We stand with Ukraine  

Florian Tramèr

Orcid: 0000-0001-8703-8762

Affiliations:
  • ETH Zurich, Switzerland


According to our database1, Florian Tramèr authored at least 95 papers between 2015 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Persistent Pre-Training Poisoning of LLMs.
[BibTeX]
[DOI]
Yiming Zhang
,
Javier Rando
,
Ivan Evtimov
,
Jianfeng Chi
,
Eric Michael Smith
,
Nicholas Carlini
,
Florian Tramèr
,
Daphne Ippolito
CoRR, 2024

Gradient-based Jailbreak Images for Multimodal Fusion Models.
[BibTeX]
[DOI]
Javier Rando
,
Hannah Korevaar
,
Erik Brinkman
,
Ivan Evtimov
,
Florian Tramèr
CoRR, 2024

Membership Inference Attacks Cannot Prove that a Model Was Trained On Your Data.
[BibTeX]
[DOI]
Jie Zhang
,
Debeshee Das
,
Gautam Kamath
,
Florian Tramèr
CoRR, 2024

Adversarial Search Engine Optimization for Large Language Models.
[BibTeX]
[DOI]
Fredrik Nestaas
,
Edoardo Debenedetti
,
Florian Tramèr
CoRR, 2024

Blind Baselines Beat Membership Inference Attacks for Foundation Models.
[BibTeX]
[DOI]
Debeshee Das
,
Jie Zhang
,
Florian Tramèr
CoRR, 2024

AgentDojo: A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents.
[BibTeX]
[DOI]
Edoardo Debenedetti
,
Jie Zhang
,
Mislav Balunovic
,
Luca Beurer-Kellner
,
Marc Fischer
,
Florian Tramèr
CoRR, 2024

Adversarial Perturbations Cannot Reliably Protect Artists From Generative AI.
[BibTeX]
[DOI]
Robert Hönig
,
Javier Rando
,
Nicholas Carlini
,
Florian Tramèr
CoRR, 2024

Dataset and Lessons Learned from the 2024 SaTML LLM Capture-the-Flag Competition.
[BibTeX]
[DOI]
Edoardo Debenedetti
,
Javier Rando
,
Daniel Paleka
,
Silaghi Fineas Florin
,
Dragos Albastroiu
,
Niv Cohen
,
Yuval Lemberg
,
Reshmi Ghosh
,
Rui Wen
,
Ahmed Salem
,
Giovanni Cherubin
,
Santiago Zanella Béguelin
,
Robin Schmid
,
Victor Klemm
,
Takahiro Miki
,
Chenhao Li
,
Stefan Kraft
,
Mario Fritz
,
Florian Tramèr
,
Sahar Abdelnabi
,
Lea Schönherr
CoRR, 2024

Evaluations of Machine Learning Privacy Defenses are Misleading.
[BibTeX]
[DOI]
Michael Aerni
,
Jie Zhang
,
Florian Tramèr
CoRR, 2024

Competition Report: Finding Universal Jailbreak Backdoors in Aligned LLMs.
[BibTeX]
[DOI]
Javier Rando
,
Francesco Croce
,
Krystof Mitka
,
Stepan Shabalin
,
Maksym Andriushchenko
,
Nicolas Flammarion
,
Florian Tramèr
CoRR, 2024

Foundational Challenges in Assuring Alignment and Safety of Large Language Models.
[BibTeX]
[DOI]
Usman Anwar
,
Abulhair Saparov
,
Javier Rando
,
Daniel Paleka
,
Miles Turpin
,
Peter Hase
,
Ekdeep Singh Lubana
,
Erik Jenner
,
Stephen Casper
,
Oliver Sourbut
,
Benjamin L. Edelman
,
Zhaowei Zhang
,
Mario Günther
,
Anton Korinek
,
José Hernández-Orallo
,
Lewis Hammond
,
Eric J. Bigelow
,
Alexander Pan
,
Lauro Langosco
,
Tomasz Korbak
,
Heidi Zhang
,
Ruiqi Zhong
,
Seán Ó hÉigeartaigh
,
Gabriel Recchia
,
Giulio Corsi
,
Alan Chan
,
Markus Anderljung
,
Lilian Edwards
,
Yoshua Bengio
,
Danqi Chen
,
Samuel Albanie
,
Tegan Maharaj
,
Jakob N. Foerster
,
Florian Tramèr
,
He He
,
Atoosa Kasirzadeh
,
Yejin Choi
,
David Krueger
CoRR, 2024

JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models.
[BibTeX]
[DOI]
Patrick Chao
,
Edoardo Debenedetti
,
Alexander Robey
,
Maksym Andriushchenko
,
Francesco Croce
,
Vikash Sehwag
,
Edgar Dobriban
,
Nicolas Flammarion
,
George J. Pappas
,
Florian Tramèr
,
Hamed Hassani
,
Eric Wong
CoRR, 2024

Query-Based Adversarial Prompt Generation.
[BibTeX]
[DOI]
Jonathan Hayase
,
Ema Borevkovic
,
Nicholas Carlini
,
Florian Tramèr
,
Milad Nasr
CoRR, 2024

Privacy Side Channels in Machine Learning Systems.
[BibTeX]
[DOI]
Edoardo Debenedetti
,
Giorgio Severi
,
Milad Nasr
,
Christopher A. Choquette-Choo
,
Matthew Jagielski
,
Eric Wallace
,
Nicholas Carlini
,
Florian Tramèr
Proceedings of the 33rd USENIX Security Symposium, 2024

Poisoning Web-Scale Training Datasets is Practical.
[BibTeX]
[DOI]
Nicholas Carlini
,
Matthew Jagielski
,
Christopher A. Choquette-Choo
,
Daniel Paleka
,
Will Pearce
,
Hyrum S. Anderson
,
Andreas Terzis
,
Kurt Thomas
,
Florian Tramèr
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Evaluating Superhuman Models with Consistency Checks.
[BibTeX]
[DOI]
Lukas Fluri
,
Daniel Paleka
,
Florian Tramèr
Proceedings of the IEEE Conference on Secure and Trustworthy Machine Learning, 2024

Evading Black-box Classifiers Without Breaking Eggs.
[BibTeX]
[DOI]
Edoardo Debenedetti
,
Nicholas Carlini
,
Florian Tramèr
Proceedings of the IEEE Conference on Secure and Trustworthy Machine Learning, 2024

Position: Considerations for Differentially Private Learning with Large-Scale Public Pretraining.
[BibTeX]
[DOI]
Florian Tramèr
,
Gautam Kamath
,
Nicholas Carlini
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Extracting Training Data From Document-Based VQA Models.
[BibTeX]
[DOI]
Francesco Pinto
,
Nathalie Rauschmayr
,
Florian Tramèr
,
Philip Torr
,
Federico Tombari
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Privacy Backdoors: Stealing Data with Corrupted Pretrained Models.
[BibTeX]
[DOI]
Shanglun Feng
,
Florian Tramèr
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Stealing part of a production language model.
[BibTeX]
[DOI]
Nicholas Carlini
,
Daniel Paleka
,
Krishnamurthy Dj Dvijotham
,
Thomas Steinke
,
Jonathan Hayase
,
A. Feder Cooper
,
Katherine Lee
,
Matthew Jagielski
,
Milad Nasr
,
Arthur Conmy
,
Eric Wallace
,
David Rolnick
,
Florian Tramèr
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Universal Jailbreak Backdoors from Poisoned Human Feedback.
[BibTeX]
[DOI]
Javier Rando
,
Florian Tramèr
Proceedings of the Twelfth International Conference on Learning Representations, 2024

2023
Scalable Extraction of Training Data from (Production) Language Models.
[BibTeX]
[DOI]
Milad Nasr
,
Nicholas Carlini
,
Jonathan Hayase
,
Matthew Jagielski
,
A. Feder Cooper
,
Daphne Ippolito
,
Christopher A. Choquette-Choo
,
Eric Wallace
,
Florian Tramèr
,
Katherine Lee
CoRR, 2023

Backdoor Attacks for In-Context Learning with Language Models.
[BibTeX]
[DOI]
Nikhil Kandpal
,
Matthew Jagielski
,
Florian Tramèr
,
Nicholas Carlini
CoRR, 2023

Are aligned neural networks adversarially aligned?
[BibTeX]
[DOI]
Nicholas Carlini
,
Milad Nasr
,
Christopher A. Choquette-Choo
,
Matthew Jagielski
,
Irena Gao
,
Anas Awadalla
,
Pang Wei Koh
,
Daphne Ippolito
,
Katherine Lee
,
Florian Tramèr
,
Ludwig Schmidt
CoRR, 2023

Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators.
[BibTeX]
[DOI]
Keane Lucas
,
Matthew Jagielski
,
Florian Tramèr
,
Lujo Bauer
,
Nicholas Carlini
CoRR, 2023

Tight Auditing of Differentially Private Machine Learning.
[BibTeX]
[DOI]
Milad Nasr
,
Jamie Hayes
,
Thomas Steinke
,
Borja Balle
,
Florian Tramèr
,
Matthew Jagielski
,
Nicholas Carlini
,
Andreas Terzis
Proceedings of the 32nd USENIX Security Symposium, 2023

Extracting Training Data from Diffusion Models.
[BibTeX]
[DOI]
Nicholas Carlini
,
Jamie Hayes
,
Milad Nasr
,
Matthew Jagielski
,
Vikash Sehwag
,
Florian Tramèr
,
Borja Balle
,
Daphne Ippolito
,
Eric Wallace
Proceedings of the 32nd USENIX Security Symposium, 2023

SNAP: Efficient Extraction of Private Properties with Poisoning.
[BibTeX]
[DOI]
Harsh Chaudhari
,
John Abascal
,
Alina Oprea
,
Matthew Jagielski
,
Florian Tramèr
,
Jonathan R. Ullman
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Counterfactual Memorization in Neural Language Models.
[BibTeX]
[DOI]
Chiyuan Zhang
,
Daphne Ippolito
,
Katherine Lee
,
Matthew Jagielski
,
Florian Tramèr
,
Nicholas Carlini
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Students Parrot Their Teachers: Membership Inference on Model Distillation.
[BibTeX]
[DOI]
Matthew Jagielski
,
Milad Nasr
,
Katherine Lee
,
Christopher A. Choquette-Choo
,
Nicholas Carlini
,
Florian Tramèr
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Are aligned neural networks adversarially aligned?
[BibTeX]
[DOI]
Nicholas Carlini
,
Milad Nasr
,
Christopher A. Choquette-Choo
,
Matthew Jagielski
,
Irena Gao
,
Pang Wei Koh
,
Daphne Ippolito
,
Florian Tramèr
,
Ludwig Schmidt
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Preventing Generation of Verbatim Memorization in Language Models Gives a False Sense of Privacy.
[BibTeX]
[DOI]
Daphne Ippolito
,
Florian Tramèr
,
Milad Nasr
,
Chiyuan Zhang
,
Matthew Jagielski
,
Katherine Lee
,
Christopher A. Choquette-Choo
,
Nicholas Carlini
Proceedings of the 16th International Natural Language Generation Conference, 2023

Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems.
[BibTeX]
[DOI]
Chawin Sitawarin
,
Florian Tramèr
,
Nicholas Carlini
Proceedings of the International Conference on Machine Learning, 2023

Measuring Forgetting of Memorized Training Examples.
[BibTeX]
[DOI]
Matthew Jagielski
,
Om Thakkar
,
Florian Tramèr
,
Daphne Ippolito
,
Katherine Lee
,
Nicholas Carlini
,
Eric Wallace
,
Shuang Song
,
Abhradeep Guha Thakurta
,
Nicolas Papernot
,
Chiyuan Zhang
Proceedings of the Eleventh International Conference on Learning Representations, 2023

(Certified!!) Adversarial Robustness for Free!
[BibTeX]
[DOI]
Nicholas Carlini
,
Florian Tramèr
,
Krishnamurthy (Dj) Dvijotham
,
Leslie Rice
,
Mingjie Sun
,
J. Zico Kolter
Proceedings of the Eleventh International Conference on Learning Representations, 2023

Quantifying Memorization Across Neural Language Models.
[BibTeX]
[DOI]
Nicholas Carlini
,
Daphne Ippolito
,
Matthew Jagielski
,
Katherine Lee
,
Florian Tramèr
,
Chiyuan Zhang
Proceedings of the Eleventh International Conference on Learning Representations, 2023

AISec '23: 16th ACM Workshop on Artificial Intelligence and Security.
[BibTeX]
[DOI]
Maura Pintor
,
Florian Simon Tramèr
,
Xinyun Chen
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
Considerations for Differentially Private Learning with Large-Scale Public Pretraining.
[BibTeX]
[DOI]
Florian Tramèr
,
Gautam Kamath
,
Nicholas Carlini
CoRR, 2022

Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy.
[BibTeX]
[DOI]
Daphne Ippolito
,
Florian Tramèr
,
Milad Nasr
,
Chiyuan Zhang
,
Matthew Jagielski
,
Katherine Lee
,
Christopher A. Choquette-Choo
,
Nicholas Carlini
CoRR, 2022

Red-Teaming the Stable Diffusion Safety Filter.
[BibTeX]
[DOI]
Javier Rando
,
Daniel Paleka
,
David Lindner
,
Lennart Heim
,
Florian Tramèr
CoRR, 2022

(Certified!!) Adversarial Robustness for Free!
[BibTeX]
[DOI]
Nicholas Carlini
,
Florian Tramèr
,
Krishnamurthy Dvijotham
,
J. Zico Kolter
CoRR, 2022

Debugging Differential Privacy: A Case Study for Privacy Auditing.
[BibTeX]
[DOI]
Florian Tramèr
,
Andreas Terzis
,
Thomas Steinke
,
Shuang Song
,
Matthew Jagielski
,
Nicholas Carlini
CoRR, 2022

Membership Inference Attacks From First Principles.
[BibTeX]
[DOI]
Nicholas Carlini
,
Steve Chien
,
Milad Nasr
,
Shuang Song
,
Andreas Terzis
,
Florian Tramèr
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Increasing Confidence in Adversarial Robustness Evaluations.
[BibTeX]
[DOI]
Roland S. Zimmermann
,
Wieland Brendel
,
Florian Tramèr
,
Nicholas Carlini
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

The Privacy Onion Effect: Memorization is Relative.
[BibTeX]
[DOI]
Nicholas Carlini
,
Matthew Jagielski
,
Chiyuan Zhang
,
Nicolas Papernot
,
Andreas Terzis
,
Florian Tramèr
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Detecting Adversarial Examples Is (Nearly) As Hard As Classifying Them.
[BibTeX]
[DOI]
Florian Tramèr
Proceedings of the International Conference on Machine Learning, 2022

Data Poisoning Won't Save You From Facial Recognition.
[BibTeX]
[DOI]
Evani Radiya-Dixit
,
Sanghyun Hong
,
Nicholas Carlini
,
Florian Tramèr
Proceedings of the Tenth International Conference on Learning Representations, 2022

Large Language Models Can Be Strong Differentially Private Learners.
[BibTeX]
[DOI]
Xuechen Li
,
Florian Tramèr
,
Percy Liang
,
Tatsunori Hashimoto
Proceedings of the Tenth International Conference on Learning Representations, 2022

What Does it Mean for a Language Model to Preserve Privacy?
[BibTeX]
[DOI]
Hannah Brown
,
Katherine Lee
,
Fatemehsadat Mireshghallah
,
Reza Shokri
,
Florian Tramèr
Proceedings of the FAccT '22: 2022 ACM Conference on Fairness, Accountability, and Transparency, Seoul, Republic of Korea, June 21, 2022

Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets.
[BibTeX]
[DOI]
Florian Tramèr
,
Reza Shokri
,
Ayrton San Joaquin
,
Hoang Le
,
Matthew Jagielski
,
Sanghyun Hong
,
Nicholas Carlini
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

AISec '22: 15th ACM Workshop on Artificial Intelligence and Security.
[BibTeX]
[DOI]
Ambra Demontis
,
Xinyun Chen
,
Florian Tramèr
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021
Measuring and enhancing the security of machine learning.
[BibTeX]
[DOI]
Florian Tramèr
PhD thesis, 2021

Advances and Open Problems in Federated Learning.
[BibTeX]
[DOI]
Peter Kairouz
,
H. Brendan McMahan
,
Brendan Avent
,
Aurélien Bellet
,
Mehdi Bennis
,
Arjun Nitin Bhagoji
,
Kallista A. Bonawitz
,
Zachary Charles
,
Graham Cormode
,
Rachel Cummings
,
Rafael G. L. D'Oliveira
,
Hubert Eichner
,
Salim El Rouayheb
,
David Evans
,
Josh Gardner
,
Zachary Garrett
,
Adrià Gascón
,
Badih Ghazi
,
Phillip B. Gibbons
,
Marco Gruteser
,
Zaïd Harchaoui
,
Chaoyang He
,
Lie He
,
Zhouyuan Huo
,
Ben Hutchinson
,
Justin Hsu
,
Martin Jaggi
,
Tara Javidi
,
Gauri Joshi
,
Mikhail Khodak
,
Jakub Konecný
,
Aleksandra Korolova
,
Farinaz Koushanfar
,
Sanmi Koyejo
,
Tancrède Lepoint
,
Yang Liu
,
Prateek Mittal
,
Mehryar Mohri
,
Richard Nock
,
Ayfer Özgür
,
Rasmus Pagh
,
Hang Qi
,
Daniel Ramage
,
Ramesh Raskar
,
Mariana Raykova
,
Dawn Song
,
Weikang Song
,
Sebastian U. Stich
,
Ziteng Sun
,
Ananda Theertha Suresh
,
Florian Tramèr
,
Praneeth Vepakomma
,
Jianyu Wang
,
Li Xiong
,
Zheng Xu
,
Qiang Yang
,
Felix X. Yu
,
Han Yu
,
Sen Zhao
Found. Trends Mach. Learn., 2021

NeuraCrypt is not private.
[BibTeX]
[DOI]
Nicholas Carlini
,
Sanjam Garg
,
Somesh Jha
,
Saeed Mahloujifar
,
Mohammad Mahmoody
,
Florian Tramèr
CoRR, 2021

Data Poisoning Won't Save You From Facial Recognition.
[BibTeX]
[DOI]
Evani Radiya-Dixit
,
Florian Tramèr
CoRR, 2021

Extracting Training Data from Large Language Models.
[BibTeX]
[DOI]
Nicholas Carlini
,
Florian Tramèr
,
Eric Wallace
,
Matthew Jagielski
,
Ariel Herbert-Voss
,
Katherine Lee
,
Adam Roberts
,
Tom B. Brown
,
Dawn Song
,
Úlfar Erlingsson
,
Alina Oprea
,
Colin Raffel
Proceedings of the 30th USENIX Security Symposium, 2021

Is Private Learning Possible with Instance Encoding?
[BibTeX]
[DOI]
Nicholas Carlini
,
Samuel Deng
,
Sanjam Garg
,
Somesh Jha
,
Saeed Mahloujifar
,
Mohammad Mahmoody
,
Abhradeep Thakurta
,
Florian Tramèr
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Antipodes of Label Differential Privacy: PATE and ALIBI.
[BibTeX]
[DOI]
Mani Malek Esmaeili
,
Ilya Mironov
,
Karthik Prasad
,
Igor Shilov
,
Florian Tramèr
Proceedings of the Advances in Neural Information Processing Systems 34: Annual Conference on Neural Information Processing Systems 2021, 2021

SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning.
[BibTeX]
[DOI]
Charlie Hou
,
Mingxun Zhou
,
Yan Ji
,
Phil Daian
,
Florian Tramèr
,
Giulia Fanti
,
Ari Juels
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Label-Only Membership Inference Attacks.
[BibTeX]
[DOI]
Christopher A. Choquette-Choo
,
Florian Tramèr
,
Nicholas Carlini
,
Nicolas Papernot
Proceedings of the 38th International Conference on Machine Learning, 2021

Differentially Private Learning Needs Better Features (or Much More Data).
[BibTeX]
[DOI]
Florian Tramèr
,
Dan Boneh
Proceedings of the 9th International Conference on Learning Representations, 2021

Fourth International Workshop on Dependable and Secure Machine Learning - DSML 2021.
[BibTeX]
[DOI]
Hui Xu
,
Guanpeng Li
,
Homa Alemzadeh
,
Rakesh Bobba
,
Varun Chandrasekaran
,
David E. Evans
,
Nicolas Papernot
,
Karthik Pattabiraman
,
Florian Tramèr
Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, 2021

2020
Remote Side-Channel Attacks on Anonymous Transactions.
[BibTeX]
[DOI]
Florian Tramèr
,
Dan Boneh
,
Kenneth G. Paterson
IACR Cryptol. ePrint Arch., 2020

An Attack on InstaHide: Is Private Learning Possible with Instance Encoding?
[BibTeX]
[DOI]
Nicholas Carlini
,
Samuel Deng
,
Sanjam Garg
,
Somesh Jha
,
Saeed Mahloujifar
,
Mohammad Mahmoody
,
Shuang Song
,
Abhradeep Thakurta
,
Florian Tramèr
CoRR, 2020

SentiNet: Detecting Localized Universal Attacks Against Deep Learning Systems.
[BibTeX]
[DOI]
Edward Chou
,
Florian Tramèr
,
Giancarlo Pellegrino
Proceedings of the 2020 IEEE Security and Privacy Workshops, 2020

On Adaptive Attacks to Adversarial Example Defenses.
[BibTeX]
[DOI]
Florian Tramèr
,
Nicholas Carlini
,
Wieland Brendel
,
Aleksander Madry
Proceedings of the Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, 2020

Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial Perturbations.
[BibTeX]
[DOI]
Florian Tramèr
,
Jens Behrmann
,
Nicholas Carlini
,
Nicolas Papernot
,
Jörn-Henrik Jacobsen
Proceedings of the 37th International Conference on Machine Learning, 2020

Third International Workshop on Dependable and Secure Machine Learning - DSML 2020.
[BibTeX]
[DOI]
Homa Alemzadeh
,
Rakesh Bobba
,
Varun Chandrasekaran
,
David E. Evans
,
Nicolas Papernot
,
Karthik Pattabiraman
,
Florian Tramèr
Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, 2020

2019
The Hydra Framework for Principled, Automated Bug Bounties.
[BibTeX]
[DOI]
Lorenz Breidenbach
,
Philip Daian
,
Florian Tramèr
,
Ari Juels
IEEE Secur. Priv., 2019

Advances and Open Problems in Federated Learning.
[BibTeX]
[DOI]
Peter Kairouz
,
H. Brendan McMahan
,
Brendan Avent
,
Aurélien Bellet
,
Mehdi Bennis
,
Arjun Nitin Bhagoji
,
Kallista A. Bonawitz
,
Zachary Charles
,
Graham Cormode
,
Rachel Cummings
,
Rafael G. L. D'Oliveira
,
Salim El Rouayheb
,
David Evans
,
Josh Gardner
,
Zachary Garrett
,
Adrià Gascón
,
Badih Ghazi
,
Phillip B. Gibbons
,
Marco Gruteser
,
Zaïd Harchaoui
,
Chaoyang He
,
Lie He
,
Zhouyuan Huo
,
Ben Hutchinson
,
Justin Hsu
,
Martin Jaggi
,
Tara Javidi
,
Gauri Joshi
,
Mikhail Khodak
,
Jakub Konecný
,
Aleksandra Korolova
,
Farinaz Koushanfar
,
Sanmi Koyejo
,
Tancrède Lepoint
,
Yang Liu
,
Prateek Mittal
,
Mehryar Mohri
,
Richard Nock
,
Ayfer Özgür
,
Rasmus Pagh
,
Mariana Raykova
,
Hang Qi
,
Daniel Ramage
,
Ramesh Raskar
,
Dawn Song
,
Weikang Song
,
Sebastian U. Stich
,
Ziteng Sun
,
Ananda Theertha Suresh
,
Florian Tramèr
,
Praneeth Vepakomma
,
Jianyu Wang
,
Li Xiong
,
Zheng Xu
,
Qiang Yang
,
Felix X. Yu
,
Han Yu
,
Sen Zhao
CoRR, 2019

SquirRL: Automating Attack Discovery on Blockchain Incentive Mechanisms with Deep Reinforcement Learning.
[BibTeX]
[DOI]
Charlie Hou
,
Mingxun Zhou
,
Yan Ji
,
Phil Daian
,
Florian Tramèr
,
Giulia Fanti
,
Ari Juels
CoRR, 2019

Exploiting Excessive Invariance caused by Norm-Bounded Adversarial Robustness.
[BibTeX]
[DOI]
Jörn-Henrik Jacobsen
,
Jens Behrmann
,
Nicholas Carlini
,
Florian Tramèr
,
Nicolas Papernot
CoRR, 2019

Adversarial Training and Robustness for Multiple Perturbations.
[BibTeX]
[DOI]
Florian Tramèr
,
Dan Boneh
Proceedings of the Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, 2019

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware.
[BibTeX]
[DOI]
Florian Tramèr
,
Dan Boneh
Proceedings of the 7th International Conference on Learning Representations, 2019

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning.
[BibTeX]
[DOI]
Florian Tramèr
,
Pascal Dupré
,
Gili Rusak
,
Giancarlo Pellegrino
,
Dan Boneh
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018
SentiNet: Detecting Physical Attacks Against Deep Learning Systems.
[BibTeX]
[DOI]
Edward Chou
,
Florian Tramèr
,
Giancarlo Pellegrino
,
Dan Boneh
CoRR, 2018

Ad-versarial: Defeating Perceptual Ad-Blocking.
[BibTeX]
[DOI]
Florian Tramèr
,
Pascal Dupré
,
Gili Rusak
,
Giancarlo Pellegrino
,
Dan Boneh
CoRR, 2018

Physical Adversarial Examples for Object Detectors.
[BibTeX]
[DOI]
Dawn Song
,
Kevin Eykholt
,
Ivan Evtimov
,
Earlence Fernandes
,
Bo Li
,
Amir Rahmati
,
Florian Tramèr
,
Atul Prakash
,
Tadayoshi Kohno
Proceedings of the 12th USENIX Workshop on Offensive Technologies, 2018

Ensemble Adversarial Training: Attacks and Defenses.
[BibTeX]
[DOI]
Florian Tramèr
,
Alexey Kurakin
,
Nicolas Papernot
,
Ian J. Goodfellow
,
Dan Boneh
,
Patrick D. McDaniel
Proceedings of the 6th International Conference on Learning Representations, 2018

2017
PrivateRide: A Privacy-Enhanced Ride-Hailing Service.
[BibTeX]
[DOI]
Anh Pham
,
Italo Dacosta
,
Bastien Jacot-Guillarmod
,
Kévin Huguenin
,
Taha Hajar
,
Florian Tramèr
,
Virgil D. Gligor
,
Jean-Pierre Hubaux
Proc. Priv. Enhancing Technol., 2017

Addressing Beacon re-identification attacks: quantification and mitigation of privacy risks.
[BibTeX]
[DOI]
Jean Louis Raisaro
,
Florian Tramèr
,
Zhanglong Ji
,
Diyue Bu
,
Yongan Zhao
,
W. Knox Carey
,
David D. Lloyd
,
Heidi Sofia
,
Dixie Baker
,
Paul Flicek
,
Suyash S. Shringarpure
,
Carlos D. Bustamante
,
Shuang Wang
,
Xiaoqian Jiang
,
Lucila Ohno-Machado
,
Haixu Tang
,
XiaoFeng Wang
,
Jean-Pierre Hubaux
J. Am. Medical Informatics Assoc., 2017

Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts.
[BibTeX]
[DOI]
Lorenz Breidenbach
,
Philip Daian
,
Florian Tramèr
,
Ari Juels
IACR Cryptol. ePrint Arch., 2017

Note on Attacking Object Detectors with Adversarial Stickers.
[BibTeX]
[DOI]
Kevin Eykholt
,
Ivan Evtimov
,
Earlence Fernandes
,
Bo Li
,
Dawn Song
,
Tadayoshi Kohno
,
Amir Rahmati
,
Atul Prakash
,
Florian Tramèr
CoRR, 2017

The Space of Transferable Adversarial Examples.
[BibTeX]
[DOI]
Florian Tramèr
,
Nicolas Papernot
,
Ian J. Goodfellow
,
Dan Boneh
,
Patrick D. McDaniel
CoRR, 2017

Ensemble Adversarial Training: Attacks and Defenses.
[BibTeX]
[DOI]
Florian Tramèr
,
Alexey Kurakin
,
Nicolas Papernot
,
Dan Boneh
,
Patrick D. McDaniel
CoRR, 2017

FairTest: Discovering Unwarranted Associations in Data-Driven Applications.
[BibTeX]
[DOI]
Florian Tramèr
,
Vaggelis Atlidakis
,
Roxana Geambasu
,
Daniel J. Hsu
,
Jean-Pierre Hubaux
,
Mathias Humbert
,
Ari Juels
,
Huang Lin
Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

2016
Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge.
[BibTeX]
[DOI]
Florian Tramèr
,
Fan Zhang
,
Huang Lin
,
Jean-Pierre Hubaux
,
Ari Juels
,
Elaine Shi
IACR Cryptol. ePrint Arch., 2016

Formal Abstractions for Attested Execution Secure Processors.
[BibTeX]
[DOI]
Rafael Pass
,
Elaine Shi
,
Florian Tramèr
IACR Cryptol. ePrint Arch., 2016

On solving L P N using B K W and variants - Implementation and analysis.
[BibTeX]
[DOI]
Sonia Bogos
,
Florian Tramèr
,
Serge Vaudenay
Cryptogr. Commun., 2016

Stealing Machine Learning Models via Prediction APIs.
[BibTeX]
[DOI]
Florian Tramèr
,
Fan Zhang
,
Ari Juels
,
Michael K. Reiter
,
Thomas Ristenpart
Proceedings of the 25th USENIX Security Symposium, 2016

2015
Better Algorithms for LWE and LWR.
[BibTeX]
[DOI]
Alexandre Duc
,
Florian Tramèr
,
Serge Vaudenay
IACR Cryptol. ePrint Arch., 2015

On Solving Lpn using BKW and Variants.
[BibTeX]
[DOI]
Sonia Bogos
,
Florian Tramèr
,
Serge Vaudenay
IACR Cryptol. ePrint Arch., 2015

Discovering Unwarranted Associations in Data-Driven Applications with the FairTest Testing Toolkit.
[BibTeX]
[DOI]
Florian Tramèr
,
Vaggelis Atlidakis
,
Roxana Geambasu
,
Daniel J. Hsu
,
Jean-Pierre Hubaux
,
Mathias Humbert
,
Ari Juels
,
Huang Lin
CoRR, 2015

Differential Privacy with Bounded Priors: Reconciling Utility and Privacy in Genome-Wide Association Studies.
[BibTeX]
[DOI]
Florian Tramèr
,
Zhicong Huang
,
Jean-Pierre Hubaux
,
Erman Ayday
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015


  Loading...