{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,15]],"date-time":"2025-12-15T14:14:56Z","timestamp":1765808096633,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,6,14]],"date-time":"2022-06-14T00:00:00Z","timestamp":1655164800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1912593, 2114220"],"award-info":[{"award-number":["1912593, 2114220"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,6,14]]},"DOI":"10.1145\/3524273.3528189","type":"proceedings-article","created":{"date-parts":[[2022,8,5]],"date-time":"2022-08-05T22:23:21Z","timestamp":1659738201000},"page":"164-176","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Visual privacy protection in mobile image recognition using protective perturbation"],"prefix":"10.1145","author":[{"given":"Mengmei","family":"Ye","sequence":"first","affiliation":[{"name":"IBM Research"}]},{"given":"Zhongze","family":"Tang","sequence":"additional","affiliation":[{"name":"Rutgers University"}]},{"given":"Huy","family":"Phan","sequence":"additional","affiliation":[{"name":"Rutgers University"}]},{"given":"Yi","family":"Xie","sequence":"additional","affiliation":[{"name":"Rutgers University"}]},{"given":"Bo","family":"Yuan","sequence":"additional","affiliation":[{"name":"Rutgers University"}]},{"given":"Sheng","family":"Wei","sequence":"additional","affiliation":[{"name":"Rutgers University"}]}],"member":"320","published-online":{"date-parts":[[2022,8,5]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2005. ARM Security Technology: Building a Secure System using TrustZone Technology.  2005. ARM Security Technology: Building a Secure System using TrustZone Technology."},{"key":"e_1_3_2_1_2_1","unstructured":"2016. GDPR. Intersof Consulting. https:\/\/gdpr-info.eu.  2016. GDPR. Intersof Consulting. https:\/\/gdpr-info.eu."},{"key":"e_1_3_2_1_3_1","unstructured":"2017. Find It On eBay: Using Pictures Instead of Words. https:\/\/tech.ebayinc.com\/product\/find-it-on-ebay-using-pictures-instead-of-words\/.  2017. Find It On eBay: Using Pictures Instead of Words. https:\/\/tech.ebayinc.com\/product\/find-it-on-ebay-using-pictures-instead-of-words\/."},{"key":"e_1_3_2_1_4_1","unstructured":"2017. Google Lens. Search what you see. https:\/\/lens.google.com\/.  2017. Google Lens. Search what you see. https:\/\/lens.google.com\/."},{"key":"e_1_3_2_1_5_1","unstructured":"2021. HIPAA. US Department of Health and Human Services. https:\/\/www.hhs.gov\/hipaa\/index.html.  2021. HIPAA. US Department of Health and Human Services. https:\/\/www.hhs.gov\/hipaa\/index.html."},{"key":"e_1_3_2_1_6_1","unstructured":"2021. Intel Software Guard Extensions (SGX). https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/topics\/software-guard-extensions.html.  2021. Intel Software Guard Extensions (SGX). https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/topics\/software-guard-extensions.html."},{"key":"e_1_3_2_1_7_1","unstructured":"2021. Pytorch Lightning Metrics. https:\/\/pytorch-lightning.readthedocs.io\/en\/stable\/extensions\/metrics.html.  2021. Pytorch Lightning Metrics. https:\/\/pytorch-lightning.readthedocs.io\/en\/stable\/extensions\/metrics.html."},{"key":"e_1_3_2_1_8_1","unstructured":"2021. Pytorch Mobile. https:\/\/pytorch.org\/mobile\/home\/.  2021. Pytorch Mobile. https:\/\/pytorch.org\/mobile\/home\/."},{"key":"e_1_3_2_1_9_1","unstructured":"2021. Pytorch MS-SSIM. https:\/\/github.com\/VainF\/pytorch-msssim.  2021. Pytorch MS-SSIM. https:\/\/github.com\/VainF\/pytorch-msssim."},{"key":"e_1_3_2_1_10_1","unstructured":"2021. Understand the Intersection between Data Privacy Laws and Cloud Computing. https:\/\/legal.thomsonreuters.com\/en\/insights\/articles\/understanding-data-privacy-and-cloud-computing.  2021. Understand the Intersection between Data Privacy Laws and Cloud Computing. https:\/\/legal.thomsonreuters.com\/en\/insights\/articles\/understanding-data-privacy-and-cloud-computing."},{"key":"e_1_3_2_1_11_1","unstructured":"Rosario Cammarota Matthias Schunter Anand Rajan Fabian Boemer \u00c1gnes Kiss Amos Treiber Christian Weinert Thomas Schneider Emmanuel Stapf Ahmad-Reza Sadeghi etal 2020. Trustworthy AI Inference Systems: An Industry Research View. arXiv:2008.04449.  Rosario Cammarota Matthias Schunter Anand Rajan Fabian Boemer \u00c1gnes Kiss Amos Treiber Christian Weinert Thomas Schneider Emmanuel Stapf Ahmad-Reza Sadeghi et al. 2020. Trustworthy AI Inference Systems: An Industry Research View. arXiv:2008.04449."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_1_13_1","volume-title":"Privacy Partitioning: Protecting User Data During the Deep Learning Inference Phase. In arXiv:1812.02863. 1--17.","author":"Chi Jianfeng","year":"2018","unstructured":"Jianfeng Chi , Emmanuel Owusu , Xuwang Yin , Tong Yu , William Chan , Patrick Tague , and Yuan Tian . 2018 . Privacy Partitioning: Protecting User Data During the Deep Learning Inference Phase. In arXiv:1812.02863. 1--17. Jianfeng Chi, Emmanuel Owusu, Xuwang Yin, Tong Yu, William Chan, Patrick Tague, and Yuan Tian. 2018. Privacy Partitioning: Protecting User Data During the Deep Learning Inference Phase. In arXiv:1812.02863. 1--17."},{"key":"e_1_3_2_1_14_1","volume-title":"Imagenet: A Large-Scale Hierarchical Image Database. In IEEE conference on computer vision and pattern recognition (CVPR). 248--255","author":"Deng Jia","year":"2009","unstructured":"Jia Deng , Wei Dong , Richard Socher , Li-Jia Li , Kai Li , and Li Fei-Fei . 2009 . Imagenet: A Large-Scale Hierarchical Image Database. In IEEE conference on computer vision and pattern recognition (CVPR). 248--255 . Jia Deng, Wei Dong, Richard Socher, Li-Jia Li, Kai Li, and Li Fei-Fei. 2009. Imagenet: A Large-Scale Hierarchical Image Database. In IEEE conference on computer vision and pattern recognition (CVPR). 248--255."},{"key":"e_1_3_2_1_15_1","unstructured":"WA Falcon etal 2019. PyTorch Lightning. 3 (2019). https:\/\/github.com\/PyTorchLightning\/pytorch-lightning.  WA Falcon et al. 2019. PyTorch Lightning. 3 (2019). https:\/\/github.com\/PyTorchLightning\/pytorch-lightning."},{"key":"e_1_3_2_1_16_1","volume-title":"Practical Image Obfuscation with Provable Privacy. In IEEE International Conference on Multimedia and Expo (ICME). 784--789","author":"Fan Liyue","year":"2019","unstructured":"Liyue Fan . 2019 . Practical Image Obfuscation with Provable Privacy. In IEEE International Conference on Multimedia and Expo (ICME). 784--789 . Liyue Fan. 2019. Practical Image Obfuscation with Provable Privacy. In IEEE International Conference on Multimedia and Expo (ICME). 784--789."},{"key":"e_1_3_2_1_17_1","volume-title":"Wired","author":"Greenberg Andy","year":"2014","unstructured":"Andy Greenberg . 2014 . Hacker Lexicon: What Is End-to-End Encryption ? Wired , November 25 (2014). Andy Greenberg. 2014. Hacker Lexicon: What Is End-to-End Encryption? Wired, November 25 (2014)."},{"key":"e_1_3_2_1_18_1","unstructured":"Zhongshu Gu Heqing Huang Jialong Zhang Dong Su Hani Jamjoom Ankita Lamba Dimitrios Pendarakis and Ian Molloy. 2020. Confidential Inference via Ternary Model Partitioning. In arXiv:1807.00969. 1--12.  Zhongshu Gu Heqing Huang Jialong Zhang Dong Su Hani Jamjoom Ankita Lamba Dimitrios Pendarakis and Ian Molloy. 2020. Confidential Inference via Ternary Model Partitioning. In arXiv:1807.00969. 1--12."},{"key":"e_1_3_2_1_19_1","volume-title":"Deep Residual Learning for Image Recognition. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 770--778","author":"He Kaiming","year":"2016","unstructured":"Kaiming He , Xiangyu Zhang , Shaoqing Ren , and Jian Sun . 2016 . Deep Residual Learning for Image Recognition. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 770--778 . Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2016. Deep Residual Learning for Image Recognition. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 770--778."},{"key":"e_1_3_2_1_20_1","volume-title":"Densely Connected Convolutional Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 4700--4708","author":"Huang Gao","year":"2017","unstructured":"Gao Huang , Zhuang Liu , Laurens Van Der Maaten , and Kilian Q Weinberger . 2017 . Densely Connected Convolutional Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 4700--4708 . Gao Huang, Zhuang Liu, Laurens Van Der Maaten, and Kilian Q Weinberger. 2017. Densely Connected Convolutional Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 4700--4708."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1038\/s42256-020-0186-1"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIP.2004.1421855"},{"key":"e_1_3_2_1_24_1","first-page":"11304","article-title":"Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks","volume":"34","author":"Kumar Chetan","year":"2020","unstructured":"Chetan Kumar , Riazat Ryan , and Ming Shao . 2020 . Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks . In Association for the Advancement of Artificial Intelligence (AAAI) , Vol. 34. 11304 -- 11311 . Chetan Kumar, Riazat Ryan, and Ming Shao. 2020. Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks. In Association for the Advancement of Artificial Intelligence (AAAI), Vol. 34. 11304--11311.","journal-title":"Association for the Advancement of Artificial Intelligence (AAAI)"},{"key":"e_1_3_2_1_25_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Liu Yingqi","year":"2017","unstructured":"Yingqi Liu , Shiqing Ma , Yousra Aafer , Wen-Chuan Lee , Juan Zhai , Weihang Wang , and Xiangyu Zhang . 2017 . Trojaning attack on neural networks . In Network and Distributed System Security Symposium (NDSS). Yingqi Liu, Shiqing Ma, Yousra Aafer, Wen-Chuan Lee, Juan Zhai, Weihang Wang, and Xiangyu Zhang. 2017. Trojaning attack on neural networks. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_26_1","volume-title":"Decoupled Weight Decay Regularization. arXiv preprint arXiv:1711.05101","author":"Loshchilov Ilya","year":"2017","unstructured":"Ilya Loshchilov and Frank Hutter . 2017. Decoupled Weight Decay Regularization. arXiv preprint arXiv:1711.05101 ( 2017 ). Ilya Loshchilov and Frank Hutter. 2017. Decoupled Weight Decay Regularization. arXiv preprint arXiv:1711.05101 (2017)."},{"key":"e_1_3_2_1_27_1","volume-title":"Towards Deep Learning Models Resistant to Adversarial Attacks. arXiv preprint arXiv:1706.06083","author":"Madry Aleksander","year":"2017","unstructured":"Aleksander Madry , Aleksandar Makelov , Ludwig Schmidt , Dimitris Tsipras , and Adrian Vladu . 2017. Towards Deep Learning Models Resistant to Adversarial Attacks. arXiv preprint arXiv:1706.06083 ( 2017 ). Aleksander Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras, and Adrian Vladu. 2017. Towards Deep Learning Models Resistant to Adversarial Attacks. arXiv preprint arXiv:1706.06083 (2017)."},{"key":"e_1_3_2_1_28_1","volume-title":"Torchvision the Machine-Vision Package of Torch. In ACM international conference on Multimedia. 1485--1488","author":"Marcel S\u00e9bastien","year":"2010","unstructured":"S\u00e9bastien Marcel and Yann Rodriguez . 2010 . Torchvision the Machine-Vision Package of Torch. In ACM international conference on Multimedia. 1485--1488 . S\u00e9bastien Marcel and Yann Rodriguez. 2010. Torchvision the Machine-Vision Package of Torch. In ACM international conference on Multimedia. 1485--1488."},{"key":"e_1_3_2_1_29_1","volume-title":"On Detecting Adversarial Perturbations. arXiv preprint arXiv:1702.04267","author":"Metzen Jan Hendrik","year":"2017","unstructured":"Jan Hendrik Metzen , Tim Genewein , Volker Fischer , and Bastian Bischoff . 2017. On Detecting Adversarial Perturbations. arXiv preprint arXiv:1702.04267 ( 2017 ). Jan Hendrik Metzen, Tim Genewein, Volker Fischer, and Bastian Bischoff. 2017. On Detecting Adversarial Perturbations. arXiv preprint arXiv:1702.04267 (2017)."},{"key":"e_1_3_2_1_30_1","volume-title":"arXiv:2006.13846","author":"Nilsson Jim","year":"2020","unstructured":"Jim Nilsson and Tomas Akenine-M\u00f6ller . 2020. Understanding SSIM. arXiv:2006.13846 ( 2020 ). Jim Nilsson and Tomas Akenine-M\u00f6ller. 2020. Understanding SSIM. arXiv:2006.13846 (2020)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2017.398"},{"key":"e_1_3_2_1_32_1","volume-title":"SCiFI - A System for Secure Face Identification. In IEEE Symposium on Security and Privacy (S&P). 239--254","author":"Osadchy Margarita","year":"2010","unstructured":"Margarita Osadchy , Benny Pinkas , Ayman Jarrous , and Boaz Moskovich . 2010 . SCiFI - A System for Secure Face Identification. In IEEE Symposium on Security and Privacy (S&P). 239--254 . Margarita Osadchy, Benny Pinkas, Ayman Jarrous, and Boaz Moskovich. 2010. SCiFI - A System for Secure Face Identification. In IEEE Symposium on Security and Privacy (S&P). 239--254."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053009"},{"key":"e_1_3_2_1_34_1","first-page":"8024","article-title":"PyTorch: An Imperative Style, High-Performance Deep Learning Library","volume":"32","author":"Paszke Adam","year":"2019","unstructured":"Adam Paszke , Sam Gross , Francisco Massa , Adam Lerer , James Bradbury , Gregory Chanan , Trevor Killeen , Zeming Lin , Natalia Gimelshein , Luca Antiga , Alban Desmaison , Andreas Kopf , Edward Yang , Zachary DeVito , Martin Raison , Alykhan Tejani , Sasank Chilamkurthy , Benoit Steiner , Lu Fang , Junjie Bai , and Soumith Chintala . 2019 . PyTorch: An Imperative Style, High-Performance Deep Learning Library . In Advances in Neural Information Processing Systems 32. 8024 -- 8035 . Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, Alban Desmaison, Andreas Kopf, Edward Yang, Zachary DeVito, Martin Raison, Alykhan Tejani, Sasank Chilamkurthy, Benoit Steiner, Lu Fang, Junjie Bai, and Soumith Chintala. 2019. PyTorch: An Imperative Style, High-Performance Deep Learning Library. In Advances in Neural Information Processing Systems 32. 8024--8035.","journal-title":"Advances in Neural Information Processing Systems"},{"volume-title":"PyTorch Models Trained on CIFAR-10 Dataset. https:\/\/github.com\/huyvnphan\/PyTorch_CIFAR10","author":"Phan Huy","key":"e_1_3_2_1_35_1","unstructured":"Huy Phan . 2021. PyTorch Models Trained on CIFAR-10 Dataset. https:\/\/github.com\/huyvnphan\/PyTorch_CIFAR10 . Huy Phan. 2021. PyTorch Models Trained on CIFAR-10 Dataset. https:\/\/github.com\/huyvnphan\/PyTorch_CIFAR10."},{"key":"e_1_3_2_1_36_1","volume-title":"CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator. In AAAI Conference on Artificial Intelligence (AAAI)","volume":"34","author":"Phan Huy","year":"2020","unstructured":"Huy Phan , Yi Xie , Siyu Liao , Jie Chen , and Bo Yuan . 2020 . CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator. In AAAI Conference on Artificial Intelligence (AAAI) , Vol. 34 . 5412--5419. Huy Phan, Yi Xie, Siyu Liao, Jie Chen, and Bo Yuan. 2020. CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator. In AAAI Conference on Artificial Intelligence (AAAI), Vol. 34. 5412--5419."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00465"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-01246-5_38"},{"key":"e_1_3_2_1_39_1","volume-title":"U-Net: Convolutional Networks for Biomedical Image Segmentation. In International Conference on Medical image computing and computer-assisted intervention. 234--241","author":"Ronneberger Olaf","year":"2015","unstructured":"Olaf Ronneberger , Philipp Fischer , and Thomas Brox . 2015 . U-Net: Convolutional Networks for Biomedical Image Segmentation. In International Conference on Medical image computing and computer-assisted intervention. 234--241 . Olaf Ronneberger, Philipp Fischer, and Thomas Brox. 2015. U-Net: Convolutional Networks for Biomedical Image Segmentation. In International Conference on Medical image computing and computer-assisted intervention. 234--241."},{"key":"e_1_3_2_1_40_1","volume-title":"Efficient Privacy-Preserving Face Recognition. In International Conference on Information Security and Cryptology (ICISC). 229--244","author":"Sadeghi Ahmad-Reza","year":"2009","unstructured":"Ahmad-Reza Sadeghi , Thomas Schneider , and Immo Wehrenberg . 2009 . Efficient Privacy-Preserving Face Recognition. In International Conference on Information Security and Cryptology (ICISC). 229--244 . Ahmad-Reza Sadeghi, Thomas Schneider, and Immo Wehrenberg. 2009. Efficient Privacy-Preserving Face Recognition. In International Conference on Information Security and Cryptology (ICISC). 229--244."},{"key":"e_1_3_2_1_41_1","volume-title":"Defense-Gan: Protecting Classifiers against Adversarial Attacks Using Generative Models. arXiv preprint arXiv:1805.06605","author":"Samangouei Pouya","year":"2018","unstructured":"Pouya Samangouei , Maya Kabkab , and Rama Chellappa . 2018. Defense-Gan: Protecting Classifiers against Adversarial Attacks Using Generative Models. arXiv preprint arXiv:1805.06605 ( 2018 ). Pouya Samangouei, Maya Kabkab, and Rama Chellappa. 2018. Defense-Gan: Protecting Classifiers against Adversarial Attacks Using Generative Models. arXiv preprint arXiv:1805.06605 (2018)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00474"},{"key":"e_1_3_2_1_43_1","volume-title":"Very Deep Convolutional Networks for Large-Scale Image Recognition. arXiv preprint arXiv:1409.1556","author":"Simonyan Karen","year":"2014","unstructured":"Karen Simonyan and Andrew Zisserman . 2014. Very Deep Convolutional Networks for Large-Scale Image Recognition. arXiv preprint arXiv:1409.1556 ( 2014 ). Karen Simonyan and Andrew Zisserman. 2014. Very Deep Convolutional Networks for Large-Scale Image Recognition. arXiv preprint arXiv:1409.1556 (2014)."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00530"},{"key":"e_1_3_2_1_45_1","volume-title":"Going Deeper with Convolutions. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 1--9.","author":"Szegedy Christian","year":"2015","unstructured":"Christian Szegedy , Wei Liu , Yangqing Jia , Pierre Sermanet , Scott Reed , Dragomir Anguelov , Dumitru Erhan , Vincent Vanhoucke , and Andrew Rabinovich . 2015 . Going Deeper with Convolutions. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 1--9. Christian Szegedy, Wei Liu, Yangqing Jia, Pierre Sermanet, Scott Reed, Dragomir Anguelov, Dumitru Erhan, Vincent Vanhoucke, and Andrew Rabinovich. 2015. Going Deeper with Convolutions. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 1--9."},{"key":"e_1_3_2_1_46_1","volume-title":"Rethinking the Inception Architecture for Computer Vision. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 2818--2826","author":"Szegedy Christian","year":"2016","unstructured":"Christian Szegedy , Vincent Vanhoucke , Sergey Ioffe , Jon Shlens , and Zbigniew Wojna . 2016 . Rethinking the Inception Architecture for Computer Vision. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 2818--2826 . Christian Szegedy, Vincent Vanhoucke, Sergey Ioffe, Jon Shlens, and Zbigniew Wojna. 2016. Rethinking the Inception Architecture for Computer Vision. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 2818--2826."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3394171.3413639"},{"key":"e_1_3_2_1_48_1","volume-title":"Verifiable and Private Execution of Neural Networks in Trusted Hardware. In International Conference on Learning Representations (ICLR). 1--19","author":"Tramer Florian","year":"2019","unstructured":"Florian Tramer and Dan Boneh . 2019 . Slalom: Fast , Verifiable and Private Execution of Neural Networks in Trusted Hardware. In International Conference on Learning Representations (ICLR). 1--19 . Florian Tramer and Dan Boneh. 2019. Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware. In International Conference on Learning Representations (ICLR). 1--19."},{"key":"e_1_3_2_1_49_1","volume-title":"High-Frequency Component Helps Explain the Generalization of Convolutional Neural Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 8684--8694","author":"Wang Haohan","year":"2020","unstructured":"Haohan Wang , Xindi Wu , Zeyi Huang , and Eric P Xing . 2020 . High-Frequency Component Helps Explain the Generalization of Convolutional Neural Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 8684--8694 . Haohan Wang, Xindi Wu, Zeyi Huang, and Eric P Xing. 2020. High-Frequency Component Helps Explain the Generalization of Convolutional Neural Networks. In IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 8684--8694."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3219819.3220106"},{"key":"e_1_3_2_1_51_1","volume-title":"Privacy-Preserving Image Classification in the Local Setting. arXiv:2002.03261","author":"Wang Sen","year":"2020","unstructured":"Sen Wang and J Morris Chang . 2020. Privacy-Preserving Image Classification in the Local Setting. arXiv:2002.03261 ( 2020 ). Sen Wang and J Morris Chang. 2020. Privacy-Preserving Image Classification in the Local Setting. arXiv:2002.03261 (2020)."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIP.2003.819861"},{"key":"e_1_3_2_1_53_1","volume-title":"Structural Approaches to Image Quality Assessment. Handbook of Image and Video Processing 7, 18","author":"Wang Zhou","year":"2005","unstructured":"Zhou Wang , Alan C Bovik , and Eero P Simoncelli . 2005. Structural Approaches to Image Quality Assessment. Handbook of Image and Video Processing 7, 18 ( 2005 ). Zhou Wang, Alan C Bovik, and Eero P Simoncelli. 2005. Structural Approaches to Image Quality Assessment. Handbook of Image and Video Processing 7, 18 (2005)."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3447993.3448618"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287624.3288752"},{"key":"e_1_3_2_1_56_1","volume-title":"Kaidi Xu, Yanzhi Wang, Chenglong Bao, and Kaisheng Ma.","author":"Ye Shaokai","year":"2019","unstructured":"Shaokai Ye , Sia Huat Tan , Kaidi Xu, Yanzhi Wang, Chenglong Bao, and Kaisheng Ma. 2019 . Brain-Inspired Reverse Adversarial Examples . arXiv:1905.12171 (2019). Shaokai Ye, Sia Huat Tan, Kaidi Xu, Yanzhi Wang, Chenglong Bao, and Kaisheng Ma. 2019. Brain-Inspired Reverse Adversarial Examples. arXiv:1905.12171 (2019)."},{"key":"e_1_3_2_1_57_1","volume-title":"Automation & Test in Europe Conference & Exhibition (DATE). 1415--1420","author":"Zhao Yang","year":"2019","unstructured":"Yang Zhao , Xing Hu , Shuangchen Li , Jing Ye , Lei Deng , Yu Ji , Jianyu Xu , Dong Wu , and Yuan Xie . 2019 . Memory Trojan Attack on Neural Network Accelerators. In Design , Automation & Test in Europe Conference & Exhibition (DATE). 1415--1420 . Yang Zhao, Xing Hu, Shuangchen Li, Jing Ye, Lei Deng, Yu Ji, Jianyu Xu, Dong Wu, and Yuan Xie. 2019. Memory Trojan Attack on Neural Network Accelerators. In Design, Automation & Test in Europe Conference & Exhibition (DATE). 1415--1420."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3375627.3375849"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3117811.3117820"}],"event":{"name":"MMSys '22: 13th ACM Multimedia Systems Conference","sponsor":["SIGMM ACM Special Interest Group on Multimedia","SIGCOMM ACM Special Interest Group on Data Communication","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"],"location":"Athlone Ireland","acronym":"MMSys '22"},"container-title":["Proceedings of the 13th ACM Multimedia Systems Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3524273.3528189","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3524273.3528189","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3524273.3528189","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:31:06Z","timestamp":1750188666000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3524273.3528189"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,14]]},"references-count":58,"alternative-id":["10.1145\/3524273.3528189","10.1145\/3524273"],"URL":"https:\/\/doi.org\/10.1145\/3524273.3528189","relation":{},"subject":[],"published":{"date-parts":[[2022,6,14]]},"assertion":[{"value":"2022-08-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}