{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,23]],"date-time":"2025-05-23T04:14:04Z","timestamp":1747973644553,"version":"3.41.0"},"reference-count":11,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Datenschutz Datensich"],"published-print":{"date-parts":[[2025,5]]},"DOI":"10.1007\/s11623-025-2092-5","type":"journal-article","created":{"date-parts":[[2025,5,22]],"date-time":"2025-05-22T15:04:12Z","timestamp":1747926252000},"page":"302-306","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Sicherheitsanforderungen an KI-Systeme"],"prefix":"10.1007","volume":"49","author":[{"given":"Oren","family":"Halvani","sequence":"first","affiliation":[]},{"given":"Luca","family":"M\u00fcller","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,5,22]]},"reference":[{"key":"2092_CR1","unstructured":"ISO\/IEC 27000:2018 (E). (2018). Information technology \u2013 Security techniques \u2013 Information security management systems \u2013 Overview and vocabulary. ISO\/IEC."},{"key":"2092_CR2","unstructured":"ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) \u2013 ITU-T X-800."},{"key":"2092_CR3","unstructured":"OWASP AI Exchange, https:\/\/owaspai.org\/docs\/ai_security_overview\/"},{"key":"2092_CR4","unstructured":"Nicholas Carlini, Florian Tram\u00e8r, Eric Wallace, Matthew Jagielski, Ariel Herbert-Voss, Katherine Lee, Adam Roberts, Tom B. Brown, Dawn Song, \u00dalfar Erlingsson, Alina Oprea, & Colin Raffel (2021). Extracting Training Data from Large Language Models. In 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021 (pp. 2633\u20132650). USENIX Association."},{"key":"2092_CR5","unstructured":"Milad Nasr, Nicholas Carlini, Jonathan Hayase, Matthew Jagielski, A. Feder Cooper, Daphne Ippolito, Christopher A. Choquette-Choo, Eric Wallace, Florian Tram\u00e8r, & Katherine Lee (2023). Scalable Extraction of Training Data from (Production) Language Models. CoRR, abs\/2311.17035."},{"key":"2092_CR6","unstructured":"Nicholas Carlini, Daniel Paleka, Krishnamurthy Dj Dv\u0133otham, Thomas Steinke, Jonathan Hayase, A. Feder Cooper, Katherine Lee, Matthew Jagielski, Milad Nasr, Arthur Conmy, Eric Wallace, David Rolnick, & Florian Tram\u00e8r (2024). Stealing Part of a Production Language Model. In Forty-first International Conference on Machine Learning, ICML 2024, Vienna, Austria, July 21-27, 2024. OpenReview.net."},{"key":"2092_CR7","unstructured":"Yash Sharma, & Pin-Yu Chen (2018). Bypassing Feature Squeezing by Increasing Adversary Strength. CoRR, abs\/1803.09868."},{"issue":"14s","key":"2092_CR8","doi-asserted-by":"publisher","first-page":"332:1","DOI":"10.1145\/3593042","volume":"55","author":"S Goyal","year":"2023","unstructured":"Shreya Goyal, Sumanth Doddapaneni, Mitesh M. Khapra, & Balaraman Ravindran (2023). A Survey of Adversarial Defenses and Robustness in NLP. ACM Comput. Surv., 55(14s), 332:1\u2013332:39.","journal-title":"ACM Comput. Surv."},{"key":"2092_CR9","doi-asserted-by":"crossref","unstructured":"Lu, Z., Hu, H., Huo, S., & Li, S. (2022). Ensemble Learning Methods of Adversarial Attacks and Defenses in Computer Vision: Recent Progress. In 2021 International Conference on Advanced Computing and Endogenous Security (pp. 1-10).","DOI":"10.1109\/IEEECONF52377.2022.10013347"},{"issue":"8035","key":"2092_CR10","doi-asserted-by":"publisher","first-page":"818","DOI":"10.1038\/s41586-024-08025-4","volume":"634","author":"S Dathathri","year":"2024","unstructured":"Sumanth Dathathri, Abigail See, Sumedh Ghaisas, Po-Sen Huang, Rob McAdam, Johannes Welbl, Vandana Bachani, Alex Kaskasoli, Robert Stanforth, Tatiana Matejovicova, Jamie Hayes, Nidhi Vyas, Majd Al Merey, Jonah Brown-Cohen, Rudy Bunel, Borja Balle, A. Taylan Cemgil, Zahra Ahmed, Kitty Stacpoole, Ilia Shumailov, Ciprian Baetu, Sven Gowal, Demis Hassabis, & Pushmeet Kohli (2024). Scalable watermarking for identifying large language model outputs. Nature, 634(8035), 818\u2013823.","journal-title":"Nature"},{"key":"2092_CR11","doi-asserted-by":"crossref","unstructured":"Xu, W., Evans, D., & Qi, Y. (2018). Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks. 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018.","DOI":"10.14722\/ndss.2018.23198"}],"container-title":["Datenschutz und Datensicherheit - DuD"],"original-title":[],"language":"de","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-025-2092-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11623-025-2092-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-025-2092-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,22]],"date-time":"2025-05-22T15:04:27Z","timestamp":1747926267000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11623-025-2092-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5]]},"references-count":11,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2025,5]]}},"alternative-id":["2092"],"URL":"https:\/\/doi.org\/10.1007\/s11623-025-2092-5","relation":{},"ISSN":["1614-0702","1862-2607"],"issn-type":[{"value":"1614-0702","type":"print"},{"value":"1862-2607","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,5]]},"assertion":[{"value":"22 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}