{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T18:23:48Z","timestamp":1773512628869,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004608","name":"Natural Science Foundation of Jiangsu Province","doi-asserted-by":"publisher","award":["BK20211192, BK20200461"],"award-info":[{"award-number":["BK20211192, BK20200461"]}],"id":[{"id":"10.13039\/501100004608","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62072239, 62002167"],"award-info":[{"award-number":["62072239, 62002167"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3582829","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"938-950","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["CASSOCK: Viable Backdoor Attacks against DNN in the Wall of Source-Specific Backdoor Defenses"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5114-4659","authenticated-orcid":false,"given":"Shang","family":"Wang","sequence":"first","affiliation":[{"name":"School of Computer Science and Engineering, Nanjing University of Science and Technology, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6029-5064","authenticated-orcid":false,"given":"Yansong","family":"Gao","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Nanjing University of Science and Technology, China and Data61, CSIRO, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1632-5737","authenticated-orcid":false,"given":"Anmin","family":"Fu","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Nanjing University of Science and Technology, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3604-5369","authenticated-orcid":false,"given":"Zhi","family":"Zhang","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Australia and University of Western Australia, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8306-7195","authenticated-orcid":false,"given":"Yuqing","family":"Zhang","sequence":"additional","affiliation":[{"name":"University of Chinese Academy of Sciences, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1562-5105","authenticated-orcid":false,"given":"Willy","family":"Susilo","sequence":"additional","affiliation":[{"name":"School of Computing and Information Technology, University of Wollongong, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0221-2571","authenticated-orcid":false,"given":"Dongxi","family":"Liu","sequence":"additional","affiliation":[{"name":"Data61, CSIRO, Australia"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"European Symposium on Research in Computer Security. Springer, 455\u2013475","author":"Awan Sana","year":"2021","unstructured":"Sana Awan , Bo Luo , and Fengjun Li . 2021 . CONTRA: Defending against poisoning attacks in federated learning . In European Symposium on Research in Computer Security. Springer, 455\u2013475 . Sana Awan, Bo Luo, and Fengjun Li. 2021. CONTRA: Defending against poisoning attacks in federated learning. In European Symposium on Research in Computer Security. Springer, 455\u2013475."},{"key":"e_1_3_2_1_2_1","volume-title":"Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728","author":"Chen Bryant","year":"2018","unstructured":"Bryant Chen , Wilka Carvalho , Nathalie Baracaldo , Heiko Ludwig , Benjamin Edwards , Taesung Lee , Ian Molloy , and Biplav Srivastava . 2018. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728 ( 2018 ). Bryant Chen, Wilka Carvalho, Nathalie Baracaldo, Heiko Ludwig, Benjamin Edwards, Taesung Lee, Ian Molloy, and Biplav Srivastava. 2018. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728 (2018)."},{"key":"e_1_3_2_1_3_1","volume-title":"International Joint Conference on Artificial Intelligence. 4658\u20134664","author":"Chen Huili","year":"2019","unstructured":"Huili Chen , Cheng Fu , Jishen Zhao , and Farinaz Koushanfar . 2019 . DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks .. In International Joint Conference on Artificial Intelligence. 4658\u20134664 . Huili Chen, Cheng Fu, Jishen Zhao, and Farinaz Koushanfar. 2019. DeepInspect: A Black-box Trojan Detection and Mitigation Framework for Deep Neural Networks.. In International Joint Conference on Artificial Intelligence. 4658\u20134664."},{"key":"e_1_3_2_1_4_1","volume-title":"International Conference on Machine Learning 2021 Workshop on Adversarial Machine Learning.","author":"Chen Xiaoyi","year":"2021","unstructured":"Xiaoyi Chen , Ahmed Salem , Michael Backes , Shiqing Ma , and Yang Zhang . 2021 . BadNL: Backdoor attacks against NLP models . In International Conference on Machine Learning 2021 Workshop on Adversarial Machine Learning. Xiaoyi Chen, Ahmed Salem, Michael Backes, Shiqing Ma, and Yang Zhang. 2021. BadNL: Backdoor attacks against NLP models. In International Conference on Machine Learning 2021 Workshop on Adversarial Machine Learning."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2021.05.066"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3175616"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW50608.2020.00025"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427264"},{"key":"e_1_3_2_1_9_1","first-page":"18944","article-title":"Backdoor attack with imperceptible input and latent modification","volume":"34","author":"Doan Khoa","year":"2021","unstructured":"Khoa Doan , Yingjie Lao , and Ping Li . 2021 . Backdoor attack with imperceptible input and latent modification . Advances in Neural Information Processing Systems 34 (2021), 18944 \u2013 18957 . Khoa Doan, Yingjie Lao, and Ping Li. 2021. Backdoor attack with imperceptible input and latent modification. Advances in Neural Information Processing Systems 34 (2021), 18944\u201318957.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV48922.2021.01175"},{"key":"e_1_3_2_1_11_1","volume-title":"Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760","author":"Gao Yansong","year":"2020","unstructured":"Yansong Gao , Bao\u00a0Gia Doan , Zhi Zhang , Siqi Ma , Jiliang Zhang , Anmin Fu , Surya Nepal , and Hyoungshick Kim . 2020. Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760 ( 2020 ). Yansong Gao, Bao\u00a0Gia Doan, Zhi Zhang, Siqi Ma, Jiliang Zhang, Anmin Fu, Surya Nepal, and Hyoungshick Kim. 2020. Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760 (2020)."},{"key":"e_1_3_2_1_12_1","volume-title":"Design and evaluation of a multi-domain Trojan detection method on deep neural networks","author":"Gao Yansong","year":"2021","unstructured":"Yansong Gao , Yeonjae Kim , Bao\u00a0Gia Doan , Zhi Zhang , Gongxuan Zhang , Surya Nepal , Damith Ranasinghe , and Hyoungshick Kim . 2021. Design and evaluation of a multi-domain Trojan detection method on deep neural networks . IEEE Transactions on Dependable and Secure Computing ( 2021 ). Yansong Gao, Yeonjae Kim, Bao\u00a0Gia Doan, Zhi Zhang, Gongxuan Zhang, Surya Nepal, Damith Ranasinghe, and Hyoungshick Kim. 2021. Design and evaluation of a multi-domain Trojan detection method on deep neural networks. IEEE Transactions on Dependable and Secure Computing (2021)."},{"key":"e_1_3_2_1_13_1","volume-title":"Annual Computer Security Applications Conference. 113\u2013125","author":"Gao Yansong","year":"2019","unstructured":"Yansong Gao , Change Xu , Derui Wang , Shiping Chen , Damith\u00a0 C Ranasinghe , and Surya Nepal . 2019 . STRIP: A defence against Trojan attacks on deep neural networks . In Annual Computer Security Applications Conference. 113\u2013125 . Yansong Gao, Change Xu, Derui Wang, Shiping Chen, Damith\u00a0C Ranasinghe, and Surya Nepal. 2019. STRIP: A defence against Trojan attacks on deep neural networks. In Annual Computer Security Applications Conference. 113\u2013125."},{"key":"e_1_3_2_1_14_1","volume-title":"BadNets: Identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733","author":"Gu Tianyu","year":"2017","unstructured":"Tianyu Gu , Brendan Dolan-Gavitt , and Siddharth Garg . 2017. BadNets: Identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 ( 2017 ). Tianyu Gu, Brendan Dolan-Gavitt, and Siddharth Garg. 2017. BadNets: Identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 (2017)."},{"key":"e_1_3_2_1_15_1","volume-title":"IEEE Computer Society Conference on Computer Vision and Pattern Recognition. 1735\u20131742","author":"Hadsell Raia","year":"2006","unstructured":"Raia Hadsell , Sumit Chopra , and Yann LeCun . 2006 . Dimensionality reduction by learning an invariant mapping . In IEEE Computer Society Conference on Computer Vision and Pattern Recognition. 1735\u20131742 . Raia Hadsell, Sumit Chopra, and Yann LeCun. 2006. Dimensionality reduction by learning an invariant mapping. In IEEE Computer Society Conference on Computer Vision and Pattern Recognition. 1735\u20131742."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the ACM Turing Celebration Conference-China. 231\u2013235","author":"He Can","year":"2020","unstructured":"Can He , Mingfu Xue , Jian Wang , and Weiqiang Liu . 2020 . Embedding backdoors as the facial features: Invisible backdoor attacks against face recognition systems . In Proceedings of the ACM Turing Celebration Conference-China. 231\u2013235 . Can He, Mingfu Xue, Jian Wang, and Weiqiang Liu. 2020. Embedding backdoors as the facial features: Invisible backdoor attacks against face recognition systems. In Proceedings of the ACM Turing Celebration Conference-China. 231\u2013235."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_1_18_1","volume-title":"Workshop on Faces in \u2018Real-Life\u2019 Images: Detection, Alignment, and Recognition.","author":"Huang B","year":"2008","unstructured":"Gary\u00a0 B Huang , Marwan Mattar , Tamara Berg , and Eric Learned-Miller . 2008 . Labeled faces in the wild: A database forstudying face recognition in unconstrained environments . In Workshop on Faces in \u2018Real-Life\u2019 Images: Detection, Alignment, and Recognition. Gary\u00a0B Huang, Marwan Mattar, Tamara Berg, and Eric Learned-Miller. 2008. Labeled faces in the wild: A database forstudying face recognition in unconstrained environments. In Workshop on Faces in \u2018Real-Life\u2019 Images: Detection, Alignment, and Recognition."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3072959.3073659"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243757"},{"key":"e_1_3_2_1_21_1","volume-title":"Machine learning: trends, perspectives, and prospects. Science 349, 6245","author":"Jordan I","year":"2015","unstructured":"Michael\u00a0 I Jordan and Tom\u00a0 M Mitchell . 2015. Machine learning: trends, perspectives, and prospects. Science 349, 6245 ( 2015 ), 255\u2013260. Michael\u00a0I Jordan and Tom\u00a0M Mitchell. 2015. Machine learning: trends, perspectives, and prospects. Science 349, 6245 (2015), 255\u2013260."},{"key":"e_1_3_2_1_22_1","volume-title":"2020 IEEE Security and Privacy Workshops (SPW). IEEE, 8\u201314","author":"Joslin Matthew","year":"2020","unstructured":"Matthew Joslin and Shuang Hao . 2020 . Attributing and Detecting Fake Images Generated by Known GANs . In 2020 IEEE Security and Privacy Workshops (SPW). IEEE, 8\u201314 . Matthew Joslin and Shuang Hao. 2020. Attributing and Detecting Fake Images Generated by Known GANs. In 2020 IEEE Security and Privacy Workshops (SPW). IEEE, 8\u201314."},{"key":"e_1_3_2_1_23_1","volume-title":"Learning multiple layers of features from tiny images. Computer Science Department","author":"Krizhevsky Alex","year":"2009","unstructured":"Alex Krizhevsky , Geoffrey Hinton , 2009. Learning multiple layers of features from tiny images. Computer Science Department , University of Toronto , Tech. Rep 1 ( 2009 ). Alex Krizhevsky, Geoffrey Hinton, 2009. Learning multiple layers of features from tiny images. Computer Science Department, University of Toronto, Tech. Rep 1 (2009)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/5.726791"},{"key":"e_1_3_2_1_25_1","volume-title":"Light can hack your face! black-box backdoor attack on face recognition systems. arXiv preprint arXiv:2009.06996","author":"Li Haoliang","year":"2020","unstructured":"Haoliang Li , Yufei Wang , Xiaofei Xie , Yang Liu , Shiqi Wang , Renjie Wan , Lap-Pui Chau , and Alex\u00a0 C Kot . 2020. Light can hack your face! black-box backdoor attack on face recognition systems. arXiv preprint arXiv:2009.06996 ( 2020 ). Haoliang Li, Yufei Wang, Xiaofei Xie, Yang Liu, Shiqi Wang, Renjie Wan, Lap-Pui Chau, and Alex\u00a0C Kot. 2020. Light can hack your face! black-box backdoor attack on face recognition systems. arXiv preprint arXiv:2009.06996 (2020)."},{"key":"e_1_3_2_1_26_1","volume-title":"Backdoor learning: A survey. arXiv preprint arXiv:2007.08745","author":"Li Yiming","year":"2020","unstructured":"Yiming Li , Baoyuan Wu , Yong Jiang , Zhifeng Li , and Shu-Tao Xia . 2020. Backdoor learning: A survey. arXiv preprint arXiv:2007.08745 ( 2020 ). Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, and Shu-Tao Xia. 2020. Backdoor learning: A survey. arXiv preprint arXiv:2007.08745 (2020)."},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 113\u2013131","author":"Lin Junyu","year":"2020","unstructured":"Junyu Lin , Lei Xu , Yingqi Liu , and Xiangyu Zhang . 2020 . Composite backdoor attack for deep neural network by mixing existing benign features . In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 113\u2013131 . Junyu Lin, Lei Xu, Yingqi Liu, and Xiangyu Zhang. 2020. Composite backdoor attack for deep neural network by mixing existing benign features. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 113\u2013131."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_13"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363216"},{"key":"e_1_3_2_1_30_1","volume-title":"European Conference on Computer Vision. Springer, 182\u2013199","author":"Liu Yunfei","year":"2020","unstructured":"Yunfei Liu , Xingjun Ma , James Bailey , and Feng Lu . 2020 . Reflection backdoor: A natural backdoor attack on deep neural networks . In European Conference on Computer Vision. Springer, 182\u2013199 . Yunfei Liu, Xingjun Ma, James Bailey, and Feng Lu. 2020. Reflection backdoor: A natural backdoor attack on deep neural networks. In European Conference on Computer Vision. Springer, 182\u2013199."},{"key":"e_1_3_2_1_31_1","volume-title":"Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. arXiv preprint arXiv:2201.08619","author":"Ma Hua","year":"2022","unstructured":"Hua Ma , Yinshan Li , Yansong Gao , Alsharif Abuadbba , Zhi Zhang , Anmin Fu , Hyoungshick Kim , Said\u00a0 F Al-Sarawi , Nepal Surya , and Derek Abbott . 2022 . Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. arXiv preprint arXiv:2201.08619 (2022). Hua Ma, Yinshan Li, Yansong Gao, Alsharif Abuadbba, Zhi Zhang, Anmin Fu, Hyoungshick Kim, Said\u00a0F Al-Sarawi, Nepal Surya, and Derek Abbott. 2022. Dangerous Cloaking: Natural Trigger based Backdoor Attacks on Object Detectors in the Physical World. arXiv preprint arXiv:2201.08619 (2022)."},{"key":"e_1_3_2_1_32_1","volume-title":"WaNet-Imperceptible Warping-based Backdoor Attack. In International Conference on Learning Representations.","author":"Nguyen Tuan\u00a0Anh","year":"2020","unstructured":"Tuan\u00a0Anh Nguyen and Anh\u00a0Tuan Tran . 2020 . WaNet-Imperceptible Warping-based Backdoor Attack. In International Conference on Learning Representations. Tuan\u00a0Anh Nguyen and Anh\u00a0Tuan Tran. 2020. WaNet-Imperceptible Warping-based Backdoor Attack. In International Conference on Learning Representations."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","unstructured":"Omkar\u00a0M Parkhi Andrea Vedaldi and Andrew Zisserman. 2015. Deep face recognition. (2015).  Omkar\u00a0M Parkhi Andrea Vedaldi and Andrew Zisserman. 2015. Deep face recognition. (2015).","DOI":"10.5244\/C.29.41"},{"key":"e_1_3_2_1_34_1","volume-title":"ACM Asia Conference on Computer and Communications Security. 363\u2013377","author":"Qiu Han","year":"2021","unstructured":"Han Qiu , Yi Zeng , Shangwei Guo , Tianwei Zhang , Meikang Qiu , and Bhavani Thuraisingham . 2021 . Deepsweep: An evaluation framework for mitigating dnn backdoor attacks using data augmentation . In ACM Asia Conference on Computer and Communications Security. 363\u2013377 . Han Qiu, Yi Zeng, Shangwei Guo, Tianwei Zhang, Meikang Qiu, and Bhavani Thuraisingham. 2021. Deepsweep: An evaluation framework for mitigating dnn backdoor attacks using data augmentation. In ACM Asia Conference on Computer and Communications Security. 363\u2013377."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i07.6871"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2017.74"},{"key":"e_1_3_2_1_37_1","first-page":"6106","article-title":"Poison Frogs! targeted clean-label poisoning attacks on neural networks","volume":"31","author":"Shafahi Ali","year":"2018","unstructured":"Ali Shafahi , W\u00a0Ronny Huang , Mahyar Najibi , Octavian Suciu , Christoph Studer , Tudor Dumitras , and Tom Goldstein . 2018 . Poison Frogs! targeted clean-label poisoning attacks on neural networks . Advances in Neural Information Processing Systems 31 (2018), 6106 \u2013 6116 . Ali Shafahi, W\u00a0Ronny Huang, Mahyar Najibi, Octavian Suciu, Christoph Studer, Tudor Dumitras, and Tom Goldstein. 2018. Poison Frogs! targeted clean-label poisoning attacks on neural networks. Advances in Neural Information Processing Systems 31 (2018), 6106\u20136116.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.neunet.2012.02.016"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-01424-7_27"},{"key":"e_1_3_2_1_40_1","volume-title":"Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection. In 30th USENIX Security Symposium. 1541\u20131558","author":"Tang Di","year":"2021","unstructured":"Di Tang , XiaoFeng Wang , Haixu Tang , and Kehuan Zhang . 2021 . Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection. In 30th USENIX Security Symposium. 1541\u20131558 . Di Tang, XiaoFeng Wang, Haixu Tang, and Kehuan Zhang. 2021. Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection. In 30th USENIX Security Symposium. 1541\u20131558."},{"key":"e_1_3_2_1_41_1","volume-title":"IEEE Symposium on Security and Privacy.","author":"Tao Guanhong","year":"2022","unstructured":"Guanhong Tao , Yingqi Liu , Guangyu Shen , Qiuling Xu , Shengwei An , Zhuo Zhang , and Xiangyu Zhang . 2022 . Model orthogonalization: Class distance hardening in neural networks for better security . In IEEE Symposium on Security and Privacy. Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, and Xiangyu Zhang. 2022. Model orthogonalization: Class distance hardening in neural networks for better security. In IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_1_42_1","first-page":"8011","article-title":"Spectral signatures in backdoor attacks","volume":"31","author":"Tran Brandon","year":"2018","unstructured":"Brandon Tran , Jerry Li , and Aleksander Madry . 2018 . Spectral signatures in backdoor attacks . Advances in Neural Information Processing Systems 31 (2018), 8011 \u2013 8021 . Brandon Tran, Jerry Li, and Aleksander Madry. 2018. Spectral signatures in backdoor attacks. Advances in Neural Information Processing Systems 31 (2018), 8011\u20138021.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_1_43_1","volume-title":"Confoc: Content-focus protection against trojan attacks on neural networks. arXiv preprint arXiv:2007.00711","author":"Villarreal-Vasquez Miguel","year":"2020","unstructured":"Miguel Villarreal-Vasquez and Bharat Bhargava . 2020 . Confoc: Content-focus protection against trojan attacks on neural networks. arXiv preprint arXiv:2007.00711 (2020). Miguel Villarreal-Vasquez and Bharat Bhargava. 2020. Confoc: Content-focus protection against trojan attacks on neural networks. arXiv preprint arXiv:2007.00711 (2020)."},{"key":"e_1_3_2_1_44_1","volume-title":"IEEE International Conference on Computer Vision. 3922\u20133930","author":"Wan Renjie","year":"2017","unstructured":"Renjie Wan , Boxin Shi , Ling-Yu Duan , Ah-Hwee Tan , and Alex\u00a0 C Kot . 2017 . Benchmarking single-image reflection removal algorithms . In IEEE International Conference on Computer Vision. 3922\u20133930 . Renjie Wan, Boxin Shi, Ling-Yu Duan, Ah-Hwee Tan, and Alex\u00a0C Kot. 2017. Benchmarking single-image reflection removal algorithms. In IEEE International Conference on Computer Vision. 3922\u20133930."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00031"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. 946\u2013958","author":"Wang Ning","year":"2022","unstructured":"Ning Wang , Yang Xiao , Yimin Chen , Yang Hu , Wenjing Lou , and Y\u00a0Thomas Hou . 2022 . FLARE: Defending Federated Learning against Model Poisoning Attacks via Latent Space Representations . In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. 946\u2013958 . Ning Wang, Yang Xiao, Yimin Chen, Yang Hu, Wenjing Lou, and Y\u00a0Thomas Hou. 2022. FLARE: Defending Federated Learning against Model Poisoning Attacks via Latent Space Representations. In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. 946\u2013958."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR46437.2021.00614"},{"key":"e_1_3_2_1_48_1","volume-title":"USENIX Security Symposium. 1523\u20131540","author":"Xi Zhaohan","year":"2021","unstructured":"Zhaohan Xi , Ren Pang , Shouling Ji , and Ting Wang . 2021 . Graph backdoor . In USENIX Security Symposium. 1523\u20131540 . Zhaohan Xi, Ren Pang, Shouling Ji, and Ting Wang. 2021. Graph backdoor. In USENIX Security Symposium. 1523\u20131540."},{"key":"e_1_3_2_1_49_1","volume-title":"IEEE\/CVF Conference on Computer Vision and Pattern Recognition. 14443\u201314452","author":"Zhao Shihao","year":"2020","unstructured":"Shihao Zhao , Xingjun Ma , Xiang Zheng , James Bailey , Jingjing Chen , and Yu-Gang Jiang . 2020 . Clean-Label backdoor attacks on video recognition models . In IEEE\/CVF Conference on Computer Vision and Pattern Recognition. 14443\u201314452 . Shihao Zhao, Xingjun Ma, Xiang Zheng, James Bailey, Jingjing Chen, and Yu-Gang Jiang. 2020. Clean-Label backdoor attacks on video recognition models. In IEEE\/CVF Conference on Computer Vision and Pattern Recognition. 14443\u201314452."},{"key":"e_1_3_2_1_50_1","volume-title":"Efficient certificateless multi-copy integrity auditing scheme supporting data dynamics","author":"Zhou Lei","year":"2020","unstructured":"Lei Zhou , Anmin Fu , Guomin Yang , Huaqun Wang , and Yuqing Zhang . 2020. Efficient certificateless multi-copy integrity auditing scheme supporting data dynamics . IEEE Transactions on Dependable and Secure Computing ( 2020 ). Lei Zhou, Anmin Fu, Guomin Yang, Huaqun Wang, and Yuqing Zhang. 2020. Efficient certificateless multi-copy integrity auditing scheme supporting data dynamics. IEEE Transactions on Dependable and Secure Computing (2020)."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2020.3004555"}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3582829","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:51:28Z","timestamp":1750182688000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3582829"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":51,"alternative-id":["10.1145\/3579856.3582829","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3582829","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}