{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T09:22:53Z","timestamp":1753521773248,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031708893"},{"type":"electronic","value":"9783031708909"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70890-9_15","type":"book-chapter","created":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T09:24:24Z","timestamp":1725528264000},"page":"289-309","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["DPC: Filtering Out Patch-Based Poisoned Samples with\u00a0Differential Privacy"],"prefix":"10.1007","author":[{"given":"Yukun","family":"Yan","sequence":"first","affiliation":[]},{"given":"Peng","family":"Tang","sequence":"additional","affiliation":[]},{"given":"Rui","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Qilong","family":"Han","sequence":"additional","affiliation":[]},{"given":"Ruochen","family":"Du","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,6]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24\u201328 October 2016, pp. 308\u2013318. ACM (2016)","key":"15_CR1","DOI":"10.1145\/2976749.2978318"},{"unstructured":"Chen, T., Kornblith, S., Norouzi, M., Hinton, G.: A simple framework for contrastive learning of visual representations. In: International Conference on Machine Learning, pp. 1597\u20131607. PMLR (2020)","key":"15_CR2"},{"unstructured":"Du, M., Jia, R., Song, D.: Robust anomaly detection and backdoor attack detection via differential privacy. In: 8th International Conference on Learning Representations, ICLR 2020, Addis Ababa, Ethiopia, 26\u201330 April 2020. OpenReview.net (2020)","key":"15_CR3"},{"doi-asserted-by":"crossref","unstructured":"Gao, K., Bai, Y., Gu, J., Yang, Y., Xia, S.: Backdoor defense via adaptively splitting poisoned dataset. In: IEEE\/CVF Conference on Computer Vision and Pattern Recognition, CVPR 2023, Vancouver, BC, Canada, 17\u201324 June 2023, pp. 4005\u20134014. IEEE (2023)","key":"15_CR4","DOI":"10.1109\/CVPR52729.2023.00390"},{"unstructured":"Gu, T., Dolan-Gavitt, B., Garg, S.: Badnets: identifying vulnerabilities in the machine learning model supply chain. CoRR abs\/1708.06733 (2017). http:\/\/arxiv.org\/abs\/1708.06733","key":"15_CR5"},{"doi-asserted-by":"crossref","unstructured":"He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770\u2013778 (2016)","key":"15_CR6","DOI":"10.1109\/CVPR.2016.90"},{"unstructured":"Hong, S., Chandrasekaran, V., Kaya, Y., Dumitras, T., Papernot, N.: On the effectiveness of mitigating data poisoning attacks with gradient shaping. CoRR abs\/2002.11497 (2020). https:\/\/arxiv.org\/abs\/2002.11497","key":"15_CR7"},{"doi-asserted-by":"crossref","unstructured":"Houben, S., Stallkamp, J., Salmen, J., Schlipsing, M., Igel, C.: Detection of traffic signs in real-world images: the German traffic sign detection benchmark. In: International Joint Conference on Neural Networks. No.\u00a01288 (2013)","key":"15_CR8","DOI":"10.1109\/IJCNN.2013.6706807"},{"unstructured":"Huang, K., Li, Y., Wu, B., Qin, Z., Ren, K.: Backdoor defense via decoupling the training process. In: The Tenth International Conference on Learning Representations, ICLR 2022, Virtual Event, 25\u201329 April 2022. OpenReview.net (2022)","key":"15_CR9"},{"unstructured":"Krizhevsky, A.: Learning multiple layers of features from tiny images. Technical report (2009)","key":"15_CR10"},{"doi-asserted-by":"crossref","unstructured":"Lecuyer, M., Atlidakis, V., Geambasu, R., Hsu, D., Jana, S.: Certified robustness to adversarial examples with differential privacy. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 656\u2013672. IEEE (2019)","key":"15_CR11","DOI":"10.1109\/SP.2019.00044"},{"unstructured":"Li, Y., Lyu, X., Koren, N., Lyu, L., Li, B., Ma, X.: Anti-backdoor learning: training clean models on poisoned data. In: Ranzato, M., Beygelzimer, A., Dauphin, Y.N., Liang, P., Vaughan, J.W. (eds.) Advances in Neural Information Processing Systems 34: Annual Conference on Neural Information Processing Systems 2021, NeurIPS 2021, 6\u201314 December 2021, virtual, pp. 14900\u201314912 (2021)","key":"15_CR12"},{"unstructured":"Li, Y., Lyu, X., Koren, N., Lyu, L., Li, B., Ma, X.: Neural attention distillation: Erasing backdoor triggers from deep neural networks. In: 9th International Conference on Learning Representations, ICLR 2021, Virtual Event, Austria, 3\u20137 May 2021. OpenReview.net (2021)","key":"15_CR13"},{"doi-asserted-by":"crossref","unstructured":"Liu, S., Cullen, A.C., Montague, P., Erfani, S.M., Rubinstein, B.I.: Enhancing the antidote: improved pointwise certifications against poisoning attacks. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol.\u00a037, pp. 8861\u20138869 (2023)","key":"15_CR14","DOI":"10.1609\/aaai.v37i7.26065"},{"doi-asserted-by":"crossref","unstructured":"Liu, Y., et al.: Trojaning attack on neural networks. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18\u201321 February 2018. The Internet Society (2018)","key":"15_CR15","DOI":"10.14722\/ndss.2018.23291"},{"doi-asserted-by":"crossref","unstructured":"Ma, Y., Zhu, X., Hsu, J.: Data poisoning against differentially-private learners: attacks and defenses. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI 2019, Macao, China, 10\u201316 August 2019, pp. 4732\u20134738. ijcai.org (2019)","key":"15_CR16","DOI":"10.24963\/ijcai.2019\/657"},{"doi-asserted-by":"crossref","unstructured":"Naseri, M., Hayes, J., Cristofaro, E.D.: Local and central differential privacy for robustness and privacy in federated learning. In: 29th Annual Network and Distributed System Security Symposium, NDSS 2022, San Diego, California, USA, 24\u201328 April 2022. The Internet Society (2022)","key":"15_CR17","DOI":"10.14722\/ndss.2022.23054"},{"unstructured":"Nguyen, T.D., et al.: $$\\{$$FLAME$$\\}$$: taming backdoors in federated learning. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 1415\u20131432 (2022)","key":"15_CR18"},{"unstructured":"Papernot, N., Song, S., Mironov, I., Raghunathan, A., Talwar, K., Erlingsson, \u00da.: Scalable private learning with PATE. In: 6th International Conference on Learning Representations, ICLR 2018, Vancouver, BC, Canada, 30 April\u20133 May 2018, Conference Track Proceedings. OpenReview.net (2018)","key":"15_CR19"},{"unstructured":"Qi, X., Xie, T., Li, Y., Mahloujifar, S., Mittal, P.: Revisiting the assumption of latent separability for backdoor defenses. In: The Eleventh International Conference on Learning Representations, ICLR 2023, Kigali, Rwanda, 1\u20135 May 2023. OpenReview.net (2023)","key":"15_CR20"},{"unstructured":"Qi, X., Xie, T., Wang, J.T., Wu, T., Mahloujifar, S., Mittal, P.: Towards a proactive ML approach for detecting backdoor poison samples. In: 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, 9\u201311 August 2023, pp. 1685\u20131702. USENIX Association (2023)","key":"15_CR21"},{"unstructured":"Tang, D., Wang, X., Tang, H., Zhang, K.: Demon in the variant: statistical analysis of DNNs for robust backdoor contamination detection. In: Bailey, M.D., Greenstadt, R. (eds.) 30th USENIX Security Symposium, USENIX Security 2021, 11\u201313 August 2021, pp. 1541\u20131558. USENIX Association (2021)","key":"15_CR22"},{"unstructured":"Tran, B., Li, J., Madry, A.: Spectral signatures in backdoor attacks. In: Bengio, S., Wallach, H.M., Larochelle, H., Grauman, K., Cesa-Bianchi, N., Garnett, R. (eds.) Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018, NeurIPS 2018, 3\u20138 December 2018, Montr\u00e9al, Canada, pp. 8011\u20138021 (2018)","key":"15_CR23"},{"unstructured":"Turner, A., Tsipras, D., Madry, A.: Label-consistent backdoor attacks. CoRR abs\/1912.02771 (2019). http:\/\/arxiv.org\/abs\/1912.02771","key":"15_CR24"},{"doi-asserted-by":"crossref","unstructured":"Wang, B., et al.: Neural cleanse: identifying and mitigating backdoor attacks in neural networks. In: 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, 19\u201323 May 2019, pp. 707\u2013723. IEEE (2019)","key":"15_CR25","DOI":"10.1109\/SP.2019.00031"},{"key":"15_CR26","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"627","DOI":"10.1007\/978-3-031-30637-2_42","volume-title":"International Conference on Database Systems for Advanced Applications","author":"Y Yan","year":"2023","unstructured":"Yan, Y., Ye, Q., Hu, H., Chen, R., Han, Q., Wang, L.: Towards defending against byzantine LDP amplified gain attacks. In: Wang, X., et al. (eds.) DASFAA 2023. LNCS, vol. 13943, pp. 627\u2013643. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-30637-2_42"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70890-9_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T09:27:37Z","timestamp":1725528457000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70890-9_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708893","9783031708909"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70890-9_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"6 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}