{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T04:19:28Z","timestamp":1768537168785,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,3,13]],"date-time":"2018-03-13T00:00:00Z","timestamp":1520899200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1618684"],"award-info":[{"award-number":["CNS-1618684"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["1421776"],"award-info":[{"award-number":["1421776"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,3,13]]},"DOI":"10.1145\/3176258.3176321","type":"proceedings-article","created":{"date-parts":[[2018,3,15]],"date-time":"2018-03-15T13:22:14Z","timestamp":1521120134000},"page":"24-34","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Server-Based Manipulation Attacks Against Machine Learning Models"],"prefix":"10.1145","author":[{"given":"Cong","family":"Liao","sequence":"first","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]},{"given":"Haoti","family":"Zhong","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]},{"given":"Sencun","family":"Zhu","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]},{"given":"Anna","family":"Squicciarini","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]}],"member":"320","published-online":{"date-parts":[[2018,3,13]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"OSDI","volume":"16","author":"Abadi Mart\u00edn","year":"2016"},{"key":"e_1_3_2_1_2_1","unstructured":"Roger Barga and Valentine Fontama. {n. d.}. Predictive analytics with Microsoft Azure machine learning. Springer.   Roger Barga and Valentine Fontama. {n. d.}. Predictive analytics with Microsoft Azure machine learning. Springer."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_3_2_1_4_1","unstructured":"Battista Biggio Blaine Nelson and Pavel Laskov. 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012).   Battista Biggio Blaine Nelson and Pavel Laskov. 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-7908-2604-3_16"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134606"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022627411411"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/72.788645"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2004.11.012"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813677"},{"key":"e_1_3_2_1_11_1","unstructured":"Matthew Fredrikson Eric Lantz Somesh Jha Simon Lin David Page and Thomas Ristenpart. {n. d.}. Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing.  Matthew Fredrikson Eric Lantz Somesh Jha Simon Lin David Page and Thomas Ristenpart. {n. d.}. Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing."},{"key":"e_1_3_2_1_12_1","unstructured":"Google. {n. d.}. TensorFlow. https:\/\/www.tensorflow.org\/. (. {n. d.}).  Google. {n. d.}. TensorFlow. https:\/\/www.tensorflow.org\/. (. {n. d.})."},{"key":"e_1_3_2_1_13_1","unstructured":"Kathrin Grosse Praveen Manoharan Nicolas Papernot Michael Backes and Patrick McDaniel. 2017. On the (statistical) detection of adversarial examples. arXiv preprint arXiv:1702.06280 (2017).  Kathrin Grosse Praveen Manoharan Nicolas Papernot Michael Backes and Patrick McDaniel. 2017. On the (statistical) detection of adversarial examples. arXiv preprint arXiv:1702.06280 (2017)."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134635"},{"key":"e_1_3_2_1_15_1","unstructured":"Bryan Klimt and Yiming Yang. 2004. Introducing the Enron Corpus.. In CEAS.  Bryan Klimt and Yiming Yang. 2004. Introducing the Enron Corpus.. In CEAS."},{"key":"e_1_3_2_1_16_1","unstructured":"Alex Krizhevsky Ilya Sutskever and Geoffrey E Hinton. 2012. Imagenet classification with deep convolutional neural networks Advances in neural information processing systems. 1097--1105.   Alex Krizhevsky Ilya Sutskever and Geoffrey E Hinton. 2012. Imagenet classification with deep convolutional neural networks Advances in neural information processing systems. 1097--1105."},{"key":"e_1_3_2_1_17_1","unstructured":"Yann LeCun Corinna Cortes and Christopher JC Burges. 2010. MNIST handwritten digit database. AT&T Labs {Online}. Available: http:\/\/yann. lecun. com\/exdb\/mnist Vol. 2 (2010).  Yann LeCun Corinna Cortes and Christopher JC Burges. 2010. MNIST handwritten digit database. AT&T Labs {Online}. Available: http:\/\/yann. lecun. com\/exdb\/mnist Vol. 2 (2010)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2016.90"},{"key":"e_1_3_2_1_19_1","volume-title":"CEAS","volume":"17","author":"Metsis Vangelis","year":"2006"},{"key":"e_1_3_2_1_20_1","unstructured":"Microsoft . {n. d.}. Azure Machine Learning Studio. https:\/\/studio.azureml.net\/. (. {n. d.}).  Microsoft . {n. d.}. Azure Machine Learning Studio. https:\/\/studio.azureml.net\/. (. {n. d.})."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Seyed Mohsen Moosavi Dezfooli Alhussein Fawzi and Pascal Frossard. 2016. Deepfool: a simple and accurate method to fool deep neural networks Proceedings of 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).  Seyed Mohsen Moosavi Dezfooli Alhussein Fawzi and Pascal Frossard. 2016. Deepfool: a simple and accurate method to fool deep neural networks Proceedings of 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).","DOI":"10.1109\/CVPR.2016.282"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Mehran Mozaffari-Kermani Susmita Sur-Kolay Anand Raghunathan and Niraj K Jha. 2015. Systematic poisoning attacks on and defenses for machine learning in healthcare. IEEE journal of biomedical and health informatics Vol. 19 6 (2015) 1893--1905.  Mehran Mozaffari-Kermani Susmita Sur-Kolay Anand Raghunathan and Niraj K Jha. 2015. Systematic poisoning attacks on and defenses for machine learning in healthcare. IEEE journal of biomedical and health informatics Vol. 19 6 (2015) 1893--1905.","DOI":"10.1109\/JBHI.2014.2344095"},{"key":"e_1_3_2_1_23_1","volume-title":"IJCNN'02","volume":"2","author":"Mukkamala Srinivas","year":"2002"},{"key":"e_1_3_2_1_24_1","unstructured":"Michael A Nielsen. 2015. Neural networks and deep learning. (2015).  Michael A Nielsen. 2015. Neural networks and deep learning. (2015)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053009"},{"key":"e_1_3_2_1_26_1","volume-title":"2016 IEEE European Symposium on. IEEE, 372--387","author":"Papernot Nicolas","year":"2016"},{"key":"e_1_3_2_1_27_1","unstructured":"David E Rumelhart Geoffrey E Hinton Ronald J Williams et almbox. . {n. d.}. Learning representations by back-propagating errors. Cognitive modeling Vol. 5 3 (. {n. d.}) 1.  David E Rumelhart Geoffrey E Hinton Ronald J Williams et almbox. . {n. d.}. Learning representations by back-propagating errors. Cognitive modeling Vol. 5 3 (. {n. d.}) 1."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991125"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Hoo-Chang Shin Holger R Roth Mingchen Gao Le Lu Ziyue Xu Isabella Nogues Jianhua Yao Daniel Mollura and Ronald M Summers. 2016. Deep convolutional neural networks for computer-aided detection: CNN architectures dataset characteristics and transfer learning. IEEE transactions on medical imaging Vol. 35 5 (2016) 1285--1298.  Hoo-Chang Shin Holger R Roth Mingchen Gao Le Lu Ziyue Xu Isabella Nogues Jianhua Yao Daniel Mollura and Ronald M Summers. 2016. Deep convolutional neural networks for computer-aided detection: CNN architectures dataset characteristics and transfer learning. IEEE transactions on medical imaging Vol. 35 5 (2016) 1285--1298.","DOI":"10.1109\/TMI.2016.2528162"},{"key":"e_1_3_2_1_30_1","volume-title":"USENIX Security Symposium. 601--618","author":"Tram\u00e8r Florian","year":"2016"}],"event":{"name":"CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy","location":"Tempe AZ USA","acronym":"CODASPY '18","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176321","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3176258.3176321","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3176258.3176321","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:26:40Z","timestamp":1750213600000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176321"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,13]]},"references-count":30,"alternative-id":["10.1145\/3176258.3176321","10.1145\/3176258"],"URL":"https:\/\/doi.org\/10.1145\/3176258.3176321","relation":{},"subject":[],"published":{"date-parts":[[2018,3,13]]},"assertion":[{"value":"2018-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}