Stop the war!Остановите войну!
for scientists:
default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCIDBibTeX records: Nicolas Papernot
@article{DBLP:journals/corr/abs-2401-12233,
author = {Wenhao Wang and
Muhammad Ahmad Kaleem and
Adam Dziedzic and
Michael Backes and
Nicolas Papernot and
Franziska Boenisch},
title = {Memorization in Self-Supervised Learning Improves Downstream Generalization},
journal = {CoRR},
volume = {abs/2401.12233},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2401.12233},
doi = {10.48550/ARXIV.2401.12233},
eprinttype = {arXiv},
eprint = {2401.12233},
timestamp = {Mon, 05 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2401-12233.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-00205,
author = {Congyu Fang and
Adam Dziedzic and
Lin Zhang and
Laura Oliva and
Amol A. Verma and
Fahad Razak and
Nicolas Papernot and
Bo Wang},
title = {Decentralised, Collaborative, and Privacy-preserving Machine Learning
for Multi-Hospital Data},
journal = {CoRR},
volume = {abs/2402.00205},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.00205},
doi = {10.48550/ARXIV.2402.00205},
eprinttype = {arXiv},
eprint = {2402.00205},
timestamp = {Fri, 09 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-00205.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-00751,
author = {Andrei Muresanu and
Anvith Thudi and
Michael R. Zhang and
Nicolas Papernot},
title = {Unlearnable Algorithms for In-context Learning},
journal = {CoRR},
volume = {abs/2402.00751},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.00751},
doi = {10.48550/ARXIV.2402.00751},
eprinttype = {arXiv},
eprint = {2402.00751},
timestamp = {Fri, 09 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-00751.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-03540,
author = {Mohammad Yaghini and
Patty Liu and
Franziska Boenisch and
Nicolas Papernot},
title = {Regulation Games for Trustworthy Machine Learning},
journal = {CoRR},
volume = {abs/2402.03540},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.03540},
doi = {10.48550/ARXIV.2402.03540},
eprinttype = {arXiv},
eprint = {2402.03540},
timestamp = {Mon, 12 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-03540.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-06957,
author = {Harry Langford and
Ilia Shumailov and
Yiren Zhao and
Robert D. Mullins and
Nicolas Papernot},
title = {Architectural Neural Backdoors from First Principles},
journal = {CoRR},
volume = {abs/2402.06957},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.06957},
doi = {10.48550/ARXIV.2402.06957},
eprinttype = {arXiv},
eprint = {2402.06957},
timestamp = {Fri, 16 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-06957.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-09403,
author = {Karan Chadha and
Matthew Jagielski and
Nicolas Papernot and
Christopher A. Choquette{-}Choo and
Milad Nasr},
title = {Auditing Private Prediction},
journal = {CoRR},
volume = {abs/2402.09403},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.09403},
doi = {10.48550/ARXIV.2402.09403},
eprinttype = {arXiv},
eprint = {2402.09403},
timestamp = {Tue, 20 Feb 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-09403.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2402-12235,
author = {Theresa Stadler and
Bogdan Kulynych and
Nicolas Papernot and
Michael Gastpar and
Carmela Troncoso},
title = {The Fundamental Limits of Least-Privilege Learning},
journal = {CoRR},
volume = {abs/2402.12235},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2402.12235},
doi = {10.48550/ARXIV.2402.12235},
eprinttype = {arXiv},
eprint = {2402.12235},
timestamp = {Thu, 21 Mar 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2402-12235.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2403-01218,
author = {Jamie Hayes and
Ilia Shumailov and
Eleni Triantafillou and
Amr Khalifa and
Nicolas Papernot},
title = {Inexact Unlearning Needs More Careful Evaluations to Avoid a False
Sense of Privacy},
journal = {CoRR},
volume = {abs/2403.01218},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2403.01218},
doi = {10.48550/ARXIV.2403.01218},
eprinttype = {arXiv},
eprint = {2403.01218},
timestamp = {Tue, 02 Apr 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2403-01218.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2403-07857,
author = {Sierra Calanda Wyllie and
Ilia Shumailov and
Nicolas Papernot},
title = {Fairness Feedback Loops: Training on Synthetic Data Amplifies Bias},
journal = {CoRR},
volume = {abs/2403.07857},
year = {2024},
url = {https://doi.org/10.48550/arXiv.2403.07857},
doi = {10.48550/ARXIV.2403.07857},
eprinttype = {arXiv},
eprint = {2403.07857},
timestamp = {Thu, 04 Apr 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2403-07857.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/ShamsabadiSBVVMTP23,
author = {Ali Shahin Shamsabadi and
Brij Mohan Lal Srivastava and
Aur{\'{e}}lien Bellet and
Nathalie Vauquier and
Emmanuel Vincent and
Mohamed Maouche and
Marc Tommasi and
Nicolas Papernot},
title = {Differentially Private Speaker Anonymization},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2023},
number = {1},
pages = {98--114},
year = {2023},
url = {https://doi.org/10.56553/popets-2023-0007},
doi = {10.56553/POPETS-2023-0007},
timestamp = {Mon, 06 Feb 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/popets/ShamsabadiSBVVMTP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/DziedzicCDSSKJPW23,
author = {Adam Dziedzic and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Vinith M. Suriyakumar and
Ali Shahin Shamsabadi and
Muhammad Ahmad Kaleem and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
title = {Private Multi-Winner Voting for Machine Learning},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2023},
number = {1},
pages = {527--555},
year = {2023},
url = {https://doi.org/10.56553/popets-2023-0031},
doi = {10.56553/POPETS-2023-0031},
timestamp = {Mon, 06 Feb 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/popets/DziedzicCDSSKJPW23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/ShamsabadiP23,
author = {Ali Shahin Shamsabadi and
Nicolas Papernot},
title = {Losing Less: {A} Loss for Differentially Private Deep Learning},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2023},
number = {3},
pages = {307--320},
year = {2023},
url = {https://doi.org/10.56553/popets-2023-0083},
doi = {10.56553/POPETS-2023-0083},
timestamp = {Sat, 24 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/popets/ShamsabadiP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/BitonMLKBSPEN23,
author = {Dudi Biton and
Aditi Misra and
Efrat Levy and
Jaidip Kotak and
Ron Bitton and
Roei Schuster and
Nicolas Papernot and
Yuval Elovici and
Ben Nassi},
editor = {Maura Pintor and
Xinyun Chen and
Florian Tram{\`{e}}r},
title = {The Adversarial Implications of Variable-Time Inference},
booktitle = {Proceedings of the 16th {ACM} Workshop on Artificial Intelligence
and Security, AISec 2023, Copenhagen, Denmark, 30 November 2023},
pages = {103--114},
publisher = {{ACM}},
year = {2023},
url = {https://doi.org/10.1145/3605764.3623912},
doi = {10.1145/3605764.3623912},
timestamp = {Tue, 28 Nov 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/ccs/BitonMLKBSPEN23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/cvpr/Bober-IrizarSZM23,
author = {Mikel Bober{-}Irizar and
Ilia Shumailov and
Yiren Zhao and
Robert D. Mullins and
Nicolas Papernot},
title = {Architectural Backdoors in Neural Networks},
booktitle = {{IEEE/CVF} Conference on Computer Vision and Pattern Recognition,
{CVPR} 2023, Vancouver, BC, Canada, June 17-24, 2023},
pages = {24595--24604},
publisher = {{IEEE}},
year = {2023},
url = {https://doi.org/10.1109/CVPR52729.2023.02356},
doi = {10.1109/CVPR52729.2023.02356},
timestamp = {Tue, 29 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/cvpr/Bober-IrizarSZM23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/BoenischDSSSP23,
author = {Franziska Boenisch and
Adam Dziedzic and
Roei Schuster and
Ali Shahin Shamsabadi and
Ilia Shumailov and
Nicolas Papernot},
title = {When the Curious Abandon Honesty: Federated Learning Is Not Private},
booktitle = {8th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2023, Delft, Netherlands, July 3-7, 2023},
pages = {175--199},
publisher = {{IEEE}},
year = {2023},
url = {https://doi.org/10.1109/EuroSP57164.2023.00020},
doi = {10.1109/EUROSP57164.2023.00020},
timestamp = {Mon, 07 Aug 2023 15:56:23 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/BoenischDSSSP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/BoenischDSSSP23a,
author = {Franziska Boenisch and
Adam Dziedzic and
Roei Schuster and
Ali Shahin Shamsabadi and
Ilia Shumailov and
Nicolas Papernot},
title = {Reconstructing Individual Data Points in Federated Learning Hardened
with Differential Privacy and Secure Aggregation},
booktitle = {8th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2023, Delft, Netherlands, July 3-7, 2023},
pages = {241--257},
publisher = {{IEEE}},
year = {2023},
url = {https://doi.org/10.1109/EuroSP57164.2023.00023},
doi = {10.1109/EUROSP57164.2023.00023},
timestamp = {Mon, 07 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/BoenischDSSSP23a.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/FangJTYCDCP23,
author = {Congyu Fang and
Hengrui Jia and
Anvith Thudi and
Mohammad Yaghini and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Varun Chandrasekaran and
Nicolas Papernot},
title = {Proof-of-Learning is Currently More Broken Than You Think},
booktitle = {8th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2023, Delft, Netherlands, July 3-7, 2023},
pages = {797--816},
publisher = {{IEEE}},
year = {2023},
url = {https://doi.org/10.1109/EuroSP57164.2023.00052},
doi = {10.1109/EUROSP57164.2023.00052},
timestamp = {Mon, 07 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/FangJTYCDCP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/Jagielski0TILCW23,
author = {Matthew Jagielski and
Om Thakkar and
Florian Tram{\`{e}}r and
Daphne Ippolito and
Katherine Lee and
Nicholas Carlini and
Eric Wallace and
Shuang Song and
Abhradeep Guha Thakurta and
Nicolas Papernot and
Chiyuan Zhang},
title = {Measuring Forgetting of Memorized Training Examples},
booktitle = {The Eleventh International Conference on Learning Representations,
{ICLR} 2023, Kigali, Rwanda, May 1-5, 2023},
publisher = {OpenReview.net},
year = {2023},
url = {https://openreview.net/pdf?id=7bJizxLKrR},
timestamp = {Fri, 30 Jun 2023 14:38:38 +0200},
biburl = {https://dblp.org/rec/conf/iclr/Jagielski0TILCW23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/ShamsabadiWFDGP23,
author = {Ali Shahin Shamsabadi and
Sierra Calanda Wyllie and
Nicholas Franzese and
Natalie Dullerud and
S{\'{e}}bastien Gambs and
Nicolas Papernot and
Xiao Wang and
Adrian Weller},
title = {Confidential-PROFITT: Confidential PROof of FaIr Training of Trees},
booktitle = {The Eleventh International Conference on Learning Representations,
{ICLR} 2023, Kigali, Rwanda, May 1-5, 2023},
publisher = {OpenReview.net},
year = {2023},
url = {https://openreview.net/pdf?id=iIfDQVyuFD},
timestamp = {Fri, 30 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/ShamsabadiWFDGP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/BoenischMDRP23,
author = {Franziska Boenisch and
Christopher M{\"{u}}hl and
Adam Dziedzic and
Roy Rinberg and
Nicolas Papernot},
editor = {Alice Oh and
Tristan Naumann and
Amir Globerson and
Kate Saenko and
Moritz Hardt and
Sergey Levine},
title = {Have it your way: Individualized Privacy Assignment for {DP-SGD}},
booktitle = {Advances in Neural Information Processing Systems 36: Annual Conference
on Neural Information Processing Systems 2023, NeurIPS 2023, New Orleans,
LA, USA, December 10 - 16, 2023},
year = {2023},
url = {http://papers.nips.cc/paper\_files/paper/2023/hash/3cbf627fa24fb6cb576e04e689b9428b-Abstract-Conference.html},
timestamp = {Fri, 01 Mar 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/BoenischMDRP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/DuanDPB23,
author = {Haonan Duan and
Adam Dziedzic and
Nicolas Papernot and
Franziska Boenisch},
editor = {Alice Oh and
Tristan Naumann and
Amir Globerson and
Kate Saenko and
Moritz Hardt and
Sergey Levine},
title = {Flocks of Stochastic Parrots: Differentially Private Prompt Learning
for Large Language Models},
booktitle = {Advances in Neural Information Processing Systems 36: Annual Conference
on Neural Information Processing Systems 2023, NeurIPS 2023, New Orleans,
LA, USA, December 10 - 16, 2023},
year = {2023},
url = {http://papers.nips.cc/paper\_files/paper/2023/hash/f26119b4ffe38c24d97e4c49d334b99e-Abstract-Conference.html},
timestamp = {Fri, 01 Mar 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/DuanDPB23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/FranzeseDCTKRFJ23,
author = {Nicholas Franzese and
Adam Dziedzic and
Christopher A. Choquette{-}Choo and
Mark R. Thomas and
Muhammad Ahmad Kaleem and
Stephan Rabanser and
Congyu Fang and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
editor = {Alice Oh and
Tristan Naumann and
Amir Globerson and
Kate Saenko and
Moritz Hardt and
Sergey Levine},
title = {Robust and Actively Secure Serverless Collaborative Learning},
booktitle = {Advances in Neural Information Processing Systems 36: Annual Conference
on Neural Information Processing Systems 2023, NeurIPS 2023, New Orleans,
LA, USA, December 10 - 16, 2023},
year = {2023},
url = {http://papers.nips.cc/paper\_files/paper/2023/hash/7c5a4b7a31dffef8ce296deedb6214a9-Abstract-Conference.html},
timestamp = {Fri, 01 Mar 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/FranzeseDCTKRFJ23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/RabanserTTDP23,
author = {Stephan Rabanser and
Anvith Thudi and
Abhradeep Guha Thakurta and
Krishnamurthy Dvijotham and
Nicolas Papernot},
editor = {Alice Oh and
Tristan Naumann and
Amir Globerson and
Kate Saenko and
Moritz Hardt and
Sergey Levine},
title = {Training Private Models That Know What They Don't Know},
booktitle = {Advances in Neural Information Processing Systems 36: Annual Conference
on Neural Information Processing Systems 2023, NeurIPS 2023, New Orleans,
LA, USA, December 10 - 16, 2023},
year = {2023},
url = {http://papers.nips.cc/paper\_files/paper/2023/hash/a8526465a91166fbb90aaa8452b21eda-Abstract-Conference.html},
timestamp = {Fri, 01 Mar 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/RabanserTTDP23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/AhmedWSYSPF23,
author = {Shimaa Ahmed and
Yash Wani and
Ali Shahin Shamsabadi and
Mohammad Yaghini and
Ilia Shumailov and
Nicolas Papernot and
Kassem Fawaz},
editor = {Joseph A. Calandrino and
Carmela Troncoso},
title = {Tubes Among Us: Analog Attack on Automatic Speaker Identification},
booktitle = {32nd {USENIX} Security Symposium, {USENIX} Security 2023, Anaheim,
CA, USA, August 9-11, 2023},
pages = {265--282},
publisher = {{USENIX} Association},
year = {2023},
url = {https://www.usenix.org/conference/usenixsecurity23/presentation/ahmed-shimaa},
timestamp = {Wed, 18 Oct 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/uss/AhmedWSYSPF23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2301-04017,
author = {Franziska Boenisch and
Adam Dziedzic and
Roei Schuster and
Ali Shahin Shamsabadi and
Ilia Shumailov and
Nicolas Papernot},
title = {Is Federated Learning a Practical {PET} Yet?},
journal = {CoRR},
volume = {abs/2301.04017},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2301.04017},
doi = {10.48550/ARXIV.2301.04017},
eprinttype = {arXiv},
eprint = {2301.04017},
timestamp = {Thu, 19 Jan 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2301-04017.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2302-09183,
author = {Mohammad Yaghini and
Patty Liu and
Franziska Boenisch and
Nicolas Papernot},
title = {Learning with Impartiality to Walk on the Pareto Frontier of Fairness,
Privacy, and Utility},
journal = {CoRR},
volume = {abs/2302.09183},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2302.09183},
doi = {10.48550/ARXIV.2302.09183},
eprinttype = {arXiv},
eprint = {2302.09183},
timestamp = {Thu, 23 Feb 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2302-09183.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2303-17046,
author = {Franziska Boenisch and
Christopher M{\"{u}}hl and
Adam Dziedzic and
Roy Rinberg and
Nicolas Papernot},
title = {Have it your way: Individualized Privacy Assignment for {DP-SGD}},
journal = {CoRR},
volume = {abs/2303.17046},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2303.17046},
doi = {10.48550/ARXIV.2303.17046},
eprinttype = {arXiv},
eprint = {2303.17046},
timestamp = {Fri, 14 Apr 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2303-17046.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2304-06929,
author = {Rachel Cummings and
Damien Desfontaines and
David Evans and
Roxana Geambasu and
Matthew Jagielski and
Yangsibo Huang and
Peter Kairouz and
Gautam Kamath and
Sewoong Oh and
Olga Ohrimenko and
Nicolas Papernot and
Ryan Rogers and
Milan Shen and
Shuang Song and
Weijie J. Su and
Andreas Terzis and
Abhradeep Thakurta and
Sergei Vassilvitskii and
Yu{-}Xiang Wang and
Li Xiong and
Sergey Yekhanin and
Da Yu and
Huanyu Zhang and
Wanrong Zhang},
title = {Challenges towards the Next Frontier in Privacy},
journal = {CoRR},
volume = {abs/2304.06929},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2304.06929},
doi = {10.48550/ARXIV.2304.06929},
eprinttype = {arXiv},
eprint = {2304.06929},
timestamp = {Tue, 02 May 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2304-06929.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2305-15594,
author = {Haonan Duan and
Adam Dziedzic and
Nicolas Papernot and
Franziska Boenisch},
title = {Flocks of Stochastic Parrots: Differentially Private Prompt Learning
for Large Language Models},
journal = {CoRR},
volume = {abs/2305.15594},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2305.15594},
doi = {10.48550/ARXIV.2305.15594},
eprinttype = {arXiv},
eprint = {2305.15594},
timestamp = {Tue, 06 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2305-15594.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2305-17493,
author = {Ilia Shumailov and
Zakhar Shumaylov and
Yiren Zhao and
Yarin Gal and
Nicolas Papernot and
Ross J. Anderson},
title = {The Curse of Recursion: Training on Generated Data Makes Models Forget},
journal = {CoRR},
volume = {abs/2305.17493},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2305.17493},
doi = {10.48550/ARXIV.2305.17493},
eprinttype = {arXiv},
eprint = {2305.17493},
timestamp = {Wed, 07 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2305-17493.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2305-18393,
author = {Stephan Rabanser and
Anvith Thudi and
Abhradeep Thakurta and
Krishnamurthy Dvijotham and
Nicolas Papernot},
title = {Training Private Models That Know What They Don't Know},
journal = {CoRR},
volume = {abs/2305.18393},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2305.18393},
doi = {10.48550/ARXIV.2305.18393},
eprinttype = {arXiv},
eprint = {2305.18393},
timestamp = {Wed, 07 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2305-18393.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2306-07033,
author = {Nicholas Boucher and
Jenny Blessing and
Ilia Shumailov and
Ross Anderson and
Nicolas Papernot},
title = {When Vision Fails: Text Attacks Against ViT and {OCR}},
journal = {CoRR},
volume = {abs/2306.07033},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2306.07033},
doi = {10.48550/ARXIV.2306.07033},
eprinttype = {arXiv},
eprint = {2306.07033},
timestamp = {Fri, 16 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2306-07033.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2306-08656,
author = {Jiapeng Wu and
Atiyeh Ashari Ghomi and
David Glukhov and
Jesse C. Cresswell and
Franziska Boenisch and
Nicolas Papernot},
title = {Augment then Smooth: Reconciling Differential Privacy with Certified
Robustness},
journal = {CoRR},
volume = {abs/2306.08656},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2306.08656},
doi = {10.48550/ARXIV.2306.08656},
eprinttype = {arXiv},
eprint = {2306.08656},
timestamp = {Sun, 12 Nov 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2306-08656.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2307-00310,
author = {Anvith Thudi and
Hengrui Jia and
Casey Meehan and
Ilia Shumailov and
Nicolas Papernot},
title = {Gradients Look Alike: Sensitivity is Often Overestimated in {DP-SGD}},
journal = {CoRR},
volume = {abs/2307.00310},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2307.00310},
doi = {10.48550/ARXIV.2307.00310},
eprinttype = {arXiv},
eprint = {2307.00310},
timestamp = {Mon, 10 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2307-00310.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2307-10719,
author = {David Glukhov and
Ilia Shumailov and
Yarin Gal and
Nicolas Papernot and
Vardan Papyan},
title = {{LLM} Censorship: {A} Machine Learning Challenge or a Computer Security
Problem?},
journal = {CoRR},
volume = {abs/2307.10719},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2307.10719},
doi = {10.48550/ARXIV.2307.10719},
eprinttype = {arXiv},
eprint = {2307.10719},
timestamp = {Wed, 26 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2307-10719.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2309-02159,
author = {Dudi Biton and
Aditi Misra and
Efrat Levy and
Jaidip Kotak and
Ron Bitton and
Roei Schuster and
Nicolas Papernot and
Yuval Elovici and
Ben Nassi},
title = {The Adversarial Implications of Variable-Time Inference},
journal = {CoRR},
volume = {abs/2309.02159},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2309.02159},
doi = {10.48550/ARXIV.2309.02159},
eprinttype = {arXiv},
eprint = {2309.02159},
timestamp = {Mon, 11 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2309-02159.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2310-01959,
author = {Avital Shafran and
Ilia Shumailov and
Murat A. Erdogdu and
Nicolas Papernot},
title = {Beyond Labeling Oracles: What does it mean to steal {ML} models?},
journal = {CoRR},
volume = {abs/2310.01959},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2310.01959},
doi = {10.48550/ARXIV.2310.01959},
eprinttype = {arXiv},
eprint = {2310.01959},
timestamp = {Thu, 19 Oct 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2310-01959.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2310-16678,
author = {Olive Franzese and
Adam Dziedzic and
Christopher A. Choquette{-}Choo and
Mark R. Thomas and
Muhammad Ahmad Kaleem and
Stephan Rabanser and
Congyu Fang and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
title = {Robust and Actively Secure Serverless Collaborative Learning},
journal = {CoRR},
volume = {abs/2310.16678},
year = {2023},
url = {https://doi.org/10.48550/arXiv.2310.16678},
doi = {10.48550/ARXIV.2310.16678},
eprinttype = {arXiv},
eprint = {2310.16678},
timestamp = {Tue, 31 Oct 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2310-16678.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/jcs/SheatsleyPWVM22,
author = {Ryan Sheatsley and
Nicolas Papernot and
Michael J. Weisman and
Gunjan Verma and
Patrick D. McDaniel},
title = {Adversarial examples for network intrusion detection systems},
journal = {J. Comput. Secur.},
volume = {30},
number = {5},
pages = {727--752},
year = {2022},
url = {https://doi.org/10.3233/JCS-210094},
doi = {10.3233/JCS-210094},
timestamp = {Mon, 28 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/jcs/SheatsleyPWVM22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/Papernot22,
author = {Nicolas Papernot},
editor = {Hamed Okhravi and
Cliff Wang},
title = {The Role of Randomization in Trustworthy Machine Learning},
booktitle = {Proceedings of the 9th {ACM} Workshop on Moving Target Defense, {MTD}
2022, Los Angeles, CA, USA, 7 November 2022},
pages = {23--24},
publisher = {{ACM}},
year = {2022},
url = {https://doi.org/10.1145/3560828.3564001},
doi = {10.1145/3560828.3564001},
timestamp = {Tue, 08 Nov 2022 15:21:09 +0100},
biburl = {https://dblp.org/rec/conf/ccs/Papernot22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/ThudiDCP22,
author = {Anvith Thudi and
Gabriel Deza and
Varun Chandrasekaran and
Nicolas Papernot},
title = {Unrolling {SGD:} Understanding Factors Influencing Machine Unlearning},
booktitle = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2022, Genoa, Italy, June 6-10, 2022},
pages = {303--319},
publisher = {{IEEE}},
year = {2022},
url = {https://doi.org/10.1109/EuroSP53844.2022.00027},
doi = {10.1109/EUROSP53844.2022.00027},
timestamp = {Wed, 29 Jun 2022 16:03:24 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/ThudiDCP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/DullerudRHPG22,
author = {Natalie Dullerud and
Karsten Roth and
Kimia Hamidieh and
Nicolas Papernot and
Marzyeh Ghassemi},
title = {Is Fairness Only Metric Deep? Evaluating and Addressing Subgroup Gaps
in Deep Metric Learning},
booktitle = {The Tenth International Conference on Learning Representations, {ICLR}
2022, Virtual Event, April 25-29, 2022},
publisher = {OpenReview.net},
year = {2022},
url = {https://openreview.net/forum?id=js62\_xuLDDv},
timestamp = {Sat, 20 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/DullerudRHPG22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/DziedzicKLP22,
author = {Adam Dziedzic and
Muhammad Ahmad Kaleem and
Yu Shen Lu and
Nicolas Papernot},
title = {Increasing the Cost of Model Extraction with Calibrated Proof of Work},
booktitle = {The Tenth International Conference on Learning Representations, {ICLR}
2022, Virtual Event, April 25-29, 2022},
publisher = {OpenReview.net},
year = {2022},
url = {https://openreview.net/forum?id=EAy7C1cgE1L},
timestamp = {Sat, 20 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/DziedzicKLP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/JiaCGSP22,
author = {Hengrui Jia and
Hongyu Chen and
Jonas Guan and
Ali Shahin Shamsabadi and
Nicolas Papernot},
title = {A Zest of {LIME:} Towards Architecture-Independent Model Distances},
booktitle = {The Tenth International Conference on Learning Representations, {ICLR}
2022, Virtual Event, April 25-29, 2022},
publisher = {OpenReview.net},
year = {2022},
url = {https://openreview.net/forum?id=OUz\_9TiTv9j},
timestamp = {Sat, 20 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/JiaCGSP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/Papernot022,
author = {Nicolas Papernot and
Thomas Steinke},
title = {Hyperparameter Tuning with Renyi Differential Privacy},
booktitle = {The Tenth International Conference on Learning Representations, {ICLR}
2022, Virtual Event, April 25-29, 2022},
publisher = {OpenReview.net},
year = {2022},
url = {https://openreview.net/forum?id=-70L8lpp9DF},
timestamp = {Sat, 20 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/Papernot022.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icml/DziedzicDKGP22,
author = {Adam Dziedzic and
Nikita Dhawan and
Muhammad Ahmad Kaleem and
Jonas Guan and
Nicolas Papernot},
editor = {Kamalika Chaudhuri and
Stefanie Jegelka and
Le Song and
Csaba Szepesv{\'{a}}ri and
Gang Niu and
Sivan Sabato},
title = {On the Difficulty of Defending Self-Supervised Learning against Model
Extraction},
booktitle = {International Conference on Machine Learning, {ICML} 2022, 17-23 July
2022, Baltimore, Maryland, {USA}},
series = {Proceedings of Machine Learning Research},
volume = {162},
pages = {5757--5776},
publisher = {{PMLR}},
year = {2022},
url = {https://proceedings.mlr.press/v162/dziedzic22a.html},
timestamp = {Tue, 12 Jul 2022 17:36:52 +0200},
biburl = {https://dblp.org/rec/conf/icml/DziedzicDKGP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/0011SFP22,
author = {Yue Gao and
Ilia Shumailov and
Kassem Fawaz and
Nicolas Papernot},
editor = {Sanmi Koyejo and
S. Mohamed and
A. Agarwal and
Danielle Belgrave and
K. Cho and
A. Oh},
title = {On the Limitations of Stochastic Pre-processing Defenses},
booktitle = {Advances in Neural Information Processing Systems 35: Annual Conference
on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans,
LA, USA, November 28 - December 9, 2022},
year = {2022},
url = {http://papers.nips.cc/paper\_files/paper/2022/hash/997089469acbeb410405e43f0011be1f-Abstract-Conference.html},
timestamp = {Mon, 08 Jan 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/0011SFP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/CarliniJZPTT22,
author = {Nicholas Carlini and
Matthew Jagielski and
Chiyuan Zhang and
Nicolas Papernot and
Andreas Terzis and
Florian Tram{\`{e}}r},
editor = {Sanmi Koyejo and
S. Mohamed and
A. Agarwal and
Danielle Belgrave and
K. Cho and
A. Oh},
title = {The Privacy Onion Effect: Memorization is Relative},
booktitle = {Advances in Neural Information Processing Systems 35: Annual Conference
on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans,
LA, USA, November 28 - December 9, 2022},
year = {2022},
url = {http://papers.nips.cc/paper\_files/paper/2022/hash/564b5f8289ba846ebc498417e834c253-Abstract-Conference.html},
timestamp = {Mon, 08 Jan 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/CarliniJZPTT22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/DziedzicDKDGCBP22,
author = {Adam Dziedzic and
Haonan Duan and
Muhammad Ahmad Kaleem and
Nikita Dhawan and
Jonas Guan and
Yannis Cattan and
Franziska Boenisch and
Nicolas Papernot},
editor = {Sanmi Koyejo and
S. Mohamed and
A. Agarwal and
Danielle Belgrave and
K. Cho and
A. Oh},
title = {Dataset Inference for Self-Supervised Models},
booktitle = {Advances in Neural Information Processing Systems 35: Annual Conference
on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans,
LA, USA, November 28 - December 9, 2022},
year = {2022},
url = {http://papers.nips.cc/paper\_files/paper/2022/hash/4ebf0617b32da2cd083c3b17c7285cce-Abstract-Conference.html},
timestamp = {Mon, 08 Jan 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/DziedzicDKDGCBP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/ShamsabadiYDWAA22,
author = {Ali Shahin Shamsabadi and
Mohammad Yaghini and
Natalie Dullerud and
Sierra Calanda Wyllie and
Ulrich A{\"{\i}}vodji and
Aisha Alaagib and
S{\'{e}}bastien Gambs and
Nicolas Papernot},
editor = {Sanmi Koyejo and
S. Mohamed and
A. Agarwal and
Danielle Belgrave and
K. Cho and
A. Oh},
title = {Washing The Unwashable : On The (Im)possibility of Fairwashing Detection},
booktitle = {Advances in Neural Information Processing Systems 35: Annual Conference
on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans,
LA, USA, November 28 - December 9, 2022},
year = {2022},
url = {http://papers.nips.cc/paper\_files/paper/2022/hash/5b84864ff8474fd742c66f219b2eaac1-Abstract-Conference.html},
timestamp = {Mon, 08 Jan 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/ShamsabadiYDWAA22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/WangSSLP22,
author = {Jiaqi Wang and
Roei Schuster and
Ilia Shumailov and
David Lie and
Nicolas Papernot},
editor = {Sanmi Koyejo and
S. Mohamed and
A. Agarwal and
Danielle Belgrave and
K. Cho and
A. Oh},
title = {In Differential Privacy, There is Truth: on Vote-Histogram Leakage
in Ensemble Private Learning},
booktitle = {Advances in Neural Information Processing Systems 35: Annual Conference
on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans,
LA, USA, November 28 - December 9, 2022},
year = {2022},
url = {http://papers.nips.cc/paper\_files/paper/2022/hash/ba8d1b46292c5e82cbfb3b3dc3b968af-Abstract-Conference.html},
timestamp = {Mon, 08 Jan 2024 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/nips/WangSSLP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/BoucherS0P22,
author = {Nicholas Boucher and
Ilia Shumailov and
Ross Anderson and
Nicolas Papernot},
title = {Bad Characters: Imperceptible {NLP} Attacks},
booktitle = {43rd {IEEE} Symposium on Security and Privacy, {SP} 2022, San Francisco,
CA, USA, May 22-26, 2022},
pages = {1987--2004},
publisher = {{IEEE}},
year = {2022},
url = {https://doi.org/10.1109/SP46214.2022.9833641},
doi = {10.1109/SP46214.2022.9833641},
timestamp = {Sat, 30 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sp/BoucherS0P22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/AhmedSPF22,
author = {Shimaa Ahmed and
Ilia Shumailov and
Nicolas Papernot and
Kassem Fawaz},
editor = {Kevin R. B. Butler and
Kurt Thomas},
title = {Towards More Robust Keyword Spotting for Voice Assistants},
booktitle = {31st {USENIX} Security Symposium, {USENIX} Security 2022, Boston,
MA, USA, August 10-12, 2022},
pages = {2655--2672},
publisher = {{USENIX} Association},
year = {2022},
url = {https://www.usenix.org/conference/usenixsecurity22/presentation/ahmed},
timestamp = {Tue, 06 Dec 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/uss/AhmedSPF22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/ThudiJSP22,
author = {Anvith Thudi and
Hengrui Jia and
Ilia Shumailov and
Nicolas Papernot},
editor = {Kevin R. B. Butler and
Kurt Thomas},
title = {On the Necessity of Auditable Algorithmic Definitions for Machine
Unlearning},
booktitle = {31st {USENIX} Security Symposium, {USENIX} Security 2022, Boston,
MA, USA, August 10-12, 2022},
pages = {4007--4022},
publisher = {{USENIX} Association},
year = {2022},
url = {https://www.usenix.org/conference/usenixsecurity22/presentation/thudi},
timestamp = {Tue, 18 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/uss/ThudiJSP22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2201-09243,
author = {Adam Dziedzic and
Muhammad Ahmad Kaleem and
Yu Shen Lu and
Nicolas Papernot},
title = {Increasing the Cost of Model Extraction with Calibrated Proof of Work},
journal = {CoRR},
volume = {abs/2201.09243},
year = {2022},
url = {https://arxiv.org/abs/2201.09243},
eprinttype = {arXiv},
eprint = {2201.09243},
timestamp = {Tue, 01 Feb 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2201-09243.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2202-02751,
author = {Shimaa Ahmed and
Yash Wani and
Ali Shahin Shamsabadi and
Mohammad Yaghini and
Ilia Shumailov and
Nicolas Papernot and
Kassem Fawaz},
title = {Pipe Overflow: Smashing Voice Authentication for Fun and Profit},
journal = {CoRR},
volume = {abs/2202.02751},
year = {2022},
url = {https://arxiv.org/abs/2202.02751},
eprinttype = {arXiv},
eprint = {2202.02751},
timestamp = {Wed, 09 Feb 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2202-02751.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2202-11823,
author = {Ali Shahin Shamsabadi and
Brij Mohan Lal Srivastava and
Aur{\'{e}}lien Bellet and
Nathalie Vauquier and
Emmanuel Vincent and
Mohamed Maouche and
Marc Tommasi and
Nicolas Papernot},
title = {Differentially Private Speaker Anonymization},
journal = {CoRR},
volume = {abs/2202.11823},
year = {2022},
url = {https://arxiv.org/abs/2202.11823},
eprinttype = {arXiv},
eprint = {2202.11823},
timestamp = {Wed, 02 Mar 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2202-11823.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2202-12232,
author = {Anvith Thudi and
Ilia Shumailov and
Franziska Boenisch and
Nicolas Papernot},
title = {Bounding Membership Inference},
journal = {CoRR},
volume = {abs/2202.12232},
year = {2022},
url = {https://arxiv.org/abs/2202.12232},
eprinttype = {arXiv},
eprint = {2202.12232},
timestamp = {Wed, 02 Mar 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2202-12232.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2203-12748,
author = {Natalie Dullerud and
Karsten Roth and
Kimia Hamidieh and
Nicolas Papernot and
Marzyeh Ghassemi},
title = {Is Fairness Only Metric Deep? Evaluating and Addressing Subgroup Gaps
in Deep Metric Learning},
journal = {CoRR},
volume = {abs/2203.12748},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2203.12748},
doi = {10.48550/ARXIV.2203.12748},
eprinttype = {arXiv},
eprint = {2203.12748},
timestamp = {Tue, 29 Mar 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2203-12748.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2205-07890,
author = {Adam Dziedzic and
Nikita Dhawan and
Muhammad Ahmad Kaleem and
Jonas Guan and
Nicolas Papernot},
title = {On the Difficulty of Defending Self-Supervised Learning against Model
Extraction},
journal = {CoRR},
volume = {abs/2205.07890},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2205.07890},
doi = {10.48550/ARXIV.2205.07890},
eprinttype = {arXiv},
eprint = {2205.07890},
timestamp = {Mon, 23 May 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2205-07890.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2205-13532,
author = {Stephan Rabanser and
Anvith Thudi and
Kimia Hamidieh and
Adam Dziedzic and
Nicolas Papernot},
title = {Selective Classification Via Neural Network Training Dynamics},
journal = {CoRR},
volume = {abs/2205.13532},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2205.13532},
doi = {10.48550/ARXIV.2205.13532},
eprinttype = {arXiv},
eprint = {2205.13532},
timestamp = {Tue, 31 May 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2205-13532.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2206-07840,
author = {Mikel Bober{-}Irizar and
Ilia Shumailov and
Yiren Zhao and
Robert D. Mullins and
Nicolas Papernot},
title = {Architectural Backdoors in Neural Networks},
journal = {CoRR},
volume = {abs/2206.07840},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2206.07840},
doi = {10.48550/ARXIV.2206.07840},
eprinttype = {arXiv},
eprint = {2206.07840},
timestamp = {Fri, 06 Jan 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2206-07840.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2206-09491,
author = {Yue Gao and
Ilia Shumailov and
Kassem Fawaz and
Nicolas Papernot},
title = {On the Limitations of Stochastic Pre-processing Defenses},
journal = {CoRR},
volume = {abs/2206.09491},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2206.09491},
doi = {10.48550/ARXIV.2206.09491},
eprinttype = {arXiv},
eprint = {2206.09491},
timestamp = {Thu, 29 Sep 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2206-09491.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2206-10469,
author = {Nicholas Carlini and
Matthew Jagielski and
Chiyuan Zhang and
Nicolas Papernot and
Andreas Terzis and
Florian Tram{\`{e}}r},
title = {The Privacy Onion Effect: Memorization is Relative},
journal = {CoRR},
volume = {abs/2206.10469},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2206.10469},
doi = {10.48550/ARXIV.2206.10469},
eprinttype = {arXiv},
eprint = {2206.10469},
timestamp = {Sun, 02 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2206-10469.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2206-14342,
author = {Stephan Rabanser and
Tim Januschowski and
Kashif Rasul and
Oliver Borchert and
Richard Kurle and
Jan Gasthaus and
Michael Bohlke{-}Schneider and
Nicolas Papernot and
Valentin Flunkert},
title = {Intrinsic Anomaly Detection for Multi-Variate Time Series},
journal = {CoRR},
volume = {abs/2206.14342},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2206.14342},
doi = {10.48550/ARXIV.2206.14342},
eprinttype = {arXiv},
eprint = {2206.14342},
timestamp = {Mon, 04 Jul 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2206-14342.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2207-00099,
author = {Matthew Jagielski and
Om Thakkar and
Florian Tram{\`{e}}r and
Daphne Ippolito and
Katherine Lee and
Nicholas Carlini and
Eric Wallace and
Shuang Song and
Abhradeep Thakurta and
Nicolas Papernot and
Chiyuan Zhang},
title = {Measuring Forgetting of Memorized Training Examples},
journal = {CoRR},
volume = {abs/2207.00099},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2207.00099},
doi = {10.48550/ARXIV.2207.00099},
eprinttype = {arXiv},
eprint = {2207.00099},
timestamp = {Sun, 02 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2207-00099.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2207-00694,
author = {Maximilian Kaufmann and
Yiren Zhao and
Ilia Shumailov and
Robert D. Mullins and
Nicolas Papernot},
title = {Efficient Adversarial Training With Data Pruning},
journal = {CoRR},
volume = {abs/2207.00694},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2207.00694},
doi = {10.48550/ARXIV.2207.00694},
eprinttype = {arXiv},
eprint = {2207.00694},
timestamp = {Fri, 06 Jan 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2207-00694.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2207-12545,
author = {Adam Dziedzic and
Stephan Rabanser and
Mohammad Yaghini and
Armin Ale and
Murat A. Erdogdu and
Nicolas Papernot},
title = {p-DkNN: Out-of-Distribution Detection Through Statistical Testing
of Deep Representations},
journal = {CoRR},
volume = {abs/2207.12545},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2207.12545},
doi = {10.48550/ARXIV.2207.12545},
eprinttype = {arXiv},
eprint = {2207.12545},
timestamp = {Mon, 01 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2207-12545.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2207-12816,
author = {Tejumade Afonja and
Lucas Bourtoule and
Varun Chandrasekaran and
Sageev Oore and
Nicolas Papernot},
title = {Generative Extraction of Audio Classifiers for Speaker Identification},
journal = {CoRR},
volume = {abs/2207.12816},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2207.12816},
doi = {10.48550/ARXIV.2207.12816},
eprinttype = {arXiv},
eprint = {2207.12816},
timestamp = {Mon, 01 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2207-12816.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2208-03567,
author = {Congyu Fang and
Hengrui Jia and
Anvith Thudi and
Mohammad Yaghini and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Varun Chandrasekaran and
Nicolas Papernot},
title = {On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning},
journal = {CoRR},
volume = {abs/2208.03567},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2208.03567},
doi = {10.48550/ARXIV.2208.03567},
eprinttype = {arXiv},
eprint = {2208.03567},
timestamp = {Wed, 10 Aug 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2208-03567.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2209-09024,
author = {Adam Dziedzic and
Haonan Duan and
Muhammad Ahmad Kaleem and
Nikita Dhawan and
Jonas Guan and
Yannis Cattan and
Franziska Boenisch and
Nicolas Papernot},
title = {Dataset Inference for Self-Supervised Models},
journal = {CoRR},
volume = {abs/2209.09024},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2209.09024},
doi = {10.48550/ARXIV.2209.09024},
eprinttype = {arXiv},
eprint = {2209.09024},
timestamp = {Wed, 28 Sep 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2209-09024.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2209-10732,
author = {Jiaqi Wang and
Roei Schuster and
Ilia Shumailov and
David Lie and
Nicolas Papernot},
title = {In Differential Privacy, There is Truth: On Vote Leakage in Ensemble
Private Learning},
journal = {CoRR},
volume = {abs/2209.10732},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2209.10732},
doi = {10.48550/ARXIV.2209.10732},
eprinttype = {arXiv},
eprint = {2209.10732},
timestamp = {Wed, 28 Sep 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2209-10732.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2210-02156,
author = {Yannis Cattan and
Christopher A. Choquette{-}Choo and
Nicolas Papernot and
Abhradeep Thakurta},
title = {Fine-Tuning with Differential Privacy Necessitates an Additional Hyperparameter
Search},
journal = {CoRR},
volume = {abs/2210.02156},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2210.02156},
doi = {10.48550/ARXIV.2210.02156},
eprinttype = {arXiv},
eprint = {2210.02156},
timestamp = {Fri, 07 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2210-02156.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2210-09126,
author = {Thorsten Eisenhofer and
Doreen Riepel and
Varun Chandrasekaran and
Esha Ghosh and
Olga Ohrimenko and
Nicolas Papernot},
title = {Verifiable and Provably Secure Machine Unlearning},
journal = {CoRR},
volume = {abs/2210.09126},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2210.09126},
doi = {10.48550/ARXIV.2210.09126},
eprinttype = {arXiv},
eprint = {2210.09126},
timestamp = {Tue, 21 Mar 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2210-09126.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2211-15410,
author = {Adam Dziedzic and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Vinith Menon Suriyakumar and
Ali Shahin Shamsabadi and
Muhammad Ahmad Kaleem and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
title = {Private Multi-Winner Voting for Machine Learning},
journal = {CoRR},
volume = {abs/2211.15410},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2211.15410},
doi = {10.48550/ARXIV.2211.15410},
eprinttype = {arXiv},
eprint = {2211.15410},
timestamp = {Tue, 29 Nov 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2211-15410.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2212-10318,
author = {Roei Schuster and
Jin Peng Zhou and
Thorsten Eisenhofer and
Paul Grubbs and
Nicolas Papernot},
title = {Learned Systems Security},
journal = {CoRR},
volume = {abs/2212.10318},
year = {2022},
url = {https://doi.org/10.48550/arXiv.2212.10318},
doi = {10.48550/ARXIV.2212.10318},
eprinttype = {arXiv},
eprint = {2212.10318},
timestamp = {Tue, 03 Jan 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2212-10318.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/aaai/PapernotT0CE21,
author = {Nicolas Papernot and
Abhradeep Thakurta and
Shuang Song and
Steve Chien and
{\'{U}}lfar Erlingsson},
title = {Tempered Sigmoid Activations for Deep Learning with Differential Privacy},
booktitle = {Thirty-Fifth {AAAI} Conference on Artificial Intelligence, {AAAI}
2021, Thirty-Third Conference on Innovative Applications of Artificial
Intelligence, {IAAI} 2021, The Eleventh Symposium on Educational Advances
in Artificial Intelligence, {EAAI} 2021, Virtual Event, February 2-9,
2021},
pages = {9312--9321},
publisher = {{AAAI} Press},
year = {2021},
url = {https://doi.org/10.1609/aaai.v35i10.17123},
doi = {10.1609/AAAI.V35I10.17123},
timestamp = {Mon, 04 Sep 2023 12:29:24 +0200},
biburl = {https://dblp.org/rec/conf/aaai/PapernotT0CE21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/cvpr/TruongMWP21,
author = {Jean{-}Baptiste Truong and
Pratyush Maini and
Robert J. Walls and
Nicolas Papernot},
title = {Data-Free Model Extraction},
booktitle = {{IEEE} Conference on Computer Vision and Pattern Recognition, {CVPR}
2021, virtual, June 19-25, 2021},
pages = {4771--4780},
publisher = {Computer Vision Foundation / {IEEE}},
year = {2021},
url = {https://openaccess.thecvf.com/content/CVPR2021/html/Truong\_Data-Free\_Model\_Extraction\_CVPR\_2021\_paper.html},
doi = {10.1109/CVPR46437.2021.00474},
timestamp = {Mon, 18 Jul 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/cvpr/TruongMWP21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dsn/XuLABCEPPT21,
author = {Hui Xu and
Guanpeng Li and
Homa Alemzadeh and
Rakesh Bobba and
Varun Chandrasekaran and
David E. Evans and
Nicolas Papernot and
Karthik Pattabiraman and
Florian Tram{\`{e}}r},
title = {Fourth International Workshop on Dependable and Secure Machine Learning
- {DSML} 2021},
booktitle = {51st Annual {IEEE/IFIP} International Conference on Dependable Systems
and Networks Workshops, {DSN} Workshops 2021, Taipei, Taiwan, June
21-24, 2021},
pages = {xvi},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/DSN-W52860.2021.00009},
doi = {10.1109/DSN-W52860.2021.00009},
timestamp = {Tue, 14 Feb 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/dsn/XuLABCEPPT21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/ShumailovZBPMA21,
author = {Ilia Shumailov and
Yiren Zhao and
Daniel Bates and
Nicolas Papernot and
Robert D. Mullins and
Ross Anderson},
title = {Sponge Examples: Energy-Latency Attacks on Neural Networks},
booktitle = {{IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2021, Vienna, Austria, September 6-10, 2021},
pages = {212--231},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/EuroSP51992.2021.00024},
doi = {10.1109/EUROSP51992.2021.00024},
timestamp = {Thu, 11 Nov 2021 09:11:58 +0100},
biburl = {https://dblp.org/rec/conf/eurosp/ShumailovZBPMA21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/fat/SuriyakumarPGG21,
author = {Vinith M. Suriyakumar and
Nicolas Papernot and
Anna Goldenberg and
Marzyeh Ghassemi},
editor = {Madeleine Clare Elish and
William Isaac and
Richard S. Zemel},
title = {Chasing Your Long Tails: Differentially Private Prediction in Health
Care Settings},
booktitle = {FAccT '21: 2021 {ACM} Conference on Fairness, Accountability, and
Transparency, Virtual Event / Toronto, Canada, March 3-10, 2021},
pages = {723--734},
publisher = {{ACM}},
year = {2021},
url = {https://doi.org/10.1145/3442188.3445934},
doi = {10.1145/3442188.3445934},
timestamp = {Fri, 05 May 2023 15:54:55 +0200},
biburl = {https://dblp.org/rec/conf/fat/SuriyakumarPGG21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/Choquette-ChooD21,
author = {Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Adam Dziedzic and
Yunxiang Zhang and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
title = {CaPC Learning: Confidential and Private Collaborative Learning},
booktitle = {9th International Conference on Learning Representations, {ICLR} 2021,
Virtual Event, Austria, May 3-7, 2021},
publisher = {OpenReview.net},
year = {2021},
url = {https://openreview.net/forum?id=h2EbJ4\_wMVq},
timestamp = {Sat, 04 Dec 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/iclr/Choquette-ChooD21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/MainiYP21,
author = {Pratyush Maini and
Mohammad Yaghini and
Nicolas Papernot},
title = {Dataset Inference: Ownership Resolution in Machine Learning},
booktitle = {9th International Conference on Learning Representations, {ICLR} 2021,
Virtual Event, Austria, May 3-7, 2021},
publisher = {OpenReview.net},
year = {2021},
url = {https://openreview.net/forum?id=hvdKKV2yt7T},
timestamp = {Wed, 23 Jun 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/MainiYP21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icml/Choquette-ChooT21,
author = {Christopher A. Choquette{-}Choo and
Florian Tram{\`{e}}r and
Nicholas Carlini and
Nicolas Papernot},
editor = {Marina Meila and
Tong Zhang},
title = {Label-Only Membership Inference Attacks},
booktitle = {Proceedings of the 38th International Conference on Machine Learning,
{ICML} 2021, 18-24 July 2021, Virtual Event},
series = {Proceedings of Machine Learning Research},
volume = {139},
pages = {1964--1974},
publisher = {{PMLR}},
year = {2021},
url = {http://proceedings.mlr.press/v139/choquette-choo21a.html},
timestamp = {Sun, 02 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/icml/Choquette-ChooT21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icml/KhachaturovSZPA21,
author = {David Khachaturov and
Ilia Shumailov and
Yiren Zhao and
Nicolas Papernot and
Ross J. Anderson},
editor = {Marina Meila and
Tong Zhang},
title = {Markpainting: Adversarial Machine Learning meets Inpainting},
booktitle = {Proceedings of the 38th International Conference on Machine Learning,
{ICML} 2021, 18-24 July 2021, Virtual Event},
series = {Proceedings of Machine Learning Research},
volume = {139},
pages = {5409--5419},
publisher = {{PMLR}},
year = {2021},
url = {http://proceedings.mlr.press/v139/khachaturov21a.html},
timestamp = {Wed, 25 Aug 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/icml/KhachaturovSZPA21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/kbse/YangLP21,
author = {Mingyue Yang and
David Lie and
Nicolas Papernot},
title = {Accelerating Symbolic Analysis for Android Apps},
booktitle = {36th {IEEE/ACM} International Conference on Automated Software Engineering,
{ASE} 2021 - Workshops, Melbourne, Australia, November 15-19, 2021},
pages = {47--52},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/ASEW52652.2021.00021},
doi = {10.1109/ASEW52652.2021.00021},
timestamp = {Mon, 31 Jan 2022 10:01:24 +0100},
biburl = {https://dblp.org/rec/conf/kbse/YangLP21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/ShumailovSKZPEA21,
author = {Ilia Shumailov and
Zakhar Shumaylov and
Dmitry Kazhdan and
Yiren Zhao and
Nicolas Papernot and
Murat A. Erdogdu and
Ross J. Anderson},
editor = {Marc'Aurelio Ranzato and
Alina Beygelzimer and
Yann N. Dauphin and
Percy Liang and
Jennifer Wortman Vaughan},
title = {Manipulating {SGD} with Data Ordering Attacks},
booktitle = {Advances in Neural Information Processing Systems 34: Annual Conference
on Neural Information Processing Systems 2021, NeurIPS 2021, December
6-14, 2021, virtual},
pages = {18021--18032},
year = {2021},
url = {https://proceedings.neurips.cc/paper/2021/hash/959ab9a0695c467e7caf75431a872e5c-Abstract.html},
timestamp = {Tue, 03 May 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/nips/ShumailovSKZPEA21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/BourtouleCCJTZL21,
author = {Lucas Bourtoule and
Varun Chandrasekaran and
Christopher A. Choquette{-}Choo and
Hengrui Jia and
Adelin Travers and
Baiwu Zhang and
David Lie and
Nicolas Papernot},
title = {Machine Unlearning},
booktitle = {42nd {IEEE} Symposium on Security and Privacy, {SP} 2021, San Francisco,
CA, USA, 24-27 May 2021},
pages = {141--159},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/SP40001.2021.00019},
doi = {10.1109/SP40001.2021.00019},
timestamp = {Thu, 21 Sep 2023 15:57:26 +0200},
biburl = {https://dblp.org/rec/conf/sp/BourtouleCCJTZL21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/AbdullahWBPT21,
author = {Hadi Abdullah and
Kevin Warren and
Vincent Bindschaedler and
Nicolas Papernot and
Patrick Traynor},
title = {SoK: The Faults in our ASRs: An Overview of Attacks against Automatic
Speech Recognition and Speaker Identification Systems},
booktitle = {42nd {IEEE} Symposium on Security and Privacy, {SP} 2021, San Francisco,
CA, USA, 24-27 May 2021},
pages = {730--747},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/SP40001.2021.00014},
doi = {10.1109/SP40001.2021.00014},
timestamp = {Thu, 21 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sp/AbdullahWBPT21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/NasrSTPC21,
author = {Milad Nasr and
Shuang Song and
Abhradeep Thakurta and
Nicolas Papernot and
Nicholas Carlini},
title = {Adversary Instantiation: Lower Bounds for Differentially Private Machine
Learning},
booktitle = {42nd {IEEE} Symposium on Security and Privacy, {SP} 2021, San Francisco,
CA, USA, 24-27 May 2021},
pages = {866--882},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/SP40001.2021.00069},
doi = {10.1109/SP40001.2021.00069},
timestamp = {Thu, 21 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sp/NasrSTPC21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/JiaYCDTCP21,
author = {Hengrui Jia and
Mohammad Yaghini and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Anvith Thudi and
Varun Chandrasekaran and
Nicolas Papernot},
title = {Proof-of-Learning: Definitions and Practice},
booktitle = {42nd {IEEE} Symposium on Security and Privacy, {SP} 2021, San Francisco,
CA, USA, 24-27 May 2021},
pages = {1039--1056},
publisher = {{IEEE}},
year = {2021},
url = {https://doi.org/10.1109/SP40001.2021.00106},
doi = {10.1109/SP40001.2021.00106},
timestamp = {Thu, 21 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sp/JiaYCDTCP21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/JiaCCP21,
author = {Hengrui Jia and
Christopher A. Choquette{-}Choo and
Varun Chandrasekaran and
Nicolas Papernot},
editor = {Michael D. Bailey and
Rachel Greenstadt},
title = {Entangled Watermarks as a Defense against Model Extraction},
booktitle = {30th {USENIX} Security Symposium, {USENIX} Security 2021, August 11-13,
2021},
pages = {1937--1954},
publisher = {{USENIX} Association},
year = {2021},
url = {https://www.usenix.org/conference/usenixsecurity21/presentation/jia},
timestamp = {Mon, 20 Nov 2023 08:57:49 +0100},
biburl = {https://dblp.org/rec/conf/uss/JiaCCP21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2101-04535,
author = {Milad Nasr and
Shuang Song and
Abhradeep Thakurta and
Nicolas Papernot and
Nicholas Carlini},
title = {Adversary Instantiation: Lower Bounds for Differentially Private Machine
Learning},
journal = {CoRR},
volume = {abs/2101.04535},
year = {2021},
url = {https://arxiv.org/abs/2101.04535},
eprinttype = {arXiv},
eprint = {2101.04535},
timestamp = {Fri, 22 Jan 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2101-04535.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2102-05188,
author = {Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Adam Dziedzic and
Yunxiang Zhang and
Somesh Jha and
Nicolas Papernot and
Xiao Wang},
title = {CaPC Learning: Confidential and Private Collaborative Learning},
journal = {CoRR},
volume = {abs/2102.05188},
year = {2021},
url = {https://arxiv.org/abs/2102.05188},
eprinttype = {arXiv},
eprint = {2102.05188},
timestamp = {Sat, 04 Dec 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2102-05188.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2103-05633,
author = {Hengrui Jia and
Mohammad Yaghini and
Christopher A. Choquette{-}Choo and
Natalie Dullerud and
Anvith Thudi and
Varun Chandrasekaran and
Nicolas Papernot},
title = {Proof-of-Learning: Definitions and Practice},
journal = {CoRR},
volume = {abs/2103.05633},
year = {2021},
url = {https://arxiv.org/abs/2103.05633},
eprinttype = {arXiv},
eprint = {2103.05633},
timestamp = {Tue, 16 Mar 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2103-05633.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2104-09667,
author = {Ilia Shumailov and
Zakhar Shumaylov and
Dmitry Kazhdan and
Yiren Zhao and
Nicolas Papernot and
Murat A. Erdogdu and
Ross J. Anderson},
title = {Manipulating {SGD} with Data Ordering Attacks},
journal = {CoRR},
volume = {abs/2104.09667},
year = {2021},
url = {https://arxiv.org/abs/2104.09667},
eprinttype = {arXiv},
eprint = {2104.09667},
timestamp = {Mon, 26 Apr 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2104-09667.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2104-10706,
author = {Pratyush Maini and
Mohammad Yaghini and
Nicolas Papernot},
title = {Dataset Inference: Ownership Resolution in Machine Learning},
journal = {CoRR},
volume = {abs/2104.10706},
year = {2021},
url = {https://arxiv.org/abs/2104.10706},
eprinttype = {arXiv},
eprint = {2104.10706},
timestamp = {Tue, 27 Apr 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2104-10706.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2106-00660,
author = {David Khachaturov and
Ilia Shumailov and
Yiren Zhao and
Nicolas Papernot and
Ross J. Anderson},
title = {Markpainting: Adversarial Machine Learning meets Inpainting},
journal = {CoRR},
volume = {abs/2106.00660},
year = {2021},
url = {https://arxiv.org/abs/2106.00660},
eprinttype = {arXiv},
eprint = {2106.00660},
timestamp = {Wed, 09 Jun 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2106-00660.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2106-09898,
author = {Nicholas Boucher and
Ilia Shumailov and
Ross J. Anderson and
Nicolas Papernot},
title = {Bad Characters: Imperceptible {NLP} Attacks},
journal = {CoRR},
volume = {abs/2106.09898},
year = {2021},
url = {https://arxiv.org/abs/2106.09898},
eprinttype = {arXiv},
eprint = {2106.09898},
timestamp = {Tue, 29 Jun 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2106-09898.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2108-02010,
author = {Adelin Travers and
Lorna Licollari and
Guanghan Wang and
Varun Chandrasekaran and
Adam Dziedzic and
David Lie and
Nicolas Papernot},
title = {On the Exploitability of Audio Machine Learning Pipelines to Surreptitious
Adversarial Examples},
journal = {CoRR},
volume = {abs/2108.02010},
year = {2021},
url = {https://arxiv.org/abs/2108.02010},
eprinttype = {arXiv},
eprint = {2108.02010},
timestamp = {Thu, 05 Aug 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2108-02010.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2109-10870,
author = {Varun Chandrasekaran and
Hengrui Jia and
Anvith Thudi and
Adelin Travers and
Mohammad Yaghini and
Nicolas Papernot},
title = {SoK: Machine Learning Governance},
journal = {CoRR},
volume = {abs/2109.10870},
year = {2021},
url = {https://arxiv.org/abs/2109.10870},
eprinttype = {arXiv},
eprint = {2109.10870},
timestamp = {Mon, 27 Sep 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2109-10870.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2109-13398,
author = {Anvith Thudi and
Gabriel Deza and
Varun Chandrasekaran and
Nicolas Papernot},
title = {Unrolling {SGD:} Understanding Factors Influencing Machine Unlearning},
journal = {CoRR},
volume = {abs/2109.13398},
year = {2021},
url = {https://arxiv.org/abs/2109.13398},
eprinttype = {arXiv},
eprint = {2109.13398},
timestamp = {Mon, 04 Oct 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2109-13398.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2109-15112,
author = {Gabriel Deza and
Adelin Travers and
Colin Rowat and
Nicolas Papernot},
title = {Interpretability in Safety-Critical FinancialTrading Systems},
journal = {CoRR},
volume = {abs/2109.15112},
year = {2021},
url = {https://arxiv.org/abs/2109.15112},
eprinttype = {arXiv},
eprint = {2109.15112},
timestamp = {Mon, 04 Oct 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2109-15112.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2110-03620,
author = {Nicolas Papernot and
Thomas Steinke},
title = {Hyperparameter Tuning with Renyi Differential Privacy},
journal = {CoRR},
volume = {abs/2110.03620},
year = {2021},
url = {https://arxiv.org/abs/2110.03620},
eprinttype = {arXiv},
eprint = {2110.03620},
timestamp = {Thu, 21 Oct 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2110-03620.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2110-11891,
author = {Anvith Thudi and
Hengrui Jia and
Ilia Shumailov and
Nicolas Papernot},
title = {On the Necessity of Auditable Algorithmic Definitions for Machine
Unlearning},
journal = {CoRR},
volume = {abs/2110.11891},
year = {2021},
url = {https://arxiv.org/abs/2110.11891},
eprinttype = {arXiv},
eprint = {2110.11891},
timestamp = {Thu, 28 Oct 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2110-11891.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2112-02918,
author = {Franziska Boenisch and
Adam Dziedzic and
Roei Schuster and
Ali Shahin Shamsabadi and
Ilia Shumailov and
Nicolas Papernot},
title = {When the Curious Abandon Honesty: Federated Learning Is Not Private},
journal = {CoRR},
volume = {abs/2112.02918},
year = {2021},
url = {https://arxiv.org/abs/2112.02918},
eprinttype = {arXiv},
eprint = {2112.02918},
timestamp = {Wed, 08 Dec 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2112-02918.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dsn/AlemzadehBCEPPT20,
author = {Homa Alemzadeh and
Rakesh Bobba and
Varun Chandrasekaran and
David E. Evans and
Nicolas Papernot and
Karthik Pattabiraman and
Florian Tram{\`{e}}r},
title = {Third International Workshop on Dependable and Secure Machine Learning
- {DSML} 2020},
booktitle = {50th Annual {IEEE/IFIP} International Conference on Dependable Systems
and Networks Workshops, {DSN} Workshops 2020, Valencia, Spain, June
29 - July 2, 2020},
pages = {x},
publisher = {{IEEE}},
year = {2020},
url = {https://doi.org/10.1109/DSN-W50199.2020.00006},
doi = {10.1109/DSN-W50199.2020.00006},
timestamp = {Sat, 09 Apr 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dsn/AlemzadehBCEPPT20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icfpt/BoutrosHPB20,
author = {Andrew Boutros and
Mathew Hall and
Nicolas Papernot and
Vaughn Betz},
title = {Neighbors From Hell: Voltage Attacks Against Deep Learning Accelerators
on Multi-Tenant FPGAs},
booktitle = {International Conference on Field-Programmable Technology, {(IC)FPT}
2020, Maui, HI, USA, December 9-11, 2020},
pages = {103--111},
publisher = {{IEEE}},
year = {2020},
url = {https://doi.org/10.1109/ICFPT51103.2020.00023},
doi = {10.1109/ICFPT51103.2020.00023},
timestamp = {Tue, 11 May 2021 10:41:35 +0200},
biburl = {https://dblp.org/rec/conf/icfpt/BoutrosHPB20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/KrishnaTPPI20,
author = {Kalpesh Krishna and
Gaurav Singh Tomar and
Ankur P. Parikh and
Nicolas Papernot and
Mohit Iyyer},
title = {Thieves on Sesame Street! Model Extraction of BERT-based APIs},
booktitle = {8th International Conference on Learning Representations, {ICLR} 2020,
Addis Ababa, Ethiopia, April 26-30, 2020},
publisher = {OpenReview.net},
year = {2020},
url = {https://openreview.net/forum?id=Byl5NREFDr},
timestamp = {Thu, 07 May 2020 17:11:47 +0200},
biburl = {https://dblp.org/rec/conf/iclr/KrishnaTPPI20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icml/TramerBCPJ20,
author = {Florian Tram{\`{e}}r and
Jens Behrmann and
Nicholas Carlini and
Nicolas Papernot and
J{\"{o}}rn{-}Henrik Jacobsen},
title = {Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial
Perturbations},
booktitle = {Proceedings of the 37th International Conference on Machine Learning,
{ICML} 2020, 13-18 July 2020, Virtual Event},
series = {Proceedings of Machine Learning Research},
volume = {119},
pages = {9561--9571},
publisher = {{PMLR}},
year = {2020},
url = {http://proceedings.mlr.press/v119/tramer20a.html},
timestamp = {Sun, 02 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/icml/TramerBCPJ20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/LinDZLP20,
author = {Jieyu Lin and
Kristina Dzeparoska and
Sai Qian Zhang and
Alberto Leon{-}Garcia and
Nicolas Papernot},
title = {On the Robustness of Cooperative Multi-Agent Reinforcement Learning},
booktitle = {2020 {IEEE} Security and Privacy Workshops, {SP} Workshops, San Francisco,
CA, USA, May 21, 2020},
pages = {62--68},
publisher = {{IEEE}},
year = {2020},
url = {https://doi.org/10.1109/SPW50608.2020.00027},
doi = {10.1109/SPW50608.2020.00027},
timestamp = {Thu, 21 Sep 2023 16:11:10 +0200},
biburl = {https://dblp.org/rec/conf/sp/LinDZLP20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/JagielskiCBKP20,
author = {Matthew Jagielski and
Nicholas Carlini and
David Berthelot and
Alex Kurakin and
Nicolas Papernot},
editor = {Srdjan Capkun and
Franziska Roesner},
title = {High Accuracy and High Fidelity Extraction of Neural Networks},
booktitle = {29th {USENIX} Security Symposium, {USENIX} Security 2020, August 12-14,
2020},
pages = {1345--1362},
publisher = {{USENIX} Association},
year = {2020},
url = {https://www.usenix.org/conference/usenixsecurity20/presentation/jagielski},
timestamp = {Fri, 29 Jan 2021 22:08:55 +0100},
biburl = {https://dblp.org/rec/conf/uss/JagielskiCBKP20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2002-04599,
author = {Florian Tram{\`{e}}r and
Jens Behrmann and
Nicholas Carlini and
Nicolas Papernot and
J{\"{o}}rn{-}Henrik Jacobsen},
title = {Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial
Perturbations},
journal = {CoRR},
volume = {abs/2002.04599},
year = {2020},
url = {https://arxiv.org/abs/2002.04599},
eprinttype = {arXiv},
eprint = {2002.04599},
timestamp = {Wed, 12 Feb 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2002-04599.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2002-11497,
author = {Sanghyun Hong and
Varun Chandrasekaran and
Yigitcan Kaya and
Tudor Dumitras and
Nicolas Papernot},
title = {On the Effectiveness of Mitigating Data Poisoning Attacks with Gradient
Shaping},
journal = {CoRR},
volume = {abs/2002.11497},
year = {2020},
url = {https://arxiv.org/abs/2002.11497},
eprinttype = {arXiv},
eprint = {2002.11497},
timestamp = {Mon, 25 Apr 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2002-11497.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2002-12200,
author = {Hengrui Jia and
Christopher A. Choquette{-}Choo and
Nicolas Papernot},
title = {Entangled Watermarks as a Defense against Model Extraction},
journal = {CoRR},
volume = {abs/2002.12200},
year = {2020},
url = {https://arxiv.org/abs/2002.12200},
eprinttype = {arXiv},
eprint = {2002.12200},
timestamp = {Tue, 03 Mar 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2002-12200.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2003-03722,
author = {Jieyu Lin and
Kristina Dzeparoska and
Sai Qian Zhang and
Alberto Leon{-}Garcia and
Nicolas Papernot},
title = {On the Robustness of Cooperative Multi-Agent Reinforcement Learning},
journal = {CoRR},
volume = {abs/2003.03722},
year = {2020},
url = {https://arxiv.org/abs/2003.03722},
eprinttype = {arXiv},
eprint = {2003.03722},
timestamp = {Tue, 10 Mar 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2003-03722.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2006-03463,
author = {Ilia Shumailov and
Yiren Zhao and
Daniel Bates and
Nicolas Papernot and
Robert D. Mullins and
Ross J. Anderson},
title = {Sponge Examples: Energy-Latency Attacks on Neural Networks},
journal = {CoRR},
volume = {abs/2006.03463},
year = {2020},
url = {https://arxiv.org/abs/2006.03463},
eprinttype = {arXiv},
eprint = {2006.03463},
timestamp = {Tue, 09 Jun 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2006-03463.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2007-06622,
author = {Hadi Abdullah and
Kevin Warren and
Vincent Bindschaedler and
Nicolas Papernot and
Patrick Traynor},
title = {SoK: The Faults in our ASRs: An Overview of Attacks against Automatic
Speech Recognition and Speaker Identification Systems},
journal = {CoRR},
volume = {abs/2007.06622},
year = {2020},
url = {https://arxiv.org/abs/2007.06622},
eprinttype = {arXiv},
eprint = {2007.06622},
timestamp = {Tue, 21 Jul 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2007-06622.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2007-14191,
author = {Nicolas Papernot and
Abhradeep Thakurta and
Shuang Song and
Steve Chien and
{\'{U}}lfar Erlingsson},
title = {Tempered Sigmoid Activations for Deep Learning with Differential Privacy},
journal = {CoRR},
volume = {abs/2007.14191},
year = {2020},
url = {https://arxiv.org/abs/2007.14191},
eprinttype = {arXiv},
eprint = {2007.14191},
timestamp = {Tue, 04 Aug 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2007-14191.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2007-14321,
author = {Christopher A. Choquette{-}Choo and
Florian Tram{\`{e}}r and
Nicholas Carlini and
Nicolas Papernot},
title = {Label-Only Membership Inference Attacks},
journal = {CoRR},
volume = {abs/2007.14321},
year = {2020},
url = {https://arxiv.org/abs/2007.14321},
eprinttype = {arXiv},
eprint = {2007.14321},
timestamp = {Mon, 03 Aug 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2007-14321.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2008-09194,
author = {Baiwu Zhang and
Jin Peng Zhou and
Ilia Shumailov and
Nicolas Papernot},
title = {Not My Deepfake: Towards Plausible Deniability for Machine-Generated
Media},
journal = {CoRR},
volume = {abs/2008.09194},
year = {2020},
url = {https://arxiv.org/abs/2008.09194},
eprinttype = {arXiv},
eprint = {2008.09194},
timestamp = {Fri, 28 Aug 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2008-09194.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2010-06667,
author = {Vinith M. Suriyakumar and
Nicolas Papernot and
Anna Goldenberg and
Marzyeh Ghassemi},
title = {Chasing Your Long Tails: Differentially Private Prediction in Health
Care Settings},
journal = {CoRR},
volume = {abs/2010.06667},
year = {2020},
url = {https://arxiv.org/abs/2010.06667},
eprinttype = {arXiv},
eprint = {2010.06667},
timestamp = {Tue, 20 Oct 2020 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2010-06667.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2011-01183,
author = {Ryan Sheatsley and
Nicolas Papernot and
Michael J. Weisman and
Gunjan Verma and
Patrick D. McDaniel},
title = {Adversarial Examples in Constrained Domains},
journal = {CoRR},
volume = {abs/2011.01183},
year = {2020},
url = {https://arxiv.org/abs/2011.01183},
eprinttype = {arXiv},
eprint = {2011.01183},
timestamp = {Mon, 31 May 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-2011-01183.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2011-14779,
author = {Jean{-}Baptiste Truong and
Pratyush Maini and
Robert J. Walls and
Nicolas Papernot},
title = {Data-Free Model Extraction},
journal = {CoRR},
volume = {abs/2011.14779},
year = {2020},
url = {https://arxiv.org/abs/2011.14779},
eprinttype = {arXiv},
eprint = {2011.14779},
timestamp = {Tue, 01 Dec 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2011-14779.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-2012-07242,
author = {Andrew Boutros and
Mathew Hall and
Nicolas Papernot and
Vaughn Betz},
title = {Neighbors From Hell: Voltage Attacks Against Deep Learning Accelerators
on Multi-Tenant FPGAs},
journal = {CoRR},
volume = {abs/2012.07242},
year = {2020},
url = {https://arxiv.org/abs/2012.07242},
eprinttype = {arXiv},
eprint = {2012.07242},
timestamp = {Sat, 02 Jan 2021 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-2012-07242.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/ieeesp/BonehGMP19,
author = {Dan Boneh and
Andrew J. Grotto and
Patrick D. McDaniel and
Nicolas Papernot},
title = {How Relevant Is the Turing Test in the Age of Sophisbots?},
journal = {{IEEE} Secur. Priv.},
volume = {17},
number = {6},
pages = {64--71},
year = {2019},
url = {https://doi.org/10.1109/MSEC.2019.2934193},
doi = {10.1109/MSEC.2019.2934193},
timestamp = {Thu, 23 Jun 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/ieeesp/BonehGMP19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icml/FrosstPH19,
author = {Nicholas Frosst and
Nicolas Papernot and
Geoffrey E. Hinton},
editor = {Kamalika Chaudhuri and
Ruslan Salakhutdinov},
title = {Analyzing and Improving Representations with the Soft Nearest Neighbor
Loss},
booktitle = {Proceedings of the 36th International Conference on Machine Learning,
{ICML} 2019, 9-15 June 2019, Long Beach, California, {USA}},
series = {Proceedings of Machine Learning Research},
volume = {97},
pages = {2012--2020},
publisher = {{PMLR}},
year = {2019},
url = {http://proceedings.mlr.press/v97/frosst19a.html},
timestamp = {Tue, 11 Jun 2019 15:37:38 +0200},
biburl = {https://dblp.org/rec/conf/icml/FrosstPH19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/BerthelotCGPOR19,
author = {David Berthelot and
Nicholas Carlini and
Ian J. Goodfellow and
Nicolas Papernot and
Avital Oliver and
Colin Raffel},
editor = {Hanna M. Wallach and
Hugo Larochelle and
Alina Beygelzimer and
Florence d'Alch{\'{e}}{-}Buc and
Emily B. Fox and
Roman Garnett},
title = {MixMatch: {A} Holistic Approach to Semi-Supervised Learning},
booktitle = {Advances in Neural Information Processing Systems 32: Annual Conference
on Neural Information Processing Systems 2019, NeurIPS 2019, December
8-14, 2019, Vancouver, BC, Canada},
pages = {5050--5060},
year = {2019},
url = {https://proceedings.neurips.cc/paper/2019/hash/1cd138d0499a68f4bb72bee04bbec2d7-Abstract.html},
timestamp = {Mon, 16 May 2022 15:41:51 +0200},
biburl = {https://dblp.org/rec/conf/nips/BerthelotCGPOR19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1902-01889,
author = {Nicholas Frosst and
Nicolas Papernot and
Geoffrey E. Hinton},
title = {Analyzing and Improving Representations with the Soft Nearest Neighbor
Loss},
journal = {CoRR},
volume = {abs/1902.01889},
year = {2019},
url = {http://arxiv.org/abs/1902.01889},
eprinttype = {arXiv},
eprint = {1902.01889},
timestamp = {Tue, 21 May 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1902-01889.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1902-06705,
author = {Nicholas Carlini and
Anish Athalye and
Nicolas Papernot and
Wieland Brendel and
Jonas Rauber and
Dimitris Tsipras and
Ian J. Goodfellow and
Aleksander Madry and
Alexey Kurakin},
title = {On Evaluating Adversarial Robustness},
journal = {CoRR},
volume = {abs/1902.06705},
year = {2019},
url = {http://arxiv.org/abs/1902.06705},
eprinttype = {arXiv},
eprint = {1902.06705},
timestamp = {Tue, 21 May 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1902-06705.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1903-10484,
author = {J{\"{o}}rn{-}Henrik Jacobsen and
Jens Behrmann and
Nicholas Carlini and
Florian Tram{\`{e}}r and
Nicolas Papernot},
title = {Exploiting Excessive Invariance caused by Norm-Bounded Adversarial
Robustness},
journal = {CoRR},
volume = {abs/1903.10484},
year = {2019},
url = {http://arxiv.org/abs/1903.10484},
eprinttype = {arXiv},
eprint = {1903.10484},
timestamp = {Mon, 01 Apr 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1903-10484.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1905-02249,
author = {David Berthelot and
Nicholas Carlini and
Ian J. Goodfellow and
Nicolas Papernot and
Avital Oliver and
Colin Raffel},
title = {MixMatch: {A} Holistic Approach to Semi-Supervised Learning},
journal = {CoRR},
volume = {abs/1905.02249},
year = {2019},
url = {http://arxiv.org/abs/1905.02249},
eprinttype = {arXiv},
eprint = {1905.02249},
timestamp = {Mon, 27 May 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1905-02249.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1909-00056,
author = {Dan Boneh and
Andrew J. Grotto and
Patrick D. McDaniel and
Nicolas Papernot},
title = {How Relevant is the Turing Test in the Age of Sophisbots?},
journal = {CoRR},
volume = {abs/1909.00056},
year = {2019},
url = {http://arxiv.org/abs/1909.00056},
eprinttype = {arXiv},
eprint = {1909.00056},
timestamp = {Mon, 16 Sep 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1909-00056.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1909-01838,
author = {Matthew Jagielski and
Nicholas Carlini and
David Berthelot and
Alex Kurakin and
Nicolas Papernot},
title = {High-Fidelity Extraction of Neural Network Models},
journal = {CoRR},
volume = {abs/1909.01838},
year = {2019},
url = {http://arxiv.org/abs/1909.01838},
eprinttype = {arXiv},
eprint = {1909.01838},
timestamp = {Mon, 16 Sep 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1909-01838.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1910-01177,
author = {Zhengli Zhao and
Nicolas Papernot and
Sameer Singh and
Neoklis Polyzotis and
Augustus Odena},
title = {Improving Differentially Private Models with Active Learning},
journal = {CoRR},
volume = {abs/1910.01177},
year = {2019},
url = {http://arxiv.org/abs/1910.01177},
eprinttype = {arXiv},
eprint = {1910.01177},
timestamp = {Fri, 04 Oct 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1910-01177.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1910-12366,
author = {Kalpesh Krishna and
Gaurav Singh Tomar and
Ankur P. Parikh and
Nicolas Papernot and
Mohit Iyyer},
title = {Thieves on Sesame Street! Model Extraction of BERT-based APIs},
journal = {CoRR},
volume = {abs/1910.12366},
year = {2019},
url = {http://arxiv.org/abs/1910.12366},
eprinttype = {arXiv},
eprint = {1910.12366},
timestamp = {Thu, 31 Oct 2019 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-1910-12366.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1910-13427,
author = {Nicholas Carlini and
{\'{U}}lfar Erlingsson and
Nicolas Papernot},
title = {Distribution Density, Tails, and Outliers in Machine Learning: Metrics
and Applications},
journal = {CoRR},
volume = {abs/1910.13427},
year = {2019},
url = {http://arxiv.org/abs/1910.13427},
eprinttype = {arXiv},
eprint = {1910.13427},
timestamp = {Thu, 31 Oct 2019 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-1910-13427.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1912-03817,
author = {Lucas Bourtoule and
Varun Chandrasekaran and
Christopher A. Choquette{-}Choo and
Hengrui Jia and
Adelin Travers and
Baiwu Zhang and
David Lie and
Nicolas Papernot},
title = {Machine Unlearning},
journal = {CoRR},
volume = {abs/1912.03817},
year = {2019},
url = {http://arxiv.org/abs/1912.03817},
eprinttype = {arXiv},
eprint = {1912.03817},
timestamp = {Thu, 02 Jan 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-1912-03817.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/cacm/GoodfellowMP18,
author = {Ian J. Goodfellow and
Patrick D. McDaniel and
Nicolas Papernot},
title = {Making machine learning robust against adversarial inputs},
journal = {Commun. {ACM}},
volume = {61},
number = {7},
pages = {56--66},
year = {2018},
url = {https://doi.org/10.1145/3134599},
doi = {10.1145/3134599},
timestamp = {Sun, 02 Jun 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/cacm/GoodfellowMP18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/Papernot18,
author = {Nicolas Papernot},
editor = {Sadia Afroz and
Battista Biggio and
Yuval Elovici and
David Freeman and
Asaf Shabtai},
title = {A Marauder's Map of Security and Privacy in Machine Learning: An overview
of current and future research directions for making machine learning
secure and private},
booktitle = {Proceedings of the 11th {ACM} Workshop on Artificial Intelligence
and Security, {CCS} 2018, Toronto, ON, Canada, October 19, 2018},
pages = {1},
publisher = {{ACM}},
year = {2018},
url = {https://doi.org/10.1145/3270101.3270102},
doi = {10.1145/3270101.3270102},
timestamp = {Tue, 07 Mar 2023 16:37:45 +0100},
biburl = {https://dblp.org/rec/conf/ccs/Papernot18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/CelikMIPSAS18,
author = {Z. Berkay Celik and
Patrick D. McDaniel and
Rauf Izmailov and
Nicolas Papernot and
Ryan Sheatsley and
Raquel Alvarez and
Ananthram Swami},
editor = {Jong Kim and
Gail{-}Joon Ahn and
Seungjoo Kim and
Yongdae Kim and
Javier L{\'{o}}pez and
Taesoo Kim},
title = {Detection under Privileged Information},
booktitle = {Proceedings of the 2018 on Asia Conference on Computer and Communications
Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018},
pages = {199--206},
publisher = {{ACM}},
year = {2018},
url = {https://doi.org/10.1145/3196494.3196502},
doi = {10.1145/3196494.3196502},
timestamp = {Tue, 10 Nov 2020 16:06:16 +0100},
biburl = {https://dblp.org/rec/conf/ccs/CelikMIPSAS18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/PapernotMSW18,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Arunesh Sinha and
Michael P. Wellman},
title = {SoK: Security and Privacy in Machine Learning},
booktitle = {2018 {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2018, London, United Kingdom, April 24-26, 2018},
pages = {399--414},
publisher = {{IEEE}},
year = {2018},
url = {https://doi.org/10.1109/EuroSP.2018.00035},
doi = {10.1109/EUROSP.2018.00035},
timestamp = {Sun, 12 Feb 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/eurosp/PapernotMSW18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/PapernotSMRTE18,
author = {Nicolas Papernot and
Shuang Song and
Ilya Mironov and
Ananth Raghunathan and
Kunal Talwar and
{\'{U}}lfar Erlingsson},
title = {Scalable Private Learning with {PATE}},
booktitle = {6th International Conference on Learning Representations, {ICLR} 2018,
Vancouver, BC, Canada, April 30 - May 3, 2018, Conference Track Proceedings},
publisher = {OpenReview.net},
year = {2018},
url = {https://openreview.net/forum?id=rkZB1XbRZ},
timestamp = {Thu, 25 Jul 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/PapernotSMRTE18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/TramerKPGBM18,
author = {Florian Tram{\`{e}}r and
Alexey Kurakin and
Nicolas Papernot and
Ian J. Goodfellow and
Dan Boneh and
Patrick D. McDaniel},
title = {Ensemble Adversarial Training: Attacks and Defenses},
booktitle = {6th International Conference on Learning Representations, {ICLR} 2018,
Vancouver, BC, Canada, April 30 - May 3, 2018, Conference Track Proceedings},
publisher = {OpenReview.net},
year = {2018},
url = {https://openreview.net/forum?id=rkZvSe-RZ},
timestamp = {Sun, 02 Oct 2022 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/TramerKPGBM18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/nips/ElsayedSCPKGS18,
author = {Gamaleldin F. Elsayed and
Shreya Shankar and
Brian Cheung and
Nicolas Papernot and
Alexey Kurakin and
Ian J. Goodfellow and
Jascha Sohl{-}Dickstein},
editor = {Samy Bengio and
Hanna M. Wallach and
Hugo Larochelle and
Kristen Grauman and
Nicol{\`{o}} Cesa{-}Bianchi and
Roman Garnett},
title = {Adversarial Examples that Fool both Computer Vision and Time-Limited
Humans},
booktitle = {Advances in Neural Information Processing Systems 31: Annual Conference
on Neural Information Processing Systems 2018, NeurIPS 2018, December
3-8, 2018, Montr{\'{e}}al, Canada},
pages = {3914--3924},
year = {2018},
url = {https://proceedings.neurips.cc/paper/2018/hash/8562ae5e286544710b2e7ebe9858833b-Abstract.html},
timestamp = {Mon, 16 May 2022 15:41:51 +0200},
biburl = {https://dblp.org/rec/conf/nips/ElsayedSCPKGS18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1802-08195,
author = {Gamaleldin F. Elsayed and
Shreya Shankar and
Brian Cheung and
Nicolas Papernot and
Alex Kurakin and
Ian J. Goodfellow and
Jascha Sohl{-}Dickstein},
title = {Adversarial Examples that Fool both Human and Computer Vision},
journal = {CoRR},
volume = {abs/1802.08195},
year = {2018},
url = {http://arxiv.org/abs/1802.08195},
eprinttype = {arXiv},
eprint = {1802.08195},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1802-08195.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1802-08908,
author = {Nicolas Papernot and
Shuang Song and
Ilya Mironov and
Ananth Raghunathan and
Kunal Talwar and
{\'{U}}lfar Erlingsson},
title = {Scalable Private Learning with {PATE}},
journal = {CoRR},
volume = {abs/1802.08908},
year = {2018},
url = {http://arxiv.org/abs/1802.08908},
eprinttype = {arXiv},
eprint = {1802.08908},
timestamp = {Thu, 25 Jul 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1802-08908.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1803-04765,
author = {Nicolas Papernot and
Patrick D. McDaniel},
title = {Deep k-Nearest Neighbors: Towards Confident, Interpretable and Robust
Deep Learning},
journal = {CoRR},
volume = {abs/1803.04765},
year = {2018},
url = {http://arxiv.org/abs/1803.04765},
eprinttype = {arXiv},
eprint = {1803.04765},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1803-04765.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1808-01976,
author = {Wieland Brendel and
Jonas Rauber and
Alexey Kurakin and
Nicolas Papernot and
Behar Veliqi and
Marcel Salath{\'{e}} and
Sharada P. Mohanty and
Matthias Bethge},
title = {Adversarial Vision Challenge},
journal = {CoRR},
volume = {abs/1808.01976},
year = {2018},
url = {http://arxiv.org/abs/1808.01976},
eprinttype = {arXiv},
eprint = {1808.01976},
timestamp = {Thu, 10 Dec 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-1808-01976.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1811-01134,
author = {Nicolas Papernot},
title = {A Marauder's Map of Security and Privacy in Machine Learning},
journal = {CoRR},
volume = {abs/1811.01134},
year = {2018},
url = {http://arxiv.org/abs/1811.01134},
eprinttype = {arXiv},
eprint = {1811.01134},
timestamp = {Thu, 22 Nov 2018 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/corr/abs-1811-01134.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/PapernotMGJCS17,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Ian J. Goodfellow and
Somesh Jha and
Z. Berkay Celik and
Ananthram Swami},
editor = {Ramesh Karri and
Ozgur Sinanoglu and
Ahmad{-}Reza Sadeghi and
Xun Yi},
title = {Practical Black-Box Attacks against Machine Learning},
booktitle = {Proceedings of the 2017 {ACM} on Asia Conference on Computer and Communications
Security, AsiaCCS 2017, Abu Dhabi, United Arab Emirates, April 2-6,
2017},
pages = {506--519},
publisher = {{ACM}},
year = {2017},
url = {https://doi.org/10.1145/3052973.3053009},
doi = {10.1145/3052973.3053009},
timestamp = {Sun, 12 Nov 2023 02:11:41 +0100},
biburl = {https://dblp.org/rec/conf/ccs/PapernotMGJCS17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/csfw/AbadiEGMMPTZ17,
author = {Mart{\'{\i}}n Abadi and
{\'{U}}lfar Erlingsson and
Ian J. Goodfellow and
H. Brendan McMahan and
Ilya Mironov and
Nicolas Papernot and
Kunal Talwar and
Li Zhang},
title = {On the Protection of Private Information in Machine Learning Systems:
Two Recent Approches},
booktitle = {30th {IEEE} Computer Security Foundations Symposium, {CSF} 2017, Santa
Barbara, CA, USA, August 21-25, 2017},
pages = {1--6},
publisher = {{IEEE} Computer Society},
year = {2017},
url = {https://doi.org/10.1109/CSF.2017.10},
doi = {10.1109/CSF.2017.10},
timestamp = {Fri, 24 Mar 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/csfw/AbadiEGMMPTZ17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/esorics/GrossePMBM17,
author = {Kathrin Grosse and
Nicolas Papernot and
Praveen Manoharan and
Michael Backes and
Patrick D. McDaniel},
editor = {Simon N. Foley and
Dieter Gollmann and
Einar Snekkenes},
title = {Adversarial Examples for Malware Detection},
booktitle = {Computer Security - {ESORICS} 2017 - 22nd European Symposium on Research
in Computer Security, Oslo, Norway, September 11-15, 2017, Proceedings,
Part {II}},
series = {Lecture Notes in Computer Science},
volume = {10493},
pages = {62--79},
publisher = {Springer},
year = {2017},
url = {https://doi.org/10.1007/978-3-319-66399-9\_4},
doi = {10.1007/978-3-319-66399-9\_4},
timestamp = {Fri, 13 Aug 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/esorics/GrossePMBM17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/HuangPGDA17,
author = {Sandy H. Huang and
Nicolas Papernot and
Ian J. Goodfellow and
Yan Duan and
Pieter Abbeel},
title = {Adversarial Attacks on Neural Network Policies},
booktitle = {5th International Conference on Learning Representations, {ICLR} 2017,
Toulon, France, April 24-26, 2017, Workshop Track Proceedings},
publisher = {OpenReview.net},
year = {2017},
url = {https://openreview.net/forum?id=ryvlRyBKl},
timestamp = {Tue, 24 Sep 2019 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/iclr/HuangPGDA17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/iclr/PapernotAEGT17,
author = {Nicolas Papernot and
Mart{\'{\i}}n Abadi and
{\'{U}}lfar Erlingsson and
Ian J. Goodfellow and
Kunal Talwar},
title = {Semi-supervised Knowledge Transfer for Deep Learning from Private
Training Data},
booktitle = {5th International Conference on Learning Representations, {ICLR} 2017,
Toulon, France, April 24-26, 2017, Conference Track Proceedings},
publisher = {OpenReview.net},
year = {2017},
url = {https://openreview.net/forum?id=HkwoSDPgg},
timestamp = {Thu, 04 Apr 2019 13:20:07 +0200},
biburl = {https://dblp.org/rec/conf/iclr/PapernotAEGT17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/HuangPGDA17,
author = {Sandy H. Huang and
Nicolas Papernot and
Ian J. Goodfellow and
Yan Duan and
Pieter Abbeel},
title = {Adversarial Attacks on Neural Network Policies},
journal = {CoRR},
volume = {abs/1702.02284},
year = {2017},
url = {http://arxiv.org/abs/1702.02284},
eprinttype = {arXiv},
eprint = {1702.02284},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/HuangPGDA17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/GrosseMP0M17,
author = {Kathrin Grosse and
Praveen Manoharan and
Nicolas Papernot and
Michael Backes and
Patrick D. McDaniel},
title = {On the (Statistical) Detection of Adversarial Examples},
journal = {CoRR},
volume = {abs/1702.06280},
year = {2017},
url = {http://arxiv.org/abs/1702.06280},
eprinttype = {arXiv},
eprint = {1702.06280},
timestamp = {Fri, 13 Aug 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/GrosseMP0M17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/TramerPGBM17,
author = {Florian Tram{\`{e}}r and
Nicolas Papernot and
Ian J. Goodfellow and
Dan Boneh and
Patrick D. McDaniel},
title = {The Space of Transferable Adversarial Examples},
journal = {CoRR},
volume = {abs/1704.03453},
year = {2017},
url = {http://arxiv.org/abs/1704.03453},
eprinttype = {arXiv},
eprint = {1704.03453},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/TramerPGBM17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotM17,
author = {Nicolas Papernot and
Patrick D. McDaniel},
title = {Extending Defensive Distillation},
journal = {CoRR},
volume = {abs/1705.05264},
year = {2017},
url = {http://arxiv.org/abs/1705.05264},
eprinttype = {arXiv},
eprint = {1705.05264},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotM17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/TramerKPBM17,
author = {Florian Tram{\`{e}}r and
Alexey Kurakin and
Nicolas Papernot and
Dan Boneh and
Patrick D. McDaniel},
title = {Ensemble Adversarial Training: Attacks and Defenses},
journal = {CoRR},
volume = {abs/1705.07204},
year = {2017},
url = {http://arxiv.org/abs/1705.07204},
eprinttype = {arXiv},
eprint = {1705.07204},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/TramerKPBM17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1708-08022,
author = {Mart{\'{\i}}n Abadi and
{\'{U}}lfar Erlingsson and
Ian J. Goodfellow and
H. Brendan McMahan and
Ilya Mironov and
Nicolas Papernot and
Kunal Talwar and
Li Zhang},
title = {On the Protection of Private Information in Machine Learning Systems:
Two Recent Approaches},
journal = {CoRR},
volume = {abs/1708.08022},
year = {2017},
url = {http://arxiv.org/abs/1708.08022},
eprinttype = {arXiv},
eprint = {1708.08022},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1708-08022.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/ieeesp/McDanielPC16,
author = {Patrick D. McDaniel and
Nicolas Papernot and
Z. Berkay Celik},
title = {Machine Learning in Adversarial Settings},
journal = {{IEEE} Secur. Priv.},
volume = {14},
number = {3},
pages = {68--72},
year = {2016},
url = {https://doi.org/10.1109/MSP.2016.51},
doi = {10.1109/MSP.2016.51},
timestamp = {Sun, 15 Mar 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/ieeesp/McDanielPC16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/PapernotMJFCS16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Somesh Jha and
Matt Fredrikson and
Z. Berkay Celik and
Ananthram Swami},
title = {The Limitations of Deep Learning in Adversarial Settings},
booktitle = {{IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2016, Saarbr{\"{u}}cken, Germany, March 21-24, 2016},
pages = {372--387},
publisher = {{IEEE}},
year = {2016},
url = {https://doi.org/10.1109/EuroSP.2016.36},
doi = {10.1109/EUROSP.2016.36},
timestamp = {Mon, 28 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/PapernotMJFCS16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/milcom/CelikHLPMWRLBPC16,
author = {Z. Berkay Celik and
Nan Hu and
Yun Li and
Nicolas Papernot and
Patrick D. McDaniel and
Robert J. Walls and
Jeff Rowe and
Karl N. Levitt and
Novella Bartolini and
Thomas F. La Porta and
Ritu Chadha},
editor = {Jerry Brand and
Matthew C. Valenti and
Akinwale Akinpelu and
Bharat T. Doshi and
Bonnie L. Gorsic},
title = {Mapping sample scenarios to operational models},
booktitle = {2016 {IEEE} Military Communications Conference, {MILCOM} 2016, Baltimore,
MD, USA, November 1-3, 2016},
pages = {7--12},
publisher = {{IEEE}},
year = {2016},
url = {https://doi.org/10.1109/MILCOM.2016.7795293},
doi = {10.1109/MILCOM.2016.7795293},
timestamp = {Wed, 16 Oct 2019 14:14:52 +0200},
biburl = {https://dblp.org/rec/conf/milcom/CelikHLPMWRLBPC16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/milcom/PapernotMSH16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Ananthram Swami and
Richard E. Harang},
editor = {Jerry Brand and
Matthew C. Valenti and
Akinwale Akinpelu and
Bharat T. Doshi and
Bonnie L. Gorsic},
title = {Crafting adversarial input sequences for recurrent neural networks},
booktitle = {2016 {IEEE} Military Communications Conference, {MILCOM} 2016, Baltimore,
MD, USA, November 1-3, 2016},
pages = {49--54},
publisher = {{IEEE}},
year = {2016},
url = {https://doi.org/10.1109/MILCOM.2016.7795300},
doi = {10.1109/MILCOM.2016.7795300},
timestamp = {Fri, 26 May 2017 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/milcom/PapernotMSH16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sp/PapernotM0JS16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Xi Wu and
Somesh Jha and
Ananthram Swami},
title = {Distillation as a Defense to Adversarial Perturbations Against Deep
Neural Networks},
booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2016, San Jose, CA,
USA, May 22-26, 2016},
pages = {582--597},
publisher = {{IEEE} Computer Society},
year = {2016},
url = {https://doi.org/10.1109/SP.2016.41},
doi = {10.1109/SP.2016.41},
timestamp = {Fri, 24 Mar 2023 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/sp/PapernotM0JS16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMGJCS16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Ian J. Goodfellow and
Somesh Jha and
Z. Berkay Celik and
Ananthram Swami},
title = {Practical Black-Box Attacks against Deep Learning Systems using Adversarial
Examples},
journal = {CoRR},
volume = {abs/1602.02697},
year = {2016},
url = {http://arxiv.org/abs/1602.02697},
eprinttype = {arXiv},
eprint = {1602.02697},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMGJCS16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/CelikMIPS16,
author = {Z. Berkay Celik and
Patrick D. McDaniel and
Rauf Izmailov and
Nicolas Papernot and
Ananthram Swami},
title = {Building Better Detection with Privileged Information},
journal = {CoRR},
volume = {abs/1603.09638},
year = {2016},
url = {http://arxiv.org/abs/1603.09638},
eprinttype = {arXiv},
eprint = {1603.09638},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/CelikMIPS16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMSH16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Ananthram Swami and
Richard E. Harang},
title = {Crafting Adversarial Input Sequences for Recurrent Neural Networks},
journal = {CoRR},
volume = {abs/1604.08275},
year = {2016},
url = {http://arxiv.org/abs/1604.08275},
eprinttype = {arXiv},
eprint = {1604.08275},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMSH16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMG16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Ian J. Goodfellow},
title = {Transferability in Machine Learning: from Phenomena to Black-Box Attacks
using Adversarial Samples},
journal = {CoRR},
volume = {abs/1605.07277},
year = {2016},
url = {http://arxiv.org/abs/1605.07277},
eprinttype = {arXiv},
eprint = {1605.07277},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMG16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/GrossePM0M16,
author = {Kathrin Grosse and
Nicolas Papernot and
Praveen Manoharan and
Michael Backes and
Patrick D. McDaniel},
title = {Adversarial Perturbations Against Deep Neural Networks for Malware
Classification},
journal = {CoRR},
volume = {abs/1606.04435},
year = {2016},
url = {http://arxiv.org/abs/1606.04435},
eprinttype = {arXiv},
eprint = {1606.04435},
timestamp = {Fri, 13 Aug 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/GrossePM0M16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotM16,
author = {Nicolas Papernot and
Patrick D. McDaniel},
title = {On the Effectiveness of Defensive Distillation},
journal = {CoRR},
volume = {abs/1607.05113},
year = {2016},
url = {http://arxiv.org/abs/1607.05113},
eprinttype = {arXiv},
eprint = {1607.05113},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotM16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/GoodfellowPM16,
author = {Ian J. Goodfellow and
Nicolas Papernot and
Patrick D. McDaniel},
title = {cleverhans v0.1: an adversarial machine learning library},
journal = {CoRR},
volume = {abs/1610.00768},
year = {2016},
url = {http://arxiv.org/abs/1610.00768},
eprinttype = {arXiv},
eprint = {1610.00768},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/GoodfellowPM16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotAEGT16,
author = {Nicolas Papernot and
Mart{\'{\i}}n Abadi and
{\'{U}}lfar Erlingsson and
Ian J. Goodfellow and
Kunal Talwar},
title = {Semi-supervised Knowledge Transfer for Deep Learning from Private
Training Data},
journal = {CoRR},
volume = {abs/1610.05755},
year = {2016},
url = {http://arxiv.org/abs/1610.05755},
eprinttype = {arXiv},
eprint = {1610.05755},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotAEGT16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMSW16,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Arunesh Sinha and
Michael P. Wellman},
title = {Towards the Science of Security and Privacy in Machine Learning},
journal = {CoRR},
volume = {abs/1611.03814},
year = {2016},
url = {http://arxiv.org/abs/1611.03814},
eprinttype = {arXiv},
eprint = {1611.03814},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMSW16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/milcom/PapernotMW15,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Robert J. Walls},
editor = {Qinqing Zhang and
Jerry Brand and
Thomas G. MacDonald and
Bharat T. Doshi and
Bonnie L. Gorsic},
title = {Enforcing agile access control policies in relational databases using
views},
booktitle = {34th {IEEE} Military Communications Conference, {MILCOM} 2015, Tampa,
FL, USA, October 26-28, 2015},
pages = {7--12},
publisher = {{IEEE}},
year = {2015},
url = {https://doi.org/10.1109/MILCOM.2015.7357410},
doi = {10.1109/MILCOM.2015.7357410},
timestamp = {Thu, 07 Nov 2019 09:04:27 +0100},
biburl = {https://dblp.org/rec/conf/milcom/PapernotMW15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMWJS15,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Xi Wu and
Somesh Jha and
Ananthram Swami},
title = {Distillation as a Defense to Adversarial Perturbations against Deep
Neural Networks},
journal = {CoRR},
volume = {abs/1511.04508},
year = {2015},
url = {http://arxiv.org/abs/1511.04508},
eprinttype = {arXiv},
eprint = {1511.04508},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMWJS15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/PapernotMJFCS15,
author = {Nicolas Papernot and
Patrick D. McDaniel and
Somesh Jha and
Matt Fredrikson and
Z. Berkay Celik and
Ananthram Swami},
title = {The Limitations of Deep Learning in Adversarial Settings},
journal = {CoRR},
volume = {abs/1511.07528},
year = {2015},
url = {http://arxiv.org/abs/1511.07528},
eprinttype = {arXiv},
eprint = {1511.07528},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/PapernotMJFCS15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/McDanielJPPWKMS14,
author = {Patrick D. McDaniel and
Trent Jaeger and
Thomas F. La Porta and
Nicolas Papernot and
Robert J. Walls and
Alexander Kott and
Lisa M. Marvel and
Ananthram Swami and
Prasant Mohapatra and
Srikanth V. Krishnamurthy and
Iulian Neamtiu},
editor = {Sushil Jajodia and
Kun Sun},
title = {Security and Science of Agility},
booktitle = {Proceedings of the First {ACM} Workshop on Moving Target Defense,
{MTD} '14, Scottsdale, Arizona, USA, November 7, 2014},
pages = {13--19},
publisher = {{ACM}},
year = {2014},
url = {https://doi.org/10.1145/2663474.2663476},
doi = {10.1145/2663474.2663476},
timestamp = {Tue, 10 Nov 2020 16:06:16 +0100},
biburl = {https://dblp.org/rec/conf/ccs/McDanielJPPWKMS14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
a service of 
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-04-25 01:41 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
