{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T13:57:17Z","timestamp":1742997437046,"version":"3.40.3"},"publisher-location":"Cham","reference-count":49,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031708787"},{"type":"electronic","value":"9783031708794"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70879-4_8","type":"book-chapter","created":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T19:02:20Z","timestamp":1725476540000},"page":"146-166","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["ECLIPSE: Expunging Clean-Label Indiscriminate Poisons via\u00a0Sparse Diffusion Purification"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-3057-827X","authenticated-orcid":false,"given":"Xianlong","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0042-9045","authenticated-orcid":false,"given":"Shengshan","family":"Hu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0551-1200","authenticated-orcid":false,"given":"Yechao","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-6785-7306","authenticated-orcid":false,"given":"Ziqi","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9330-2662","authenticated-orcid":false,"given":"Leo Yu","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4268-4976","authenticated-orcid":false,"given":"Peng","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1247-5092","authenticated-orcid":false,"given":"Wei","family":"Wan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3934-7605","authenticated-orcid":false,"given":"Hai","family":"Jin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,9,5]]},"reference":[{"key":"8_CR1","unstructured":"Biggio, B., Nelson, B., Laskov, P.: Support vector machines under adversarial label noise. In: Proceedings of the 3rd Asian Conference on Machine Learning (ACML\u201911), pp. 97\u2013112 (2011)"},{"key":"8_CR2","doi-asserted-by":"crossref","unstructured":"Borgnia, E., et al.: Strong data augmentation sanitizes poisoning and backdoor attacks without an accuracy tradeoff. In: Proceedings of the 2021 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP\u201921), pp. 3855\u20133859 (2021)","DOI":"10.1109\/ICASSP39728.2021.9414862"},{"key":"8_CR3","unstructured":"Chen, S., et al.: Self-ensemble protection: training checkpoints are good data protectors. In: Proceedings of the 11th International Conference on Learning Representations (ICLR\u201923) (2023)"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Deng, J., Dong, W., Socher, R., Li, L.J., Li, K., Li, F.: Imagenet: a large-scale hierarchical image database. In: Proceedings of the 2009 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201909), pp. 248\u2013255 (2009)","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"8_CR5","unstructured":"DeVries, T., Taylor, G.W.: Improved regularization of convolutional neural networks with cutout. arXiv preprint arXiv:1708.04552 (2017)"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Dolatabadi, H.M., Erfani, S., Leckie, C.: The devil\u2019s advocate: shattering the illusion of unexploitable data using diffusion models. arXiv preprint arXiv:2303.08500 (2023)","DOI":"10.1109\/SaTML59370.2024.00025"},{"key":"8_CR7","unstructured":"Feng, J., Cai, Q.-Z., Zhou, Z.H.: Learning to confuse: generating training time adversarial data with auto-encoder. In: Proceedings of the 33rd Neural Information Processing Systems (NeruIPS\u201919), vol.\u00a032, pp. 11971\u201311981 (2019)"},{"key":"8_CR8","unstructured":"Fowl, L., et al.: Preventing unauthorized use of proprietary data: poisoning for secure dataset release. arXiv preprint arXiv:2103.02683 (2021)"},{"key":"8_CR9","unstructured":"Fowl, L., Goldblum, M., Chiang, P.V., Geiping, J., Czaja, W., Goldstein, T.: Adversarial examples make strong poisons. In: Proceedings of the 35th Neural Information Processing Systems (NeurIPS\u201921), vol.\u00a034, pp. 30339\u201330351 (2021)"},{"key":"8_CR10","unstructured":"Fu, S., He, F., Liu, Y., Shen, L., Tao, D.: Robust unlearnable examples: protecting data privacy against adversarial learning. In: Proceedings of the 10th International Conference on Learning Representations (ICLR\u201922) (2022)"},{"key":"8_CR11","doi-asserted-by":"publisher","first-page":"665","DOI":"10.1038\/s42256-020-00257-z","volume":"2","author":"R Geirhos","year":"2020","unstructured":"Geirhos, R., et al.: Shortcut learning in deep neural networks. Nature Mach. Intell. 2, 665\u2013673 (2020)","journal-title":"Nature Mach. Intell."},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the 2016 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201916), pp. 770\u2013778 (2016)","DOI":"10.1109\/CVPR.2016.90"},{"key":"8_CR13","unstructured":"Ho, J., Jain, A., Abbeel, P.: Denoising diffusion probabilistic models. In: Proceedings of the 34th Neural Information Processing Systems (NeurIPS\u201920), vol.\u00a033, pp. 6840\u20136851 (2020)"},{"key":"8_CR14","unstructured":"Hong, S., Chandrasekaran, V., Kaya, Y., Dumitra\u015f, T. Papernot, N.: On the effectiveness of mitigating data poisoning attacks with gradient shaping. arXiv preprint arXiv:2002.11497 (2020)"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Hu, S., et al.: PointCRT: detecting backdoor in 3D point cloud via corruption robustness. In: Proceedings of the 31st ACM International Conference on Multimedia (MM\u201923), pp. 666\u2013675 (2023)","DOI":"10.1145\/3581783.3612456"},{"key":"8_CR16","doi-asserted-by":"crossref","unstructured":"Huang, G., Liu, Z., Van Der\u00a0Maaten, L., Weinberger, K.Q.: Densely connected convolutional networks. In: Proceedings of the 2017 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201917), pp. 4700\u20134708 (2017)","DOI":"10.1109\/CVPR.2017.243"},{"key":"8_CR17","unstructured":"Huang, H., Ma, X., Erfani, S.M., Wang, J.B.A.Y.: Unlearnable examples: making personal data unexploitable. In: Proceedings of the 9th International Conference on Learning Representations (ICLR\u201921) (2021)"},{"key":"8_CR18","doi-asserted-by":"crossref","unstructured":"Jiang, W., Diao, Y., Wang, H., Sun, J., Wang, M., Hong, R.: Unlearnable examples give a false sense of security: Piercing through unexploitable data with learnable examples. In: Proceedings of the 31st ACM International Conference on Multimedia (MM\u201923), pp. 8910\u20138921 (2023)","DOI":"10.1145\/3581783.3611833"},{"key":"8_CR19","unstructured":"Kostrikov, I., Fergus, R., Tompson, J., Nachum, O.: Offline reinforcement learning with fisher divergence critic regularization. In: Proceedings of the 38th International Conference on Machine Learning (ICML\u201921), pp. 5774\u20135783 (2021)"},{"key":"8_CR20","unstructured":"Krizhevsky, A.: Learning multiple layers of features from tiny images. Master\u2019s thesis, University of Tront (2009)"},{"key":"8_CR21","doi-asserted-by":"crossref","unstructured":"Liu, X., et al.: Detecting backdoors during the inference stage based on corruption robustness consistency. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201923), pp. 16363\u201316372 (2023)","DOI":"10.1109\/CVPR52729.2023.01570"},{"key":"8_CR22","unstructured":"Liu, Z., Zhao, Z., Larson, M.: Image shortcut squeezing: countering perturbative availability poisons with compression. In: Proceedings of the 40th International Conference on Machine Learning (ICML\u201923) (2023)"},{"key":"8_CR23","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. In: Proceedings of the 6th International Conference on Learning Representations (ICLR\u201918) (2018)"},{"key":"8_CR24","doi-asserted-by":"crossref","unstructured":"Mu\u00f1oz-Gonz\u00e1lez, L., et al.: Towards poisoning of deep learning algorithms with back-gradient optimization. In: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security (AISec\u201917), pp. 27\u201338 (2017)","DOI":"10.1145\/3128572.3140451"},{"key":"8_CR25","unstructured":"Nichol, A.Q., Dhariwal, P.: Improved denoising diffusion probabilistic models. In: Proceedings of the 38th International Conference on Machine Learning (ICML\u201921), pp. 8162\u20138171 (2021)"},{"key":"8_CR26","unstructured":"Nie, W., Guo, B., Huang, Y., Xiao, C., Vahdat, A., Anandkumar, A.: Diffusion models for adversarial purification. In: Proceedings of the 39th International Conference on Machine Learning (ICML\u201922) (2022)"},{"key":"8_CR27","unstructured":"Qin, T., Gao, X., Zhao, J., Ye, K., Xu, C.Z.: Learning the unlearnable: adversarial augmentations suppress unlearnable example attacks. arXiv preprint arXiv:2303.15127 (2023)"},{"key":"8_CR28","unstructured":"Ren, J., Xu, H., Wan, Y., Ma, X., Sun, L., Tang, J.: Transferable unlearnable examples. In: Proceedings of the 11th International Conference on Learning Representations (ICLR\u201923) (2023)"},{"key":"8_CR29","doi-asserted-by":"crossref","unstructured":"Sadasivan, V.S., Soltanolkotabi, M., Feizi, S.: CUDA: convolution-based unlearnable datasets. In: Proceedings of the 2023 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201923), pp. 3862\u20133871 (2023)","DOI":"10.1109\/CVPR52729.2023.00376"},{"key":"8_CR30","doi-asserted-by":"crossref","unstructured":"Sandoval-Segura, P., et al.: Poisons that are learned faster are more effective. In: Proceedings of the 2022 IEEE\/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW\u201922), pp. 198\u2013205 (2022)","DOI":"10.1109\/CVPRW56347.2022.00033"},{"key":"8_CR31","unstructured":"Sandoval-Segura, P., Singla, V., Geiping, J., Goldblum, M., Goldstein, T., Jacobs, D.W.: Autoregressive perturbations for data poisoning. In: Proceedings of the 36th Neural Information Processing Systems (NeurIPS\u201922), vol.\u00a035 (2022)"},{"key":"8_CR32","unstructured":"Sandoval-Segura, P., Singla, V., Geiping, J., Goldblum, M., Goldstein, T.: What can we learn from unlearnable datasets? In: Proceedings of the 37th Neural Information Processing Systems (NeurIPS\u201923) (2023)"},{"key":"8_CR33","doi-asserted-by":"publisher","DOI":"10.1017\/9781108186735","volume-title":"Applied Stochastic Differential Equations","author":"S S\u00e4rkk\u00e4","year":"2019","unstructured":"S\u00e4rkk\u00e4, S., Solin, A.: Applied Stochastic Differential Equations, vol. 10. Cambridge University Press, Cambridge (2019)"},{"key":"8_CR34","doi-asserted-by":"publisher","first-page":"41498","DOI":"10.1109\/ACCESS.2019.2905915","volume":"7","author":"J Shen","year":"2019","unstructured":"Shen, J., Zhu, X., Ma, D.: TensorClog: an imperceptible poisoning attack on deep neural network applications. IEEE Access 7, 41498\u201341506 (2019)","journal-title":"IEEE Access"},{"key":"8_CR35","unstructured":"Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv preprint arXiv:1409.1556 (2014)"},{"key":"8_CR36","unstructured":"Song, Y., Durkan, C., Murray, I., Ermon, S.: Maximum likelihood training of score-based diffusion models. In: Proceedings of the 35th Neural Information Processing Systems (NeurIPS\u201921), vol.\u00a034, pp. 1415\u20131428 (2021)"},{"key":"8_CR37","unstructured":"Song, Y., Sohl-Dickstein, J., Kingma, D., Kumar, A., Ermon, S., Poole, B.: Score-based generative modeling through stochastic differential equations. In: Proceedings of the 9th International Conference on Learning Representations (ICLR\u201921) (2021)"},{"key":"8_CR38","unstructured":"Tao, L., Feng, L., Yi, J., Huang, S.-J., Chen, S.: Better safe than sorry: preventing delusive adversaries with adversarial training. In: Proceedings of the 35th Neural Information Processing Systems (NeurIPS\u201921), vol.\u00a034, pp. 16209\u201316225 (2021)"},{"key":"8_CR39","unstructured":"Wang, X., Hu, S., Li, M., Yu, Z., Zhou, Z., Zhang, L.Y.: Corrupting convolution-based unlearnable datasets with pixel-based image transformations. arXiv preprint arXiv:2311.18403 (2023)"},{"key":"8_CR40","unstructured":"Wang, Z., Wang, Y., Wang, Y.: Fooling adversarial training with inducing noise. arXiv preprint arXiv:2111.10130 (2021)"},{"key":"8_CR41","unstructured":"Wen, R., Zhao, Z., Liu, Z., Backes, M., Wang, T., Zhang, Y.: Is adversarial training really a silver bullet for mitigating data poisoning? In: Proceedings of the 11th International Conference on Learning Representations (ICLR\u201923) (2023)"},{"key":"8_CR42","doi-asserted-by":"crossref","unstructured":"Yu, D., Zhang, H., Chen, W., Liu, Yin, J., Liu, T.Y.: Availability attacks create shortcuts. In: Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD\u201922), pp. 2367\u20132376 (2022)","DOI":"10.1145\/3534678.3539241"},{"key":"8_CR43","unstructured":"Yuan, C.H., Wu, S.H.: Neural tangent generalization attacks. In: Proceedings of the 38th International Conference on Machine Learning (ICML\u201921), pp. 12230\u201312240 (2021)"},{"key":"8_CR44","doi-asserted-by":"crossref","unstructured":"Yun, S., Han, D., Oh, S.J., Chun, S., Choe, J., Yoo, Y.: CutmMix: regularization strategy to train strong classifiers with localizable features. In: Proceedings of the 17th International Conference on Computer Vision (ICCV\u201919) (2019)","DOI":"10.1109\/ICCV.2019.00612"},{"key":"8_CR45","unstructured":"Zhang, H., Cisse, M., Dauphin, Y.N., Lopez-Paz, D.: MixUp: beyond empirical risk minimization. In: Proceedings of the 6th International Conference on Learning Representations (ICLR\u201918) (2018)"},{"issue":"6","key":"8_CR46","doi-asserted-by":"publisher","first-page":"1403","DOI":"10.1007\/s10796-021-10144-6","volume":"23","author":"L Zhang","year":"2021","unstructured":"Zhang, L., Shen, B., Barnawi, A., Xi, S., Kumar, N., Wu, Y.: FEDDPGAN: federated differentially private generative adversarial networks framework for the detection of COVID-19 pneumonia. Inf. Syst. Front. 23(6), 1403\u20131415 (2021)","journal-title":"Inf. Syst. Front."},{"key":"8_CR47","doi-asserted-by":"crossref","unstructured":"Zhang, R., Zhu, Q.: A game-theoretic analysis of label flipping attacks on distributed support vector machines. In: Proceedings of the 51st Annual Conference on Information Sciences and Systems (CISS\u201917), pp.\u00a01\u20136 (2017)","DOI":"10.1109\/CISS.2017.7926118"},{"key":"8_CR48","doi-asserted-by":"crossref","unstructured":"Zhang, Y., et al.: Why does little robustness help? A further step towards understanding adversarial transferability. In: Proceedings of the 45th IEEE Symposium on Security and Privacy (S &P\u201924), vol.\u00a02 (2024)","DOI":"10.1109\/SP54263.2024.00010"},{"key":"8_CR49","doi-asserted-by":"crossref","unstructured":"Zhou, Z., Rahman\u00a0Siddiquee, M.M., Tajbakhsh, N., Liang, J.: Unet++: a nested u-net architecture for medical image segmentation. In: Proceedings of the International Workshop on Deep Learning in Medical Image Analysis, pp. 3\u201311 (2018)","DOI":"10.1007\/978-3-030-00889-5_1"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70879-4_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T19:44:36Z","timestamp":1732736676000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70879-4_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708787","9783031708794"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70879-4_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"5 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}