{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:30:21Z","timestamp":1750221021325,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,8,12]],"date-time":"2019-08-12T00:00:00Z","timestamp":1565568000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,8,12]]},"DOI":"10.1145\/3338906.3342502","type":"proceedings-article","created":{"date-parts":[[2019,8,9]],"date-time":"2019-08-09T12:21:03Z","timestamp":1565353263000},"page":"1238-1240","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Static deep neural network analysis for robustness"],"prefix":"10.1145","author":[{"given":"Rangeet","family":"Pan","sequence":"first","affiliation":[{"name":"Iowa State University, USA"}]}],"member":"320","published-online":{"date-parts":[[2019,8,12]]},"reference":[{"volume-title":"Adef: An iterative algorithm to construct adversarial deformations. arXiv preprint arXiv:1804.07729","year":"2018","author":"Alaifari Rima","key":"e_1_3_2_1_1_1"},{"key":"e_1_3_2_1_2_1","unstructured":"Jacob Buckman Aurko Roy Colin Raffel and Ian Goodfellow. 2018. Thermometer encoding: One hot way to resist adversarial examples. (2018).  Jacob Buckman Aurko Roy Colin Raffel and Ian Goodfellow. 2018. Thermometer encoding: One hot way to resist adversarial examples. (2018)."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2015.312"},{"volume-title":"Boundary attack++: Query-efficient decision-based adversarial attack. arXiv preprint arXiv:1904.02144","year":"2019","author":"Chen Jianbo","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00957"},{"volume-title":"A rotation and a translation suffice: Fooling cnns with simple transformations. arXiv preprint arXiv:1712.02779","year":"2017","author":"Engstrom Logan","key":"e_1_3_2_1_7_1"},{"key":"e_1_3_2_1_8_1","unstructured":"Alhussein Fawzi Hamza Fawzi and Omar Fawzi. 2018. Adversarial vulnerability for any classifier. In Advances in Neural Information Processing Systems. 1178\u2013 1187.   Alhussein Fawzi Hamza Fawzi and Omar Fawzi. 2018. Adversarial vulnerability for any classifier. In Advances in Neural Information Processing Systems. 1178\u2013 1187."},{"key":"e_1_3_2_1_9_1","unstructured":"FOURSQUARE. 2018. In Ten Years: The Future of AI and ML. https:\/\/medium.com\/foursquare-direct\/in-ten-years-the-future-of-ai-andml-fa68a527f378\/. Retrieved June 2019.  FOURSQUARE. 2018. In Ten Years: The Future of AI and ML. https:\/\/medium.com\/foursquare-direct\/in-ten-years-the-future-of-ai-andml-fa68a527f378\/. Retrieved June 2019."},{"volume-title":"Deep learning","author":"Goodfellow Ian","key":"e_1_3_2_1_10_1"},{"key":"e_1_3_2_1_11_1","unstructured":"Ian Goodfellow Jean Pouget-Abadie Mehdi Mirza Bing Xu David Warde-Farley Sherjil Ozair Aaron Courville and Yoshua Bengio. 2014. Generative adversarial nets. In Advances in neural information processing systems. 2672\u20132680.   Ian Goodfellow Jean Pouget-Abadie Mehdi Mirza Bing Xu David Warde-Farley Sherjil Ozair Aaron Courville and Yoshua Bengio. 2014. Generative adversarial nets. In Advances in neural information processing systems. 2672\u20132680."},{"volume-title":"Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572","year":"2014","author":"Goodfellow Ian J","key":"e_1_3_2_1_12_1"},{"volume-title":"Thirty-Second AAAI Conference on Artificial Intelligence.","year":"2018","author":"Goswami Gaurav","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_1_15_1","unstructured":"R Huang B Xu D Schuurmans and C Szepesv\u00e1ri. 2015. Learning with a strong adversary.  R Huang B Xu D Schuurmans and C Szepesv\u00e1ri. 2015. Learning with a strong adversary."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134635"},{"key":"e_1_3_2_1_18_1","unstructured":"Alex Krizhevsky Ilya Sutskever and Geoffrey E Hinton. 2012. Imagenet classification with deep convolutional neural networks. In Advances in neural information processing systems. 1097\u20131105.   Alex Krizhevsky Ilya Sutskever and Geoffrey E Hinton. 2012. Imagenet classification with deep convolutional neural networks. In Advances in neural information processing systems. 1097\u20131105."},{"volume-title":"Adversarial examples in the physical world. arXiv preprint arXiv:1607.02533","year":"2016","author":"Kurakin Alexey","key":"e_1_3_2_1_19_1"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/5.726791"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1142\/S0218488504002631"},{"volume-title":"Arnaud Arindra Adiyoso Setio, Francesco Ciompi, Mohsen Ghafoorian, Jeroen Awm Van Der Laak, Bram Van Ginneken, and Clara I S\u00e1nchez.","year":"2017","author":"Litjens Geert","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-01234-2_23"},{"key":"e_1_3_2_1_24_1","first-page":"2579","article-title":"Visualizing data using t-SNE","author":"van der Maaten Laurens","year":"2008","journal-title":"Journal of machine learning research 9"},{"volume-title":"Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083","year":"2017","author":"Madry Aleksander","key":"e_1_3_2_1_25_1"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00930"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.282"},{"volume-title":"Simple black-box adversarial perturbations for deep networks. arXiv preprint arXiv:1612.06299","year":"2016","author":"Narodytska Nina","key":"e_1_3_2_1_28_1"},{"volume-title":"https:\/\/www.nvidia.com\/en-us\/self-drivingcars\/drive-platform\/. Retrieved","year":"2019","author":"NVIDIA.","key":"e_1_3_2_1_29_1"},{"key":"e_1_3_2_1_30_1","unstructured":"Tianyu Pang Chao Du Yinpeng Dong and Jun Zhu. 2018. Towards robust detection of adversarial examples. In Advances in Neural Information Processing Systems. 4579\u20134589.   Tianyu Pang Chao Du Yinpeng Dong and Jun Zhu. 2018. Towards robust detection of adversarial examples. In Advances in Neural Information Processing Systems. 4579\u20134589."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.41"},{"key":"e_1_3_2_1_33_1","unstructured":"Jonathan Peck Joris Roels Bart Goossens and Yvan Saeys. 2017. Lower bounds on the robustness to adversarial perturbations. In Advances in Neural Information Processing Systems. 804\u2013813.   Jonathan Peck Joris Roels Bart Goossens and Yvan Saeys. 2017. Lower bounds on the robustness to adversarial perturbations. In Advances in Neural Information Processing Systems. 804\u2013813."},{"volume-title":"Foolbox: A Python toolbox to benchmark the robustness of machine learning models. arXiv preprint arXiv:1707.04131","year":"2017","author":"Rauber Jonas","key":"e_1_3_2_1_34_1"},{"volume-title":"Robert Sabourin, and Eric Granger.","year":"2018","author":"Rony J\u00e9r\u00f4me","key":"e_1_3_2_1_35_1"},{"volume-title":"Towards the first adversarially robust neural network model on MNIST. arXiv preprint arXiv:1805.09190","year":"2018","author":"Schott Lukas","key":"e_1_3_2_1_36_1"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2016.7727230"},{"volume-title":"Attacks meet interpretability: Attribute-steered detection of adversarial samples. In Advances in Neural Information Processing Systems. 7717\u20137728","year":"2018","author":"Tao Guanhong","key":"e_1_3_2_1_38_1"},{"volume-title":"Experimental Security Research of Tesla Autopilot. Tencent Keen Security Lab. Retrieved","year":"2019","author":"Security Lab Tencent Keen","key":"e_1_3_2_1_39_1"},{"volume-title":"Thirty-Second AAAI Conference on Artificial Intelligence.","year":"2018","author":"Tian Shixin","key":"e_1_3_2_1_40_1"},{"volume-title":"Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204","year":"2017","author":"Tram\u00e8r Florian","key":"e_1_3_2_1_41_1"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00126"},{"key":"e_1_3_2_1_43_1","first-page":"194","article-title":"A quantitative analysis and performance study for similarity-search methods in high-dimensional spaces","volume":"98","author":"Weber Roger","year":"1998","journal-title":"VLDB"},{"volume-title":"Fashion-mnist: a novel image dataset for benchmarking machine learning algorithms. arXiv preprint arXiv:1708.07747","year":"2017","author":"Xiao Han","key":"e_1_3_2_1_44_1"},{"key":"e_1_3_2_1_45_1","unstructured":"Ziang Yan Yiwen Guo and Changshui Zhang. 2018. Deep Defense: Training DNNs with Improved Adversarial Robustness. In Advances in Neural Information Processing Systems. 419\u2013428. Abstract 1 Research Problem and Motivation 2 Background and Related Works 3 Approach and Uniqueness 4 Preliminary Results 5 Future Work 6 Conclusion References   Ziang Yan Yiwen Guo and Changshui Zhang. 2018. Deep Defense: Training DNNs with Improved Adversarial Robustness. In Advances in Neural Information Processing Systems. 419\u2013428. Abstract 1 Research Problem and Motivation 2 Background and Related Works 3 Approach and Uniqueness 4 Preliminary Results 5 Future Work 6 Conclusion References"}],"event":{"name":"ESEC\/FSE '19: 27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"],"location":"Tallinn Estonia","acronym":"ESEC\/FSE '19"},"container-title":["Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338906.3342502","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3338906.3342502","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:26:22Z","timestamp":1750206382000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338906.3342502"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,12]]},"references-count":44,"alternative-id":["10.1145\/3338906.3342502","10.1145\/3338906"],"URL":"https:\/\/doi.org\/10.1145\/3338906.3342502","relation":{},"subject":[],"published":{"date-parts":[[2019,8,12]]},"assertion":[{"value":"2019-08-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}