{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,21]],"date-time":"2026-03-21T03:37:13Z","timestamp":1774064233897,"version":"3.50.1"},"publisher-location":"Cham","reference-count":16,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031804076","type":"print"},{"value":"9783031804083","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T00:00:00Z","timestamp":1733702400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T00:00:00Z","timestamp":1733702400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-80408-3_16","type":"book-chapter","created":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T10:29:26Z","timestamp":1733999366000},"page":"258-276","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["BlockDoor: Blocking Backdoor Based Watermarks in\u00a0Deep Neural Networks"],"prefix":"10.1007","author":[{"given":"Yi Hao","family":"Puah","sequence":"first","affiliation":[]},{"given":"Anh Tu","family":"Ngo","sequence":"additional","affiliation":[]},{"given":"Nandish","family":"Chattopadhyay","sequence":"additional","affiliation":[]},{"given":"Anupam","family":"Chattopadhyay","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"16_CR1","unstructured":"Bansal, A., et al.: Certified neural network watermarks with randomized smoothing. In: International Conference on Machine Learning, pp. 1450\u20131465. PMLR (2022)"},{"key":"16_CR2","unstructured":"Rouhani, B.D., Chen, H., Koushanfar, F.: DeepSigns: a generic watermarking framework for protecting the ownership of deep learning models (2018)"},{"key":"16_CR3","doi-asserted-by":"crossref","unstructured":"Chen, H., Fu, C., Zhao, J., Koushanfar, F.: DeepInspect: a black-box trojan detection and mitigation framework for deep neural networks. In: IJCAI, pp. 4658\u20134664 (2019)","DOI":"10.24963\/ijcai.2019\/647"},{"key":"16_CR4","unstructured":"Guo, W., Wang, L., Xing, X., Du, M., Song, D.: TABOR: a highly accurate approach to inspecting and restoring trojan backdoors in AI systems. arXiv preprint arXiv:1908.01763 (2019)"},{"key":"16_CR5","unstructured":"Adi, Y., Baum, C., Cisse, M., Pinkas, B., Keshet, J.: Turning your weakness into a strength: watermarking deep neural networks by backdooring. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1615\u20131631 (2018)"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Hitaj, D., Hitaj, B., Mancini, L.V.: Evasion attacks against watermarking techniques found in MLaaS systems. In: 2019 Sixth International Conference on Software Defined Systems (SDS), pp. 55\u201363. IEEE (2019)","DOI":"10.1109\/SDS.2019.8768572"},{"key":"16_CR7","unstructured":"Tram\u00e8r, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction APIs. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 601\u2013618 (2016)"},{"key":"16_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/978-3-030-95085-9_12","volume-title":"Security, Privacy, and Applied Cryptography Engineering","author":"N Chattopadhyay","year":"2022","unstructured":"Chattopadhyay, N., Chatterjee, S., Chattopadhyay, A.: Robustness against adversarial attacks using dimensionality. In: Batina, L., Picek, S., Mondal, M. (eds.) SPACE 2021. LNCS, vol. 13162, pp. 226\u2013241. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-95085-9_12"},{"key":"16_CR9","unstructured":"Wang, Q., et al.: Watermarking for out-of-distribution detection (2022)"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Zhao, X., Wu, H., Zhang, X.: Watermarking graph neural networks by random graphs. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS). IEEE, June 2021","DOI":"10.1109\/ISDFS52919.2021.9486352"},{"key":"16_CR11","unstructured":"Targ, S., Almeida, D., Lyman, K.: Resnet in Resnet: generalizing residual architectures. arXiv preprint arXiv:1603.08029 (2016)"},{"key":"16_CR12","unstructured":"Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv preprint arXiv:1409.1556 (2014)"},{"key":"16_CR13","unstructured":"Andrew, G., et al.: MobileNets: efficient convolutional neural networks for mobile vision applications (2017)"},{"key":"16_CR14","unstructured":"Krizhevsky, A., Nair, V., Hinton, G.: The CIFAR-10 dataset (2014). http:\/\/www.cs.toronto.edu\/kriz\/cifar.html"},{"key":"16_CR15","unstructured":"Darlow, L.N., Crowley, E.J., Antoniou, A., Storkey, A.J.: CINIC-10 is not ImageNet or CIFAR-10. arXiv preprint arXiv:1810.03505 (2018)"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Yuan, L., et al.: Tokens-to-token ViT: training vision transformers from scratch on ImageNet. In: Proceedings of the IEEE\/CVF International Conference on Computer Vision, pp. 558\u2013567 (2021)","DOI":"10.1109\/ICCV48922.2021.00060"}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Applied Cryptography Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-80408-3_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,6]],"date-time":"2025-03-06T07:55:00Z","timestamp":1741247700000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-80408-3_16"}},"subtitle":["Official Work-in-Progress Paper"],"short-title":[],"issued":{"date-parts":[[2024,12,9]]},"ISBN":["9783031804076","9783031804083"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-80408-3_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,9]]},"assertion":[{"value":"9 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SPACE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy, and Applied Cryptography Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kottayam","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"space2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/space2024.cse.iitk.ac.in\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}