{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T14:09:07Z","timestamp":1768313347103,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,4,26]],"date-time":"2021-04-26T00:00:00Z","timestamp":1619395200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,4,26]]},"DOI":"10.1145\/3422337.3447841","type":"proceedings-article","created":{"date-parts":[[2021,4,10]],"date-time":"2021-04-10T07:57:52Z","timestamp":1618041472000},"page":"17-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Using Single-Step Adversarial Training to Defend Iterative Adversarial Examples"],"prefix":"10.1145","author":[{"given":"Guanxiong","family":"Liu","sequence":"first","affiliation":[{"name":"New Jersey Institute of Technology, Newark, NJ, USA"}]},{"given":"Issa","family":"Khalil","sequence":"additional","affiliation":[{"name":"Qatar Computing Research Institute, Doha, Qatar"}]},{"given":"Abdallah","family":"Khreishah","sequence":"additional","affiliation":[{"name":"New Jersey Institute of Technology, Newark, NJ, USA"}]}],"member":"320","published-online":{"date-parts":[[2021,4,26]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. arXiv preprint arXiv:1802.00420","author":"Athalye Anish","year":"2018","unstructured":"Anish Athalye , Nicholas Carlini , and David Wagner . 2018. Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. arXiv preprint arXiv:1802.00420 ( 2018 ). Anish Athalye, Nicholas Carlini, and David Wagner. 2018. Obfuscated gradients give a false sense of security: Circumventing defenses to adversarial examples. arXiv preprint arXiv:1802.00420 (2018)."},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1093\/bioinformatics\/btl242"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"crossref","unstructured":"J. Deng W. Dong R. Socher L.-J. Li K. Li and L. Fei-Fei. 2009. ImageNet: A Large-Scale Hierarchical Image Database. In CVPR09.  J. Deng W. Dong R. Socher L.-J. Li K. Li and L. Fei-Fei. 2009. ImageNet: A Large-Scale Hierarchical Image Database. In CVPR09.","DOI":"10.1109\/CVPR.2009.5206848"},{"key":"e_1_3_2_2_5_1","volume-title":"Evaluating and understanding the robustness of adversarial logit pairing. arXiv preprint arXiv:1807.10272","author":"Engstrom Logan","year":"2018","unstructured":"Logan Engstrom , Andrew Ilyas , and Anish Athalye . 2018. Evaluating and understanding the robustness of adversarial logit pairing. arXiv preprint arXiv:1807.10272 ( 2018 ). Logan Engstrom, Andrew Ilyas, and Anish Athalye. 2018. Evaluating and understanding the robustness of adversarial logit pairing. arXiv preprint arXiv:1807.10272 (2018)."},{"key":"e_1_3_2_2_6_1","volume-title":"International Conference on Learning Representations","author":"Goodfellow Ian J","year":"2015","unstructured":"Ian J Goodfellow , Jonathon Shlens , and Christian Szegedy . 2015 . Explaining and harnessing adversarial examples . International Conference on Learning Representations (2015). Ian J Goodfellow, Jonathon Shlens, and Christian Szegedy. 2015. Explaining and harnessing adversarial examples. International Conference on Learning Representations (2015)."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_2_8_1","volume-title":"Adversarial Logit Pairing. arXiv preprint arXiv:1803.06373","author":"Kannan Harini","year":"2018","unstructured":"Harini Kannan , Alexey Kurakin , and Ian Goodfellow . 2018. Adversarial Logit Pairing. arXiv preprint arXiv:1803.06373 ( 2018 ). Harini Kannan, Alexey Kurakin, and Ian Goodfellow. 2018. Adversarial Logit Pairing. arXiv preprint arXiv:1803.06373 (2018)."},{"key":"e_1_3_2_2_9_1","volume-title":"Adversarial examples in the physical world. arXiv preprint arXiv:1607.02533","author":"Kurakin Alexey","year":"2016","unstructured":"Alexey Kurakin , Ian Goodfellow , and Samy Bengio . 2016. Adversarial examples in the physical world. arXiv preprint arXiv:1607.02533 ( 2016 ). Alexey Kurakin, Ian Goodfellow, and Samy Bengio. 2016. Adversarial examples in the physical world. arXiv preprint arXiv:1607.02533 (2016)."},{"key":"e_1_3_2_2_10_1","volume-title":"International Conference on Learning Representations","author":"Kurakin Alexey","year":"2017","unstructured":"Alexey Kurakin , Ian Goodfellow , and Samy Bengio . 2017 . Adversarial machine learning at scale . International Conference on Learning Representations (2017). Alexey Kurakin, Ian Goodfellow, and Samy Bengio. 2017. Adversarial machine learning at scale. International Conference on Learning Representations (2017)."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/5.726791"},{"key":"e_1_3_2_2_12_1","volume-title":"ZK-GanDef: A GAN based Zero Knowledge Adversarial Training Defense for Neural Networks. arXiv preprint arXiv:1904.08516","author":"Liu Guanxiong","year":"2019","unstructured":"Guanxiong Liu , Issa Khalil , and Abdallah Khreishah . 2019. ZK-GanDef: A GAN based Zero Knowledge Adversarial Training Defense for Neural Networks. arXiv preprint arXiv:1904.08516 ( 2019 ). Guanxiong Liu, Issa Khalil, and Abdallah Khreishah. 2019. ZK-GanDef: A GAN based Zero Knowledge Adversarial Training Defense for Neural Networks. arXiv preprint arXiv:1904.08516 (2019)."},{"key":"e_1_3_2_2_13_1","first-page":"2579","article-title":"Visualizing data using t-SNE","volume":"9","author":"van der Maaten Laurens","year":"2008","unstructured":"Laurens van der Maaten and Geoffrey Hinton . 2008 . Visualizing data using t-SNE . Journal of machine learning research , Vol. 9 , Nov (2008), 2579 -- 2605 . Laurens van der Maaten and Geoffrey Hinton. 2008. Visualizing data using t-SNE. Journal of machine learning research, Vol. 9, Nov (2008), 2579--2605.","journal-title":"Journal of machine learning research"},{"key":"e_1_3_2_2_14_1","volume-title":"Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083","author":"Madry Aleksander","year":"2017","unstructured":"Aleksander Madry , Aleksandar Makelov , Ludwig Schmidt , Dimitris Tsipras , and Adrian Vladu . 2017. Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083 ( 2017 ). Aleksander Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras, and Adrian Vladu. 2017. Towards deep learning models resistant to adversarial attacks. arXiv preprint arXiv:1706.06083 (2017)."},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134057"},{"key":"e_1_3_2_2_16_1","volume-title":"Technical Report on the CleverHans v2.1.0 Adversarial Examples Library. arXiv preprint arXiv:1610.00768","author":"Papernot Nicolas","year":"2018","unstructured":"Nicolas Papernot , Fartash Faghri , Nicholas Carlini , Ian Goodfellow , Reuben Feinman , Alexey Kurakin , Cihang Xie , Yash Sharma , Tom Brown , Aurko Roy , Alexander Matyasko , Vahid Behzadan , Karen Hambardzumyan , Zhishuai Zhang , Yi-Lin Juang , Zhi Li , Ryan Sheatsley , Abhibhav Garg , Jonathan Uesato , Willi Gierke , Yinpeng Dong , David Berthelot , Paul Hendricks , Jonas Rauber , and Rujun Long . 2018. Technical Report on the CleverHans v2.1.0 Adversarial Examples Library. arXiv preprint arXiv:1610.00768 ( 2018 ). Nicolas Papernot, Fartash Faghri, Nicholas Carlini, Ian Goodfellow, Reuben Feinman, Alexey Kurakin, Cihang Xie, Yash Sharma, Tom Brown, Aurko Roy, Alexander Matyasko, Vahid Behzadan, Karen Hambardzumyan, Zhishuai Zhang, Yi-Lin Juang, Zhi Li, Ryan Sheatsley, Abhibhav Garg, Jonathan Uesato, Willi Gierke, Yinpeng Dong, David Berthelot, Paul Hendricks, Jonas Rauber, and Rujun Long. 2018. Technical Report on the CleverHans v2.1.0 Adversarial Examples Library. arXiv preprint arXiv:1610.00768 (2018)."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.41"},{"key":"e_1_3_2_2_18_1","volume-title":"Defense-GAN: Protecting classifiers against adversarial attacks using generative models. arXiv preprint arXiv:1805.06605","author":"Samangouei Pouya","year":"2018","unstructured":"Pouya Samangouei , Maya Kabkab , and Rama Chellappa . 2018. Defense-GAN: Protecting classifiers against adversarial attacks using generative models. arXiv preprint arXiv:1805.06605 ( 2018 ). Pouya Samangouei, Maya Kabkab, and Rama Chellappa. 2018. Defense-GAN: Protecting classifiers against adversarial attacks using generative models. arXiv preprint arXiv:1805.06605 (2018)."},{"key":"e_1_3_2_2_19_1","unstructured":"Lukas Schott Jonas Rauber Matthias Bethge and Wieland Brendel. 2018. Towards the first adversarially robust neural network model on MNIST. (2018).  Lukas Schott Jonas Rauber Matthias Bethge and Wieland Brendel. 2018. Towards the first adversarially robust neural network model on MNIST. (2018)."},{"key":"e_1_3_2_2_20_1","unstructured":"Ali Shafahi Mahyar Najibi Amin Ghiasi Zheng Xu John Dickerson Christoph Studer Larry S. Davis Gavin Taylor and Tom Goldstein. 2019. Adversarial Training for Free!arxiv: cs.LG\/1904.12843  Ali Shafahi Mahyar Najibi Amin Ghiasi Zheng Xu John Dickerson Christoph Studer Larry S. Davis Gavin Taylor and Tom Goldstein. 2019. Adversarial Training for Free!arxiv: cs.LG\/1904.12843"},{"key":"e_1_3_2_2_21_1","volume-title":"Improving the Generalization of Adversarial Training with Domain Adaptation. arXiv preprint arXiv:1810.00740","author":"Song Chuanbiao","year":"2018","unstructured":"Chuanbiao Song , Kun He , Liwei Wang , and John E Hopcroft . 2018. Improving the Generalization of Adversarial Training with Domain Adaptation. arXiv preprint arXiv:1810.00740 ( 2018 ). Chuanbiao Song, Kun He, Liwei Wang, and John E Hopcroft. 2018. Improving the Generalization of Adversarial Training with Domain Adaptation. arXiv preprint arXiv:1810.00740 (2018)."},{"key":"e_1_3_2_2_22_1","volume-title":"International Conference on Learning Representations","author":"Szegedy Christian","year":"2014","unstructured":"Christian Szegedy , Wojciech Zaremba , Ilya Sutskever , Joan Bruna , Dumitru Erhan , Ian Goodfellow , and Rob Fergus . 2014 . Intriguing properties of neural networks . International Conference on Learning Representations (2014). Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. 2014. Intriguing properties of neural networks. International Conference on Learning Representations (2014)."},{"key":"e_1_3_2_2_23_1","volume-title":"Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204","author":"Tram\u00e8r Florian","year":"2017","unstructured":"Florian Tram\u00e8r , Alexey Kurakin , Nicolas Papernot , Ian Goodfellow , Dan Boneh , and Patrick McDaniel . 2017. Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204 ( 2017 ). Florian Tram\u00e8r, Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh, and Patrick McDaniel. 2017. Ensemble adversarial training: Attacks and defenses. arXiv preprint arXiv:1705.07204 (2017)."}],"event":{"name":"CODASPY '21: Eleventh ACM Conference on Data and Application Security and Privacy","location":"Virtual Event USA","acronym":"CODASPY '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3422337.3447841","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3422337.3447841","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:03:21Z","timestamp":1750197801000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3422337.3447841"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,26]]},"references-count":23,"alternative-id":["10.1145\/3422337.3447841","10.1145\/3422337"],"URL":"https:\/\/doi.org\/10.1145\/3422337.3447841","relation":{},"subject":[],"published":{"date-parts":[[2021,4,26]]},"assertion":[{"value":"2021-04-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}