乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,8,16]],"date-time":"2024-08-16T06:34:22Z","timestamp":1723790062554},"reference-count":50,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,2,1]],"date-time":"2023-02-01T00:00:00Z","timestamp":1675209600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Artificial Intelligence"],"published-print":{"date-parts":[[2023,2]]},"DOI":"10.1016\/j.artint.2022.103837","type":"journal-article","created":{"date-parts":[[2022,12,12]],"date-time":"2022-12-12T15:57:40Z","timestamp":1670860660000},"page":"103837","update-policy":"http:\/\/dx.doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":4,"special_numbering":"C","title":["Recursive reasoning-based training-time adversarial machine learning"],"prefix":"10.1016","volume":"315","author":[{"given":"Yizhou","family":"Chen","sequence":"first","affiliation":[]},{"given":"Zhongxiang","family":"Dai","sequence":"additional","affiliation":[]},{"given":"Haibin","family":"Yu","sequence":"additional","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0003-2808-451X","authenticated-orcid":false,"given":"Bryan Kian Hsiang","family":"Low","sequence":"additional","affiliation":[]},{"given":"Teck-Hua","family":"Ho","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.artint.2022.103837_br0010","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1038\/505146a","article-title":"Computer science: the learning machines","volume":"505","author":"Jones","year":"2014","journal-title":"Nature"},{"key":"10.1016\/j.artint.2022.103837_br0020","series-title":"Proc. KDD","first-page":"1222","article-title":"Ad click prediction: a view from the trenches","author":"McMahan","year":"2013"},{"key":"10.1016\/j.artint.2022.103837_br0030","series-title":"Proc. NeurIPS","article-title":"A game theoretic analysis of additive adversarial attacks and defenses","author":"Pal","year":"2020"},{"key":"10.1016\/j.artint.2022.103837_br0040","series-title":"Proc. ICLR","article-title":"Explaining and harnessing adversarial examples","author":"Goodfellow","year":"2015"},{"key":"10.1016\/j.artint.2022.103837_br0050","series-title":"Proc. ICLR","article-title":"Intriguing properties of neural networks","author":"Szegedy","year":"2014"},{"key":"10.1016\/j.artint.2022.103837_br0060","series-title":"Proc. NeurIPS","first-page":"11971","article-title":"Learning to confuse: generating training time adversarial data with auto-encoder","author":"Feng","year":"2019"},{"issue":"4","key":"10.1016\/j.artint.2022.103837_br0070","first-page":"947","article-title":"Iterated dominance and iterated best response in experimental \u201cp-beauty contests\u201d","volume":"88","author":"Ho","year":"1998","journal-title":"Am. Econ. Rev."},{"issue":"5","key":"10.1016\/j.artint.2022.103837_br0080","first-page":"1313","article-title":"Unraveling in guessing games: an experimental study","volume":"85","author":"Nagel","year":"1995","journal-title":"Am. Econ. Rev."},{"issue":"3","key":"10.1016\/j.artint.2022.103837_br0090","doi-asserted-by":"crossref","first-page":"309","DOI":"10.1016\/0167-2681(94)90103-1","article-title":"Experimental evidence on players' models of other players","volume":"25","author":"Stahl","year":"1994","journal-title":"J. Econ. Behav. Organ."},{"issue":"1","key":"10.1016\/j.artint.2022.103837_br0100","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1006\/game.1995.1031","article-title":"On players' models of other players: theory and experimental evidence","volume":"10","author":"Stahl","year":"1995","journal-title":"Games Econ. Behav."},{"issue":"3","key":"10.1016\/j.artint.2022.103837_br0110","doi-asserted-by":"crossref","first-page":"861","DOI":"10.1162\/0033553041502225","article-title":"A cognitive hierarchy model of games","volume":"119","author":"Camerer","year":"2004","journal-title":"Q. J. Econ."},{"issue":"6","key":"10.1016\/j.artint.2022.103837_br0120","doi-asserted-by":"crossref","first-page":"1619","DOI":"10.1086\/688849","article-title":"Cognitive ability, character skills, and learning to play equilibrium: a level-k analysis","volume":"124","author":"Gill","year":"2016","journal-title":"J. Polit. Econ."},{"author":"Jin","key":"10.1016\/j.artint.2022.103837_br0130"},{"key":"10.1016\/j.artint.2022.103837_br0140","series-title":"Proc. IEEE S&P","first-page":"39","article-title":"Towards evaluating the robustness of neural networks","author":"Carlini","year":"2017"},{"key":"10.1016\/j.artint.2022.103837_br0150","series-title":"Proc. ICLR","article-title":"Towards deep learning models resistant to adversarial attacks","author":"Madry","year":"2018"},{"key":"10.1016\/j.artint.2022.103837_br0160","series-title":"Proc. NeurIPS","first-page":"227","article-title":"You only propagate once: accelerating adversarial training via maximal principle","author":"Zhang","year":"2019"},{"key":"10.1016\/j.artint.2022.103837_br0170","series-title":"Proc. ECML\/PKDD","first-page":"191","article-title":"Defense-VAE: a fast and accurate defense against adversarial attacks","author":"Li","year":"2019"},{"key":"10.1016\/j.artint.2022.103837_br0180","series-title":"Proc. CCS","first-page":"135","article-title":"MagNet: a two-pronged defense against adversarial examples","author":"Meng","year":"2017"},{"key":"10.1016\/j.artint.2022.103837_br0190","series-title":"Proc. ICLR","article-title":"Defense-GAN: protecting classifiers against adversarial attacks using generative models","author":"Samangouei","year":"2018"},{"key":"10.1016\/j.artint.2022.103837_br0200","series-title":"Proc. ICLR","article-title":"Adversarial machine learning at scale","author":"Kurakin","year":"2017"},{"key":"10.1016\/j.artint.2022.103837_br0210","series-title":"Proc. ICML","article-title":"Second-order provable defenses against adversarial attacks","author":"Singla","year":"2020"},{"key":"10.1016\/j.artint.2022.103837_br0220","series-title":"Proc. ICLR","article-title":"Ensemble adversarial training: attacks and defenses","author":"Tram\u00e8r","year":"2018"},{"issue":"4","key":"10.1016\/j.artint.2022.103837_br0230","doi-asserted-by":"crossref","first-page":"807","DOI":"10.1137\/0222052","article-title":"Learning in the presence of malicious errors","volume":"22","author":"Kearns","year":"1993","journal-title":"SIAM J. Comput."},{"key":"10.1016\/j.artint.2022.103837_br0240","series-title":"Proc. AISec","first-page":"27","article-title":"Towards poisoning of deep learning algorithms with back-gradient optimization","author":"Mu\u00f1oz-Gonz\u00e1lez","year":"2017"},{"key":"10.1016\/j.artint.2022.103837_br0250","series-title":"Proc. ICML","first-page":"1885","article-title":"Understanding black-box predictions via influence functions","author":"Koh","year":"2017"},{"issue":"2","key":"10.1016\/j.artint.2022.103837_br0260","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1007\/s10994-010-5188-5","article-title":"The security of machine learning","volume":"81","author":"Barreno","year":"2010","journal-title":"Mach. Learn."},{"key":"10.1016\/j.artint.2022.103837_br0270","series-title":"Proc. IEEE S&P","first-page":"19","article-title":"Manipulating machine learning: poisoning attacks and countermeasures for regression learning","author":"Jagielski","year":"2018"},{"key":"10.1016\/j.artint.2022.103837_br0280","series-title":"Proc. NeurIPS","first-page":"3517","article-title":"Certified defenses for data poisoning attacks","author":"Steinhardt","year":"2017"},{"key":"10.1016\/j.artint.2022.103837_br0290","series-title":"Proc. SIGKDD","first-page":"547","article-title":"Stackelberg games for adversarial prediction problems","author":"Br\u00fcckner","year":"2011"},{"key":"10.1016\/j.artint.2022.103837_br0300","series-title":"Proc. NeurIPS","article-title":"Feature cross-substitution in adversarial classification","author":"Li","year":"2014"},{"key":"10.1016\/j.artint.2022.103837_br0310","series-title":"Proc. AISTATS","first-page":"2938","article-title":"How to backdoor federated learning","author":"Bagdasaryan","year":"2020"},{"key":"10.1016\/j.artint.2022.103837_br0320","doi-asserted-by":"crossref","first-page":"47230","DOI":"10.1109\/ACCESS.2019.2909068","article-title":"BadNets: evaluating backdooring attacks on deep neural networks","volume":"7","author":"Gu","year":"2019","journal-title":"IEEE Access"},{"key":"10.1016\/j.artint.2022.103837_br0330","series-title":"Proc. IEEE S&P","first-page":"707","article-title":"Neural cleanse: identifying and mitigating backdoor attacks in neural networks","author":"Wang","year":"2019"},{"key":"10.1016\/j.artint.2022.103837_br0340","series-title":"Proc. ICML","first-page":"2291","article-title":"R2-B2: recursive reasoning-based Bayesian optimization for no-regret learning in games","author":"Dai","year":"2020"},{"key":"10.1016\/j.artint.2022.103837_br0350","series-title":"Proc. NeurIPS","first-page":"2899","article-title":"Accumulative poisoning attacks on real-time data","volume":"vol. 34","author":"Pang","year":"2021"},{"key":"10.1016\/j.artint.2022.103837_br0360","series-title":"Proc. L4DC, PMLR","first-page":"201","article-title":"Online data poisoning attacks","author":"Zhang","year":"2020"},{"author":"Papernot","key":"10.1016\/j.artint.2022.103837_br0370"},{"author":"Li","key":"10.1016\/j.artint.2022.103837_br0380"},{"issue":"8","key":"10.1016\/j.artint.2022.103837_br0390","doi-asserted-by":"crossref","first-page":"1979","DOI":"10.1109\/TPAMI.2018.2858821","article-title":"Virtual adversarial training: a regularization method for supervised and semi-supervised learning","volume":"41","author":"Miyato","year":"2019","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"10.1016\/j.artint.2022.103837_br0400","series-title":"Proc. AAAI","first-page":"2687","article-title":"Learning to attack: adversarial transformation networks","author":"Baluja","year":"2018"},{"year":"2018","author":"Nesterov","series-title":"Lectures on Convex Optimization","key":"10.1016\/j.artint.2022.103837_br0410"},{"key":"10.1016\/j.artint.2022.103837_br0420","doi-asserted-by":"crossref","first-page":"109241","DOI":"10.1109\/ACCESS.2021.3101282","article-title":"Adversarial training time attack against discriminative and generative convolutional models","volume":"9","author":"Chaudhury","year":"2021","journal-title":"IEEE Access"},{"author":"Rebuffi","key":"10.1016\/j.artint.2022.103837_br0430"},{"key":"10.1016\/j.artint.2022.103837_br0440","series-title":"Proc. NeurIPS","first-page":"6840","article-title":"Denoising diffusion probabilistic models","author":"Ho","year":"2020"},{"key":"10.1016\/j.artint.2022.103837_br0450","series-title":"Proc. ICCV","first-page":"6023","article-title":"Cutmix: regularization strategy to train strong classifiers with localizable features","author":"Yun","year":"2019"},{"author":"Kingma","key":"10.1016\/j.artint.2022.103837_br0460"},{"key":"10.1016\/j.artint.2022.103837_br0470","series-title":"Proc. ICLR","article-title":"Countering adversarial images using input transformations","author":"Guo","year":"2018"},{"key":"10.1016\/j.artint.2022.103837_br0480","series-title":"Proc. ICML","first-page":"274","article-title":"Obfuscated gradients give a false sense of security: circumventing defenses to adversarial examples","author":"Athalye","year":"2018"},{"year":"2018","author":"Qi","series-title":"Tensor Eigenvalues and Their Applications","key":"10.1016\/j.artint.2022.103837_br0490"},{"issue":"12","key":"10.1016\/j.artint.2022.103837_br0500","doi-asserted-by":"crossref","first-page":"1309","DOI":"10.1016\/j.jsc.2006.02.011","article-title":"Rank and eigenvalues of a supersymmetric tensor, the multivariate homogeneous polynomial and the algebraic hypersurface it defines","volume":"41","author":"Qi","year":"2006","journal-title":"J. Symb. Comput."}],"container-title":["Artificial Intelligence"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0004370222001771?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0004370222001771?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,8,10]],"date-time":"2024-08-10T03:53:27Z","timestamp":1723262007000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0004370222001771"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,2]]},"references-count":50,"alternative-id":["S0004370222001771"],"URL":"https:\/\/doi.org\/10.1016\/j.artint.2022.103837","relation":{},"ISSN":["0004-3702"],"issn-type":[{"type":"print","value":"0004-3702"}],"subject":[],"published":{"date-parts":[[2023,2]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Recursive reasoning-based training-time adversarial machine learning","name":"articletitle","label":"Article Title"},{"value":"Artificial Intelligence","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.artint.2022.103837","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2022 Elsevier B.V. All rights reserved.","name":"copyright","label":"Copyright"}],"article-number":"103837"}}