wiki/Q3079880","display_name":"Data stream mining","level":2,"score":0.41245919466018677},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34628501534461975},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C58166","wikidata":"https://www.wikidata.org/wiki/Q224821","display_name":"Fuzzy logic","level":2,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.14428/esann/2023.es2023-5","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2023.es2023-5","pdf_url":"https://doi.org/10.14428/esann/2023.es2023-5","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2023 proceesdings","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.14428/esann/2023.es2023-5","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2023.es2023-5","pdf_url":"https://doi.org/10.14428/esann/2023.es2023-5","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2023 proceesdings","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8282150278","display_name":null,"funder_award_id":"F73C22001320007","funder_id":"https://openalex.org/F4320315324","funder_display_name":"Fondazione di Sardegna"}],"funders":[{"id":"https://openalex.org/F4320315324","display_name":"Fondazione di Sardegna","ror":"https://ror.org/02sryfh37"},{"id":"https://openalex.org/F4320327593","display_name":"Bundesministerium f\u00fcr Digitalisierung und Wirtschaftsstandort","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4386815553.pdf","grobid_xml":"https://content.openalex.org/works/W4386815553.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W9657784","https://openalex.org/W1673923490","https://openalex.org/W2121727866","https://openalex.org/W2516574342","https://openalex.org/W2541884796","https://openalex.org/W2640329709","https://openalex.org/W2773446523","https://openalex.org/W2867167548","https://openalex.org/W2913848079","https://openalex.org/W2963857521","https://openalex.org/W2994797252","https://openalex.org/W3005861412","https://openalex.org/W3010489274","https://openalex.org/W3093141676","https://openalex.org/W3107001518","https://openalex.org/W3123454130","https://openalex.org/W3130750757","https://openalex.org/W3173360194","https://openalex.org/W3183048323","https://openalex.org/W3202183072","https://openalex.org/W4247200422","https://openalex.org/W4287083725","https://openalex.org/W4287323182","https://openalex.org/W4288117700","https://openalex.org/W4293846201","https://openalex.org/W4296557784","https://openalex.org/W4318619660","https://openalex.org/W4376122866","https://openalex.org/W4386815501","https://openalex.org/W4386815519","https://openalex.org/W4386815527","https://openalex.org/W4386815559","https://openalex.org/W4386815567"],"related_works":["https://openalex.org/W1985538490","https://openalex.org/W2385695368","https://openalex.org/W2048346223","https://openalex.org/W1566806263","https://openalex.org/W1980755708","https://openalex.org/W2560201613","https://openalex.org/W172227863","https://openalex.org/W1576602683","https://openalex.org/W2149415205","https://openalex.org/W2013496695"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2,151],"machine":[3,16,28,66],"learning":[4,17,29,119],"has":[5,121],"become":[6],"the":[7,61,73,77,86,99,110,139,149,165,181,190,206,220,263,266,270,291,318],"most":[8],"effective":[9],"way":[10],"to":[11,21,30,51,60,71,90,107,130,178,194,224,252,301,315],"analyze":[12],"massive":[13],"data":[14,168],"streams.However,":[15],"is":[18,50,233],"also":[19,246],"subject":[20],"security":[22,62],"and":[23,57,63,92,97,103,112,144,160,187,196,226,242,268,276,279,311,320],"reliability":[24],"issues.These":[25],"aspects":[26],"require":[27],"be":[31,253],"thoroughly":[32],"tested":[33],"before":[34],"being":[35],"deployed":[36],"in":[37,85,109,158,219,255,269,317],"unsupervised":[38],"scenarios,":[39],"such":[40,286],"as":[41,162,164,287],"services":[42],"intended":[43],"for":[44,82,141,170,174,216],"consumers.The":[45],"goal":[46],"of":[47,65,79,88,95,101,146,167,184,192,213,222,229,257,265,293,309],"this":[48,201],"session":[49,68],"discuss":[52],"open":[53,202],"challenges,":[54],"both":[55,239],"theoretical":[56],"practical,":[58],"related":[59],"safety":[64],"learning.The":[67],"will":[69],"try":[70],"address":[72,200],"following":[74,207],"challenges:":[75],"(i)":[76],"implementation":[78],"efficient":[80,104,214,312],"tests":[81,215],"Machine":[83,217],"Learning":[84,218],"context":[87,221],"robustness":[89,223],"attacks":[91,198,225,258],"natural":[93,227],"drifts":[94,228],"data;":[96],"(ii)":[98],"design":[100,292],"robust":[102,310],"models":[105,153,250,267,313],"able":[106,177,314],"function":[108,316],"wild":[111,319],"mitigate":[113,321],"or":[114,322],"detect":[115,323],"adversarial":[116,324],"attacks.":[117,325],"ContextMachine":[118],"(ML)":[120],"rapidly":[122,156],"transformed":[123],"various":[124],"industries,":[125],"from":[126,262],"powering":[127],"recommendation":[128],"systems":[129,186],"driving":[131],"autonomous":[132],"vehicles.As":[133],"ML":[134,147,193,236,294],"adoption":[135],"grows,":[136],"so":[137],"does":[138],"need":[140],"rigorous":[142],"evaluation":[143],"trustworthiness":[145],"models.In":[148],"last":[150],"these":[152,185],"have":[154,251],"been":[155],"increasing":[157],"size":[159],"complexity,":[161],"well":[163],"amount":[166],"used":[169],"their":[171],"training.This":[172],"demands":[173],"testing":[175],"techniques":[176],"effectively":[179],"cover":[180],"attack":[182],"surface":[183],"properly":[188],"test":[189],"resilience":[191],"unseen":[195],"undesirable":[197],"[1].To":[199],"problem,":[203],"we":[204,297],"formulate":[205],"research":[208,304],"challenge:Research":[209,305],"Challenge":[210,306],"1":[211],"Implementation":[212],"data.In":[230],"addition,":[231],"it":[232],"crucial":[234],"that":[235,259,281,296],"algorithms":[237,295],"consider":[238],"high":[240],"technical":[241],"functional":[243],"standards":[244],"but":[245],"additional":[247],"trustworthy":[248,254],"requirements.These":[249],"terms":[256],"can":[260,298],"come":[261],"misuse":[264],"meanwhile":[271],"take":[272],"into":[273],"account":[274],"societal":[275],"individual":[277],"values":[278],"principles":[280],"significantly":[282],"impact":[283],"people's":[284],"lives,":[285],"ethical":[288],"concerns.This":[289],"mandates":[290],"trust,":[299],"leading":[300],"our":[302],"second":[303],"2":[307],"Design":[308]},"counts_by_year":[],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-10-10T00:00:00"}