{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T05:35:22Z","timestamp":1743140122972,"version":"3.40.3"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030184186"},{"type":"electronic","value":"9783030184193"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-18419-3_10","type":"book-chapter","created":{"date-parts":[[2019,5,1]],"date-time":"2019-05-01T19:25:20Z","timestamp":1556738720000},"page":"143-155","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Evading Deep Neural Network and Random Forest Classifiers by Generating Adversarial Samples"],"prefix":"10.1007","author":[{"given":"Erick Eduardo Bernal","family":"Martinez","sequence":"first","affiliation":[]},{"given":"Bella","family":"Oh","sequence":"additional","affiliation":[]},{"given":"Feng","family":"Li","sequence":"additional","affiliation":[]},{"given":"Xiao","family":"Luo","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,14]]},"reference":[{"key":"10_CR1","unstructured":"Hu, W., Tan, Y.: Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN (2017)"},{"key":"10_CR2","doi-asserted-by":"crossref","unstructured":"Subasi, A., Molah, E., Almkallawi, F., Chaudhery, T.J.: Intelligent phishing website detection using random forest classifier. In: 2017 International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, pp. 1\u20135 (2017)","DOI":"10.1109\/ICECTA.2017.8252051"},{"key":"10_CR3","unstructured":"Peng, W., Gao, T., Sisodia, D., Saha, T.K., Li, F., Al Hasan, M.: ACTS: extracting android app topological signature through graphlet sampling. In: 2016 IEEE Conference on Communications and Network Security (CNS), pp. 37\u201345 (2016)"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"Bosch, A., Zisserman, A., Munoz, X.: Image classification using random forests and ferns. In: 2007 IEEE 11th International Conference on Computer Vision, Rio de Janeiro, pp. 1\u20138 (2007)","DOI":"10.1109\/ICCV.2007.4409066"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., and Swami, A.: The limitations of deep learning in adversarial settings. In: Proceedings of the 1st IEEE European Symposium on Security and Privacy, pp. 372\u2013387 (2016)","DOI":"10.1109\/EuroSP.2016.36"},{"key":"10_CR6","unstructured":"Feinman, R., Curtin, R.R., Shintre, S., Gardner, A.B.: Detecting Adversarial Samples from Artifacts. arXiv preprint \n                      arXiv:1703.00410\n                      \n                     (2017)"},{"key":"10_CR7","unstructured":"Papernot, N., Carlini, N., Goodfellow, I., Feinman, R.: Cleverhans v2. 0.0: an adversarial machine learning library. arXiv preprint \n                      arXiv:1610.00768\n                      \n                     (2016)"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. IEEE European Symposium on Security and Privacy (EuroS, P), Saarbrucken, pp. 372\u2013387 (2016)","DOI":"10.1109\/EuroSP.2016.36"},{"key":"10_CR9","doi-asserted-by":"publisher","unstructured":"Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS 2017), pp. 506\u2013519. ACM, New York, (2017), \n                      https:\/\/doi.org\/10.1145\/3052973.3053009","DOI":"10.1145\/3052973.3053009"},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Gao, T. et al.: Android Malware Detection via Graphlet Sampling, pp. 1\u201314 (2018). Unpublished","DOI":"10.1109\/TMC.2018.2880731"},{"key":"10_CR11","unstructured":"The WEKA Workbench: Online Appendix for \u201cData Mining: Practical Machine Learning Tools and Techniques\u201d, 4th edn. Morgan Kaufmann (2016)"},{"key":"10_CR12","unstructured":"Goodfellow, I.J., et al.: Explaining and harnessing adversarial examples. In: Proceedings of the International Conference on Learning Representations (2015)"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Dang, H., Huang, Y., Chang, E.: Evading classifiers by morphing in the dark. In: ACM CCS, pp. 119\u2013133. ACM (2017)","DOI":"10.1145\/3133956.3133978"},{"key":"10_CR14","unstructured":"Holczer, B.: Random Forest Classifier - Machine Learning. Global Software Support, 7 March 2018. \n                      www.globalsoftwaresupport.com\/random-forest-classifier-bagging-machine-learning\/"},{"key":"10_CR15","unstructured":"Elsayed, G., Goodfellow, I., Sohl-Dickstein, J.: Adversarial Reprogramming of Neural Networks (2018). \n                      https:\/\/arxiv.org\/pdf\/1806.11146.pdf\n                      \n                    . Accessed 22 Oct 2018"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-319-66399-9_4","volume-title":"Computer Security \u2013 ESORICS 2017","author":"K Grosse","year":"2017","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial examples for malware detection. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 62\u201379. Springer, Cham (2017). \n                      https:\/\/doi.org\/10.1007\/978-3-319-66399-9_4"},{"key":"10_CR17","unstructured":"Jia, J., Gong, N.Z.: AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning. \n                      https:\/\/arxiv.org\/pdf\/1805.04810.pdf\n                      \n                    . Accessed 22 Oct 2018"},{"key":"10_CR18","unstructured":"Kreuk, F., et al.: Deceiving End-to-End Deep Learning Malware Detectors using Adversarial Examples (2018). \n                      https:\/\/arxiv.org\/pdf\/1802.04528.pdf\n                      \n                    . Accessed 22 Oct 2018"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-18419-3_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T10:33:03Z","timestamp":1558348383000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-18419-3_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030184186","9783030184193"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-18419-3_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"14 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Montreal, QC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/fps2018.encs.concordia.ca\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"51","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}