{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T13:17:10Z","timestamp":1771679830802,"version":"3.50.1"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030324292","type":"print"},{"value":"9783030324308","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-32430-8_28","type":"book-chapter","created":{"date-parts":[[2019,10,25]],"date-time":"2019-10-25T11:11:01Z","timestamp":1572001861000},"page":"479-491","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":34,"title":["MTDeep: Boosting the Security of Deep Neural Nets Against Adversarial Attacks with Moving Target Defense"],"prefix":"10.1007","author":[{"given":"Sailik","family":"Sengupta","sequence":"first","affiliation":[]},{"given":"Tathagata","family":"Chakraborti","sequence":"additional","affiliation":[]},{"given":"Subbarao","family":"Kambhampati","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,10,23]]},"reference":[{"key":"28_CR1","unstructured":"Abbasi, M., Gagn\u00e9, C.: Robustness to adversarial examples through an ensemble of specialists. \n                    arXiv:1702.06856\n                    \n                   (2017)"},{"key":"28_CR2","unstructured":"Adam, G.A., Smirnov, P., Goldenberg, A., Duvenaud, D., Haibe-Kains, B.: Stochastic combinatorial ensembles for defending against adversarial examples. \n                    arXiv:1808.06645\n                    \n                   (2018)"},{"key":"28_CR3","unstructured":"Bastani, O., Ioannou, Y., Lampropoulos, L., Vytiniotis, D., Nori, A., Criminisi, A.: Measuring neural net robustness with constraints. In: NIPS (2016)"},{"key":"28_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"500","DOI":"10.1007\/978-3-540-89689-0_54","volume-title":"Structural, Syntactic, and Statistical Pattern Recognition","author":"B Biggio","year":"2008","unstructured":"Biggio, B., Fumera, G., Roli, F.: Adversarial Pattern Classification Using Multiple Classifiers and Randomisation. In: da Vitoria, Lobo N. (ed.) SSPR \/SPR 2008. LNCS, vol. 5342, pp. 500\u2013509. Springer, Heidelberg (2008). \n                    https:\/\/doi.org\/10.1007\/978-3-540-89689-0_54"},{"key":"28_CR5","doi-asserted-by":"crossref","unstructured":"Chen, P.Y., Zhang, H., Sharma, Y., Yi, J., Hsieh, C.J.: Zoo: zeroth order optimization based black-box attacks to deep neural networks without training substitute models. \n                    arXiv:1708.03999\n                    \n                   (2017)","DOI":"10.1145\/3128572.3140448"},{"issue":"6","key":"28_CR6","doi-asserted-by":"publisher","first-page":"848","DOI":"10.1109\/41.649946","volume":"44","author":"A Escalera De La","year":"1997","unstructured":"De La Escalera, A., Moreno, L.E., Salichs, M.A., Armingol, J.M.: Road traffic sign detection and classification. IEEE Trans. Ind. Electron. 44(6), 848\u2013859 (1997)","journal-title":"IEEE Trans. Ind. Electron."},{"key":"28_CR7","unstructured":"He, W., Wei, J., Chen, X., Carlini, N., Song, D.: Adversarial example defenses: ensembles of weak defenses are not strong. arXiv preprint \n                    arXiv:1706.04701\n                    \n                   (2017)"},{"key":"28_CR8","unstructured":"Ioffe, S., Szegedy, C.: Batch normalization: accelerating deep network training by reducing internal covariate shift. \n                    arXiv:1502.03167\n                    \n                   (2015)"},{"key":"28_CR9","unstructured":"Javed, O., Shah, M.: Tracking and object classification for automated surveillance. In: ECCV (2006)"},{"issue":"4","key":"28_CR10","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/s10032-011-0170-8","volume":"15","author":"R Jayadevan","year":"2012","unstructured":"Jayadevan, R., Kolhe, S.R., Patil, P.M., Pal, U.: Automatic processing of handwritten bank cheque images: a survey. J. Doc. Anal. Recogn. 15(4), 267\u2013296 (2012). \n                    https:\/\/doi.org\/10.1007\/s10032-011-0170-8","journal-title":"J. Doc. Anal. Recogn."},{"key":"28_CR11","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. arXiv preprint \n                    arXiv:1706.06083\n                    \n                   (2017)"},{"key":"28_CR12","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., Fawzi, O., Frossard, P.: Universal adversarial perturbations. \n                    arXiv:1610.08401\n                    \n                   (2016)","DOI":"10.1109\/CVPR.2017.17"},{"key":"28_CR13","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., Frossard, P.: Deepfool: a simple and accurate method to fool deep neural networks. In: CVPR (2016)","DOI":"10.1109\/CVPR.2016.282"},{"key":"28_CR14","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. In: ACM CCS (2017)","DOI":"10.1145\/3052973.3053009"},{"key":"28_CR15","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P) (2016)","DOI":"10.1109\/EuroSP.2016.36"},{"key":"28_CR16","unstructured":"Paruchuri, P., Pearce, J.P., Marecki, J., Tambe, M., Ordonez, F., Kraus, S.: Playing games for security: an efficient exact algorithm for solving Bayesian stackelberg games. In: AAMAS (2008)"},{"issue":"3","key":"28_CR17","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s11263-015-0816-y","volume":"115","author":"O Russakovsky","year":"2015","unstructured":"Russakovsky, O., et al.: Imagenet large scale visual recognition challenge. Int. J. Comput. Vis. 115(3), 211\u2013252 (2015)","journal-title":"Int. J. Comput. Vis."},{"key":"28_CR18","unstructured":"Sengupta, S., et al.: A game theoretic approach to strategy generation for moving target defense in web applications. In: AAMAS (2017)"},{"key":"28_CR19","unstructured":"Szegedy, C., et al.: Intriguing properties of neural networks. \n                    arXiv:1312.6199\n                    \n                   (2013)"},{"key":"28_CR20","unstructured":"Tram\u00e8r, F., Kurakin, A., Papernot, N., Boneh, D., McDaniel, P.: Ensemble adversarial training: attacks and defenses. \n                    arXiv:1705.07204\n                    \n                   (2017)"},{"key":"28_CR21","unstructured":"Tsipras, D., Santurkar, S., Engstrom, L., Turner, A., Madry, A.: Robustness may be at odds with accuracy. arXiv preprint \n                    arXiv:1805.12152\n                    \n                   (2018)"},{"key":"28_CR22","unstructured":"Vorobeychik, Y., Li, B.: Optimal randomized classification in adversarial settings. In: AAMAS (2014)"},{"key":"28_CR23","unstructured":"Weng, T.W., et al.: Evaluating the robustness of neural networks: an extreme value theory approach. arXiv preprint \n                    arXiv:1801.10578\n                    \n                   (2018)"},{"key":"28_CR24","doi-asserted-by":"crossref","unstructured":"Zheng, S., Song, Y., Leung, T., Goodfellow, I.: Improving the robustness of deep neural networks via stability training. In: CVPR (2016)","DOI":"10.1109\/CVPR.2016.485"},{"key":"28_CR25","doi-asserted-by":"crossref","unstructured":"Zhuang, R., DeLoach, S.A., Ou, X.: Towards a theory of moving target defense. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 31\u201340. ACM (2014)","DOI":"10.1145\/2663474.2663479"}],"container-title":["Lecture Notes in Computer Science","Decision and Game Theory for Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-32430-8_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,25]],"date-time":"2019-10-25T11:14:42Z","timestamp":1572002082000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-32430-8_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030324292","9783030324308"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-32430-8_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"23 October 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"GameSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Decision and Game Theory for Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Stockholm","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 November 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"gamesec2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.gamesec-conf.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"47","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"11","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}