乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T22:16:08Z","timestamp":1730326568054,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62002294, U22B2022"],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key R\\&D Program of China","award":["2021YFB2900100"]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3591197.3591308","type":"proceedings-article","created":{"date-parts":[[2023,6,9]],"date-time":"2023-06-09T14:58:49Z","timestamp":1686322729000},"page":"1-9","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Beyond the Model: Data Pre-processing Attack to Deep Learning Models in Android Apps"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0009-0003-3887-423X","authenticated-orcid":false,"given":"Ye","family":"Sang","sequence":"first","affiliation":[{"name":"Monash University, Australia"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-2281-2504","authenticated-orcid":false,"given":"Yujin","family":"Huang","sequence":"additional","affiliation":[{"name":"Monash University, Australia"}]},{"ORCID":"http:\/\/orcid.org\/0009-0008-3736-3207","authenticated-orcid":false,"given":"Shuo","family":"Huang","sequence":"additional","affiliation":[{"name":"Monash University, Australia and Northwestern Polytechnical University, China"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-1946-5361","authenticated-orcid":false,"given":"Helei","family":"Cui","sequence":"additional","affiliation":[{"name":"Northwestern Polytechnical University, China"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.3447"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/360018.360025"},{"key":"e_1_3_2_1_3_1","unstructured":"Apache. 2020. mxnet. https:\/\/mxnet.apache.org\/versions\/1.9.0\/"},{"key":"e_1_3_2_1_4_1","unstructured":"Apple. 2020. Core ML. https:\/\/developer.apple.com\/machine-learning\/core-ml\/"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2808340"},{"key":"e_1_3_2_1_6_1","unstructured":"Steven Arzt. 2017. Static data flow analysis for android applications. (2017)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.10.114"},{"key":"e_1_3_2_1_8_1","volume-title":"Understanding face recognition. British journal of psychology 77, 3","author":"Bruce Vicki","year":"1986","unstructured":"Vicki Bruce and Andy Young. 1986. Understanding face recognition. British journal of psychology 77, 3 (1986), 305\u2013327."},{"key":"e_1_3_2_1_9_1","first-page":"16","article-title":"Android malware past, present, and future","volume":"1","author":"Castillo A","year":"2011","unstructured":"Carlos\u00a0A Castillo 2011. Android malware past, present, and future. White Paper of McAfee Mobile Security Working Group 1 (2011), 16.","journal-title":"White Paper of McAfee Mobile Security Working Group"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2015.06.005"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00054995"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/FMEC.2019.8795362"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559388"},{"volume-title":"MLKit guide. https:\/\/developers.google.com\/ml-kit\/guides","year":"2020","key":"e_1_3_2_1_14_1","unstructured":"Google. 2020. MLKit guide. https:\/\/developers.google.com\/ml-kit\/guides, 2020"},{"volume-title":"Tensorflow hub. https:\/\/www.tensorflow.org\/hub","year":"2020","key":"e_1_3_2_1_15_1","unstructured":"Google. 2020. Tensorflow hub. https:\/\/www.tensorflow.org\/hub, 2020"},{"key":"e_1_3_2_1_16_1","unstructured":"Google. 2020. TFlite. https:\/\/www.tensorflow.org\/lite"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP52600.2021.00019"},{"key":"e_1_3_2_1_18_1","unstructured":"iBotPeaches. 2020. Apktool. https:\/\/ibotpeaches.github.io\/Apktool\/"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.03.011"},{"key":"e_1_3_2_1_20_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Jia Hengrui","year":"2021","unstructured":"Hengrui Jia, Christopher\u00a0A Choquette-Choo, Varun Chandrasekaran, and Nicolas Papernot. 2021. Entangled watermarks as a defense against model extraction. In 30th USENIX Security Symposium (USENIX Security 21). 1937\u20131954."},{"volume-title":"Data flow analysis: theory and practice","author":"Khedker Uday","key":"e_1_3_2_1_21_1","unstructured":"Uday Khedker, Amitabha Sanyal, and Bageshri Sathe. 2017. Data flow analysis: theory and practice. CRC Press."},{"volume-title":"Artificial intelligence safety and security","author":"Kurakin Alexey","key":"e_1_3_2_1_22_1","unstructured":"Alexey Kurakin, Ian\u00a0J Goodfellow, and Samy Bengio. 2018. Adversarial examples in the physical world. In Artificial intelligence safety and security. Chapman and Hall\/CRC, 99\u2013112."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00035"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948149"},{"key":"e_1_3_2_1_25_1","volume-title":"Comparison and benchmarking of ai models and frameworks on mobile devices. arXiv preprint arXiv:2005.05085","author":"Luo Chunjie","year":"2020","unstructured":"Chunjie Luo, Xiwen He, Jianfeng Zhan, Lei Wang, Wanling Gao, and Jiahui Dai. 2020. Comparison and benchmarking of ai models and frameworks on mobile devices. arXiv preprint arXiv:2005.05085 (2020)."},{"key":"e_1_3_2_1_26_1","unstructured":"Micorsoft. 2020. ELL. https:\/\/microsoft.github.io\/ELL\/"},{"volume-title":"Machine learning for aerial image labeling","author":"Mnih Volodymyr","key":"e_1_3_2_1_27_1","unstructured":"Volodymyr Mnih. 2013. Machine learning for aerial image labeling. University of Toronto (Canada)."},{"key":"e_1_3_2_1_28_1","unstructured":"Pytorch Mobile. 2020. Pytorch. https:\/\/pytorch.org\/mobile\/home\/"},{"key":"e_1_3_2_1_29_1","volume-title":"Towards the science of security and privacy in machine learning. arXiv preprint arXiv:1611.03814","author":"Papernot Nicolas","year":"2016","unstructured":"Nicolas Papernot, Patrick McDaniel, Arunesh Sinha, and Michael Wellman. 2016. Towards the science of security and privacy in machine learning. arXiv preprint arXiv:1611.03814 (2016)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"crossref","unstructured":"Omkar\u00a0M Parkhi Andrea Vedaldi and Andrew Zisserman. 2015. Deep face recognition. (2015).","DOI":"10.5244\/C.29.41"},{"key":"e_1_3_2_1_31_1","volume-title":"Application of deep learning for object detection. Procedia computer science 132","author":"Pathak Ajeet\u00a0Ram","year":"2018","unstructured":"Ajeet\u00a0Ram Pathak, Manjusha Pandey, and Siddharth Rautaray. 2018. Application of deep learning for object detection. Procedia computer science 132 (2018), 1706\u20131717."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2021.100373"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1186\/s40537-020-00392-9"},{"key":"e_1_3_2_1_34_1","volume-title":"ShadowNet: A secure and efficient system for on-device model inference. arXiv preprint arXiv:2011.05905","author":"Sun Zhichuang","year":"2020","unstructured":"Zhichuang Sun, Ruimin Sun, Changming Liu, Amrita\u00a0Roy Chowdhury, Somesh Jha, and Long Lu. 2020. ShadowNet: A secure and efficient system for on-device model inference. arXiv preprint arXiv:2011.05905 (2020)."},{"key":"e_1_3_2_1_35_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Sun Zhichuang","year":"2021","unstructured":"Zhichuang Sun, Ruimin Sun, Long Lu, and Alan Mislove. 2021. Mind your weight (s): A large-scale study on insufficient machine learning model protection in mobile apps. In 30th USENIX Security Symposium (USENIX Security 21). 1955\u20131972."},{"key":"e_1_3_2_1_36_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Sun Zhichuang","year":"2021","unstructured":"Zhichuang Sun, Ruimin Sun, Long Lu, and Alan Mislove. 2021. Mind your weight (s): A large-scale study on insufficient machine learning model protection in mobile apps. In 30th USENIX Security Symposium (USENIX Security 21). 1955\u20131972."},{"key":"e_1_3_2_1_37_1","volume-title":"Parts and wholes in face recognition. The Quarterly journal of experimental psychology 46, 2","author":"Tanaka W","year":"1993","unstructured":"James\u00a0W Tanaka and Martha\u00a0J Farah. 1993. Parts and wholes in face recognition. The Quarterly journal of experimental psychology 46, 2 (1993), 225\u2013245."},{"key":"e_1_3_2_1_38_1","unstructured":"Tecent. 2020. nxnn. https:\/\/github.com\/Tencent\/ncnn"},{"key":"e_1_3_2_1_39_1","first-page":"354","article-title":"Influence of word normalization on text classification","volume":"4","author":"Toman Michal","year":"2006","unstructured":"Michal Toman, Roman Tesar, and Karel Jezek. 2006. Influence of word normalization on text classification. Proceedings of InSciT 4 (2006), 354\u2013358.","journal-title":"Proceedings of InSciT"},{"volume-title":"25th USENIX security symposium (USENIX Security 16). 601\u2013618.","author":"Tram\u00e8r Florian","key":"e_1_3_2_1_40_1","unstructured":"Florian Tram\u00e8r, Fan Zhang, Ari Juels, Michael\u00a0K Reiter, and Thomas Ristenpart. 2016. Stealing machine learning models via prediction { APIs}. In 25th USENIX security symposium (USENIX Security 16). 601\u2013618."},{"key":"e_1_3_2_1_41_1","volume-title":"13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18)","author":"Volos Stavros","year":"2018","unstructured":"Stavros Volos, Kapil Vaswani, and Rodrigo Bruno. 2018. Graviton: Trusted Execution Environments on { GPUs}. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18). 681\u2013696."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2018.00139"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3183575"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274726"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313591"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.47"},{"key":"e_1_3_2_1_47_1","unstructured":"Zhengyan Zhang Guangxuan Xiao Yongwei Li Tian Lv Fanchao Qi Zhiyuan Liu Yasheng Wang Xin Jiang and Maosong Sun. 2021. Red alarm for pre-trained models: Universal vulnerabilities by neuron-level backdoor attacks. (2021)."},{"key":"e_1_3_2_1_48_1","volume-title":"Application of deep learning in food: a review. Comprehensive reviews in food science and food safety 18, 6","author":"Zhou Lei","year":"2019","unstructured":"Lei Zhou, Chu Zhang, Fei Liu, Zhengjun Qiu, and Yong He. 2019. Application of deep learning in food: a review. Comprehensive reviews in food science and food safety 18, 6 (2019), 1793\u20131811."}],"event":{"name":"ASIA CCS '23: ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Melbourne VIC Australia","acronym":"ASIA CCS '23"},"container-title":["Proceedings of the 2023 Secure and Trustworthy Deep Learning Systems Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3591197.3591308","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T10:33:58Z","timestamp":1720607638000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3591197.3591308"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":48,"alternative-id":["10.1145\/3591197.3591308","10.1145\/3591197"],"URL":"https:\/\/doi.org\/10.1145\/3591197.3591308","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}