{"id":"https://openalex.org/W6912023596","doi":"https://doi.org/10.5281/zenodo.15508744","title":"Deep learning models are vulnerable, but adversarial examples are even more vulnerable","display_name":"Deep learning models are vulnerable, but adversarial examples are even more vulnerable","publication_year":2025,"publication_date":"2025-05-25","ids":{"openalex":"https://openalex.org/W6912023596","doi":"https://doi.org/10.5281/zenodo.15508744"},"language":"en","primary_location":{"id":"doi:10.5281/zenodo.15508744","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15508744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"other","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.5281/zenodo.15508744","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Li, Jun","orcid":"https://orcid.org/0000-0003-3387-695X"},"institutions":[{"id":"https://openalex.org/I106645853","display_name":"Changchun University of Science and Technology","ror":"https://ror.org/007mntk44","country_code":"CN","type":"education","lineage":["https://openalex.org/I106645853"]},{"id":"https://openalex.org/I179324530","display_name":"Jilin University of Finance and Economics","ror":"https://ror.org/04az9eh24","country_code":"CN","type":"education","lineage":["https://openalex.org/I179324530"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Li, Jun","raw_affiliation_strings":["Jilin University of Finance and Economics","Changchun University of Science and Technology"],"affiliations":[{"raw_affiliation_string":"Jilin University of Finance and Economics","institution_ids":["https://openalex.org/I179324530"]},{"raw_affiliation_string":"Changchun University of Science and Technology","institution_ids":["https://openalex.org/I106645853"]}]},{"author_position":"last","author":{"id":null,"display_name":"Xu, Yanwei","orcid":"https://orcid.org/0009-0009-0724-1900"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xu, Yanwei","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I106645853","https://openalex.org/I179324530"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":null,"topics":[],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.9348000288009644},{"id":"https://openalex.org/keywords/overfitting","display_name":"Overfitting","score":0.7664999961853027},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.645799994468689},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5196999907493591},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.5095000267028809},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.4307999908924103},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.42750000953674316}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.9348000288009644},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.7664999961853027},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7337999939918518},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6722999811172485},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.645799994468689},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5406000018119812},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5196999907493591},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.5095000267028809},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.4307999908924103},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.42750000953674316},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.4050999879837036},{"id":"https://openalex.org/C102392041","wikidata":"https://www.wikidata.org/wiki/Q592860","display_name":"Sliding window protocol","level":3,"score":0.34700000286102295},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34459999203681946},{"id":"https://openalex.org/C55282118","wikidata":"https://www.wikidata.org/wiki/Q252683","display_name":"Snapshot (computer storage)","level":2,"score":0.2782999873161316},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2768999934196472},{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.26759999990463257},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.265500009059906},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.2581999897956848},{"id":"https://openalex.org/C59404180","wikidata":"https://www.wikidata.org/wiki/Q17013334","display_name":"Feature learning","level":2,"score":0.257999986410141}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.5281/zenodo.15508744","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15508744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.5281/zenodo.15508744","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.15508744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Despite":[0],"significant":[1],"progress":[2],"in":[3,56,155],"adversarial":[4,27,57,83,108,143],"example":[5],"detection,":[6],"deep":[7],"learning":[8],"systems":[9],"remain":[10],"acutely":[11],"vulnerable":[12,25,144],"to":[13,38,80],"increasingly":[14],"sophisticated":[15],"perturbation":[16],"strategies.":[17],"Here":[18],"we":[19,65,111],"identify":[20,82],"a":[21,30,48,73,113,126,147],"previously":[22],"overlooked":[23],"property\u2014the":[24],"of":[26,142],"examples\u2014and":[28],"propose":[29],"novel":[31],"metric,":[32],"Sliding":[33,67],"Mask":[34],"Confidence":[35],"Entropy":[36],"(SMCE),":[37],"quantify":[39],"this":[40,63],"instability.":[41],"SMCE":[42,79],"captures":[43],"local":[44],"confidence":[45],"fluctuations":[46],"via":[47],"sliding":[49],"window":[50],"mechanism,":[51],"revealing":[52],"distinctive":[53],"entropy":[54],"patterns":[55],"versus":[58],"clean":[59],"samples.":[60],"Building":[61],"on":[62],"insight,":[64],"introduce":[66],"Window":[68],"Masking\u2013Adversarial":[69],"Example":[70],"Detection":[71],"(SWM-AED),":[72],"model-agnostic":[74],"detection":[75,98],"algorithm":[76],"that":[77,94],"leverages":[78],"robustly":[81],"inputs.":[84],"Extensive":[85],"experiments":[86],"across":[87],"diverse":[88],"architectures":[89],"and":[90,119,132,145],"attack":[91],"strategies":[92],"demonstrate":[93],"SWM-AED":[95,123],"achieves":[96],"superior":[97],"performance,":[99],"while":[100],"avoiding":[101],"the":[102,122,139],"catastrophic":[103],"overfitting":[104],"associated":[105],"with":[106],"traditional":[107],"training.":[109],"Crucially,":[110],"establish":[112],"positive":[114],"correlation":[115],"between":[116],"model":[117],"accuracy":[118],"robustness":[120],"under":[121],"framework,":[124],"offering":[125],"scalable":[127],"path":[128],"toward":[129],"more":[130],"secure":[131],"generalizable":[133],"AI":[134,156],"systems.":[135],"These":[136],"findings":[137],"advance":[138],"theoretical":[140],"understanding":[141],"present":[146],"practical,":[148],"updatable":[149],"defense":[150],"mechanism":[151],"against":[152],"emerging":[153],"threats":[154],"security.":[157]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}