Ambra Demontis

Orcid: 0000-0001-9318-6913

According to our database¹, Ambra Demontis authored at least 49 papers between 2015 and 2025.

Collaborative distances:

Dijkstra number² of three.
Erdős number³ of four.

Timeline

Legend:

Book

In proceedings

Article

PhD thesis

Dataset

Other

Bibliography

2025

HO-FMN: Hyperparameter optimization for fast minimum-norm attacks.

[BibT_eX]

[DOI]

Neurocomputing, 2025

2024

Machine Learning Security Against Data Poisoning: Are We There Yet?

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

Computer, March, 2024

Adversarial Pruning: A Survey and Benchmark of Pruning Methods for Adversarial Robustness.

[BibT_eX]

[DOI]

CoRR, 2024

Over-parameterization and Adversarial Robustness in Neural Networks: An Overview and Empirical Analysis.

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

CoRR, 2024

AttackBench: Evaluating Gradient-based Attacks for Adversarial Examples.

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

CoRR, 2024

2023

Hardening RGB-D object recognition systems against adversarial patch attacks.

[BibT_eX]

[DOI]

Yang Zheng

Luca Demetrio

Antonio Emanuele Cinà

Inf. Sci., December, 2023

ImageNet-Patch: A dataset for benchmarking machine learning robustness against adversarial patches.

[BibT_eX]

[DOI]

Pattern Recognit., 2023

Stateful detection of adversarial reprogramming.

[BibT_eX]

[DOI]

Inf. Sci., 2023

Why adversarial reprogramming works, when it fails, and how to tell the difference.

[BibT_eX]

[DOI]

Inf. Sci., 2023

Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning.

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

ACM Comput. Surv., 2023

The Threat of Offensive AI to Organizations.

[BibT_eX]

[DOI]

Comput. Secur., 2023

BAARD: Blocking Adversarial Examples by Testing for Applicability, Reliability and Decidability.

[BibT_eX]

[DOI]

Proceedings of the Advances in Knowledge Discovery and Data Mining, 2023

Cybersecurity and AI: The PRALab Research Experience.

[BibT_eX]

[DOI]

Proceedings of the Italia Intelligenza Artificiale, 2023

AI Security and Safety: The PRALab Research Experience.

[BibT_eX]

[DOI]

Proceedings of the Italia Intelligenza Artificiale, 2023

Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Machine Learning and Cybernetics, 2023

Detecting Attacks Against Deep Reinforcement Learning for Autonomous Driving.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Machine Learning and Cybernetics, 2023

Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training.

[BibT_eX]

[DOI]

Dario Lazzaro

Antonio Emanuele Cinà

Proceedings of the Image Analysis and Processing - ICIAP 2023, 2023

Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization.

[BibT_eX]

[DOI]

Proceedings of the 31st European Symposium on Artificial Neural Networks, 2023

Towards Machine Learning Models that We Can Trust: Testing, Improving, and Explaining Robustness.

[BibT_eX]

[DOI]

Maura Pintor

Ambra Demontis

Battista Biggio

Proceedings of the 31st European Symposium on Artificial Neural Networks, 2023

2022

A Hybrid Training-Time and Run-Time Defense Against Adversarial Attacks in Modulation Classification.

[BibT_eX]

[DOI]

Lu Zhang

Sangarapillai Lambotharan

IEEE Wirel. Commun. Lett., 2022

secml: Secure and explainable machine learning in Python.

[BibT_eX]

[DOI]

SoftwareX, 2022

Domain Knowledge Alleviates Adversarial Attacks in Multi-Label Classifiers.

[BibT_eX]

[DOI]

IEEE Trans. Pattern Anal. Mach. Intell., 2022

Do gradient-based explanations tell anything about adversarial robustness to android malware?

[BibT_eX]

[DOI]

Int. J. Mach. Learn. Cybern., 2022

A Survey on Reinforcement Learning Security with Application to Autonomous Driving.

[BibT_eX]

[DOI]

CoRR, 2022

Energy-Latency Attacks via Sponge Poisoning.

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

CoRR, 2022

Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples.

[BibT_eX]

[DOI]

Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

AISec '22: 15th ACM Workshop on Artificial Intelligence and Security.

[BibT_eX]

[DOI]

Ambra Demontis

Xinyun Chen

Florian Tramèr

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021

The Threat of Offensive AI to Organizations.

[BibT_eX]

[DOI]

CoRR, 2021

Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples.

[BibT_eX]

[DOI]

CoRR, 2021

Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions.

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

CoRR, 2021

Intriguing Usage of Applicability Domain: Lessons from Cheminformatics Applied to Adversarial Learning.

[BibT_eX]

[DOI]

CoRR, 2021

The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers?

[BibT_eX]

[DOI]

Antonio Emanuele Cinà

Proceedings of the International Joint Conference on Neural Networks, 2021

Session details: Session 2B: Machine Learning for Cybersecurity.

[BibT_eX]

[DOI]

Ambra Demontis

Proceedings of the AISec@CCS 2021: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security, 2021

2020

Deep neural rejection against adversarial examples.

[BibT_eX]

[DOI]

EURASIP J. Inf. Secur., 2020

Can Domain Knowledge Alleviate Adversarial Attacks in Multi-Label Classifiers?

[BibT_eX]

[DOI]

CoRR, 2020

Adversarial Detection of Flash Malware: Limitations and Open Issues.

[BibT_eX]

[DOI]

Comput. Secur., 2020

AISec'20: 13th Workshop on Artificial Intelligence and Security.

[BibT_eX]

[DOI]

Sadia Afroz

Nicholas Carlini

Ambra Demontis

Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2019

secml: A Python Library for Secure and Explainable Machine Learning.

[BibT_eX]

[DOI]

CoRR, 2019

Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks.

[BibT_eX]

[DOI]

Proceedings of the 28th USENIX Security Symposium, 2019

2018

On the Intriguing Connections of Regularization, Input Gradients and Transferability of Evasion and Poisoning Attacks.

[BibT_eX]

[DOI]

CoRR, 2018

Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables.

[BibT_eX]

[DOI]

Proceedings of the 26th European Signal Processing Conference, 2018

2017

Infinity-Norm Support Vector Machines Against Adversarial Label Contamination.

[BibT_eX]

[DOI]

Proceedings of the First Italian Conference on Cybersecurity (ITASEC17), 2017

Is Deep Learning Safe for Robot Vision? Adversarial Examples Against the iCub Humanoid.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE International Conference on Computer Vision Workshops, 2017

Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, 2017

2016

Super-Sparse Learning in Similarity Spaces.

[BibT_eX]

[DOI]

IEEE Comput. Intell. Mag., 2016

On Security and Sparsity of Linear Classifiers for Adversarial Settings.

[BibT_eX]

[DOI]

Proceedings of the Structural, Syntactic, and Statistical Pattern Recognition, 2016

Secure Kernel Machines against Evasion Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, 2016

2015

Super-Sparse Regression for Fast Age Estimation from Faces at Test Time.

[BibT_eX]

[DOI]

Proceedings of the Image Analysis and Processing - ICIAP 2015, 2015

Ambra Demontis

Timeline

Legend:

Links

Online presence:

On csauthors.net:

Bibliography

Loading...