{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T18:02:18Z","timestamp":1770228138913,"version":"3.49.0"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031732256","type":"print"},{"value":"9783031732263","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,11,1]],"date-time":"2024-11-01T00:00:00Z","timestamp":1730419200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,11,1]],"date-time":"2024-11-01T00:00:00Z","timestamp":1730419200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-73226-3_17","type":"book-chapter","created":{"date-parts":[[2024,10,31]],"date-time":"2024-10-31T15:02:57Z","timestamp":1730386977000},"page":"288-303","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["AdversariaLeak: External Information Leakage Attack Using Adversarial Samples on\u00a0Face Recognition Systems"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-0661-7965","authenticated-orcid":false,"given":"Roye","family":"Katzav","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6496-0148","authenticated-orcid":false,"given":"Amit","family":"Giloni","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8502-2035","authenticated-orcid":false,"given":"Edita","family":"Grolman","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hiroo","family":"Saito","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tomoyuki","family":"Shibata","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tsukasa","family":"Omino","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Misaki","family":"Komatsu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yoshikazu","family":"Hanatani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9641-128X","authenticated-orcid":false,"given":"Yuval","family":"Elovici","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0630-4059","authenticated-orcid":false,"given":"Asaf","family":"Shabtai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,11,1]]},"reference":[{"issue":"12","key":"17_CR1","doi-asserted-by":"publisher","first-page":"2100","DOI":"10.1109\/TIFS.2014.2359587","volume":"9","author":"SR Arashloo","year":"2014","unstructured":"Arashloo, S.R., Kittler, J.: Class-specific kernel fusion of multiple descriptors for face verification using multiscale binarised statistical image features. IEEE Trans. Inf. Forensics Secur. 9(12), 2100\u20132109 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"3","key":"17_CR2","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1504\/IJSN.2015.071829","volume":"10","author":"G Ateniese","year":"2015","unstructured":"Ateniese, G., Mancini, L.V., Spognardi, A., Villani, A., Vitali, D., Felici, G.: Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers. Int. J. Secure. Network. 10(3), 137\u2013150 (2015)","journal-title":"Int. J. Secure. Network."},{"key":"17_CR3","unstructured":"Behrmann, J., Grathwohl, W., Chen, R.T., Duvenaud, D., Jacobsen, J.H.: Invertible residual networks. In: International Conference on Machine Learning. pp. 573\u2013582. PMLR (2019)"},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Cao, Q., Shen, L., Xie, W., Parkhi, O.M., Zisserman, A.: Vggface2: A dataset for recognising faces across pose and age. In: 2018 13th IEEE international conference on automatic face & gesture recognition (FG 2018). pp. 67\u201374. IEEE (2018)","DOI":"10.1109\/FG.2018.00020"},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.: Towards evaluating the robustness of neural networks. In: 2017 ieee symposium on security and privacy (sp). pp. 39\u201357. Ieee (2017)","DOI":"10.1109\/SP.2017.49"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Chaudhari, H., Abascal, J., Oprea, A., Jagielski, M., Tram\u00e8r, F., Ullman, J.: Snap: Efficient extraction of private properties with poisoning. In: 2023 IEEE Symposium on Security and Privacy (SP). pp. 400\u2013417. IEEE (2023)","DOI":"10.1109\/SP46215.2023.10179334"},{"key":"17_CR7","unstructured":"Choquette-Choo, C.A., Tramer, F., Carlini, N., Papernot, N.: Label-only membership inference attacks. In: International conference on machine learning. pp. 1964\u20131974. PMLR (2021)"},{"key":"17_CR8","doi-asserted-by":"crossref","unstructured":"Ding, X., Zhang, X., Ma, N., Han, J., Ding, G., Sun, J.: Repvgg: Making vgg-style convnets great again. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition. pp. 13733\u201313742 (2021)","DOI":"10.1109\/CVPR46437.2021.01352"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Dwork, C., Roth, A., et\u00a0al.: The algorithmic foundations of differential privacy. Foundations and Trends\u00ae in Theoretical Computer Science 9(3\u20134), 211\u2013407 (2014)","DOI":"10.1561\/0400000042"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Ganju, K., Wang, Q., Yang, W., Gunter, C.A., Borisov, N.: Property inference attacks on fully connected neural networks using permutation invariant representations. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. pp. 619\u2013633 (2018)","DOI":"10.1145\/3243734.3243834"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Goswami, G., Ratha, N., Agarwal, A., Singh, R., Vatsa, M.: Unravelling robustness of deep learning based face recognition against adversarial attacks. In: Proceedings of the AAAI Conference on Artificial Intelligence. vol.\u00a032 (2018)","DOI":"10.1609\/aaai.v32i1.12341"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Guo, Y., Zhang, L., Hu, Y., He, X., Gao, J.: Ms-celeb-1m: A dataset and benchmark for large-scale face recognition. In: European conference on computer vision. pp. 87\u2013102. Springer (2016)","DOI":"10.1007\/978-3-319-46487-9_6"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Ijiri, Y., Sakuragi, M., Lao, S.: Security management for mobile devices by face recognition. In: 7th International Conference on Mobile Data Management (MDM\u201906). pp. 49\u201349. IEEE (2006)","DOI":"10.1109\/MDM.2006.138"},{"key":"17_CR14","unstructured":"Jia, J., Gong, N.Z.: Attriguard: A practical defense against attribute inference attacks via adversarial machine learning. In: 27th $$\\{$$USENIX$$\\}$$ security symposium ($$\\{$$USENIX$$\\}$$ security 18). pp. 513\u2013529 (2018)"},{"key":"17_CR15","unstructured":"Liu, Z., Luo, P., Wang, X., Tang, X.: Large-scale celebfaces attributes (celeba) dataset. Retrieved August 15(2018), 11 (2018)"},{"key":"17_CR16","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083 (2017)"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"Mahloujifar, S., Ghosh, E., Chase, M.: Property inference from poisoning. In: 2022 IEEE Symposium on Security and Privacy (SP). pp. 1569\u20131569. IEEE Computer Society (2022)","DOI":"10.1109\/SP46214.2022.9833623"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Majeed, F., Khan, F.Z., Iqbal, M.J., Nazir, M.: Real-time surveillance system based on facial recognition using yolov5. In: 2021 Mohammad Ali Jinnah University International Conference on Computing (MAJICC). pp.\u00a01\u20136. IEEE (2021)","DOI":"10.1109\/MAJICC53071.2021.9526254"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Melis, L., Song, C., De\u00a0Cristofaro, E., Shmatikov, V.: Exploiting unintended feature leakage in collaborative learning. In: 2019 IEEE symposium on security and privacy (SP). pp. 691\u2013706. IEEE (2019)","DOI":"10.1109\/SP.2019.00029"},{"key":"17_CR20","unstructured":"Nicolae, M.I., Sinn, M., Tran, M.N., Buesser, B., Rawat, A., Wistuba, M., Zantedeschi, V., Baracaldo, N., Chen, B., Ludwig, H., et\u00a0al.: Adversarial robustness toolbox v1. 0.0. arXiv preprint arXiv:1807.01069 (2018)"},{"key":"17_CR21","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Wu, X., Jha, S., Swami, A.: Distillation as a defense to adversarial perturbations against deep neural networks. In: 2016 IEEE symposium on security and privacy (SP). pp. 582\u2013597. IEEE (2016)","DOI":"10.1109\/SP.2016.41"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Ribeiro, R., Lopes, D., Neves, A.: Access control in the wild using face verification. In: Intelligent Video Surveillance, pp. 1\u201318. IntechOpen (2018)","DOI":"10.5772\/intechopen.79520"},{"issue":"4","key":"17_CR23","doi-asserted-by":"publisher","first-page":"1275","DOI":"10.1109\/TIFS.2011.2159205","volume":"6","author":"HJ Seo","year":"2011","unstructured":"Seo, H.J., Milanfar, P.: Face verification using the lark representation. IEEE Trans. Inf. Forensics Secur. 6(4), 1275\u20131286 (2011)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"17_CR24","doi-asserted-by":"crossref","unstructured":"Suri, A., Evans, D.: Formalizing and estimating distribution inference risks. Proceedings on Privacy Enhancing Technologies 2022 (2022)","DOI":"10.56553\/popets-2022-0121"},{"key":"17_CR25","doi-asserted-by":"publisher","first-page":"3942","DOI":"10.1109\/TIFS.2021.3096120","volume":"16","author":"P Terh\u00f6rst","year":"2021","unstructured":"Terh\u00f6rst, P., F\u00e4hrmann, D., Kolf, J.N., Damer, N., Kirchbuchner, F., Kuijper, A.: Maad-face: A massively annotated attribute dataset for face images. IEEE Trans. Inf. Forensics Secur. 16, 3942\u20133957 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"17_CR26","doi-asserted-by":"publisher","first-page":"92735","DOI":"10.1109\/ACCESS.2021.3092646","volume":"9","author":"F Vakhshiteh","year":"2021","unstructured":"Vakhshiteh, F., Nickabadi, A., Ramachandra, R.: Adversarial attacks against face recognition: A comprehensive study. IEEE Access 9, 92735\u201392756 (2021)","journal-title":"IEEE Access"},{"key":"17_CR27","doi-asserted-by":"crossref","unstructured":"Wang, J., Liu, Y., Hu, Y., Shi, H., Mei, T.: Facex-zoo: A pytorch toolbox for face recognition. In: Proceedings of the 29th ACM International Conference on Multimedia. pp. 3779\u20133782 (2021)","DOI":"10.1145\/3474085.3478324"},{"key":"17_CR28","unstructured":"Yosinski, J., Clune, J., Bengio, Y., Lipson, H.: How transferable are features in deep neural networks? Advances in neural information processing systems 27 (2014)"},{"key":"17_CR29","doi-asserted-by":"crossref","unstructured":"Yu, H., Yang, K., Zhang, T., Tsai, Y.Y., Ho, T.Y., Jin, Y.: Cloudleak: Large-scale deep learning models stealing through adversarial examples. In: NDSS (2020)","DOI":"10.14722\/ndss.2020.24178"},{"key":"17_CR30","doi-asserted-by":"crossref","unstructured":"Zhou, J., Chen, Y., Shen, C., Zhang, Y.: Property inference attacks against gans. In: 30th Network and Distributed System Security Symposium (NDSS 2022) (2022)","DOI":"10.14722\/ndss.2022.23019"}],"container-title":["Lecture Notes in Computer Science","Computer Vision \u2013 ECCV 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-73226-3_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,31]],"date-time":"2024-10-31T15:16:25Z","timestamp":1730387785000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-73226-3_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,1]]},"ISBN":["9783031732256","9783031732263"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-73226-3_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,1]]},"assertion":[{"value":"1 November 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ECCV","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Conference on Computer Vision","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Milan","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eccv2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eccv2024.ecva.net\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}