{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T15:30:41Z","timestamp":1781019041308,"version":"3.54.1"},"reference-count":22,"publisher":"IEEE","license":[{"start":{"date-parts":[[2021,7,26]],"date-time":"2021-07-26T00:00:00Z","timestamp":1627257600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2021,7,26]],"date-time":"2021-07-26T00:00:00Z","timestamp":1627257600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,7,26]]},"DOI":"10.1109\/csr51186.2021.9527945","type":"proceedings-article","created":{"date-parts":[[2021,9,6]],"date-time":"2021-09-06T21:35:06Z","timestamp":1630964106000},"page":"551-556","source":"Crossref","is-referenced-by-count":24,"title":["Defending Against Model Inversion Attack by Adversarial Examples"],"prefix":"10.1109","author":[{"given":"Jing","family":"Wen","sequence":"first","affiliation":[{"name":"The University of Hong Kong,Dept. of Computer Science"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Siu-Ming","family":"Yiu","sequence":"additional","affiliation":[{"name":"The University of Hong Kong,Dept. of Computer Science"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lucas C.K.","family":"Hui","sequence":"additional","affiliation":[{"name":"Hong Kong Applied Science and Technology Research Institute (ASTRI)"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"ref11","article-title":"Explaining and harnessing adversarial examples","author":"goodfellow","year":"2015","journal-title":"ICLRE"},{"key":"ref12","article-title":"Mnist handwritten digit database","author":"lecun","year":"0"},{"key":"ref13","article-title":"Cold case: The lost mnist digits","volume":"32","author":"yadav","year":"2019","journal-title":"Advances in neural information processing systems"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ICIP.2014.7025068"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2015.425"},{"key":"ref16","article-title":"Deep variational information bottleneck","author":"alemi","year":"2016"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23198"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.41"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W.2018.00066"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.00033"},{"key":"ref3","article-title":"Neural network inversion in adversarial setting via background knowledge alignment","author":"zhang","year":"2019","journal-title":"Proceedings of the 2019 ACM SIGSAC CCS"},{"key":"ref6","article-title":"Defending model inversion and membership inference attacks via prediction purification","author":"yang","year":"2020"},{"key":"ref5","article-title":"Improving robustness to model inversion attacks via mutual information regularization","author":"wang","year":"2020"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813677"},{"key":"ref7","article-title":"Towards deep learning models resistant to adversarial attacks","author":"madry","year":"2018","journal-title":"International Conference on Learning Representations"},{"key":"ref2","article-title":"Privacy in pharmacogenetics: An end-to-end case study of personalized warfarin dosing","author":"fredrikson","year":"0","journal-title":"23rd USENIX Security Symposium"},{"key":"ref1","article-title":"Intriguing properties of neural networks","author":"szegedy","year":"2014","journal-title":"International Conference on Learning Representations"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"ref20","first-page":"601","article-title":"Stealing machine learning models via prediction apis","author":"tram\u00e8r","year":"2016","journal-title":"25th USENIX Security Symposium ( USENIX Security 16)"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363201"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"}],"event":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","location":"Rhodes, Greece","start":{"date-parts":[[2021,7,26]]},"end":{"date-parts":[[2021,7,28]]}},"container-title":["2021 IEEE International Conference on Cyber Security and Resilience (CSR)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9527731\/9527900\/09527945.pdf?arnumber=9527945","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,2]],"date-time":"2022-08-02T23:29:40Z","timestamp":1659482980000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9527945\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,26]]},"references-count":22,"URL":"https:\/\/doi.org\/10.1109\/csr51186.2021.9527945","relation":{},"subject":[],"published":{"date-parts":[[2021,7,26]]}}}