{"id":"https://openalex.org/W4233094822","doi":"https://doi.org/10.5220/0007370301640173","title":"Detecting Adversarial Examples in Deep Neural Networks using Normalizing Filters","display_name":"Detecting Adversarial Examples in Deep Neural Networks using Normalizing Filters","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W4233094822","doi":"https://doi.org/10.5220/0007370301640173"},"language":"en","primary_location":{"id":"doi:10.5220/0007370301640173","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0007370301640173","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th International Conference on Agents and Artificial Intelligence","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.5220/0007370301640173","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081221933","display_name":"Shuangchi Gu","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shuangchi Gu","raw_affiliation_strings":["School of Cyber Security, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai and China, --- Select a Country ---"],"affiliations":[{"raw_affiliation_string":"School of Cyber Security, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai and China, --- Select a Country ---","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101382266","display_name":"Ping Yi","orcid":"https://orcid.org/0000-0003-2757-9465"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ping Yi","raw_affiliation_strings":["School of Cyber Security, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai and China, --- Select a Country ---"],"affiliations":[{"raw_affiliation_string":"School of Cyber Security, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai and China, --- Select a Country ---","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101496983","display_name":"Ting Zhu","orcid":"https://orcid.org/0000-0003-3307-050X"},"institutions":[{"id":"https://openalex.org/I79272384","display_name":"University of Maryland, Baltimore County","ror":"https://ror.org/02qskvh78","country_code":"US","type":"education","lineage":["https://openalex.org/I79272384"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ting Zhu","raw_affiliation_strings":["Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---","institution_ids":["https://openalex.org/I79272384"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100389420","display_name":"Yao Yao","orcid":"https://orcid.org/0000-0002-0626-3587"},"institutions":[{"id":"https://openalex.org/I79272384","display_name":"University of Maryland, Baltimore County","ror":"https://ror.org/02qskvh78","country_code":"US","type":"education","lineage":["https://openalex.org/I79272384"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yao Yao","raw_affiliation_strings":["Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---","institution_ids":["https://openalex.org/I79272384"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100757829","display_name":"Wei Wang","orcid":"https://orcid.org/0000-0002-8598-0831"},"institutions":[{"id":"https://openalex.org/I79272384","display_name":"University of Maryland, Baltimore County","ror":"https://ror.org/02qskvh78","country_code":"US","type":"education","lineage":["https://openalex.org/I79272384"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wei Wang","raw_affiliation_strings":["Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Baltimore and U.S.A., --- Select a Country ---","institution_ids":["https://openalex.org/I79272384"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5081221933"],"corresponding_institution_ids":["https://openalex.org/I183067930"],"apc_list":null,"apc_paid":null,"fwci":1.0116,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.83656941,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"164","last_page":"173"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9757999777793884,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8036121129989624},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6495599746704102},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5788229703903198},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5095434784889221},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.4989469051361084},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4529716372489929},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.36661434173583984}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8036121129989624},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6495599746704102},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5788229703903198},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5095434784889221},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.4989469051361084},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4529716372489929},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.36661434173583984}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.5220/0007370301640173","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0007370301640173","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th International Conference on Agents and Artificial Intelligence","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.5220/0007370301640173","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0007370301640173","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th International Conference on Agents and Artificial Intelligence","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities","score":0.41999998688697815}],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1161215003","display_name":null,"funder_award_id":"61831007","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G156026877","display_name":null,"funder_award_id":"61431008","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G2029189639","display_name":null,"funder_award_id":"1652669","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2908395859","display_name":null,"funder_award_id":"1200702","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3421103565","display_name":null,"funder_award_id":"61431008","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4203147561","display_name":null,"funder_award_id":"1652669","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4614164392","display_name":null,"funder_award_id":"1539047","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G466649759","display_name":null,"funder_award_id":"2017Y","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G4905527736","display_name":"Commutative Algebra: Connections with Algebraic Topology and Representation Theory, May 17-22, 2008, Lincoln, Nebraska","funder_award_id":"0802900","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5009833497","display_name":null,"funder_award_id":"16511102605","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5203161543","display_name":null,"funder_award_id":"2017YFB0802900","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G588771009","display_name":"Collaborative Research: Cross-Layer Exploration of Non-Volatile Solid-State Memories to Achieve Effective I/O Stack for High-Performance Computing Systems","funder_award_id":"1102605","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5939423041","display_name":null,"funder_award_id":"Technology","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6339823425","display_name":null,"funder_award_id":"1539047","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7182059067","display_name":null,"funder_award_id":"1571290","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7203495102","display_name":null,"funder_award_id":"2018YFB0803503","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G7405419149","display_name":"STTR Phase II:  Micromachined components for wireless applications","funder_award_id":"1431008","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7436332614","display_name":null,"funder_award_id":"61571290","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7539257876","display_name":null,"funder_award_id":"2017YFB0802900","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8056387268","display_name":null,"funder_award_id":"2017YFB0802300","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8237087484","display_name":null,"funder_award_id":"16DZ1200702","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8340078520","display_name":null,"funder_award_id":"2017YF","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8810638042","display_name":null,"funder_award_id":"2017YFB08029","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8823009050","display_name":null,"funder_award_id":"2017YFB","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G8916283727","display_name":null,"funder_award_id":"2018YFB0803503","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G902353243","display_name":null,"funder_award_id":"2017YFB0802300","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W1563795667","https://openalex.org/W1904365287","https://openalex.org/W1945616565","https://openalex.org/W2008056655","https://openalex.org/W2154579312","https://openalex.org/W2163605009","https://openalex.org/W2180612164","https://openalex.org/W2274565976","https://openalex.org/W2528914598","https://openalex.org/W2612637113","https://openalex.org/W2963158386","https://openalex.org/W2963744840","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W3005347330","https://openalex.org/W4300511536"],"related_works":["https://openalex.org/W2950183588","https://openalex.org/W3080754722","https://openalex.org/W4383221314","https://openalex.org/W3093978547","https://openalex.org/W2953536436","https://openalex.org/W3203790781","https://openalex.org/W2997056298","https://openalex.org/W4313346231","https://openalex.org/W2738001131","https://openalex.org/W4285785480"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"are":[3,9],"vulnerable":[4],"to":[5,38],"adversarial":[6,41,109],"examples":[7,110],"which":[8,33],"inputs":[10],"modified":[11],"with":[12],"unnoticeable":[13],"but":[14,26],"malicious":[15],"perturbations.Most":[16],"defending":[17,31,125],"methods":[18],"only":[19],"focus":[20],"on":[21,48],"tuning":[22],"the":[23,35,40,59,68,72,95],"DNN":[24,124],"itself,":[25],"we":[27],"propose":[28],"a":[29,44,99,118],"novel":[30],"method":[32],"modifies":[34],"input":[36,60,77],"data":[37],"detect":[39],"examples.We":[42],"establish":[43],"detection":[45,101,115],"framework":[46,66,116],"based":[47],"normalizing":[49],"filters":[50],"that":[51],"can":[52],"partially":[53],"erase":[54],"those":[55],"perturbations":[56],"by":[57,70],"smoothing":[58],"image":[61],"or":[62],"depth":[63,92],"reduction":[64,93],"work.The":[65],"gives":[67],"decision":[69],"comparing":[71],"classification":[73],"results":[74,97],"of":[75,84,108],"original":[76],"and":[78,91,103],"multiple":[79],"normalized":[80],"inputs.Using":[81],"several":[82],"combinations":[83],"gaussian":[85],"blur":[86,89],"filter,":[87,94],"median":[88],"filter":[90],"evaluation":[96],"reaches":[98],"high":[100],"rate":[102],"achieves":[104],"partial":[105],"restoration":[106],"work":[107],"in":[111,123],"MNIST":[112],"dataset.The":[113],"whole":[114],"is":[117],"low-cost":[119],"highly":[120],"extensible":[121],"strategy":[122],"works.":[126]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2026-04-19T08:26:33.389920","created_date":"2025-10-10T00:00:00"}