{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:16:06Z","timestamp":1750220166435,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T00:00:00Z","timestamp":1667779200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,11]]},"DOI":"10.1145\/3560830.3563727","type":"proceedings-article","created":{"date-parts":[[2022,11,2]],"date-time":"2022-11-02T22:32:41Z","timestamp":1667428361000},"page":"103-113","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Proactive Detection of Query-based Adversarial Scenarios in NLP Systems"],"prefix":"10.1145","author":[{"given":"Mohammad","family":"Maghsoudimehrabani","sequence":"first","affiliation":[{"name":"University of Guelph, Guelph, ON, Canada"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Amin","family":"Azmoodeh","sequence":"additional","affiliation":[{"name":"University of Guelph, Guelph, ON, Canada"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ali","family":"Dehghantanha","sequence":"additional","affiliation":[{"name":"University of Guelph, Guelph, ON, Canada"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Behrouz","family":"Zolfaghari","sequence":"additional","affiliation":[{"name":"University of Guelph, Guelph, ON, Canada"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gautam","family":"Srivastava","sequence":"additional","affiliation":[{"name":"Brandon University, Brandon, MAN, Canada"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,11,7]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2015. Extracted from the Yelp Dataset Challenge 2015 data. https:\/\/www.yelp.com\/dataset. Accessed: 2020--10--20.  2015. Extracted from the Yelp Dataset Challenge 2015 data. https:\/\/www.yelp.com\/dataset. Accessed: 2020--10--20."},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2021.findings-acl.287"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3128572.3140444"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2339811"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2021.findings-acl.281"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3385003.3410925"},{"key":"e_1_3_2_2_7_1","volume-title":"Proceedings of International Conference on Learning Representations (ICLR)","author":"Dong Xinshuai","year":"2021","unstructured":"Xinshuai Dong , Anh Tuan Luu , Rongrong Ji , and Hong Liu . 2021 . Towards Robustness Against Natural Language Word Substitutions . In Proceedings of International Conference on Learning Representations (ICLR) . Vienna, Austria. Xinshuai Dong, Anh Tuan Luu, Rongrong Ji, and Hong Liu. 2021. Towards Robustness Against Natural Language Word Substitutions. In Proceedings of International Conference on Learning Representations (ICLR). Vienna, Austria."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.2997134"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2018.00016"},{"key":"e_1_3_2_2_10_1","volume-title":"Adversarial texts with gradient methods. arXiv preprint arXiv:1801.07175","author":"Gong Zhitao","year":"2018","unstructured":"Zhitao Gong , Wenlu Wang , Bo Li , Dawn Song , and Wei-Shinn Ku. 2018. Adversarial texts with gradient methods. arXiv preprint arXiv:1801.07175 ( 2018 ). Zhitao Gong, Wenlu Wang, Bo Li, Dawn Song, and Wei-Shinn Ku. 2018. Adversarial texts with gradient methods. arXiv preprint arXiv:1801.07175 (2018)."},{"key":"e_1_3_2_2_11_1","unstructured":"Google. 2022. Google Jigsaw. 2022. Perspective API. Accessed: 2022-09-01 https:\/\/www.perspectiveapi.com.  Google. 2022. Google Jigsaw. 2022. Perspective API. Accessed: 2022-09-01 https:\/\/www.perspectiveapi.com."},{"key":"e_1_3_2_2_12_1","volume-title":"Certified robustness to adversarial word substitutions. arXiv preprint arXiv:1909.00986","author":"Jia Robin","year":"2019","unstructured":"Robin Jia , Aditi Raghunathan , Kerem G\u00f6ksel , and Percy Liang . 2019. Certified robustness to adversarial word substitutions. arXiv preprint arXiv:1909.00986 ( 2019 ). Robin Jia, Aditi Raghunathan, Kerem G\u00f6ksel, and Percy Liang. 2019. Certified robustness to adversarial word substitutions. arXiv preprint arXiv:1909.00986 (2019)."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i05.6311"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.acl-main.245"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2019.2925452"},{"key":"e_1_3_2_2_16_1","volume-title":"Detecting Universal Trigger's Adversarial Attack with Honeypot. arXiv preprint arXiv:2011.10492","author":"Le Thai","year":"2020","unstructured":"Thai Le , Noseong Park , and Dongwon Lee . 2020. Detecting Universal Trigger's Adversarial Attack with Honeypot. arXiv preprint arXiv:2011.10492 ( 2020 ). Thai Le, Noseong Park, and Dongwon Lee. 2020. Detecting Universal Trigger's Adversarial Attack with Honeypot. arXiv preprint arXiv:2011.10492 (2020)."},{"key":"e_1_3_2_2_17_1","unstructured":"Vladimir I Levenshtein etal 1966. Binary codes capable of correcting deletions insertions and reversals. In Soviet physics doklady Vol. 10. Soviet Union 707--710.  Vladimir I Levenshtein et al. 1966. Binary codes capable of correcting deletions insertions and reversals. In Soviet physics doklady Vol. 10. Soviet Union 707--710."},{"key":"e_1_3_2_2_18_1","volume-title":"Blacklight: Scalable defense for neural networks against query-based black-box attacks. arXiv preprint arXiv:2006.14042","author":"Li Huiying","year":"2022","unstructured":"Huiying Li , Shawn Shan , Emily Wenger , Jiayun Zhang , Haitao Zheng , and Ben Y Zhao . 2022 . Blacklight: Scalable defense for neural networks against query-based black-box attacks. arXiv preprint arXiv:2006.14042 (2022). Huiying Li, Shawn Shan, Emily Wenger, Jiayun Zhang, Haitao Zheng, and Ben Y Zhao. 2022. Blacklight: Scalable defense for neural networks against query-based black-box attacks. arXiv preprint arXiv:2006.14042 (2022)."},{"key":"e_1_3_2_2_19_1","volume-title":"Textbugger: Generating adversarial text against real-world applications. arXiv preprint arXiv:1812.05271","author":"Li Jinfeng","year":"2018","unstructured":"Jinfeng Li , Shouling Ji , Tianyu Du , Bo Li , and Ting Wang . 2018 . Textbugger: Generating adversarial text against real-world applications. arXiv preprint arXiv:1812.05271 (2018). Jinfeng Li, Shouling Ji, Tianyu Du, Bo Li, and Ting Wang. 2018. Textbugger: Generating adversarial text against real-world applications. arXiv preprint arXiv:1812.05271 (2018)."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i05.6356"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i05.6357"},{"key":"e_1_3_2_2_22_1","volume-title":"CharBERT: Character-aware Pre-trained Language Model. arXiv preprint arXiv:2011.01513","author":"Ma Wentao","year":"2020","unstructured":"Wentao Ma , Yiming Cui , Chenglei Si , Ting Liu , Shijin Wang , and Guoping Hu. 2020. CharBERT: Character-aware Pre-trained Language Model. arXiv preprint arXiv:2011.01513 ( 2020 ). Wentao Ma, Yiming Cui, Chenglei Si, Ting Liu, Shijin Wang, and Guoping Hu. 2020. CharBERT: Character-aware Pre-trained Language Model. arXiv preprint arXiv:2011.01513 (2020)."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/2002472.2002491"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1147\/JRD.2018.2888975"},{"key":"e_1_3_2_2_25_1","volume-title":"Jake Grigsby, Di Jin, and Yanjun Qi.","author":"Morris John X.","year":"2017","unstructured":"John X. Morris , Eli Lifland , Jin Yong Yoo , Jake Grigsby, Di Jin, and Yanjun Qi. 2017 . TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP. arXiv preprint arXiv:2005.05909 (2017). John X. Morris, Eli Lifland, Jin Yong Yoo, Jake Grigsby, Di Jin, and Yanjun Qi. 2017. TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP. arXiv preprint arXiv:2005.05909 (2017)."},{"key":"e_1_3_2_2_26_1","volume-title":"Griffin","author":"Mozes Maximilian","year":"2021","unstructured":"Maximilian Mozes , Pontus Stenetorp , Bennett Kleinberg , and Lewis D . Griffin . 2021 . Frequency-Guided Word Substitutions for Detecting Textual Adversarial Examples. In Proceedings of the European Chapter of the Association for Computational Linguistics (EACL) . Kyiv, Ukraine. Maximilian Mozes, Pontus Stenetorp, Bennett Kleinberg, and Lewis D. Griffin. 2021. Frequency-Guided Word Substitutions for Detecting Textual Adversarial Examples. In Proceedings of the European Chapter of the Association for Computational Linguistics (EACL). Kyiv, Ukraine."},{"volume-title":"Proceedings of Annual Meeting of the Association for Computational Linguistics (ACL)","author":"Pruthi Danish","key":"e_1_3_2_2_27_1","unstructured":"Danish Pruthi , Bhuwan Dhingra , and Zachary C. Lipton . 2019. Combating Adversarial Misspellings with Robust Word Recognition . In Proceedings of Annual Meeting of the Association for Computational Linguistics (ACL) . Kuala Lumpur, Malaysia. Danish Pruthi, Bhuwan Dhingra, and Zachary C. Lipton. 2019. Combating Adversarial Misspellings with Robust Word Recognition. In Proceedings of Annual Meeting of the Association for Computational Linguistics (ACL). Kuala Lumpur, Malaysia."},{"volume-title":"Review on Image Processing Based Adversarial Example Defenses in Computer Vision","author":"Qiu Meikang","key":"e_1_3_2_2_28_1","unstructured":"Meikang Qiu and Han Qiu . 2020. Review on Image Processing Based Adversarial Example Defenses in Computer Vision . In Proceedings of IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). Baltimore, MD, USA. Meikang Qiu and Han Qiu. 2020. Review on Image Processing Based Adversarial Example Defenses in Computer Vision. In Proceedings of IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). Baltimore, MD, USA."},{"key":"e_1_3_2_2_29_1","volume-title":"Glue: A multi-task benchmark and analysis platform for natural language understanding. arXiv preprint arXiv:1804.07461","author":"Singh Amanpreet","year":"2018","unstructured":"AlexWang, Amanpreet Singh , Julian Michael , Felix Hill , Omer Levy , and Samuel R Bowman . 2018 . Glue: A multi-task benchmark and analysis platform for natural language understanding. arXiv preprint arXiv:1804.07461 (2018). AlexWang, Amanpreet Singh, Julian Michael, Felix Hill, Omer Levy, and Samuel R Bowman. 2018. Glue: A multi-task benchmark and analysis platform for natural language understanding. arXiv preprint arXiv:1804.07461 (2018)."},{"key":"e_1_3_2_2_30_1","volume-title":"Automatic Generation of Acceptance Test Cases from Use Case Specifications: an NLP-based Approach","author":"Pastore Fabrizio","year":"2020","unstructured":"ChunhuiWang, Fabrizio Pastore , Arda Goknil , and Lionel Briand . 2020. Automatic Generation of Acceptance Test Cases from Use Case Specifications: an NLP-based Approach . IEEE Transactions on Software Engineering (Early Access Article) ( 2020 ), 1--1. ChunhuiWang, Fabrizio Pastore, Arda Goknil, and Lionel Briand. 2020. Automatic Generation of Acceptance Test Cases from Use Case Specifications: an NLP-based Approach. IEEE Transactions on Software Engineering (Early Access Article) (2020), 1--1."},{"key":"e_1_3_2_2_31_1","volume-title":"Natural language adversarial attacks and defenses in word level. arXiv preprint arXiv:1909.06723","author":"Wang Xiaosen","year":"2019","unstructured":"Xiaosen Wang , Hao Jin , and Kun He. 2019. Natural language adversarial attacks and defenses in word level. arXiv preprint arXiv:1909.06723 ( 2019 ). Xiaosen Wang, Hao Jin, and Kun He. 2019. Natural language adversarial attacks and defenses in word level. arXiv preprint arXiv:1909.06723 (2019)."},{"key":"e_1_3_2_2_32_1","volume-title":"Proceedings of Conference on Uncertainty in Artificial Intelligence (UAI). Online.","author":"Wang Xiaosen","year":"2021","unstructured":"Xiaosen Wang , Hao Jin , and Kun He . 2021 . Natural Language Adversarial Defense through Synonym Encoding . In Proceedings of Conference on Uncertainty in Artificial Intelligence (UAI). Online. Xiaosen Wang, Hao Jin, and Kun He. 2021. Natural Language Adversarial Defense through Synonym Encoding. In Proceedings of Conference on Uncertainty in Artificial Intelligence (UAI). Online."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v35i16.17648"},{"key":"e_1_3_2_2_34_1","volume-title":"Dancin seq2seq: Fooling text classifiers with adversarial text example generation. arXiv preprint arXiv:1712.05419","author":"Wong Catherine","year":"2017","unstructured":"Catherine Wong . 2017. Dancin seq2seq: Fooling text classifiers with adversarial text example generation. arXiv preprint arXiv:1712.05419 ( 2017 ). Catherine Wong. 2017. Dancin seq2seq: Fooling text classifiers with adversarial text example generation. arXiv preprint arXiv:1712.05419 (2017)."},{"key":"e_1_3_2_2_35_1","volume-title":"Character-level convolutional networks for text classification. Advances in neural information processing systems 28","author":"Zhang Xiang","year":"2015","unstructured":"Xiang Zhang , Junbo Zhao , and Yann LeCun . 2015. Character-level convolutional networks for text classification. Advances in neural information processing systems 28 ( 2015 ). Xiang Zhang, Junbo Zhao, and Yann LeCun. 2015. Character-level convolutional networks for text classification. Advances in neural information processing systems 28 (2015)."},{"key":"e_1_3_2_2_36_1","volume-title":"Denoising in the Dark: Privacy-Preserving Deep Neural Network Based Image Denoising","author":"Zheng Yifeng","year":"2019","unstructured":"Yifeng Zheng , Huayi Duan , Xiaoting Tang , Cong Wang , and Jiantao Zhou . 2019. Denoising in the Dark: Privacy-Preserving Deep Neural Network Based Image Denoising . IEEE Transactions on Dependable and Secure Computing (Early Access Article) ( 2019 ), 1--1. Yifeng Zheng, Huayi Duan, Xiaoting Tang, Cong Wang, and Jiantao Zhou. 2019. Denoising in the Dark: Privacy-Preserving Deep Neural Network Based Image Denoising. IEEE Transactions on Dependable and Secure Computing (Early Access Article) (2019), 1--1."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D19-1496"},{"key":"e_1_3_2_2_38_1","volume-title":"Defense against adversarial attacks in nlp via dirichlet neighborhood ensemble. arXiv preprint arXiv:2006.11627","author":"Zhou Yi","year":"2020","unstructured":"Yi Zhou , Xiaoqing Zheng , Cho-Jui Hsieh , Kai-wei Chang, and Xuanjing Huang . 2020. Defense against adversarial attacks in nlp via dirichlet neighborhood ensemble. arXiv preprint arXiv:2006.11627 ( 2020 ). Yi Zhou, Xiaoqing Zheng, Cho-Jui Hsieh, Kai-wei Chang, and Xuanjing Huang. 2020. Defense against adversarial attacks in nlp via dirichlet neighborhood ensemble. arXiv preprint arXiv:2006.11627 (2020)."},{"key":"e_1_3_2_2_39_1","volume-title":"FreeLB: Enhanced Adversarial Training for Language Understanding. the Computing Research Repository (CoRR) in arXiv, eprint","author":"Zhu Chen","year":"1909","unstructured":"Chen Zhu , Yu Cheng , Zhe Gan , Siqi Sun , Tom Goldstein , and Jingjing Liu . 2019. FreeLB: Enhanced Adversarial Training for Language Understanding. the Computing Research Repository (CoRR) in arXiv, eprint 1909 .11764 (2019). Chen Zhu, Yu Cheng, Zhe Gan, Siqi Sun, Tom Goldstein, and Jingjing Liu. 2019. FreeLB: Enhanced Adversarial Training for Language Understanding. the Computing Research Repository (CoRR) in arXiv, eprint 1909.11764 (2019)."}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Los Angeles CA USA","acronym":"CCS '22"},"container-title":["Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560830.3563727","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3560830.3563727","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:00:34Z","timestamp":1750186834000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560830.3563727"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,7]]},"references-count":39,"alternative-id":["10.1145\/3560830.3563727","10.1145\/3560830"],"URL":"https:\/\/doi.org\/10.1145\/3560830.3563727","relation":{},"subject":[],"published":{"date-parts":[[2022,11,7]]},"assertion":[{"value":"2022-11-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}