iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: https://api.crossref.org/works/10.1145/3433210.3453079
{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T09:05:24Z","timestamp":1726045524557},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","funder":[{"name":"DARPA D3M","award":["FA8750-17-2-0091"]},{"name":"National Science Foundation","award":["TWC-1409915"]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,5,24]]},"DOI":"10.1145\/3433210.3453079","type":"proceedings-article","created":{"date-parts":[[2021,6,4]],"date-time":"2021-06-04T15:26:39Z","timestamp":1622820399000},"update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":37,"title":["REFIT: A Unified Watermark Removal Framework For Deep Learning Systems With Limited Data"],"prefix":"10.1145","author":[{"given":"Xinyun","family":"Chen","sequence":"first","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Wenxiao","family":"Wang","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"given":"Chris","family":"Bender","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Yiming","family":"Ding","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Ruoxi","family":"Jia","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Bo","family":"Li","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign, Champaign, IL, USA"}]},{"given":"Dawn","family":"Song","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2021,6,4]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"27th $$USENIX$$ Security Symposium.","author":"Adi Yossi","unstructured":"Yossi Adi , Carsten Baum , Moustapha Cisse , Benny Pinkas , and Joseph Keshet . 2018. Turning your weakness into a strength: Watermarking deep neural networks by backdooring . In 27th $$USENIX$$ Security Symposium. Yossi Adi, Carsten Baum, Moustapha Cisse, Benny Pinkas, and Joseph Keshet. 2018. Turning your weakness into a strength: Watermarking deep neural networks by backdooring. In 27th $$USENIX$$ Security Symposium."},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_3_2_2_3_1","volume-title":"Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389","author":"Biggio Battista","year":"2012","unstructured":"Battista Biggio , Blaine Nelson , and Pavel Laskov . 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 ( 2012 ). Battista Biggio, Blaine Nelson, and Pavel Laskov. 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)."},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_2_5_1","volume-title":"Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728","author":"Chen Bryant","year":"2018","unstructured":"Bryant Chen , Wilka Carvalho , Nathalie Baracaldo , Heiko Ludwig , Benjamin Edwards , Taesung Lee , Ian Molloy , and Biplav Srivastava . 2018. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728 ( 2018 ). Bryant Chen, Wilka Carvalho, Nathalie Baracaldo, Heiko Ludwig, Benjamin Edwards, Taesung Lee, Ian Molloy, and Biplav Srivastava. 2018. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728 (2018)."},{"key":"e_1_3_2_2_6_1","volume-title":"DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks. International Joint Conferences on Artificial Intelligence (IJCAI)","author":"Chen Huili","year":"2019","unstructured":"Huili Chen , Cheng Fu , Jishen Zhao , and Farinaz Koushanfar . 2019 . DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks. International Joint Conferences on Artificial Intelligence (IJCAI) (2019). Huili Chen, Cheng Fu, Jishen Zhao, and Farinaz Koushanfar. 2019. DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks. International Joint Conferences on Artificial Intelligence (IJCAI) (2019)."},{"key":"e_1_3_2_2_7_1","volume-title":"Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526","author":"Chen Xinyun","year":"2017","unstructured":"Xinyun Chen , Chang Liu , Bo Li , Kimberly Lu , and Dawn Song . 2017. Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526 ( 2017 ). Xinyun Chen, Chang Liu, Bo Li, Kimberly Lu, and Dawn Song. 2017. Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526 (2017)."},{"key":"e_1_3_2_2_8_1","volume-title":"A downsampled variant of imagenet as an alternative to the cifar datasets. arXiv preprint arXiv:1707.08819","author":"Chrabaszcz Patryk","year":"2017","unstructured":"Patryk Chrabaszcz , Ilya Loshchilov , and Frank Hutter . 2017. A downsampled variant of imagenet as an alternative to the cifar datasets. arXiv preprint arXiv:1707.08819 ( 2017 ). Patryk Chrabaszcz, Ilya Loshchilov, and Frank Hutter. 2017. A downsampled variant of imagenet as an alternative to the cifar datasets. arXiv preprint arXiv:1707.08819 (2017)."},{"key":"e_1_3_2_2_9_1","unstructured":"Adam Coates Andrew Ng and Honglak Lee. 2011. An analysis of single-layer networks in unsupervised feature learning. In The fourteenth international conference on artificial intelligence and statistics. Adam Coates Andrew Ng and Honglak Lee. 2011. An analysis of single-layer networks in unsupervised feature learning. In The fourteenth international conference on artificial intelligence and statistics."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2013.2264952"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"e_1_3_2_2_12_1","volume-title":"BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. In North American","author":"Devlin Jacob","year":"2019","unstructured":"Jacob Devlin , Ming-Wei Chang , Kenton Lee , and Kristina Toutanova . 2019 . BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. In North American Chapter of the Association for Computational Linguistics. Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2019. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. In North American Chapter of the Association for Computational Linguistics."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813677"},{"key":"e_1_3_2_2_14_1","volume-title":"23rd $$USENIX$$ Security Symposium ($$USENIX$$ Security 14).","author":"Fredrikson Matthew","unstructured":"Matthew Fredrikson , Eric Lantz , Somesh Jha , Simon Lin , David Page , and Thomas Ristenpart . 2014. Privacy in pharmacogenetics: An end-to-end case study of personalized warfarin dosing . In 23rd $$USENIX$$ Security Symposium ($$USENIX$$ Security 14). Matthew Fredrikson, Eric Lantz, Somesh Jha, Simon Lin, David Page, and Thomas Ristenpart. 2014. Privacy in pharmacogenetics: An end-to-end case study of personalized warfarin dosing. In 23rd $$USENIX$$ Security Symposium ($$USENIX$$ Security 14)."},{"key":"e_1_3_2_2_15_1","volume-title":"STRIP: A Defence Against Trojan Attacks on Deep Neural Networks. arXiv preprint arXiv:1902.06531","author":"Gao Yansong","year":"2019","unstructured":"Yansong Gao , Chang Xu , Derui Wang , Shiping Chen , Damith C Ranasinghe , and Surya Nepal . 2019 . STRIP: A Defence Against Trojan Attacks on Deep Neural Networks. arXiv preprint arXiv:1902.06531 (2019). Yansong Gao, Chang Xu, Derui Wang, Shiping Chen, Damith C Ranasinghe, and Surya Nepal. 2019. STRIP: A Defence Against Trojan Attacks on Deep Neural Networks. arXiv preprint arXiv:1902.06531 (2019)."},{"key":"e_1_3_2_2_16_1","volume-title":"An empirical investigation of catastrophic forgetting in gradient-based neural networks. arXiv preprint arXiv:1312.6211","author":"Goodfellow Ian J","year":"2013","unstructured":"Ian J Goodfellow , Mehdi Mirza , Da Xiao , Aaron Courville , and Yoshua Bengio . 2013. An empirical investigation of catastrophic forgetting in gradient-based neural networks. arXiv preprint arXiv:1312.6211 ( 2013 ). Ian J Goodfellow, Mehdi Mirza, Da Xiao, Aaron Courville, and Yoshua Bengio. 2013. An empirical investigation of catastrophic forgetting in gradient-based neural networks. arXiv preprint arXiv:1312.6211 (2013)."},{"key":"e_1_3_2_2_17_1","volume-title":"International Conference on Learning Representations (ICLR)","author":"Goodfellow Ian J","year":"2015","unstructured":"Ian J Goodfellow , Jonathon Shlens , and Christian Szegedy . 2015 . Explaining and harnessing adversarial examples . International Conference on Learning Representations (ICLR) (2015). Ian J Goodfellow, Jonathon Shlens, and Christian Szegedy. 2015. Explaining and harnessing adversarial examples. International Conference on Learning Representations (ICLR) (2015)."},{"key":"e_1_3_2_2_18_1","unstructured":"Yves Grandvalet and Yoshua Bengio. 2005. Semi-supervised learning by entropy minimization. In Advances in neural information processing systems. Yves Grandvalet and Yoshua Bengio. 2005. Semi-supervised learning by entropy minimization. In Advances in neural information processing systems."},{"key":"e_1_3_2_2_19_1","volume-title":"BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain. arXiv preprint arXiv:1708.06733","author":"Gu Tianyu","year":"2017","unstructured":"Tianyu Gu , Brendan Dolan-Gavitt , and Siddharth Garg . 2017. BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain. arXiv preprint arXiv:1708.06733 ( 2017 ). Tianyu Gu, Brendan Dolan-Gavitt, and Siddharth Garg. 2017. BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain. arXiv preprint arXiv:1708.06733 (2017)."},{"key":"e_1_3_2_2_20_1","volume-title":"TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems. arXiv preprint arXiv:1908.01763","author":"Guo Wenbo","year":"2019","unstructured":"Wenbo Guo , Lun Wang , Xinyu Xing , Min Du , and Dawn Song . 2019 . TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems. arXiv preprint arXiv:1908.01763 (2019). Wenbo Guo, Lun Wang, Xinyu Xing, Min Du, and Dawn Song. 2019. TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems. arXiv preprint arXiv:1908.01763 (2019)."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0008"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_2_23_1","volume-title":"Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531","author":"Hinton Geoffrey","year":"2015","unstructured":"Geoffrey Hinton , Oriol Vinyals , and Jeff Dean . 2015. Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531 ( 2015 ). Geoffrey Hinton, Oriol Vinyals, and Jeff Dean. 2015. Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531 (2015)."},{"key":"e_1_3_2_2_24_1","volume-title":"Have you stolen my model? evasion attacks against deep neural network watermarking techniques. arXiv preprint arXiv:1809.00615","author":"Hitaj Dorjan","year":"2018","unstructured":"Dorjan Hitaj and Luigi V Mancini . 2018. Have you stolen my model? evasion attacks against deep neural network watermarking techniques. arXiv preprint arXiv:1809.00615 ( 2018 ). Dorjan Hitaj and Luigi V Mancini. 2018. Have you stolen my model? evasion attacks against deep neural network watermarking techniques. arXiv preprint arXiv:1809.00615 (2018)."},{"key":"e_1_3_2_2_25_1","volume-title":"AAAI conference on artificial intelligence.","author":"Kemker Ronald","year":"2018","unstructured":"Ronald Kemker , Marc McClure , Angelina Abitino , Tyler L Hayes , and Christopher Kanan . 2018 . Measuring catastrophic forgetting in neural networks . In AAAI conference on artificial intelligence. Ronald Kemker, Marc McClure, Angelina Abitino, Tyler L Hayes, and Christopher Kanan. 2018. Measuring catastrophic forgetting in neural networks. In AAAI conference on artificial intelligence."},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.1611835114"},{"key":"e_1_3_2_2_27_1","volume-title":"International Conference on Machine Learning. 1885--1894","author":"Koh Pang Wei","year":"2017","unstructured":"Pang Wei Koh and Percy Liang . 2017 . Understanding Black-box Predictions via Influence Functions . In International Conference on Machine Learning. 1885--1894 . Pang Wei Koh and Percy Liang. 2017. Understanding Black-box Predictions via Influence Functions. In International Conference on Machine Learning. 1885--1894."},{"key":"e_1_3_2_2_28_1","unstructured":"Alex Krizhevsky et al. 2009. Learning multiple layers of features from tiny images. Technical Report. Citeseer. Alex Krizhevsky et al. 2009. Learning multiple layers of features from tiny images. Technical Report. Citeseer."},{"key":"e_1_3_2_2_29_1","unstructured":"Bo Li Yining Wang Aarti Singh and Yevgeniy Vorobeychik. 2016. Data poisoning attacks on factorization-based collaborative filtering. In Advances in neural information processing systems. Bo Li Yining Wang Aarti Singh and Yevgeniy Vorobeychik. 2016. Data poisoning attacks on factorization-based collaborative filtering. In Advances in neural information processing systems."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_13"},{"key":"e_1_3_2_2_31_1","volume-title":"Trojaning Attack on Neural Networks. In Network and Distributed System Security Symposium (NDSS).","author":"Liu Yingqi","year":"2017","unstructured":"Yingqi Liu , Shiqing Ma , Yousra Aafer , Wen-Chuan Lee , Juan Zhai , Weihang Wang , and Xiangyu Zhang . 2017 a. Trojaning Attack on Neural Networks. In Network and Distributed System Security Symposium (NDSS). Yingqi Liu, Shiqing Ma, Yousra Aafer, Wen-Chuan Lee, Juan Zhai, Weihang Wang, and Xiangyu Zhang. 2017a. Trojaning Attack on Neural Networks. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_2_32_1","volume-title":"Neural Trojans. In The 35th IEEE International Conference on Computer Design.","author":"Liu Yuntao","year":"2017","unstructured":"Yuntao Liu , Yang Xie , and Ankur Srivastava . 2017 b. Neural Trojans. In The 35th IEEE International Conference on Computer Design. Yuntao Liu, Yang Xie, and Ankur Srivastava. 2017b. Neural Trojans. In The 35th IEEE International Conference on Computer Design."},{"key":"e_1_3_2_2_33_1","unstructured":"David Lopez-Paz and Marc'Aurelio Ranzato. 2017. Gradient episodic memory for continual learning. In Advances in Neural Information Processing Systems. David Lopez-Paz and Marc'Aurelio Ranzato. 2017. Gradient episodic memory for continual learning. In Advances in Neural Information Processing Systems."},{"key":"e_1_3_2_2_34_1","volume-title":"Adversarial frontier stitching for remote neural network watermarking. Journal of Neural Computing and Applications","author":"Merrer Erwan Le","year":"2019","unstructured":"Erwan Le Merrer , Patrick Perez , and Gilles Tr\u00e9dan . 2019. Adversarial frontier stitching for remote neural network watermarking. Journal of Neural Computing and Applications ( 2019 ). Erwan Le Merrer, Patrick Perez, and Gilles Tr\u00e9dan. 2019. Adversarial frontier stitching for remote neural network watermarking. Journal of Neural Computing and Applications (2019)."},{"key":"e_1_3_2_2_35_1","volume-title":"Virtual adversarial training: a regularization method for supervised and semi-supervised learning","author":"Miyato Takeru","year":"2018","unstructured":"Takeru Miyato , Shin-ichi Maeda, Masanori Koyama , and Shin Ishii . 2018. Virtual adversarial training: a regularization method for supervised and semi-supervised learning . IEEE transactions on pattern analysis and machine intelligence ( 2018 ). Takeru Miyato, Shin-ichi Maeda, Masanori Koyama, and Shin Ishii. 2018. Virtual adversarial training: a regularization method for supervised and semi-supervised learning. IEEE transactions on pattern analysis and machine intelligence (2018)."},{"key":"e_1_3_2_2_36_1","volume-title":"10th ACM Workshop on Artificial Intelligence and Security.","author":"Gonz\u00e1lez Luis Mu","year":"2017","unstructured":"Luis Mu noz- Gonz\u00e1lez , Battista Biggio , Ambra Demontis , Andrea Paudice , Vasin Wongrassamee , Emil C Lupu , and Fabio Roli . 2017 . Towards poisoning of deep learning algorithms with back-gradient optimization . In 10th ACM Workshop on Artificial Intelligence and Security. Luis Mu noz-Gonz\u00e1lez, Battista Biggio, Ambra Demontis, Andrea Paudice, Vasin Wongrassamee, Emil C Lupu, and Fabio Roli. 2017. Towards poisoning of deep learning algorithms with back-gradient optimization. In 10th ACM Workshop on Artificial Intelligence and Security."},{"key":"e_1_3_2_2_37_1","volume-title":"Robust Watermarking of Neural Network with Exponential Weighting. In 2019 ACM Asia Conference on Computer and Communications Security.","author":"Namba Ryota","year":"2019","unstructured":"Ryota Namba and Jun Sakuma . 2019 . Robust Watermarking of Neural Network with Exponential Weighting. In 2019 ACM Asia Conference on Computer and Communications Security. Ryota Namba and Jun Sakuma. 2019. Robust Watermarking of Neural Network with Exponential Weighting. In 2019 ACM Asia Conference on Computer and Communications Security."},{"key":"e_1_3_2_2_38_1","volume-title":"Anthony D Joseph, Benjamin IP Rubinstein, Udam Saini, Charles A Sutton, J Doug Tygar, and Kai Xia.","author":"Nelson Blaine","year":"2008","unstructured":"Blaine Nelson , Marco Barreno , Fuching Jack Chi , Anthony D Joseph, Benjamin IP Rubinstein, Udam Saini, Charles A Sutton, J Doug Tygar, and Kai Xia. 2008 . Exploiting Machine Learning to Subvert Your Spam Filter. LEET ( 2008). Blaine Nelson, Marco Barreno, Fuching Jack Chi, Anthony D Joseph, Benjamin IP Rubinstein, Udam Saini, Charles A Sutton, J Doug Tygar, and Kai Xia. 2008. Exploiting Machine Learning to Subvert Your Spam Filter. LEET (2008)."},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.41"},{"key":"e_1_3_2_2_40_1","volume-title":"Deepsigns: A generic watermarking framework for ip protection of deep learning models. arXiv preprint arXiv:1804.00750","author":"Rouhani Bita Darvish","year":"2018","unstructured":"Bita Darvish Rouhani , Huili Chen , and Farinaz Koushanfar . 2018 . Deepsigns: A generic watermarking framework for ip protection of deep learning models. arXiv preprint arXiv:1804.00750 (2018). Bita Darvish Rouhani, Huili Chen, and Farinaz Koushanfar. 2018. Deepsigns: A generic watermarking framework for ip protection of deep learning models. arXiv preprint arXiv:1804.00750 (2018)."},{"key":"e_1_3_2_2_41_1","volume-title":"Poison frogs! targeted clean-label poisoning attacks on neural networks. Advances in Neural Information Processing Systems","author":"Shafahi Ali","year":"2018","unstructured":"Ali Shafahi , W Ronny Huang , Mahyar Najibi , Octavian Suciu , Christoph Studer , Tudor Dumitras , and Tom Goldstein . 2018. Poison frogs! targeted clean-label poisoning attacks on neural networks. Advances in Neural Information Processing Systems ( 2018 ). Ali Shafahi, W Ronny Huang, Mahyar Najibi, Octavian Suciu, Christoph Studer, Tudor Dumitras, and Tom Goldstein. 2018. Poison frogs! targeted clean-label poisoning attacks on neural networks. Advances in Neural Information Processing Systems (2018)."},{"key":"e_1_3_2_2_42_1","volume-title":"Jaehong Kim, and Jiwon Kim.","author":"Shin Hanul","year":"2017","unstructured":"Hanul Shin , Jung Kwon Lee , Jaehong Kim, and Jiwon Kim. 2017 . Continual learning with deep generative replay. In Advances in Neural Information Processing Systems . Hanul Shin, Jung Kwon Lee, Jaehong Kim, and Jiwon Kim. 2017. Continual learning with deep generative replay. In Advances in Neural Information Processing Systems."},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_2_44_1","volume-title":"International Conference on Learning Representations (ICLR)","author":"Simonyan Karen","year":"2015","unstructured":"Karen Simonyan and Andrew Zisserman . 2015 . Very deep convolutional networks for large-scale image recognition . International Conference on Learning Representations (ICLR) (2015). Karen Simonyan and Andrew Zisserman. 2015. Very deep convolutional networks for large-scale image recognition. International Conference on Learning Representations (ICLR) (2015)."},{"key":"e_1_3_2_2_45_1","volume-title":"Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199","author":"Szegedy Christian","year":"2013","unstructured":"Christian Szegedy , Wojciech Zaremba , Ilya Sutskever , Joan Bruna , Dumitru Erhan , Ian Goodfellow , and Rob Fergus . 2013. Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 ( 2013 ). Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. 2013. Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)."},{"key":"e_1_3_2_2_46_1","unstructured":"Brandon Tran Jerry Li and Aleksander Madry. 2018. Spectral signatures in backdoor attacks. In Advances in Neural Information Processing Systems. Brandon Tran Jerry Li and Aleksander Madry. 2018. Spectral signatures in backdoor attacks. In Advances in Neural Information Processing Systems."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3078971.3078974"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00031"},{"key":"e_1_3_2_2_49_1","volume-title":"Effectiveness of Distillation Attack and Countermeasure on Neural Network Watermarking. arXiv preprint arXiv:1906.06046","author":"Yang Ziqi","year":"2019","unstructured":"Ziqi Yang , Hung Dang , and Ee-Chien Chang . 2019. Effectiveness of Distillation Attack and Countermeasure on Neural Network Watermarking. arXiv preprint arXiv:1906.06046 ( 2019 ). Ziqi Yang, Hung Dang, and Ee-Chien Chang. 2019. Effectiveness of Distillation Attack and Countermeasure on Neural Network Watermarking. arXiv preprint arXiv:1906.06046 (2019)."},{"key":"e_1_3_2_2_50_1","unstructured":"Jason Yosinski Jeff Clune Yoshua Bengio and Hod Lipson. 2014. How transferable are features in deep neural networks?. In Advances in neural information processing systems. Jason Yosinski Jeff Clune Yoshua Bengio and Hod Lipson. 2014. How transferable are features in deep neural networks?. In Advances in neural information processing systems."},{"key":"e_1_3_2_2_51_1","volume-title":"International Conference on Machine Learning.","author":"Zenke Friedemann","year":"2017","unstructured":"Friedemann Zenke , Ben Poole , and Surya Ganguli . 2017 . Continual learning through synaptic intelligence . In International Conference on Machine Learning. Friedemann Zenke, Ben Poole, and Surya Ganguli. 2017. Continual learning through synaptic intelligence. In International Conference on Machine Learning."},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196550"}],"event":{"name":"ASIA CCS '21: ACM Asia Conference on Computer and Communications Security","location":"Virtual Event Hong Kong","acronym":"ASIA CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3433210.3453079","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,7]],"date-time":"2023-01-07T03:13:05Z","timestamp":1673061185000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3433210.3453079"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,24]]},"references-count":52,"alternative-id":["10.1145\/3433210.3453079","10.1145\/3433210"],"URL":"https:\/\/doi.org\/10.1145\/3433210.3453079","relation":{},"subject":[],"published":{"date-parts":[[2021,5,24]]},"assertion":[{"value":"2021-06-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}