乐胖代购免代理版

{"id":"https://openalex.org/W4385679845","doi":"https://doi.org/10.1109/sp46215.2023.10179451","title":"RAB: Provable Robustness Against Backdoor Attacks","display_name":"RAB: Provable Robustness Against Backdoor Attacks","publication_year":2023,"publication_date":"2023-05-01","ids":{"openalex":"https://openalex.org/W4385679845","doi":"https://doi.org/10.1109/sp46215.2023.10179451"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179451","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2003.08904","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065377280","display_name":"Maurice Weber","orcid":"https://orcid.org/0000-0002-4176-8222"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Maurice Weber","raw_affiliation_strings":["ETH Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"ETH Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007385062","display_name":"Xiaojun Xu","orcid":"https://orcid.org/0000-0003-4306-7590"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaojun Xu","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025073517","display_name":"Bojan Karla\u0161","orcid":"https://orcid.org/0000-0002-6462-3579"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Bojan Karla\u0161","raw_affiliation_strings":["ETH Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"ETH Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100383731","display_name":"Ce Zhang","orcid":"https://orcid.org/0000-0002-8105-7505"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Ce Zhang","raw_affiliation_strings":["ETH Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"ETH Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100677409","display_name":"Bo Li","orcid":"https://orcid.org/0000-0003-4883-7267"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bo Li","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, USA","institution_ids":["https://openalex.org/I157725225"]}]}],"institution_assertions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":14.839,"has_fulltext":false,"cited_by_count":47,"citation_normalized_percentile":{"value":0.999754,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1311","last_page":"1328"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9755,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10645","display_name":"Cardiac Arrest and Resuscitation","score":0.9664,"subfield":{"id":"https://openalex.org/subfields/2711","display_name":"Emergency Medicine"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9773149},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness","score":0.81420696}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9773149},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.81420696},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7100946},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5897424},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5810821},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.16549626},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179451","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},{"is_oa":true,"landing_page_url":"https://arxiv.org/abs/2003.08904","pdf_url":"https://arxiv.org/pdf/2003.08904","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://arxiv.org/abs/2003.08904","pdf_url":"https://arxiv.org/pdf/2003.08904","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false},"sustainable_development_goals":[{"display_name":"Peace, justice, and strong institutions","score":0.56,"id":"https://metadata.un.org/sdg/16"}],"grants":[{"funder":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation","award_id":null},{"funder":"https://openalex.org/F4320306151","funder_display_name":"Alfred P. Sloan Foundation","award_id":null},{"funder":"https://openalex.org/F4320334678","funder_display_name":"European Research Council","award_id":null}],"datasets":[],"versions":[],"referenced_works_count":45,"referenced_works":["https://openalex.org/W1583837637","https://openalex.org/W2101234009","https://openalex.org/W2108598243","https://openalex.org/W2112796928","https://openalex.org/W2194775991","https://openalex.org/W2509109313","https://openalex.org/W2591602089","https://openalex.org/W2748789698","https://openalex.org/W2752929869","https://openalex.org/W2754049786","https://openalex.org/W2774423163","https://openalex.org/W2898759955","https://openalex.org/W2902931196","https://openalex.org/W2911495555","https://openalex.org/W2912083425","https://openalex.org/W2934843808","https://openalex.org/W2942091739","https://openalex.org/W2962710014","https://openalex.org/W2963448658","https://openalex.org/W2963564844","https://openalex.org/W2963952467","https://openalex.org/W2964043980","https://openalex.org/W2965721472","https://openalex.org/W2966689772","https://openalex.org/W2983044655","https://openalex.org/W2990270730","https://openalex.org/W3008901592","https://openalex.org/W3012113073","https://openalex.org/W3048759177","https://openalex.org/W3083878034","https://openalex.org/W3092753701","https://openalex.org/W3102720581","https://openalex.org/W3114686421","https://openalex.org/W3118608800","https://openalex.org/W3120740533","https://openalex.org/W3152758407","https://openalex.org/W3162804012","https://openalex.org/W3195614649","https://openalex.org/W3206431085","https://openalex.org/W3213537051","https://openalex.org/W3215171287","https://openalex.org/W4243565423","https://openalex.org/W4289300166","https://openalex.org/W4293846201","https://openalex.org/W4382448866"],"related_works":["https://openalex.org/W4394896187","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4306674287","https://openalex.org/W4283697347","https://openalex.org/W3170094116","https://openalex.org/W3107602296","https://openalex.org/W3046775127","https://openalex.org/W2961085424"],"abstract_inverted_index":{"Recent":[0],"studies":[1],"have":[2,25],"shown":[3],"that":[4,132,143,169],"deep":[5],"neural":[6],"net-works":[7],"(DNNs)":[8],"are":[9],"vulnerable":[10],"to":[11,86,105,147,173,230],"adversarial":[12],"attacks,":[13],"including":[14],"evasion":[15,37,92],"and":[16,33,79,93,110,130,162,199,205,208,243,251],"backdoor":[17,44,67,94,115,217],"(poisoning)":[18],"attacks.":[19,68,95,116,218,264],"On":[20],"the":[21,40,57,88,99,107,120,149,171,210,232,235,240,244],"defense":[22],"side,":[23],"there":[24],"been":[26],"intensive":[27],"efforts":[28],"on":[29,55,202,225,247,255],"improving":[30],"both":[31,91],"empirical":[32],"provable":[34,41],"robustness":[35,42,61,89,113,121,134,215],"against":[36,43,62,90,114,216,260],"attacks;":[38],"however,":[39],"attacks":[45],"still":[46],"remains":[47],"largely":[48],"unexplored.":[49],"In":[50,138,219],"this":[51],"paper,":[52],"we":[53,140,163,183,221],"focus":[54],"certifying":[56],"machine":[58,124,189],"learning":[59,125,190,258],"model":[60,109],"general":[63,261],"threat":[64],"models,":[65],"especially":[66],"We":[69,96,117],"first":[70,100,211],"provide":[71,209],"a":[72,176,226],"unified":[73],"framework":[74],"via":[75],"randomized":[76],"smoothing":[77],"techniques":[78],"show":[80,142],"how":[81],"it":[82,144],"can":[83],"be":[84],"instantiated":[85],"certify":[87,111],"then":[97],"propose":[98,164],"robust":[101,150,257],"training":[102,262],"process,":[103],"RAB,":[104],"smooth":[106],"trained":[108,127],"its":[112],"theoretically":[118,141],"prove":[119,131],"bound":[122,135],"for":[123,154,179,187,213],"models":[126,152,156,192,201,224,250],"with":[128],"RAB":[129],"our":[133],"is":[136,145],"tight.":[137],"addition,":[139,220],"possible":[146],"train":[148],"smoothed":[151],"efficiently":[153],"simple":[155],"such":[157,180,193],"as":[158,194],"K-nearest":[159],"neighbor":[160],"classifiers,":[161],"an":[165],"exact":[166,237],"smooth-training":[167],"algorithm":[168],"eliminates":[170],"need":[172],"sample":[174],"from":[175],"noise":[177],"distribution":[178],"models.":[181],"Empirically,":[182],"conduct":[184],"comprehensive":[185,245],"experiments":[186],"different":[188],"(ML)":[191],"DNNs,":[195],"support":[196],"vector":[197],"machines,":[198],"K-NN":[200,223],"MNIST,":[203],"CIFAR-10,":[204],"ImageNette":[206],"datasets":[207,252],"benchmark":[212],"certified":[214],"evaluate":[222],"spambase":[227],"tabular":[228],"dataset":[229],"demonstrate":[231],"advantages":[233],"of":[234],"proposed":[236],"algorithm.":[238],"Both":[239],"theoretic":[241],"analysis":[242],"evaluation":[246],"diverse":[248],"ML":[249],"shed":[253],"light":[254],"further":[256],"strategies":[259],"time":[263]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4385679845","counts_by_year":[{"year":2024,"cited_by_count":25},{"year":2023,"cited_by_count":14},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-01-09T06:17:55.444613","created_date":"2023-08-09"}