{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T07:43:08Z","timestamp":1772610188300,"version":"3.50.1"},"reference-count":91,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2025,2,26]],"date-time":"2025-02-26T00:00:00Z","timestamp":1740528000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,2,26]],"date-time":"2025-02-26T00:00:00Z","timestamp":1740528000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"DOI":"10.1007\/s42979-025-03785-w","type":"journal-article","created":{"date-parts":[[2025,2,26]],"date-time":"2025-02-26T15:57:54Z","timestamp":1740585474000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Advancing Trustworthy AI: A Comparative Evaluation of AI Robustness Toolboxes"],"prefix":"10.1007","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4553-5861","authenticated-orcid":false,"given":"Avinash","family":"Agarwal","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0669-4464","authenticated-orcid":false,"given":"Manisha J.","family":"Nene","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,2,26]]},"reference":[{"issue":"9","key":"3785_CR1","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3555803","volume":"55","author":"B Li","year":"2023","unstructured":"Li B, Qi P, Liu B, Di S, Liu J, Pei J, Yi J, Zhou B. Trustworthy AI: from principles to practices. ACM Comput Surv. 2023;55(9):1\u201346.","journal-title":"ACM Comput Surv"},{"issue":"4","key":"3785_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3419764","volume":"10","author":"B Shneiderman","year":"2020","unstructured":"Shneiderman B. Bridging the gap between ethics and practice: guidelines for reliable, safe, and trustworthy human-centered ai systems. ACM Trans Interact Intell Syst (TiiS). 2020;10(4):1\u201331.","journal-title":"ACM Trans Interact Intell Syst (TiiS)"},{"key":"3785_CR3","doi-asserted-by":"crossref","unstructured":"Stahl BC. Artificial intelligence for a better future: an ecosystem perspective on the ethics of AI and emerging digital technologies. New York: Springer Nature; 2021.","DOI":"10.1007\/978-3-030-69978-9"},{"key":"3785_CR4","doi-asserted-by":"crossref","unstructured":"NIST, Artificial Intelligence Risk Management Framework (AI RMF 1.0). 2023.","DOI":"10.6028\/NIST.AI.100-1.jpn"},{"key":"3785_CR5","unstructured":"OECD. OECD AI Principles overview. 2024. https:\/\/oecd.ai\/en\/ai-principles. Accessed 7 Jun 2024."},{"key":"3785_CR6","unstructured":"Nicolae MI,\u00a0Sinn M, Tran MN,\u00a0Buesser B,\u00a0Rawat A,\u00a0Wistuba M,\u00a0Zantedeschi V,\u00a0Baracaldo N,\u00a0Chen B,\u00a0Ludwig H, et\u00a0al. Adversarial Robustness Toolbox v1. 0.0. arXiv preprint arXiv:1807.01069 (2018)."},{"key":"3785_CR7","unstructured":"Papernot N,\u00a0Faghri F,\u00a0Carlini N,\u00a0Goodfellow I,\u00a0Feinman R,\u00a0Kurakin A,\u00a0Xie C,\u00a0Sharma Y,\u00a0Brown T,\u00a0Roy A, et\u00a0al. Technical report on the cleverhans v2. 1.0 adversarial examples library. arXiv preprint arXiv:1610.00768 (2016)."},{"issue":"53","key":"3785_CR8","doi-asserted-by":"publisher","first-page":"2607","DOI":"10.21105\/joss.02607","volume":"5","author":"J Rauber","year":"2020","unstructured":"Rauber J, Zimmermann R, Bethge M, Brendel W. Foolbox native: fast adversarial attacks to benchmark the robustness of machine learning models in pytorch, tensorflow, and jax. J Open Sourc Softw. 2020;5(53):2607.","journal-title":"J Open Sourc Softw"},{"key":"3785_CR9","doi-asserted-by":"crossref","unstructured":"Morris JX,\u00a0Lifland E, Yoo JY,\u00a0Grigsby J,\u00a0Jin D,\u00a0Qi Y. Textattack: A framework for adversarial attacks, data augmentation, and adversarial training in nlp. arXiv preprint arXiv:2005.05909 (2020).","DOI":"10.18653\/v1\/2020.emnlp-demos.16"},{"key":"3785_CR10","unstructured":"Goodman D,\u00a0Xin H,\u00a0Yang W,\u00a0Yuesheng W,\u00a0Junfeng X,\u00a0Huan Z. Advbox: a toolbox to generate adversarial examples that fool neural networks. arXiv preprint arXiv:2001.05574 (2020)."},{"key":"3785_CR11","unstructured":"Ding GW,\u00a0Wang L,\u00a0Jin X. Advertorch v0. 1: An adversarial robustness toolbox based on pytorch. arXiv preprint arXiv:1902.07623 (2019)."},{"key":"3785_CR12","doi-asserted-by":"crossref","unstructured":"Ling X,\u00a0Ji S,\u00a0Zou J,\u00a0Wang J,\u00a0Wu C,\u00a0Li B,\u00a0Wang T. Deepsec: a uniform platform for security analysis of deep learning model. In: 2019 IEEE symposium on security and privacy (SP). IEEE; 2019. pp. 673\u2013690.","DOI":"10.1109\/SP.2019.00023"},{"key":"3785_CR13","unstructured":"Li Y,\u00a0Jin W,\u00a0Xu H,\u00a0Tang J. Deeprobust: a pytorch library for adversarial attacks and defenses. arXiv preprint arXiv:2005.06149 (2020)."},{"key":"3785_CR14","doi-asserted-by":"crossref","unstructured":"Zeng G,\u00a0Qi F,\u00a0Zhou Q,\u00a0Zhang T,\u00a0Ma Z,\u00a0Hou B,\u00a0Zang Y,\u00a0Liu Z,\u00a0Sun M. Openattack: An open-source textual adversarial attack toolkit. arXiv preprint arXiv:2009.09191 (2020).","DOI":"10.18653\/v1\/2021.acl-demo.43"},{"key":"3785_CR15","unstructured":"Microsoft. Azure\/counterfit. https:\/\/github.com\/Azure\/counterfit (2021). Accessed 7 Jun 2024."},{"key":"3785_CR16","doi-asserted-by":"crossref","unstructured":"Goel K,\u00a0Rajani N,\u00a0Vig J,\u00a0Tan S,\u00a0Wu J,\u00a0Zheng S,\u00a0Xiong C,\u00a0Bansal M,\u00a0R\u00e9 C. Robustness gym: Unifying the nlp evaluation landscape. arXiv preprint arXiv:2101.04840 (2021).","DOI":"10.18653\/v1\/2021.naacl-demos.6"},{"key":"3785_CR17","first-page":"986","volume":"207","author":"R Hamon","year":"2020","unstructured":"Hamon R, Junklewitz H, Sanchez I, et al. Robustness and explainability of artificial intelligence. Eur Union. 2020;207:986.","journal-title":"Eur Union"},{"key":"3785_CR18","unstructured":"International Organization for Standardization, Artificial Intelligence (AI) Assessment of the Robustness of Neural Networks Part 1: Overview. Tech. Rep. ISO\/IEC TR 24029-1:2021, International Organization for Standardization, Geneva, Switzerland (2021). Part 1: Overview."},{"key":"3785_CR19","first-page":"3327","volume":"2019","author":"AS Nobandegani","year":"2019","unstructured":"Nobandegani AS, da-Silva-Castanheira K, Donnell T, Shultz TR. On robustness: an undervalued dimension of human rationality. CogSci. 2019;2019:3327.","journal-title":"CogSci"},{"key":"3785_CR20","doi-asserted-by":"publisher","first-page":"1291","DOI":"10.1109\/TIP.2020.3042083","volume":"30","author":"C Zhang","year":"2020","unstructured":"Zhang C, Liu A, Liu X, Xu Y, Yu H, Ma Y, Li T. Interpreting and improving adversarial robustness of deep neural networks with neuron sensitivity. IEEE Trans Image Process. 2020;30:1291\u2013304.","journal-title":"IEEE Trans Image Process"},{"key":"3785_CR21","doi-asserted-by":"publisher","first-page":"116429","DOI":"10.1016\/j.eswa.2021.116429","volume":"193","author":"W Hilal","year":"2022","unstructured":"Hilal W, Gadsden SA, Yawney J. Financial fraud: a review of anomaly detection techniques and recent advances. Expert Syst Appl. 2022;193:116429.","journal-title":"Expert Syst Appl"},{"issue":"12","key":"3785_CR22","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1038\/s42256-019-0109-1","volume":"1","author":"M Taddeo","year":"2019","unstructured":"Taddeo M, McCutcheon T, Floridi L. Trusting artificial intelligence in cybersecurity is a double-edged sword. Nat Mach Intell. 2019;1(12):557\u201360.","journal-title":"Nat Mach Intell"},{"issue":"3","key":"3785_CR23","doi-asserted-by":"publisher","first-page":"360","DOI":"10.1038\/s41591-020-0791-x","volume":"26","author":"X Han","year":"2020","unstructured":"Han X, Hu Y, Foschini L, Chinitz L, Jankelson L, Ranganath R. Deep learning models for electrocardiograms are susceptible to adversarial attack. Nat Med. 2020;26(3):360\u20133.","journal-title":"Nat Med"},{"key":"3785_CR24","doi-asserted-by":"publisher","first-page":"207308","DOI":"10.1109\/ACCESS.2020.3037705","volume":"8","author":"A Chowdhury","year":"2020","unstructured":"Chowdhury A, Karmakar G, Kamruzzaman J, Jolfaei A, Das R. Attacks on self-driving cars and their countermeasures: a survey. IEEE Access. 2020;8:207308\u201342.","journal-title":"IEEE Access"},{"key":"3785_CR25","unstructured":"Tian Q,\u00a0Zhang S,\u00a0Mao S,\u00a0Lin Y. Adversarial attacks and defenses for digital communication signals identification. Dig Commun Netw. 2022."},{"issue":"2","key":"3785_CR26","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1109\/TMC.2019.2950398","volume":"20","author":"YE Sagduyu","year":"2019","unstructured":"Sagduyu YE, Shi Y, Erpek T. Adversarial deep learning for over-the-air spectrum poisoning attacks. IEEE Trans Mob Comput. 2019;20(2):306\u201319.","journal-title":"IEEE Trans Mob Comput"},{"issue":"3","key":"3785_CR27","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1016\/j.eng.2019.12.012","volume":"6","author":"K Ren","year":"2020","unstructured":"Ren K, Zheng T, Qin Z, Liu X. Adversarial attacks and defenses in deep learning. Engineering. 2020;6(3):346\u201360.","journal-title":"Engineering"},{"issue":"1","key":"3785_CR28","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1049\/cit2.12028","volume":"6","author":"A Chakraborty","year":"2021","unstructured":"Chakraborty A, Alam M, Dey V, Chattopadhyay A, Mukhopadhyay D. A survey on adversarial attacks and defences. CAAI Trans Intell Technol. 2021;6(1):25\u201345.","journal-title":"CAAI Trans Intell Technol"},{"key":"3785_CR29","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s11633-019-1211-x","volume":"17","author":"H Xu","year":"2020","unstructured":"Xu H, Ma Y, Liu HC, Deb D, Liu H, Tang JL, Jain AK. Adversarial attacks and defenses in images, graphs and text: a review. Int J Autom Comput. 2020;17:151\u201378.","journal-title":"Int J Autom Comput"},{"key":"3785_CR30","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1155\/2021\/4907754","volume":"2021","author":"Z Kong","year":"2021","unstructured":"Kong Z, Xue J, Wang Y, Huang L, Niu Z, Li F. A survey on adversarial attack in the age of artificial intelligence. Wirel Commun Mob Comput. 2021;2021:1\u201322.","journal-title":"Wirel Commun Mob Comput"},{"key":"3785_CR31","doi-asserted-by":"crossref","unstructured":"Tabacof P,\u00a0Valle E. Exploring the space of adversarial images. In: 2016 international joint conference on neural networks (IJCNN). IEEE; 2016. pp. 426\u2013433.","DOI":"10.1109\/IJCNN.2016.7727230"},{"key":"3785_CR32","unstructured":"Goodfellow IJ,\u00a0Shlens J,\u00a0Szegedy C. Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)."},{"key":"3785_CR33","unstructured":"Kurakin A,\u00a0Goodfellow I,\u00a0Bengio S. Adversarial machine learning at scale. arXiv preprint arXiv:1611.01236 (2016)."},{"key":"3785_CR34","doi-asserted-by":"crossref","unstructured":"Papernot N,\u00a0McDaniel P,\u00a0Jha S,\u00a0Fredrikson M, Celik ZB,\u00a0Swami A. The limitations of deep learning in adversarial settings. In: 2016 IEEE European symposium on security and privacy (EuroS &P). IEEE; 2016. pp. 372\u2013387.","DOI":"10.1109\/EuroSP.2016.36"},{"key":"3785_CR35","doi-asserted-by":"crossref","unstructured":"Carlini N,\u00a0Wagner D. Towards evaluating the robustness of neural networks. In: 2017 ieee symposium on security and privacy (sp). IEEE; 2017. pp. 39\u201357.","DOI":"10.1109\/SP.2017.49"},{"key":"3785_CR36","doi-asserted-by":"crossref","unstructured":"Chen PY,\u00a0Sharma Y,\u00a0Zhang H,\u00a0Yi J, Hsieh CJ. Ead: elastic-net attacks to deep neural networks via adversarial examples. In: Proceedings of the AAAI conference on artificial intelligence. 2018. p. 32.","DOI":"10.1609\/aaai.v32i1.11302"},{"key":"3785_CR37","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli SM,\u00a0Fawzi A,\u00a0Fawzi O,\u00a0Frossard P. Universal adversarial perturbations. In: Proceedings of the IEEE conference on computer vision and pattern recognition. 2017; pp. 1765\u20131773.","DOI":"10.1109\/CVPR.2017.17"},{"key":"3785_CR38","unstructured":"Biggio B,\u00a0Nelson B,\u00a0Laskov P. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)."},{"key":"3785_CR39","unstructured":"Gu T,\u00a0Dolan-Gavitt B,\u00a0Garg S. Badnets: Identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 (2017)."},{"key":"3785_CR40","first-page":"19165","volume":"35","author":"H Souri","year":"2022","unstructured":"Souri H, Fowl L, Chellappa R, Goldblum M, Goldstein T. Sleeper agent: scalable hidden trigger backdoors for neural networks trained from scratch. Adv Neural Inf Process Syst. 2022;35:19165\u201378.","journal-title":"Adv Neural Inf Process Syst"},{"key":"3785_CR41","unstructured":"Choquette-Choo CA,\u00a0Tramer F,\u00a0Carlini N,\u00a0Papernot N. Label-only membership inference attacks. In: International conference on machine learning. PMLR; 2021. pp. 1964\u20131974."},{"key":"3785_CR42","doi-asserted-by":"crossref","unstructured":"Correia-Silva JR, Berriel RF,\u00a0Badue C, de\u00a0Souza AF,\u00a0Oliveira-Santos T. Copycat cnn: stealing knowledge by persuading confession with random non-labeled data. In: 2018 International Joint Conference on Neural Networks (IJCNN). IEEE; 2018. pp. 1\u20138.","DOI":"10.1109\/IJCNN.2018.8489592"},{"key":"3785_CR43","doi-asserted-by":"crossref","unstructured":"Orekondy T,\u00a0Schiele B,\u00a0Fritz M. Knockoff nets: stealing functionality of black-box models. In: Proceedings of the IEEE\/CVF conference on computer vision and pattern recognition. 2019. pp. 4954\u20134963.","DOI":"10.1109\/CVPR.2019.00509"},{"key":"3785_CR44","first-page":"45","volume":"2024","author":"Z Zhang","year":"2024","unstructured":"Zhang Z, Liu M, Sun M, Deng R, Cheng P, Niyato D, Chow MY, Chen J. Vulnerability of machine learning approaches applied in iot-based smart grid: a review. IEEE Internet Things J. 2024;2024:45.","journal-title":"IEEE Internet Things J"},{"key":"3785_CR45","doi-asserted-by":"crossref","unstructured":"Bisong E,\u00a0Bisong E. Introduction to scikit-learn. In: Building machine learning and deep learning models on Google Cloud platform: a comprehensive guide for beginners. 2019. pp. 215\u2013229.","DOI":"10.1007\/978-1-4842-4470-8_18"},{"key":"3785_CR46","unstructured":"Albanese D,\u00a0Visintainer R,\u00a0Merler S,\u00a0Riccadonna S,\u00a0Jurman G,\u00a0Furlanello C. mlpy: machine learning python. arXiv preprint arXiv:1202.6548 (2012)."},{"key":"3785_CR47","unstructured":"Raschka,S. Mlxtend (2016)."},{"issue":"2","key":"3785_CR48","doi-asserted-by":"publisher","first-page":"227","DOI":"10.3102\/1076998619872761","volume":"45","author":"B Pang","year":"2020","unstructured":"Pang B, Nijkamp E, Wu YN. Deep learning with tensorflow: a review. J Educ Behav Stat. 2020;45(2):227\u201348.","journal-title":"J Educ Behav Stat"},{"key":"3785_CR49","doi-asserted-by":"crossref","unstructured":"Imambi S, Prakash KB,\u00a0Kanagachidambaresan G. Pytorch. Programming with TensorFlow: solution for edge computing applications. 2021. pp. 87\u2013104.","DOI":"10.1007\/978-3-030-57077-4_10"},{"key":"3785_CR50","doi-asserted-by":"crossref","unstructured":"Manaswi NK, Manaswi NK. Understanding and working with Keras. Deep learning with applications using Python: Chatbots and face, object, and speech recognition with TensorFlow and Keras. 2018;31\u201343.","DOI":"10.1007\/978-1-4842-3516-4_2"},{"key":"3785_CR51","unstructured":"Team TTD,\u00a0Al-Rfou R,\u00a0Alain G,\u00a0Almahairi A,\u00a0Angermueller C,\u00a0Bahdanau D,\u00a0Ballas N,\u00a0Bastien F,\u00a0Bayer J,\u00a0Belikov A, et\u00a0al. Theano: A Python framework for fast computation of mathematical expressions. arXiv preprint arXiv:1605.02688 (2016)."},{"key":"3785_CR52","unstructured":"Chen T,\u00a0Li M,\u00a0Li Y,\u00a0Lin M,\u00a0Wang N,\u00a0Wang M,\u00a0Xiao T,\u00a0Xu B,\u00a0Zhang C,\u00a0Zhang Z. Mxnet: A flexible and efficient machine learning library for heterogeneous distributed systems. arXiv preprint arXiv:1512.01274 (2015)."},{"key":"3785_CR53","doi-asserted-by":"crossref","unstructured":"Dehghani M,\u00a0Gritsenko A,\u00a0Arnab A,\u00a0Minderer M,\u00a0Tay, Y. Scenic: a JAX library for computer vision research and beyond. In: Proceedings of the IEEE\/CVF conference on computer vision and pattern recognition. 2022. pp. 21393\u201321398.","DOI":"10.1109\/CVPR52688.2022.02070"},{"key":"3785_CR54","doi-asserted-by":"crossref","unstructured":"Nandimath J,\u00a0Banerjee E,\u00a0Patil A,\u00a0Kakade P,\u00a0Vaidya S,\u00a0Chaturvedi D. Big data analysis using Apache Hadoop. In: 2013 IEEE 14th international conference on information reuse & integration (IRI). IEEE. 2013. pp. 700\u2013703.","DOI":"10.1109\/IRI.2013.6642536"},{"issue":"1","key":"3785_CR55","first-page":"1235","volume":"17","author":"X Meng","year":"2016","unstructured":"Meng X, Bradley J, Yavuz B, Sparks E, Venkataraman S, Liu D, Freeman J, Tsai D, Amde M, Owen S, et al. Mllib: machine learning in apache spark. J Mach Learn Res. 2016;17(1):1235\u201341.","journal-title":"J. Mach. Learn. Res."},{"key":"3785_CR56","doi-asserted-by":"crossref","unstructured":"Parvat A,\u00a0Chavan J,\u00a0Kadam S,\u00a0Dev S,\u00a0Pathak V. A survey of deep-learning frameworks. In 2017 international conference on inventive systems and control (ICISC). IEEE, 2017. pp. 1\u20137.","DOI":"10.1109\/ICISC.2017.8068684"},{"key":"3785_CR57","unstructured":"Aiello S,\u00a0Click C,\u00a0Roark H,\u00a0Rehak L,\u00a0Stetsenko P. Machine learning with python and h2o. H2O. ai Inc (2016)."},{"key":"3785_CR58","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s10462-018-09679-z","volume":"52","author":"G Nguyen","year":"2019","unstructured":"Nguyen G, Dlugolinsky S, Bob\u00e1k M, Tran V, L\u00f3pez Garc\u00eda \u00c1, Heredia I, Mal\u00edk P, Hluch\u1ef3 L. Machine learning and deep learning frameworks and libraries for large-scale data mining: a survey. Artif Intell Rev. 2019;52:77\u2013124.","journal-title":"Artif Intell Rev"},{"key":"3785_CR59","first-page":"897","volume":"2023","author":"M Gheisari","year":"2023","unstructured":"Gheisari M, Ebrahimzadeh F, Rahimi M, Moazzamigodarzi M, Liu Y, Dutta Pramanik PK, Heravi MA, Mehbodniya A, Ghaderzadeh M, Feylizadeh MR, et al. Deep learning: applications, architectures, models, tools, and frameworks: a comprehensive survey. CAAI Trans Intell Technol. 2023;2023:897.","journal-title":"CAAI Trans Intell Technol"},{"key":"3785_CR60","doi-asserted-by":"crossref","unstructured":"Thai HT. Machine learning for structural engineering: a state-of-the-art review. In: Structures, vol.\u00a038. Amsterdam: Elsevier; 2022. pp. 448\u2013491.","DOI":"10.1016\/j.istruc.2022.02.003"},{"key":"3785_CR61","doi-asserted-by":"crossref","unstructured":"Stan\u010din I,\u00a0Jovi\u0107 A. An overview and comparison of free Python libraries for data mining and big data analysis. In: 2019 42nd International convention on information and communication technology, electronics and microelectronics (MIPRO). IEEE, 2019. pp. 977\u2013982.","DOI":"10.23919\/MIPRO.2019.8757088"},{"key":"3785_CR62","first-page":"1","volume":"2019","author":"Z Wang","year":"2019","unstructured":"Wang Z, Liu K, Li J, Zhu Y, Zhang Y. Various frameworks and libraries of machine learning and deep learning: a survey. Arch Comput Methods Eng. 2019;2019:1\u201324.","journal-title":"Arch Comput Methods Eng"},{"key":"3785_CR63","first-page":"8018","volume":"34","author":"D Jin","year":"2020","unstructured":"Jin D, Jin Z, Zhou JT, Szolovits P. Is bert really robust? A strong baseline for natural language attack on text classification and entailment. Proc AAAI Conf Artif Intell. 2020;34:8018\u201325.","journal-title":"Proc AAAI Conf Artif Intell"},{"key":"3785_CR64","doi-asserted-by":"crossref","unstructured":"Carlini N,\u00a0Wagner D. Audio adversarial examples: targeted attacks on speech-to-text. In: 2018 IEEE security and privacy workshops (SPW). IEEE, 2018. pp. 1\u20137.","DOI":"10.1109\/SPW.2018.00009"},{"key":"3785_CR65","unstructured":"Vacanti G,\u00a0Van\u00a0Looveren A. Adversarial detection and correction by matching prediction distributions. arXiv preprint arXiv:2002.09364 (2020)."},{"key":"3785_CR66","unstructured":"AI E. evidently: Evaluate and monitor ml models from validation to production. https:\/\/github.com\/evidentlyai\/evidently (2021). Accessed 7 Jun 2024."},{"issue":"4","key":"3785_CR67","doi-asserted-by":"publisher","first-page":"778","DOI":"10.1109\/TAI.2021.3137091","volume":"4","author":"K Crockett","year":"2023","unstructured":"Crockett K, Colyer E, Gerber L, Latham A. Building trustworthy ai solutions: a case for practical solutions for small businesses. IEEE Trans Artif Intell. 2023;4(4):778\u201391. https:\/\/doi.org\/10.1109\/TAI.2021.3137091.","journal-title":"IEEE Trans Artif Intell"},{"key":"3785_CR68","doi-asserted-by":"crossref","unstructured":"Hu Q. A survey of adversarial example toolboxes. In: 2021 2nd International Conference on Computing and Data Science (CDS). IEEE, 2021. pp. 603\u2013608.","DOI":"10.1109\/CDS52072.2021.00109"},{"key":"3785_CR69","first-page":"1","volume":"2022","author":"S Asha","year":"2022","unstructured":"Asha S, Vinod P. Evaluation of adversarial machine learning tools for securing ai systems. Cluster Comput. 2022;2022:1\u201320.","journal-title":"Cluster Comput"},{"issue":"1","key":"3785_CR70","doi-asserted-by":"publisher","first-page":"39","DOI":"10.3390\/network3010003","volume":"3","author":"M Zolotukhin","year":"2022","unstructured":"Zolotukhin M, Zhang D, H\u00e4m\u00e4l\u00e4inen T, Miraghaei P. On attacking future 5G networks with adversarial examples: survey. Network. 2022;3(1):39\u201390.","journal-title":"Network"},{"key":"3785_CR71","unstructured":"AI B. Robustness techniques & toolkits for applied ai. https:\/\/www.borealisai.com\/research-blogs\/robustness-techniques-toolkits-applied-ai\/ (2022). Accessed 7 Jun 2024."},{"key":"3785_CR72","doi-asserted-by":"crossref","unstructured":"Al-Rubaye A,\u00a0Sukthankar G. Scoring popularity in GitHub. In: 2020 International Conference on Computational Science and Computational Intelligence (CSCI). IEEE, 2020. pp. 217\u2013223.","DOI":"10.1109\/CSCI51800.2020.00044"},{"key":"3785_CR73","unstructured":"Woldeyohannes H.D. Review on Adversarial Robustness Toolbox (ART) v1. 5. x.: ART Attacks against Supervised Learning Algorithms Case Study (2021)."},{"key":"3785_CR74","unstructured":"Rauber J,\u00a0Brendel W,\u00a0Bethge M. Foolbox: a python toolbox to benchmark the robustness of machine learning models. arXiv preprint arXiv:1707.04131 (2017)."},{"key":"3785_CR75","unstructured":"AdvBox. Advbox. https:\/\/github.com\/advboxes\/AdvBox. 2019. Accessed 7 Jun 2024."},{"key":"3785_CR76","unstructured":"Zheng M,\u00a0Yan X,\u00a0Zhu Z,\u00a0Chen H,\u00a0Wu B. BlackboxBench: A Comprehensive Benchmark of Black-box Adversarial Attacks. arXiv preprint arXiv:2312.16979 (2023)."},{"key":"3785_CR77","unstructured":"Carlini N,\u00a0Wagner D. Defensive distillation is not robust to adversarial examples. arXiv preprint arXiv:1607.04311 (2016)."},{"key":"3785_CR78","unstructured":"Dong Y, Fu QA,\u00a0Yang X,\u00a0Pang T,\u00a0Su H,\u00a0Xiao Z,\u00a0Zhu J, Platforms AAR. Appendix for: benchmarking adversarial robustness on image classification. 2023."},{"key":"3785_CR79","unstructured":"Carlini N. A critique of the deepsec platform for security analysis of deep learning models. arXiv preprint arXiv:1905.07112 (2019)."},{"key":"3785_CR80","unstructured":"Xie Z,\u00a0Brophy J,\u00a0Noack A,\u00a0You W,\u00a0Asthana K,\u00a0Perkins C,\u00a0Reis S,\u00a0Singh S,\u00a0Lowd D. Identifying adversarial attacks on text classifiers. arXiv preprint arXiv:2201.08555 (2022)."},{"key":"3785_CR81","unstructured":"Microsoft. Announcing Microsoft\u2019s open automation framework to red team generative AI Systems (2024)."},{"key":"3785_CR82","unstructured":"Eykholt K,\u00a0Lee T,\u00a0Schales D,\u00a0Jang J,\u00a0Molloy I. $$\\{$$URET$$\\}$$: Universal Robustness Evaluation Toolkit (for Evasion). In: 32nd USENIX Security Symposium (USENIX Security 23). 2023. pp. 3817\u20133833."},{"key":"3785_CR83","doi-asserted-by":"crossref","unstructured":"Shah S,\u00a0Reddy S,\u00a0Bhattacharyya P. A retrofitting model for incorporating semantic relations into word embeddings. In: Proceedings of the 28th International Conference on Computational Linguistics. 2020. pp. 1292\u20131298.","DOI":"10.18653\/v1\/2020.coling-main.111"},{"key":"3785_CR84","unstructured":"Gym R. Robustness gym. https:\/\/github.com\/robustness-gym\/robustness-gym. 2021. Accessed 7 Jun 2024."},{"key":"3785_CR85","first-page":"52","volume":"2022","author":"M Omar","year":"2022","unstructured":"Omar M, Choi S, Nyang D, Mohaisen D. Robust natural language processing: recent advances, challenges, and future directions. IEEE Access. 2022;2022:52.","journal-title":"IEEE Access"},{"issue":"1","key":"3785_CR86","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/s43681-022-00147-7","volume":"3","author":"A Agarwal","year":"2023","unstructured":"Agarwal A, Agarwal H, Agarwal N. Fairness score and process standardization: framework for fairness certification in artificial intelligence systems. AI Ethics. 2023;3(1):267\u201379.\u00a0https:\/\/doi.org\/10.1007\/s43681-022-00147-7.","journal-title":"AI and Ethics"},{"issue":"1","key":"3785_CR87","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1007\/s43681-023-00266-9","volume":"4","author":"A Agarwal","year":"2024","unstructured":"Agarwal A, Agarwal H. A seven-layer model with checklists for standardising fairness assessment throughout the ai lifecycle. AI Ethics. 2024;4(1):299\u2013314. https:\/\/doi.org\/10.1007\/s43681-023-00266-9.","journal-title":"AI Ethics"},{"key":"3785_CR88","doi-asserted-by":"publisher","unstructured":"Avinash A, Manisha N. Advancing trustworthy AI for sustainable development: recommendations for standardising AI incident reporting. In: 2024 ITU Kaleidoscope: innovation and digital transformation for a sustainable world (ITU-K). IEEE. 2024. pp. 1\u20138. https:\/\/doi.org\/10.23919\/ITUK62727.2024.10772925.","DOI":"10.23919\/ITUK62727.2024.10772925"},{"key":"3785_CR89","doi-asserted-by":"publisher","unstructured":"Agarwal A, Nene MJ. Addressing AI risks in critical infrastructure: formalising the AI incident reporting process. In: 2024 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT). 2024. pp. 1\u20136. https:\/\/doi.org\/10.1109\/CONECCT62155.2024.10677312.","DOI":"10.1109\/CONECCT62155.2024.10677312"},{"key":"3785_CR90","unstructured":"Weng L. Adversarial attacks on LLMs. lilianweng.github.io. 2023. https:\/\/lilianweng.github.io\/posts\/2023-10-25-adv-attack-llm\/."},{"key":"3785_CR91","doi-asserted-by":"crossref","unstructured":"Zhu K,\u00a0Wang J,\u00a0Zhou J,\u00a0Wang Z,\u00a0Chen H,\u00a0Wang Y,\u00a0Yang L,\u00a0Ye W, Gong NZ,\u00a0Zhang Y, et\u00a0al. Promptbench: towards evaluating the robustness of large language models on adversarial prompts. arXiv preprint arXiv:2306.04528. 2023.","DOI":"10.1145\/3689217.3690621"}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-025-03785-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-025-03785-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-025-03785-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,26]],"date-time":"2025-02-26T15:58:21Z","timestamp":1740585501000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-025-03785-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2,26]]},"references-count":91,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2025,3]]}},"alternative-id":["3785"],"URL":"https:\/\/doi.org\/10.1007\/s42979-025-03785-w","relation":{},"ISSN":["2661-8907"],"issn-type":[{"value":"2661-8907","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,2,26]]},"assertion":[{"value":"17 July 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 February 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 February 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"On behalf of all authors, the corresponding author states that there is no Conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}}],"article-number":"234"}}