乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T04:19:07Z","timestamp":1729138747626,"version":"3.27.0"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607232","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"264-281","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["PrivMon: A Stream-Based System for Real-Time Privacy Attack Detection for Machine Learning Models"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0000-0002-1219-9016","authenticated-orcid":false,"given":"Myeongseob","family":"Ko","sequence":"first","affiliation":[{"name":"Virginia Tech, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-8512-1922","authenticated-orcid":false,"given":"Xinyu","family":"Yang","sequence":"additional","affiliation":[{"name":"Virginia Tech, USA"}]},{"ORCID":"http:\/\/orcid.org\/0009-0008-0900-6456","authenticated-orcid":false,"given":"Zhengjie","family":"Ji","sequence":"additional","affiliation":[{"name":"Virginia Tech, USA"}]},{"ORCID":"http:\/\/orcid.org\/0009-0002-6094-2473","authenticated-orcid":false,"given":"Hoang Anh","family":"Just","sequence":"additional","affiliation":[{"name":"Virginia Tech, USA"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-9342-9863","authenticated-orcid":false,"given":"Peng","family":"Gao","sequence":"additional","affiliation":[{"name":"Virginia Tech, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0009-0007-9124-7541","authenticated-orcid":false,"given":"Anoop","family":"Kumar","sequence":"additional","affiliation":[{"name":"Amazon, USA"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-9662-9556","authenticated-orcid":false,"given":"Ruoxi","family":"Jia","sequence":"additional","affiliation":[{"name":"Virginia Tech, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978318"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.2014.56"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833649"},{"volume-title":"Differentially private empirical risk minimization.Journal of Machine Learning Research 12, 3","year":"2011","author":"Chaudhuri Kamalika","key":"e_1_3_2_1_4_1","unstructured":"Kamalika Chaudhuri, Claire Monteleoni, and Anand\u00a0D Sarwate. 2011. Differentially private empirical risk minimization.Journal of Machine Learning Research 12, 3 (2011)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00045"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3385003.3410925"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV48922.2021.01587"},{"volume-title":"Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526","year":"2017","author":"Chen Xinyun","key":"e_1_3_2_1_8_1","unstructured":"Xinyun Chen, Chang Liu, Bo Li, Kimberly Lu, and Dawn Song. 2017. Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526 (2017)."},{"volume-title":"International Conference on Machine Learning. PMLR","year":"2021","author":"Choquette-Choo A","key":"e_1_3_2_1_9_1","unstructured":"Christopher\u00a0A Choquette-Choo, Florian Tramer, Nicholas Carlini, and Nicolas Papernot. 2021. Label-only membership inference attacks. In International Conference on Machine Learning. PMLR, 1964\u20131974."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/997817.997857"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813677"},{"volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","year":"2014","author":"Fredrikson Matthew","key":"e_1_3_2_1_13_1","unstructured":"Matthew Fredrikson, Eric Lantz, Somesh Jha, Simon Lin, David Page, and Thomas Ristenpart. 2014. Privacy in pharmacogenetics: An { End-to-End} case study of personalized warfarin dosing. In 23rd USENIX Security Symposium (USENIX Security 14). 17\u201332."},{"key":"e_1_3_2_1_14_1","unstructured":"David Gollob. 2015. Microsoft Azure-Planning Deploying and Managing Your Data Center in the. Springer-verlag Berlin And Hei."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"volume-title":"Practical blind membership inference attack via differential comparisons. arXiv preprint arXiv:2101.01341","year":"2021","author":"Hui Bo","key":"e_1_3_2_1_16_1","unstructured":"Bo Hui, Yuchen Yang, Haolin Yuan, Philippe Burlina, Neil\u00a0Zhenqiang Gong, and Yinzhi Cao. 2021. Practical blind membership inference attack via differential comparisons. arXiv preprint arXiv:2101.01341 (2021)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363201"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TBDATA.2019.2921572"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR52688.2022.01462"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00453"},{"volume-title":"Conference on Learning Theory. JMLR Workshop and Conference Proceedings, 25\u20131.","year":"2012","author":"Kifer Daniel","key":"e_1_3_2_1_21_1","unstructured":"Daniel Kifer, Adam Smith, and Abhradeep Thakurta. 2012. Private convex empirical risk minimization and high-dimensional regression. In Conference on Learning Theory. JMLR Workshop and Conference Proceedings, 25\u20131."},{"volume-title":"Machine learning applications in cancer prognosis and prediction. Computational and structural biotechnology journal 13","year":"2015","author":"Kourou Konstantina","key":"e_1_3_2_1_22_1","unstructured":"Konstantina Kourou, Themis\u00a0P Exarchos, Konstantinos\u00a0P Exarchos, Michalis\u00a0V Karamouzis, and Dimitrios\u00a0I Fotiadis. 2015. Machine learning applications in cancer prognosis and prediction. Computational and structural biotechnology journal 13 (2015), 8\u201317."},{"volume-title":"Imagenet classification with deep convolutional neural networks. Advances in neural information processing systems 25","year":"2012","author":"Krizhevsky Alex","key":"e_1_3_2_1_24_1","unstructured":"Alex Krizhevsky, Ilya Sutskever, and Geoffrey\u00a0E Hinton. 2012. Imagenet classification with deep convolutional neural networks. Advances in neural information processing systems 25 (2012)."},{"volume-title":"Perceptual adversarial robustness: Defense against unseen threat models. arXiv preprint arXiv:2006.12655","year":"2020","author":"Laidlaw Cassidy","key":"e_1_3_2_1_25_1","unstructured":"Cassidy Laidlaw, Sahil Singla, and Soheil Feizi. 2020. Perceptual adversarial robustness: Defense against unseen threat models. arXiv preprint arXiv:2006.12655 (2020)."},{"volume-title":"Developer guide. Amazon Web Services","year":"2018","author":"Learning Amazon\u00a0Machine","key":"e_1_3_2_1_26_1","unstructured":"Amazon\u00a0Machine Learning. 2018. Developer guide. Amazon Web Services (2018)."},{"volume-title":"Blacklight: Defending black-box adversarial attacks on deep neural networks. arXiv preprint arXiv:2006.14042","year":"2020","author":"Li Huiying","key":"e_1_3_2_1_27_1","unstructured":"Huiying Li, Shawn Shan, Emily Wenger, Jiayun Zhang, Haitao Zheng, and Ben\u00a0Y Zhao. 2020. Blacklight: Defending black-box adversarial attacks on deep neural networks. arXiv preprint arXiv:2006.14042 (2020)."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.00130"},{"volume-title":"Membership Inference Attacks and Defenses in Supervised Learning via Generalization Gap. arXiv","year":"2020","author":"Li Jiacheng","key":"e_1_3_2_1_29_1","unstructured":"Jiacheng Li and Bruno\u00a0Ribeiro Ninghui\u00a0Li. 2020. Membership Inference Attacks and Defenses in Supervised Learning via Generalization Gap. arXiv (2020)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484575"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2015.425"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2015.425"},{"volume-title":"Towards measuring membership privacy. arXiv preprint arXiv:1712.09136","year":"2017","author":"Long Yunhui","key":"e_1_3_2_1_33_1","unstructured":"Yunhui Long, Vincent Bindschaedler, and Carl\u00a0A Gunter. 2017. Towards measuring membership privacy. arXiv preprint arXiv:1712.09136 (2017)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243855"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIP.2014.7025068"},{"volume-title":"29th USENIX security symposium (USENIX Security 20). 1291\u20131308.","author":"Salem Ahmed","key":"e_1_3_2_1_36_1","unstructured":"Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, and Yang Zhang. 2020. { Updates-Leak} : Data Set Inference and Reconstruction Attacks in Online Learning. In 29th USENIX security symposium (USENIX Security 20). 1291\u20131308."},{"volume-title":"Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246","year":"2018","author":"Salem Ahmed","key":"e_1_3_2_1_37_1","unstructured":"Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, and Michael Backes. 2018. Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246 (2018)."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354211"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/GlobalSIP.2013.6736861"},{"volume-title":"UCF101: A dataset of 101 human actions classes from videos in the wild. arXiv preprint arXiv:1212.0402","year":"2012","author":"Soomro Khurram","key":"e_1_3_2_1_41_1","unstructured":"Khurram Soomro, Amir\u00a0Roshan Zamir, and Mubarak Shah. 2012. UCF101: A dataset of 101 human actions classes from videos in the wild. arXiv preprint arXiv:1212.0402 (2012)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","unstructured":"J. Stallkamp M. Schlipsing J. Salmen and C. Igel. 2012. Man vs. computer: Benchmarking machine learning algorithms for traffic sign recognition. Neural Networks 32 0 (2012) \u2013. https:\/\/doi.org\/10.1016\/j.neunet.2012.02.016","DOI":"10.1016\/j.neunet.2012.02.016"},{"volume-title":"Differentially private empirical risk minimization revisited: Faster and more general. Advances in Neural Information Processing Systems 30","year":"2017","author":"Wang Di","key":"e_1_3_2_1_43_1","unstructured":"Di Wang, Minwei Ye, and Jinhui Xu. 2017. Differentially private empirical risk minimization revisited: Faster and more general. Advances in Neural Information Processing Systems 30 (2017)."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v35i13.17387"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2011.5995566"},{"volume-title":"Defending model inversion and membership inference attacks via prediction purification. arXiv preprint arXiv:2005.03915","year":"2020","author":"Yang Ziqi","key":"e_1_3_2_1_46_1","unstructured":"Ziqi Yang, Bin Shao, Bohan Xuan, Ee-Chien Chang, and Fan Zhang. 2020. Defending model inversion and membership inference attacks via prediction purification. arXiv preprint arXiv:2005.03915 (2020)."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00068"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.00033"}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607232","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,16]],"date-time":"2024-10-16T10:39:25Z","timestamp":1729075165000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607232"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":47,"alternative-id":["10.1145\/3607199.3607232","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607232","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}