{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,5]],"date-time":"2025-06-05T04:53:29Z","timestamp":1749099209054,"version":"3.40.3"},"publisher-location":"Cham","reference-count":58,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031236891"},{"type":"electronic","value":"9783031236907"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-23690-7_7","type":"book-chapter","created":{"date-parts":[[2022,12,10]],"date-time":"2022-12-10T05:02:50Z","timestamp":1670648570000},"page":"119-138","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Attacks on\u00a0ML Systems: From Security Analysis to\u00a0Attack Mitigation"],"prefix":"10.1007","author":[{"given":"Qingtian","family":"Zou","sequence":"first","affiliation":[]},{"given":"Lan","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[]},{"given":"Xiaoyan","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,12,11]]},"reference":[{"key":"7_CR1","unstructured":"DailyWireless, March 2020. https:\/\/dailywireless.org\/internet\/what-happened-to-microsoft-tay-ai-chatbot. Accessed 8 Feb 2022"},{"key":"7_CR2","unstructured":"IBM Watson - Speech to Text, August 2021. https:\/\/www.ibm.com\/cloud\/watson-speech-to-text. Accessed 8 Feb 2022"},{"key":"7_CR3","unstructured":"Machine Translation - Microsoft Translator for Business, September 2021. https:\/\/www.microsoft.com\/en-us\/translator\/business\/machine-translation. Accessed 8 Feb 2022"},{"key":"7_CR4","unstructured":"Google TensorFlow: CVE security vulnerabilities, versions and detailed reports, July 2022. https:\/\/www.cvedetails.com\/product\/53738\/Google-Tensorflow.html?vendor_id=1224. Accessed 11 July 2022"},{"key":"7_CR5","unstructured":"Speech-to-Text: Automatic Speech Recognition $$\\vert $$ Google Cloud, February 2022. https:\/\/cloud.google.com\/speech-to-text. Accessed 8 Feb 2022"},{"key":"7_CR6","unstructured":"Abadi, M., et al.: TensorFlow: large-scale machine learning on heterogeneous systems (2015). Software available from tensorflow.org. https:\/\/www.tensorflow.org\/"},{"issue":"3","key":"7_CR7","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1504\/IJSN.2015.071829","volume":"10","author":"G Ateniese","year":"2015","unstructured":"Ateniese, G., Mancini, L.V., Spognardi, A., Villani, A., Vitali, D., Felici, G.: Hacking smart machines with smarter ones: how to extract meaningful data from machine learning classifiers. Int. J. Secur. Netw. 10(3), 137\u2013150 (2015)","journal-title":"Int. J. Secur. Netw."},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.: Towards evaluating the robustness of neural networks. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 39\u201357. IEEE (2017)","DOI":"10.1109\/SP.2017.49"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Chan, A., Gujarati, A., Pattabiraman, K., Gopalakrishnan, S.: The fault in our data stars: studying mitigation techniques against faulty training data in machine learning applications. In: DSN (2022)","DOI":"10.1109\/DSN53405.2022.00027"},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Cheikes, B.A., Cheikes, B.A., Kent, K.A., Waltermire, D.: Common platform enumeration: Naming specification version 2.3. US Department of Commerce, National Institute of Standards and Technology (2011)","DOI":"10.6028\/NIST.IR.7695"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Chen, P.Y., Zhang, H., Sharma, Y., Yi, J., Hsieh, C.J.: ZOO: zeroth order optimization based black-box attacks to deep neural networks without training substitute models. In: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 15\u201326 (2017)","DOI":"10.1145\/3128572.3140448"},{"key":"7_CR12","doi-asserted-by":"publisher","first-page":"9961","DOI":"10.1109\/TITS.2021.3096854","volume":"23","author":"D Feng","year":"2021","unstructured":"Feng, D., Harakeh, A., Waslander, S.L., Dietmayer, K.: A review and comparative study on probabilistic object detection in autonomous driving. IEEE Trans. Intell. Transp. Syst. 23, 9961\u20139980 (2021)","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Fredrikson, M., Jha, S., Ristenpart, T.: Model inversion attacks that exploit confidence information and basic countermeasures. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1322\u20131333 (2015)","DOI":"10.1145\/2810103.2813677"},{"key":"7_CR14","unstructured":"Fredrikson, M., Lantz, E., Jha, S., Lin, S., Page, D., Ristenpart, T.: Privacy in pharmacogenetics: an $$\\{$$End-to-End$$\\}$$ case study of personalized warfarin dosing. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 17\u201332 (2014)"},{"key":"7_CR15","doi-asserted-by":"publisher","unstructured":"Gnanasambandam, A., Sherman, A.M., Chan, S.H.: Optical adversarial attack (2021). https:\/\/doi.org\/10.48550\/arxiv.2108.06247. https:\/\/arxiv.org\/abs\/2108.06247","DOI":"10.48550\/arxiv.2108.06247"},{"key":"7_CR16","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)"},{"key":"7_CR17","unstructured":"Gu, T., Dolan-Gavitt, B., Garg, S.: BadNets: identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 (2017)"},{"key":"7_CR18","unstructured":"Guo, C., Gardner, J., You, Y., Wilson, A.G., Weinberger, K.: Simple black-box adversarial attacks. In: International Conference on Machine Learning, pp. 2484\u20132493. PMLR (2019)"},{"key":"7_CR19","unstructured":"Huang, S., Papernot, N., Goodfellow, I., Duan, Y., Abbeel, P.: Adversarial attacks on neural network policies. arXiv preprint arXiv:1702.02284 (2017)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Jagielski, M., Severi, G., Pousette Harger, N., Oprea, A.: Subpopulation data poisoning attacks. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. pp. 3104\u20133122 (2021)","DOI":"10.1145\/3460120.3485368"},{"key":"7_CR21","doi-asserted-by":"publisher","unstructured":"Jha, S., Sheyner, O., Wing, J.: Two formal analyses of attack graphs. In: Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15, pp. 49\u201363 (2002). https:\/\/doi.org\/10.1109\/CSFW.2002.1021806","DOI":"10.1109\/CSFW.2002.1021806"},{"key":"7_CR22","unstructured":"Kos, J., Song, D.: Delving into adversarial attacks on deep policies. arXiv preprint arXiv:1705.06452 (2017)"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Kurakin, A., Goodfellow, I.J., Bengio, S.: Adversarial examples in the physical world. In: Artificial Intelligence Safety and Security, pp. 99\u2013112. Chapman and Hall\/CRC (2018)","DOI":"10.1201\/9781351251389-8"},{"key":"7_CR24","unstructured":"Li, S., Zhao, B.Z.H., Yu, J., Xue, M., Kaafar, D., Zhu, H.: Invisible backdoor attacks against deep neural networks. arXiv preprint arXiv:1909.02742 (2019)"},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"Li, Y., Jiang, Y., Li, Z., Xia, S.T.: Backdoor learning: a survey. IEEE Trans. Neural Netw. Learn. Syst. arXiv:2007.08745 (2022)","DOI":"10.1109\/TNNLS.2022.3182979"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Liu, Y., et al.: Trojaning attack on neural networks (2017)","DOI":"10.14722\/ndss.2018.23291"},{"key":"7_CR27","unstructured":"Lovisotto, G., Turner, H., Sluganovic, I., Strohmeier, M., Martinovic, I.: $$\\{$$SLAP$$\\}$$: improving physical adversarial examples with $$\\{$$Short-Lived$$\\}$$ adversarial perturbations. In: 30th USENIX Security Symposium (USENIX Security 2021), pp. 1865\u20131882 (2021)"},{"key":"7_CR28","unstructured":"McGraw, G., Figueroa, H., Shepardson, V., Bonett, R.: An architectural risk analysis of machine learning systems: toward more secure machine learning. Berryville Institute of Machine Learning, Clarke County, VA (2020). Accessed 23 Mar 2020"},{"key":"7_CR29","unstructured":"MITRE: CVE of Sockeye (2022). https:\/\/www.cvedetails.com\/cve\/CVE-2021-43811\/"},{"key":"7_CR30","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., Fawzi, O., Frossard, P.: Universal adversarial perturbations. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 1765\u20131773 (2017)","DOI":"10.1109\/CVPR.2017.17"},{"key":"7_CR31","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., Frossard, P.: DeepFool: a simple and accurate method to fool deep neural networks. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 2574\u20132582 (2016)","DOI":"10.1109\/CVPR.2016.282"},{"key":"7_CR32","unstructured":"Morgulis, N., Kreines, A., Mendelowitz, S., Weisglass, Y.: Fooling a real car with adversarial traffic signs. arXiv preprint arXiv:1907.00374 (2019)"},{"key":"7_CR33","unstructured":"Mozilla: DeepSpeech, February 2022 https:\/\/github.com\/mozilla\/DeepSpeech. Accessed 8 Feb 2022"},{"key":"7_CR34","doi-asserted-by":"crossref","unstructured":"Mu\u00f1oz-Gonz\u00e1lez, L., et al.: Towards poisoning of deep learning algorithms with back-gradient optimization. In: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 27\u201338 (2017)","DOI":"10.1145\/3128572.3140451"},{"key":"7_CR35","doi-asserted-by":"publisher","unstructured":"Nassi, D., Ben-Netanel, R., Elovici, Y., Nassi, B.: MobilBye: Attacking ADAS with camera spoofing (2019). https:\/\/doi.org\/10.48550\/arxiv.1906.09765. https:\/\/arxiv.org\/abs\/1906.09765","DOI":"10.48550\/arxiv.1906.09765"},{"key":"7_CR36","doi-asserted-by":"publisher","unstructured":"Ning, R., Li, J., Xin, C., Wu, H.: Invisible poison: a blackbox clean label backdoor attack to deep neural networks. In: IEEE INFOCOM 2021 - IEEE Conference on Computer Communications, pp. 1\u201310 (2021). https:\/\/doi.org\/10.1109\/INFOCOM42981.2021.9488902","DOI":"10.1109\/INFOCOM42981.2021.9488902"},{"key":"7_CR37","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: USENIX Security (2005)"},{"key":"7_CR38","doi-asserted-by":"crossref","unstructured":"Papernot, N.: A marauder\u2019s map of security and privacy in machine learning. arXiv:1811.01134 [cs], November 2018","DOI":"10.1145\/3270101.3270102"},{"key":"7_CR39","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 506\u2013519 (2017)","DOI":"10.1145\/3052973.3053009"},{"key":"7_CR40","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. In: 2016 IEEE European symposium on security and privacy (EuroS &P), pp. 372\u2013387. IEEE (2016)","DOI":"10.1109\/EuroSP.2016.36"},{"key":"7_CR41","unstructured":"Paszke, A., et al.: PyTorch: an imperative style, high-performance deep learning library. In: Advances in Neural Information Processing Systems 32, pp. 8024\u20138035. Curran Associates, Inc. (2019). http:\/\/papers.neurips.cc\/paper\/9015-pytorch-an-imperative-style-high-performance-deep-learning-library.pdf"},{"key":"7_CR42","doi-asserted-by":"publisher","unstructured":"Patel, N., Krishnamurthy, P., Garg, S., Khorrami, F.: Bait and switch: online training data poisoning of autonomous driving systems (2020). https:\/\/doi.org\/10.48550\/arxiv.2011.04065. https:\/\/arxiv.org\/abs\/2011.04065","DOI":"10.48550\/arxiv.2011.04065"},{"key":"7_CR43","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"7_CR44","doi-asserted-by":"crossref","unstructured":"Schuster, R., Shuster, T., Meri, Y., Shmatikov, V.: Humpty dumpty: controlling word meanings via corpus poisoning. In: IEEE S &P (2020)","DOI":"10.1109\/SP40000.2020.00115"},{"key":"7_CR45","doi-asserted-by":"publisher","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of 2002 IEEE Symposium on Security and Privacy, pp. 273\u2013284 (2002). https:\/\/doi.org\/10.1109\/SECPRI.2002.1004377","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"7_CR46","doi-asserted-by":"crossref","unstructured":"Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE symposium on security and privacy (SP), pp. 3\u201318. IEEE (2017)","DOI":"10.1109\/SP.2017.41"},{"issue":"5","key":"7_CR47","doi-asserted-by":"publisher","first-page":"828","DOI":"10.1109\/TEVC.2019.2890858","volume":"23","author":"J Su","year":"2019","unstructured":"Su, J., Vargas, D.V., Sakurai, K.: One pixel attack for fooling deep neural networks. IEEE Trans. Evol. Comput. 23(5), 828\u2013841 (2019)","journal-title":"IEEE Trans. Evol. Comput."},{"key":"7_CR48","unstructured":"Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)"},{"key":"7_CR49","unstructured":"Tram\u00e8r, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction $$\\{$$APIs$$\\}$$. In: 25th USENIX security symposium (USENIX Security 2016), pp. 601\u2013618 (2016)"},{"key":"7_CR50","doi-asserted-by":"crossref","unstructured":"Xiao, C., Li, B., Zhu, J.Y., He, W., Liu, M., Song, D.: Generating adversarial examples with adversarial networks. arXiv preprint arXiv:1801.02610 (2018)","DOI":"10.24963\/ijcai.2018\/543"},{"key":"7_CR51","doi-asserted-by":"crossref","unstructured":"Xiao, Q., Li, K., Zhang, D., Xu, W.: Security risks in deep learning implementations. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 123\u2013128. IEEE (2018)","DOI":"10.1109\/SPW.2018.00027"},{"key":"7_CR52","unstructured":"Xu, K., Liu, S., Chen, P.Y., Zhao, P., Lin, X.: Defending against backdoor attack on deep neural networks. arXiv preprint arXiv:2002.12162 (2020)"},{"key":"7_CR53","doi-asserted-by":"crossref","unstructured":"Yin, H., et al.: Dreaming to distill: Data-free knowledge transfer via DeepInversion. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, pp. 8715\u20138724 (2020)","DOI":"10.1109\/CVPR42600.2020.00874"},{"key":"7_CR54","doi-asserted-by":"crossref","unstructured":"Yu, H., Yang, K., Zhang, T., Tsai, Y.Y., Ho, T.Y., Jin, Y.: CloudLeak: large-scale deep learning models stealing through adversarial examples. In: NDSS (2020)","DOI":"10.14722\/ndss.2020.24178"},{"key":"7_CR55","unstructured":"Yuan, X., et al.: $$\\{$$CommanderSong$$\\}$$: a systematic approach for practical adversarial voice recognition. In: 27th USENIX security symposium (USENIX security 2018), pp. 49\u201364 (2018)"},{"key":"7_CR56","doi-asserted-by":"crossref","unstructured":"Zhang, L., Liu, P., Choi, Y., Chen, P.: Semantics-preserving reinforcement learning attack against graph neural networks for malware detection. IEEE Trans. Depend. Secur. Comput. arXiv:2009.05602 (2022)","DOI":"10.1109\/TDSC.2022.3153844"},{"key":"7_CR57","unstructured":"Zhao, Z., Dua, D., Singh, S.: Generating natural adversarial examples. arXiv preprint arXiv:1710.11342 (2017)"},{"key":"7_CR58","doi-asserted-by":"crossref","unstructured":"Zhou, L., Gao, J., Li, D., Shum, H.Y.: The design and implementation of XiaoIce, an empathetic social chatbot. arXiv:1812.08989 [cs], September 2019","DOI":"10.1162\/coli_a_00368"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-23690-7_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,10]],"date-time":"2022-12-10T05:04:22Z","timestamp":1670648662000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-23690-7_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031236891","9783031236907"],"references-count":58,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-23690-7_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"11 December 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Commercial products are identified in order to adequately specify certain procedures. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology, nor does it imply that the identified products are necessarily the best available for the purpose.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclaimer"}},{"value":"ICISS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tirupati","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iciss2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.icissconf.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"55","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}