{"id":"https://openalex.org/W4388109969","doi":"https://doi.org/10.3389/fcomp.2023.1274832","title":"Leveraging linear mapping for model-agnostic adversarial defense","display_name":"Leveraging linear mapping for model-agnostic adversarial defense","publication_year":2023,"publication_date":"2023-10-30","ids":{"openalex":"https://openalex.org/W4388109969","doi":"https://doi.org/10.3389/fcomp.2023.1274832"},"language":"en","primary_location":{"id":"doi:10.3389/fcomp.2023.1274832","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3389/fcomp.2023.1274832","pdf_url":"https://www.frontiersin.org/articles/10.3389/fcomp.2023.1274832/pdf?isPublishedV2=False","source":{"id":"https://openalex.org/S4210211086","display_name":"Frontiers in Computer Science","issn_l":"2624-9898","issn":["2624-9898"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320527","host_organization_name":"Frontiers Media","host_organization_lineage":["https://openalex.org/P4310320527"],"host_organization_lineage_names":["Frontiers Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Frontiers in Computer Science","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.frontiersin.org/articles/10.3389/fcomp.2023.1274832/pdf?isPublishedV2=False","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063907823","display_name":"Huma Jamil","orcid":"https://orcid.org/0000-0003-1097-4821"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Huma Jamil","raw_affiliation_strings":["Department of Computer Science, Colorado State University, Fort Collins, CO, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100629036","display_name":"Yajing Liu","orcid":"https://orcid.org/0000-0002-5323-8077"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yajing Liu","raw_affiliation_strings":["Department of Mathematics, Colorado State University, Fort Collins, CO, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Mathematics, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035426506","display_name":"Nathaniel Blanchard","orcid":"https://orcid.org/0000-0002-2653-0873"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nathaniel Blanchard","raw_affiliation_strings":["Department of Computer Science, Colorado State University, Fort Collins, CO, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008589258","display_name":"M. Kirby","orcid":"https://orcid.org/0000-0002-5234-6308"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael Kirby","raw_affiliation_strings":["Department of Computer Science, Colorado State University, Fort Collins, CO, United States","Department of Mathematics, Colorado State University, Fort Collins, CO, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]},{"raw_affiliation_string":"Department of Mathematics, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078621088","display_name":"Chris Peterson","orcid":"https://orcid.org/0000-0002-3982-6876"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chris Peterson","raw_affiliation_strings":["Department of Mathematics, Colorado State University, Fort Collins, CO, United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Mathematics, Colorado State University, Fort Collins, CO, United States","institution_ids":["https://openalex.org/I92446798"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5063907823"],"corresponding_institution_ids":["https://openalex.org/I92446798"],"apc_list":{"value":1150,"currency":"USD","value_usd":1150},"apc_paid":{"value":1150,"currency":"USD","value_usd":1150},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.1410687,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"5","issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9663000106811523,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.9490000009536743,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9621655344963074},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7337808012962341},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.6620792746543884},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6573193073272705},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4984405040740967},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.48391562700271606},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.46755731105804443},{"id":"https://openalex.org/keywords/linear-classifier","display_name":"Linear classifier","score":0.4168641269207001}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9621655344963074},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7337808012962341},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.6620792746543884},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6573193073272705},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4984405040740967},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.48391562700271606},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.46755731105804443},{"id":"https://openalex.org/C139532973","wikidata":"https://www.wikidata.org/wiki/Q2679259","display_name":"Linear classifier","level":3,"score":0.4168641269207001}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3389/fcomp.2023.1274832","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3389/fcomp.2023.1274832","pdf_url":"https://www.frontiersin.org/articles/10.3389/fcomp.2023.1274832/pdf?isPublishedV2=False","source":{"id":"https://openalex.org/S4210211086","display_name":"Frontiers in Computer Science","issn_l":"2624-9898","issn":["2624-9898"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320527","host_organization_name":"Frontiers Media","host_organization_lineage":["https://openalex.org/P4310320527"],"host_organization_lineage_names":["Frontiers Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Frontiers in Computer Science","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:0a143553e3414a5ab2ee9808c86b4f6e","is_oa":true,"landing_page_url":"https://doaj.org/article/0a143553e3414a5ab2ee9808c86b4f6e","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Frontiers in Computer Science, Vol 5 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3389/fcomp.2023.1274832","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3389/fcomp.2023.1274832","pdf_url":"https://www.frontiersin.org/articles/10.3389/fcomp.2023.1274832/pdf?isPublishedV2=False","source":{"id":"https://openalex.org/S4210211086","display_name":"Frontiers in Computer Science","issn_l":"2624-9898","issn":["2624-9898"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320527","host_organization_name":"Frontiers Media","host_organization_lineage":["https://openalex.org/P4310320527"],"host_organization_lineage_names":["Frontiers Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Frontiers in Computer Science","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/11","score":0.699999988079071,"display_name":"Sustainable cities and communities"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320337531","display_name":"Defense Sciences Office, DARPA","ror":"https://ror.org/0447fe631"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388109969.pdf","grobid_xml":"https://content.openalex.org/works/W4388109969.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W2194775991","https://openalex.org/W2561975083","https://openalex.org/W2790361456","https://openalex.org/W2906965747","https://openalex.org/W2913848079","https://openalex.org/W2943801311","https://openalex.org/W2955425717","https://openalex.org/W2962835968","https://openalex.org/W2963149653","https://openalex.org/W2963159675","https://openalex.org/W2963163009","https://openalex.org/W2964116600","https://openalex.org/W2981030558","https://openalex.org/W2996506901","https://openalex.org/W2998135039","https://openalex.org/W3094502228","https://openalex.org/W3111271714","https://openalex.org/W3163711566","https://openalex.org/W3201579356","https://openalex.org/W4214836605","https://openalex.org/W4242177601","https://openalex.org/W4280605483","https://openalex.org/W4286233271","https://openalex.org/W4293584023","https://openalex.org/W4296473303","https://openalex.org/W4300435436","https://openalex.org/W4360798603","https://openalex.org/W4367313930","https://openalex.org/W4378464829","https://openalex.org/W6640082202","https://openalex.org/W6760652986","https://openalex.org/W6788158233","https://openalex.org/W6791353385","https://openalex.org/W6852137472","https://openalex.org/W6853240856","https://openalex.org/W6948309317"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W3093978547","https://openalex.org/W3203790781","https://openalex.org/W2997056298","https://openalex.org/W2738001131","https://openalex.org/W4285785480","https://openalex.org/W3127875750","https://openalex.org/W4383221314","https://openalex.org/W2953536436"],"abstract_inverted_index":{"In":[0,106],"the":[1,28,47,75,94,111,143,161],"ever-evolving":[2],"landscape":[3],"of":[4,9,31,82,96,113,117,145,186],"deep":[5],"learning,":[6],"novel":[7],"designs":[8],"neural":[10],"network":[11],"architectures":[12],"have":[13,59],"been":[14,60],"thought":[15],"to":[16,37,68,127,141,178,188],"drive":[17],"progress":[18],"by":[19,86],"enhancing":[20],"embedded":[21,29],"representations.":[22],"However,":[23],"recent":[24],"findings":[25],"reveal":[26],"that":[27,49,123,175],"representations":[30,81],"various":[32],"state-of-the-art":[33],"models":[34,122,174],"are":[35,52,176],"mappable":[36],"one":[38],"another":[39],"via":[40],"a":[41,103,114,151],"simple":[42],"linear":[43,57,76,115,152],"map,":[44],"thus":[45],"challenging":[46],"notion":[48],"architectural":[50],"variations":[51],"meaningfully":[53],"distinctive.":[54],"While":[55],"these":[56,83],"maps":[58],"established":[61],"for":[62,102,190],"traditional":[63],"non-adversarial":[64,158],"datasets,":[65],"e.g.,":[66],"ImageNet,":[67],"our":[69],"knowledge":[70],"no":[71],"work":[72],"has":[73],"explored":[74],"relation":[77],"between":[78,120],"adversarial":[79,91,99,118,132,156,170],"image":[80],"datasets":[84],"generated":[85],"different":[87,121],"CNNs.":[88],"Accurately":[89],"mapping":[90,116],"images":[92],"signals":[93],"feasibility":[95],"generalizing":[97],"an":[98,137,184],"defense":[100],"optimized":[101],"specific":[104],"network.":[105],"this":[107,146,179],"work,":[108],"we":[109,165],"demonstrate":[110],"existence":[112],"inputs":[119],"can":[124],"be":[125],"exploited":[126],"develop":[128],"such":[129],"model-agnostic,":[130],"generalized":[131],"defense.":[133,148],"We":[134,149],"further":[135],"propose":[136],"experimental":[138],"setup":[139],"designed":[140],"underscore":[142],"concept":[144],"model-agnostic":[147],"train":[150],"classifier":[153],"using":[154,169],"both":[155,191],"and":[157,193],"embeddings":[159,171],"within":[160],"defended":[162],"space.":[163,180],"Subsequently,":[164],"assess":[166],"its":[167],"performance":[168],"from":[172],"other":[173],"mapped":[177],"Our":[181],"approach":[182],"achieves":[183],"AUROC":[185],"up":[187],"0.99":[189],"CIFAR-10":[192],"ImageNet":[194],"datasets.":[195]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}