Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
AI Security and Safety
share announcement

AI Security and Safety

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Artificial Intelligence".

Deadline for manuscript submissions: closed (15 March 2024) | Viewed by 17403

Special Issue Editor

Prof. Dr. Xianglong Liu

E-Mail Website
Guest Editor
School of Computer Science and Engineering, Beihang University, Beijing 100191, China
Interests: fast visual computing (e.g., large-scale search/understanding) and robust deep learning (e.g., network quantization, adversarial attack/defense, few shot learning)
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Recently, deep learning has achieved remarkable performance across a wide range of applications, including computer vision, natural language processing, and acoustics. However, research has revealed the fact that they are facing severe security challenges over the life cycle such as backdoor attacks, adversarial attacks, and model stealing attacks. These attacks can easily fool deep neural networks to wrong predictions or steal their information, which threaten their applications in both the digital and physical world. Though challenging, discovering and harnessing these attacks is beneficial for diagnosing model blind-spots and further understanding, as well as improving deep learning systems in practice.

In this Special Issue, we aim to bring together researchers from the fields of adversarial machine learning, model robustness, model privacy, and explainable AI to discuss recent research and future directions for AI security, in particular, computer vision and pattern recognition. We invite submissions on any aspect of the security in deep learning systems (particularly computer vision and pattern recognition). We welcome research contributions related to, but not limited to, the following topics:

  • Adversarial attacks and defenses for deep learning systems;
  • Backdoor attacks and mitigations for deep learning models;
  • Model stealing for AI applications and systems;
  • Understanding the uncertainty and vulnerabilities of DNNs;
  • Deepfake techniques on images and videos;
  • Robustness of compact models and systems;
  • Privacy-preserved deep learning;
  • Explainable AI.

Prof. Dr. Xianglong Liu
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • AI security
  • adversarial attacks
  • backdoor attacks
  • model robustness

Published Papers (12 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

21 pages, 19235 KiB  
Article
Exploring Public Data Vulnerabilities in Semi-Supervised Learning Models through Gray-box Adversarial Attack
by Junhyung Jo, Joongsu Kim and Young-Joo Suh
Electronics 2024, 13(5), 940; https://doi.org/10.3390/electronics13050940 - 29 Feb 2024
Viewed by 537
Abstract
Semi-supervised learning (SSL) models, integrating labeled and unlabeled data, have gained prominence in vision-based tasks, yet their susceptibility to adversarial attacks remains underexplored. This paper unveils the vulnerability of SSL models to gray-box adversarial attacks—a scenario where the attacker has partial knowledge of [...] Read more.
Semi-supervised learning (SSL) models, integrating labeled and unlabeled data, have gained prominence in vision-based tasks, yet their susceptibility to adversarial attacks remains underexplored. This paper unveils the vulnerability of SSL models to gray-box adversarial attacks—a scenario where the attacker has partial knowledge of the model. We introduce an efficient attack method, Gray-box Adversarial Attack on Semi-supervised learning (GAAS), which exploits the dependency of SSL models on publicly available labeled data. Our analysis demonstrates that even with limited knowledge, GAAS can significantly undermine the integrity of SSL models across various tasks, including image classification, object detection, and semantic segmentation, with minimal access to labeled data. Through extensive experiments, we exhibit the effectiveness of GAAS, comparing it to white-box attack scenarios and underscoring the critical need for robust defense mechanisms. Our findings highlight the potential risks of relying on public datasets for SSL model training and advocate for the integration of adversarial training and other defense strategies to safeguard against such vulnerabilities. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

14 pages, 480 KiB  
Article
Domain Adaptive Channel Pruning
by Ge Yang, Chao Zhang, Ling Gao, Yufei Guo and Jinyang Guo
Electronics 2024, 13(5), 887; https://doi.org/10.3390/electronics13050887 - 26 Feb 2024
Viewed by 575
Abstract
Domain adaptation is an effective approach to improve the generalization ability of deep learning methods, which makes a deep model more stable and robust. However, these methods often suffer from a deployment problem when deep models are deployed on different types of edge [...] Read more.
Domain adaptation is an effective approach to improve the generalization ability of deep learning methods, which makes a deep model more stable and robust. However, these methods often suffer from a deployment problem when deep models are deployed on different types of edge devices. In this work, we propose a new channel pruning method called Domain Adaptive Channel Pruning (DACP), which is specifically designed for the unsupervised domain adaptation task, where there is considerable data distribution mismatch between the source and the target domains. We prune the channels and adjust the weights in a layer-by-layer fashion. In contrast to the existing layer-by-layer channel pruning approaches that only consider how to reconstruct the features from the next layer, our approach aims to minimize both classification error and domain distribution mismatch. Furthermore, we propose a simple but effective approach to utilize the unlabeled data in the target domain. Our comprehensive experiments on two benchmark datasets demonstrate that our newly proposed DACP method outperforms the existing channel pruning approaches under the unsupervised domain adaptation setting. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

19 pages, 3842 KiB  
Article
Discrepant Semantic Diffusion Boosts Transfer Learning Robustness
by Yajun Gao, Shihao Bai, Xiaowei Zhao, Ruihao Gong, Yan Wu and Yuqing Ma
Electronics 2023, 12(24), 5027; https://doi.org/10.3390/electronics12245027 - 16 Dec 2023
Viewed by 715
Abstract
Transfer learning could improve the robustness and generalization of the model, reducing potential privacy and security risks. It operates by fine-tuning a pre-trained model on downstream datasets. This process not only enhances the model’s capacity to acquire generalizable features but also ensures an [...] Read more.
Transfer learning could improve the robustness and generalization of the model, reducing potential privacy and security risks. It operates by fine-tuning a pre-trained model on downstream datasets. This process not only enhances the model’s capacity to acquire generalizable features but also ensures an effective alignment between upstream and downstream knowledge domains. Transfer learning can effectively speed up the model convergence when adapting to novel tasks, thereby leading to the efficient conservation of both data and computational resources. However, existing methods often neglect the discrepant downstream–upstream connections. Instead, they rigidly preserve the upstream information without an adequate regularization of the downstream semantic discrepancy. Consequently, this results in weak generalization, issues with collapsed classification, and an overall inferior performance. The main reason lies in the collapsed downstream–upstream connection due to the mismatched semantic granularity. Therefore, we propose a discrepant semantic diffusion method for transfer learning, which could adjust the mismatched semantic granularity and alleviate the collapsed classification problem to improve the transfer learning performance. Specifically, the proposed framework consists of a Prior-Guided Diffusion for pre-training and a discrepant diffusion for fine-tuning. Firstly, the Prior-Guided Diffusion aims to empower the pre-trained model with the semantic-diffusion ability. This is achieved through a semantic prior, which consequently provides a more robust pre-trained model for downstream classification. Secondly, the discrepant diffusion focuses on encouraging semantic diffusion. Its design intends to avoid the unwanted semantic centralization, which often causes the collapsed classification. Furthermore, it is constrained by the semantic discrepancy, serving to elevate the downstream discrimination capabilities. Extensive experiments on eight prevalent downstream classification datasets confirm that our method can outperform a number of state-of-the-art approaches, especially for fine-grained datasets or datasets dissimilar to upstream data (e.g., 3.75% improvement for Cars dataset and 1.79% improvement for SUN dataset under the few-shot setting with 15% data). Furthermore, the experiments of data sparsity caused by privacy protection successfully validate our proposed method’s effectiveness in the field of artificial intelligence security. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

19 pages, 3784 KiB  
Article
Robust and Refined Salient Object Detection Based on Diffusion Model
by Hanchen Ye, Yuyue Zhang and Xiaoli Zhao
Electronics 2023, 12(24), 4962; https://doi.org/10.3390/electronics12244962 - 11 Dec 2023
Viewed by 842
Abstract
Salient object detection (SOD) networks are vulnerable to adversarial attacks. As adversarial training is computationally expensive for SOD, existing defense methods instead adopt a noise-against-noise strategy that disrupts adversarial perturbation and restores the image either in input or feature space. However, their limited [...] Read more.
Salient object detection (SOD) networks are vulnerable to adversarial attacks. As adversarial training is computationally expensive for SOD, existing defense methods instead adopt a noise-against-noise strategy that disrupts adversarial perturbation and restores the image either in input or feature space. However, their limited learning capacity and the need for network modifications limit their applicability. In recent years, the popular diffusion model coincides with the existing defense idea and exhibits excellent purification performance, but there still remains an accuracy gap between the saliency results generated from the purified images and the benign images. In this paper, we propose a Robust and Refined (RoRe) SOD defense framework based on the diffusion model to simultaneously achieve adversarial robustness as well as improved accuracy for benign and purified images. Our proposed RoRe defense consists of three modules: purification, adversarial detection, and refinement. The purification module leverages the powerful generation capability of the diffusion model to purify perturbed input images to achieve robustness. The adversarial detection module utilizes the guidance classifier in the diffusion model for multi-step voting classification. By combining this classifier with a similarity condition, precise adversarial detection can be achieved, providing the possibility of regaining the original accuracy for benign images. The refinement module uses a simple and effective UNet to enhance the accuracy of purified images. The experiments demonstrate that RoRe achieves superior robustness over state-of-the-art methods while maintaining high accuracy for benign images. Moreover, RoRe shows good results against backward pass differentiable approximation (BPDA) attacks. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

19 pages, 6449 KiB  
Article
EEG Topography Amplification Using FastGAN-ASP Method
by Min Zhao, Shuai Zhang, Xiuqing Mao and Lei Sun
Electronics 2023, 12(24), 4944; https://doi.org/10.3390/electronics12244944 - 8 Dec 2023
Viewed by 633
Abstract
Electroencephalogram (EEG) signals are bioelectrical activities generated by the central nervous system. As a unique information factor, they are correlated with the genetic information of the subjects, exhibiting robustness against forgery. The development of biometric identity recognition based on EEG signals has significantly [...] Read more.
Electroencephalogram (EEG) signals are bioelectrical activities generated by the central nervous system. As a unique information factor, they are correlated with the genetic information of the subjects, exhibiting robustness against forgery. The development of biometric identity recognition based on EEG signals has significantly improved the security and accuracy of biometric recognition. However, EEG signals obtained from incompatible acquisition devices have low universality and are prone to noise, making them challenging for direct use in practical identity recognition scenarios. Employing deep learning network models for data augmentation can address the issue of data scarcity. Yet, the time–frequency–space characteristics of EEG signals pose challenges for extracting features and efficiently generating data with deep learning models. To tackle these challenges, this paper proposes a data generation method based on channel attention normalization and spatial pyramid in a generative adversative network (FastGAN-ASP). The method introduces attention mechanisms in both the generator and discriminator to locate crucial feature information, enhancing the training performance of the generative model for EEG data augmentation. The EEG data used here are preprocessed EEG topographic maps, effectively representing the spatial characteristics of EEG data. Experiments were conducted using the BCI Competition IV-Ⅰ and BCI Competition IV-2b standard datasets. Quantitative and usability evaluations were performed using the Fréchet inception distance (FID) metric and ResNet-18 classification network, validating the quality and usability of the generated data from both theoretical and applied perspectives. The FID metric confirmed that FastGAN-ASP outperforms FastGAN, WGAN-GP, and WGAN-GP-ASP in terms of performance. Moreover, utilizing the dataset augmented with this method for classification recognition achieved an accuracy of 95.47% and 92.43%. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

18 pages, 6338 KiB  
Article
Single-Stage Pose Estimation and Joint Angle Extraction Method for Moving Human Body
by Shuxian Wang, Xiaoxun Zhang, Fang Ma, Jiaming Li and Yuanyou Huang
Electronics 2023, 12(22), 4644; https://doi.org/10.3390/electronics12224644 - 14 Nov 2023
Cited by 1 | Viewed by 1794
Abstract
Detecting posture changes of athletes in sports is an important task in teaching and training competitions, but its detection remains challenging due to the diversity and complexity of sports postures. This paper introduces a single-stage pose estimation algorithm named yolov8-sp. This algorithm enhances [...] Read more.
Detecting posture changes of athletes in sports is an important task in teaching and training competitions, but its detection remains challenging due to the diversity and complexity of sports postures. This paper introduces a single-stage pose estimation algorithm named yolov8-sp. This algorithm enhances the original yolov8 architecture by incorporating the concept of multi-dimensional feature fusion and the attention mechanism for automatically capturing feature importance. Furthermore, in this paper, angle extraction is conducted for three crucial motion joints in the motion scene, with polynomial corrections applied across successive frames. In comparison with the baseline yolov8, the improved model significantly outperforms it in AP50 (average precision) aspects. Specifically, the model’s performance improves from 84.5 AP to 87.1 AP, and the performance of AP5095, APM, and APL aspects also shows varying degrees of improvement; the joint angle detection accuracy under different sports scenarios is tested, and the overall accuracy is improved from 73.2% to 89.0%, which proves the feasibility of the method for posture estimation of the human body in sports and provides a reliable tool for the analysis of athletes’ joint angles. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

18 pages, 1091 KiB  
Article
Source File Tracking Localization: A Fault Localization Method for Deep Learning Frameworks
by Zhenshu Ma, Bo Yang and Yuhang Zhang
Electronics 2023, 12(22), 4579; https://doi.org/10.3390/electronics12224579 - 9 Nov 2023
Viewed by 714
Abstract
Deep learning has been widely used in computer vision, natural language processing, speech recognition, and other fields. If there are errors in deep learning frameworks, such as missing module errors and GPU/CPU result discrepancy errors, it will cause many application problems. We propose [...] Read more.
Deep learning has been widely used in computer vision, natural language processing, speech recognition, and other fields. If there are errors in deep learning frameworks, such as missing module errors and GPU/CPU result discrepancy errors, it will cause many application problems. We propose a source-based fault location method, SFTL (Source File Tracking Localization), to improve the fault location efficiency of these two types of errors in deep learning frameworks. We screened 3410 crash reports on GitHub and conducted fault location experiments based on those reports. The experimental results show that the SFTL method has a high accuracy, which can help deep learning framework developers quickly locate faults and improve the stability and reliability of models. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

24 pages, 6847 KiB  
Article
Image-Synthesis-Based Backdoor Attack Approach for Face Classification Task
by Hyunsik Na and Daeseon Choi
Electronics 2023, 12(21), 4535; https://doi.org/10.3390/electronics12214535 - 3 Nov 2023
Cited by 1 | Viewed by 872
Abstract
Although deep neural networks (DNNs) are applied in various fields owing to their remarkable performance, recent studies have indicated that DNN models are vulnerable to backdoor attacks. Backdoored images were generated by adding a backdoor trigger in original training images, which activated the [...] Read more.
Although deep neural networks (DNNs) are applied in various fields owing to their remarkable performance, recent studies have indicated that DNN models are vulnerable to backdoor attacks. Backdoored images were generated by adding a backdoor trigger in original training images, which activated the backdoor attack. However, most of the previously used attack methods are noticeable, not natural to the human eye, and easily detected by certain defense methods. Accordingly, we propose an image-synthesis-based backdoor attack, which is a novel approach to avoid this type of attack. To overcome the aforementioned limitations, we set a conditional facial region such as the hair, eyes, or mouth as a trigger and modified that region using an image synthesis technique that replaced the region of original image with the region of target image. Consequently, we achieved an attack success rate of up to 88.37% using 20% of the synthesized backdoored images injected in the training dataset while maintaining the model accuracy for clean images. Moreover, we analyzed the advantages of the proposed approach through image transformation, visualization of activation regions for DNN models, and human tests. In addition to its applicability in both label flipping and clean-label attack scenarios, the proposed method can be utilized as an attack approach to threaten security in the face classification task. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

17 pages, 1806 KiB  
Article
A Hybrid Modified Deep Learning Architecture for Intrusion Detection System with Optimal Feature Selection
by Neeraj Kumar and Sanjeev Sharma
Electronics 2023, 12(19), 4050; https://doi.org/10.3390/electronics12194050 - 27 Sep 2023
Cited by 1 | Viewed by 1201
Abstract
With the exponentially evolving trends in technology, IoT networks are vulnerable to serious security issues, allowing intruders to break into networks without authorization and manipulate the data. Their actions can be recognized and avoided by using a system that can detect intrusions. This [...] Read more.
With the exponentially evolving trends in technology, IoT networks are vulnerable to serious security issues, allowing intruders to break into networks without authorization and manipulate the data. Their actions can be recognized and avoided by using a system that can detect intrusions. This paper presents a hybrid intelligent system and inverted hour-glass-based layered network classifier for feature selection and classification processes, respectively. To accomplish this task, three different datasets have been utilized in the proposed model for identifying old and new attacks. Moreover, a hybrid optimization feature selection technique has been implemented for selecting only those features that can enhance the accuracy of the detection rate. Finally, the classification is performed by using the inverted hour-glass-based layered network model in which data are up-sampled with the increase in the number of layers for effective training. Data up-sampling is performed when small subset of datapoints are observed for any class, which in turn helps in improving the accuracy of the proposed model. The proposed model demonstrated an accuracy of 99.967%, 99.567%, and 99.726% for NSL-KDD, KDD-CUP99, and UNSW NB15 datasets, respectively, which is significantly better than the traditional CNID model. These results demonstrate that our model can detect different attacks with high accuracy and is expected to show good results for new datasets as well. Additionally, to reduce the computational cost of the proposed model, we have implemented it on CPU-based core i3 processors, which are much cheaper than GPU processors. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

16 pages, 7796 KiB  
Article
Exploring the Physical-World Adversarial Robustness of Vehicle Detection
by Wei Jiang, Tianyuan Zhang , Shuangcheng Liu , Weiyu Ji , Zichao Zhang  and Gang Xiao 
Electronics 2023, 12(18), 3921; https://doi.org/10.3390/electronics12183921 - 18 Sep 2023
Viewed by 908
Abstract
Adversarial attacks can compromise the robustness of real-world detection models. However, evaluating these models under real-world conditions poses challenges due to resource-intensive experiments. Virtual simulations offer an alternative, but the absence of standardized benchmarks hampers progress. Addressing this, we propose an innovative instant-level [...] Read more.
Adversarial attacks can compromise the robustness of real-world detection models. However, evaluating these models under real-world conditions poses challenges due to resource-intensive experiments. Virtual simulations offer an alternative, but the absence of standardized benchmarks hampers progress. Addressing this, we propose an innovative instant-level data generation pipeline using the CARLA simulator. Through this pipeline, we establish the Discrete and Continuous Instant-level (DCI) dataset, enabling comprehensive experiments involving three detection models and three physical adversarial attacks. Our findings highlight diverse model performances under adversarial conditions. YOLO v6 demonstrates remarkable resilience, exhibiting just a marginal 6.59% average drop in average precision (AP). In contrast, the ASA attack yields a substantial 14.51% average AP reduction, twice the effect of other algorithms. We also note that static scenes yield higher recognition AP values, and outcomes remain relatively consistent across varying weather conditions. Intriguingly, our study suggests that advancements in adversarial attack algorithms may be approaching its “limitation”. In summary, our work underscores the significance of adversarial attacks in real-world contexts and introduces the DCI dataset as a versatile benchmark. Our findings provide valuable insights for enhancing the robustness of detection models and offer guidance for future research endeavors in the realm of adversarial attacks. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

23 pages, 3602 KiB  
Article
Blockchain and Machine Learning-Based Hybrid IDS to Protect Smart Networks and Preserve Privacy
by Shailendra Mishra
Electronics 2023, 12(16), 3524; https://doi.org/10.3390/electronics12163524 - 21 Aug 2023
Cited by 4 | Viewed by 1837
Abstract
The cyberspace is a convenient platform for creative, intellectual, and accessible works that provide a medium for expression and communication. Malware, phishing, ransomware, and distributed denial-of-service attacks pose a threat to individuals and organisations. To detect and predict cyber threats effectively and accurately, [...] Read more.
The cyberspace is a convenient platform for creative, intellectual, and accessible works that provide a medium for expression and communication. Malware, phishing, ransomware, and distributed denial-of-service attacks pose a threat to individuals and organisations. To detect and predict cyber threats effectively and accurately, an intelligent system must be developed. Cybercriminals can exploit Internet of Things devices and endpoints because they are not intelligent and have limited resources. A hybrid decision tree method (HIDT) is proposed in this article that integrates machine learning with blockchain concepts for anomaly detection. In all datasets, the proposed system (HIDT) predicts attacks in the shortest amount of time and has the highest attack detection accuracy (99.95% for the KD99 dataset and 99.72% for the UNBS-NB 15 dataset). To ensure validity, the binary classification test results are compared to those of earlier studies. The HIDT’s confusion matrix contrasts with previous models by having low FP/FN rates and high TP/TN rates. By detecting malicious nodes instantly, the proposed system reduces routing overhead and has a lower end-to-end delay. Malicious nodes are detected instantly in the network within a short period. Increasing the number of nodes leads to a higher throughput, with the highest throughput measured at 50 nodes. The proposed system performed well in terms of the packet delivery ratio, end-to-end delay, robustness, and scalability, demonstrating the effectiveness of the proposed system. Data can be protected from malicious threats with this system, which can be used by governments and businesses to improve security and resilience. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

13 pages, 1811 KiB  
Article
Metaverse Security: Issues, Challenges and a Viable ZTA Model
by Ankur Gupta, Habib Ullah Khan, Shah Nazir, Muhammad Shafiq and Mohammad Shabaz
Electronics 2023, 12(2), 391; https://doi.org/10.3390/electronics12020391 - 12 Jan 2023
Cited by 16 | Viewed by 6006
Abstract
The metaverse is touted as an exciting new technology amalgamation facilitating next-level immersive experiences for users. However, initial experiences indicate that a host of privacy, security and control issues will need to be effectively resolved for its vision to be realized. This paper [...] Read more.
The metaverse is touted as an exciting new technology amalgamation facilitating next-level immersive experiences for users. However, initial experiences indicate that a host of privacy, security and control issues will need to be effectively resolved for its vision to be realized. This paper highlights the security issues that will need to be resolved in the metaverse and the underlying enabling technologies/platforms. It also discussed the broader challenges confronting the developers, the service providers and other stakeholders in the metaverse ecosystem which if left unaddressed may hamper its broad adoption and appeal. Finally, some ideas on building a viable Zero-Trust Architecture (ZTA) model for the metaverse are presented. Full article
(This article belongs to the Special Issue AI Security and Safety)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-12
Back to TopTop