Nicholas Carlini

Affiliations:
  • Google, USA


According to our database1, Nicholas Carlini authored at least 112 papers between 2012 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

On csauthors.net:

Bibliography

2024
Polynomial Time Cryptanalytic Extraction of Deep Neural Networks in the Hard-Label Setting.
IACR Cryptol. ePrint Arch., 2024

Stealing User Prompts from Mixture of Experts.
CoRR, 2024

Remote Timing Attacks on Efficient Language Model Inference.
CoRR, 2024

Persistent Pre-Training Poisoning of LLMs.
CoRR, 2024

Adversarial Perturbations Cannot Reliably Protect Artists From Generative AI.
CoRR, 2024

Cutting through buggy adversarial example defenses: fixing 1 line of code breaks Sabre.
CoRR, 2024

Forcing Diffuse Distributions out of Language Models.
CoRR, 2024

Privacy Backdoors: Enhancing Membership Inference through Poisoning Pre-trained Models.
CoRR, 2024

Diffusion Denoising as a Certified Defense against Clean-label Poisoning.
CoRR, 2024

Query-Based Adversarial Prompt Generation.
CoRR, 2024

Privacy Side Channels in Machine Learning Systems.
Proceedings of the 33rd USENIX Security Symposium, 2024

Poisoning Web-Scale Training Datasets is Practical.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Evading Black-box Classifiers Without Breaking Eggs.
Proceedings of the IEEE Conference on Secure and Trustworthy Machine Learning, 2024

Position: Considerations for Differentially Private Learning with Large-Scale Public Pretraining.
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Stealing part of a production language model.
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Initialization Matters for Adversarial Transfer Learning.
Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2024

2023
Identifying and Mitigating the Security Risks of Generative AI.
Found. Trends Priv. Secur., 2023

Scalable Extraction of Training Data from (Production) Language Models.
CoRR, 2023

Report of the 1st Workshop on Generative AI and Law.
CoRR, 2023

Identifying and Mitigating the Security Risks of Generative AI.
CoRR, 2023

A LLM Assisted Exploitation of AI-Guardian.
CoRR, 2023

Backdoor Attacks for In-Context Learning with Language Models.
CoRR, 2023

Are aligned neural networks adversarially aligned?
CoRR, 2023

Students Parrot Their Teachers: Membership Inference on Model Distillation.
CoRR, 2023

Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators.
CoRR, 2023

Tight Auditing of Differentially Private Machine Learning.
Proceedings of the 32nd USENIX Security Symposium, 2023

Extracting Training Data from Diffusion Models.
Proceedings of the 32nd USENIX Security Symposium, 2023

Publishing Efficient On-device Models Increases Adversarial Vulnerability.
Proceedings of the 2023 IEEE Conference on Secure and Trustworthy Machine Learning, 2023

Counterfactual Memorization in Neural Language Models.
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Effective Robustness against Natural Distribution Shifts for Models with Different Training Data.
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Students Parrot Their Teachers: Membership Inference on Model Distillation.
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Are aligned neural networks adversarially aligned?
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Preventing Generation of Verbatim Memorization in Language Models Gives a False Sense of Privacy.
Proceedings of the 16th International Natural Language Generation Conference, 2023

Reverse-Engineering Decoding Strategies Given Blackbox Access to a Language Generation System.
Proceedings of the 16th International Natural Language Generation Conference, 2023

Preprocessors Matter! Realistic Decision-Based Attacks on Machine Learning Systems.
Proceedings of the International Conference on Machine Learning, 2023

Part-Based Models Improve Adversarial Robustness.
Proceedings of the Eleventh International Conference on Learning Representations, 2023

Measuring Forgetting of Memorized Training Examples.
Proceedings of the Eleventh International Conference on Learning Representations, 2023

(Certified!!) Adversarial Robustness for Free!
Proceedings of the Eleventh International Conference on Learning Representations, 2023

Quantifying Memorization Across Neural Language Models.
Proceedings of the Eleventh International Conference on Learning Representations, 2023

2022
Security of Machine Learning (Dagstuhl Seminar 22281).
Dagstuhl Reports, July, 2022

Considerations for Differentially Private Learning with Large-Scale Public Pretraining.
CoRR, 2022

Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy.
CoRR, 2022

No Free Lunch in "Privacy for Free: How does Dataset Condensation Help Privacy".
CoRR, 2022

(Certified!!) Adversarial Robustness for Free!
CoRR, 2022

Debugging Differential Privacy: A Case Study for Privacy Auditing.
CoRR, 2022

Membership Inference Attacks From First Principles.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Increasing Confidence in Adversarial Robustness Evaluations.
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples.
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

The Privacy Onion Effect: Memorization is Relative.
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Handcrafted Backdoors in Deep Neural Networks.
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Data Poisoning Won't Save You From Facial Recognition.
Proceedings of the Tenth International Conference on Learning Representations, 2022

Poisoning and Backdooring Contrastive Learning.
Proceedings of the Tenth International Conference on Learning Representations, 2022

Evading Adversarial Example Detection Defenses with Orthogonal Projected Gradient Descent.
Proceedings of the Tenth International Conference on Learning Representations, 2022

AdaMatch: A Unified Approach to Semi-Supervised Learning and Domain Adaptation.
Proceedings of the Tenth International Conference on Learning Representations, 2022

Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets.
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Deduplicating Training Data Makes Language Models Better.
Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), 2022

2021
Unsolved Problems in ML Safety.
CoRR, 2021

NeuraCrypt is not private.
CoRR, 2021

Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples.
CoRR, 2021

Extracting Training Data from Large Language Models.
Proceedings of the 30th USENIX Security Symposium, 2021

Poisoning the Unlabeled Dataset of Semi-Supervised Learning.
Proceedings of the 30th USENIX Security Symposium, 2021

Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Is Private Learning Possible with Instance Encoding?
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

How Private is Machine Learning?
Proceedings of the IH&MMSec '21: ACM Workshop on Information Hiding and Multimedia Security, 2021

Label-Only Membership Inference Attacks.
Proceedings of the 38th International Conference on Machine Learning, 2021

Session details: Session 2A: Machine Learning for Cybersecurity.
Proceedings of the AISec@CCS 2021: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security, 2021

Session details: Session 1: Adversarial Machine Learning.
Proceedings of the AISec@CCS 2021: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security, 2021

2020
An Attack on InstaHide: Is Private Learning Possible with Instance Encoding?
CoRR, 2020

Erratum Concerning the Obfuscated Gradients Attack on Stochastic Activation Pruning.
CoRR, 2020

A Partial Break of the Honeypots Defense to Catch Adversarial Attacks.
CoRR, 2020

High Accuracy and High Fidelity Extraction of Neural Networks.
Proceedings of the 29th USENIX Security Symposium, 2020

On Adaptive Attacks to Adversarial Example Defenses.
Proceedings of the Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, 2020

Measuring Robustness to Natural Distribution Shifts in Image Classification.
Proceedings of the Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, 2020

FixMatch: Simplifying Semi-Supervised Learning with Consistency and Confidence.
Proceedings of the Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, 2020

Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial Perturbations.
Proceedings of the 37th International Conference on Machine Learning, 2020

ReMixMatch: Semi-Supervised Learning with Distribution Matching and Augmentation Anchoring.
Proceedings of the 8th International Conference on Learning Representations, 2020

Evading Deepfake-Image Detectors with White- and Black-Box Attacks.
Proceedings of the 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2020

Cryptanalytic Extraction of Neural Network Models.
Proceedings of the Advances in Cryptology - CRYPTO 2020, 2020

AISec'20: 13th Workshop on Artificial Intelligence and Security.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
ReMixMatch: Semi-Supervised Learning with Distribution Alignment and Augmentation Anchoring.
CoRR, 2019

Distribution Density, Tails, and Outliers in Machine Learning: Metrics and Applications.
CoRR, 2019

High-Fidelity Extraction of Neural Network Models.
CoRR, 2019

Stateful Detection of Black-Box Adversarial Attacks.
CoRR, 2019

A critique of the DeepSec Platform for Security Analysis of Deep Learning Models.
CoRR, 2019

SysML: The New Frontier of Machine Learning Systems.
CoRR, 2019

Exploiting Excessive Invariance caused by Norm-Bounded Adversarial Robustness.
CoRR, 2019

On Evaluating Adversarial Robustness.
CoRR, 2019

Is AmI (Attacks Meet Interpretability) Robust to Adversarial Examples?
CoRR, 2019

The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks.
Proceedings of the 28th USENIX Security Symposium, 2019

MixMatch: A Holistic Approach to Semi-Supervised Learning.
Proceedings of the Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, 2019

Imperceptible, Robust, and Targeted Adversarial Examples for Automatic Speech Recognition.
Proceedings of the 36th International Conference on Machine Learning, 2019

Adversarial Examples Are a Natural Consequence of Test Error in Noise.
Proceedings of the 36th International Conference on Machine Learning, 2019

AISec'19: 12th ACM Workshop on Artificial Intelligence and Security.
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019

2018
Evaluation and Design of Robust Neural Network Defenses.
PhD thesis, 2018

Unrestricted Adversarial Examples.
CoRR, 2018

On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses.
CoRR, 2018

The Secret Sharer: Measuring Unintended Neural Network Memorization & Extracting Secrets.
CoRR, 2018

Audio Adversarial Examples: Targeted Attacks on Speech-to-Text.
Proceedings of the 2018 IEEE Security and Privacy Workshops, 2018

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples.
Proceedings of the 35th International Conference on Machine Learning, 2018

2017
MagNet and "Efficient Defenses Against Adversarial Attacks" are Not Robust to Adversarial Examples.
CoRR, 2017

Ground-Truth Adversarial Examples.
CoRR, 2017

Adversarial Example Defenses: Ensembles of Weak Defenses are not Strong.
CoRR, 2017

Adversarial Example Defense: Ensembles of Weak Defenses are not Strong.
Proceedings of the 11th USENIX Workshop on Offensive Technologies, 2017

Towards Evaluating the Robustness of Neural Networks.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods.
Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, 2017

2016
Defensive Distillation is Not Robust to Adversarial Examples.
CoRR, 2016

Hidden Voice Commands.
Proceedings of the 25th USENIX Security Symposium, 2016

2015
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity.
Proceedings of the 24th USENIX Security Symposium, 2015

2014
ROP is Still Dangerous: Breaking Modern Defenses.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

2013
Improved Support for Machine-assisted Ballot-level Audits.
Proceedings of the 2013 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2013

2012
Operator-Assisted Tabulation of Optical Scan Ballots.
Proceedings of the 2012 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2012

An Evaluation of the Google Chrome Extension Security Architecture.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012


  Loading...