We stand with Ukraine  

Nicolas Papernot

Orcid: 0000-0001-5078-7233

Affiliations:
  • University of Toronto, Canada


According to our database1, Nicolas Papernot authored at least 143 papers between 2014 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
AI models collapse when trained on recursively generated data.
[BibTeX]
[DOI]
Ilia Shumailov
,
Zakhar Shumaylov
,
Yiren Zhao
,
Nicolas Papernot
,
Ross J. Anderson
,
Yarin Gal
Nat., July, 2024

Augment then Smooth: Reconciling Differential Privacy with Certified Robustness.
[BibTeX]
[DOI]
Jiapeng Wu
,
Atiyeh Ashari Ghomi
,
David Glukhov
,
Jesse C. Cresswell
,
Franziska Boenisch
,
Nicolas Papernot
Trans. Mach. Learn. Res., 2024

From Differential Privacy to Bounds on Membership Inference: Less can be More.
[BibTeX]
[DOI]
Anvith Thudi
,
Ilia Shumailov
,
Franziska Boenisch
,
Nicolas Papernot
Trans. Mach. Learn. Res., 2024

A False Sense of Safety: Unsafe Information Leakage in 'Safe' AI Responses.
[BibTeX]
[DOI]
David Glukhov
,
Ziwen Han
,
Ilia Shumailov
,
Vardan Papyan
,
Nicolas Papernot
CoRR, 2024

UnUnlearning: Unlearning is not sufficient for content regulation in advanced generative AI.
[BibTeX]
[DOI]
Ilia Shumailov
,
Jamie Hayes
,
Eleni Triantafillou
,
Guillermo Ortiz-Jiménez
,
Nicolas Papernot
,
Matthew Jagielski
,
Itay Yona
,
Heidi Howard
,
Eugene Bagdasaryan
CoRR, 2024

LLM Dataset Inference: Did you train on my dataset?
[BibTeX]
[DOI]
Pratyush Maini
,
Hengrui Jia
,
Nicolas Papernot
,
Adam Dziedzic
CoRR, 2024

Tighter Privacy Auditing of DP-SGD in the Hidden State Threat Model.
[BibTeX]
[DOI]
Tudor Cebere
,
Aurélien Bellet
,
Nicolas Papernot
CoRR, 2024

Inexact Unlearning Needs More Careful Evaluations to Avoid a False Sense of Privacy.
[BibTeX]
[DOI]
Jamie Hayes
,
Ilia Shumailov
,
Eleni Triantafillou
,
Amr Khalifa
,
Nicolas Papernot
CoRR, 2024

Architectural Neural Backdoors from First Principles.
[BibTeX]
[DOI]
Harry Langford
,
Ilia Shumailov
,
Yiren Zhao
,
Robert D. Mullins
,
Nicolas Papernot
CoRR, 2024

Regulation Games for Trustworthy Machine Learning.
[BibTeX]
[DOI]
Mohammad Yaghini
,
Patty Liu
,
Franziska Boenisch
,
Nicolas Papernot
CoRR, 2024

Unlearnable Algorithms for In-context Learning.
[BibTeX]
[DOI]
Andrei Ioan Muresanu
,
Anvith Thudi
,
Michael R. Zhang
,
Nicolas Papernot
CoRR, 2024

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data.
[BibTeX]
[DOI]
Congyu Fang
,
Adam Dziedzic
,
Lin Zhang
,
Laura Oliva
,
Amol A. Verma
,
Fahad Razak
,
Nicolas Papernot
,
Bo Wang
CoRR, 2024

Exploring Strategies for Guiding Symbolic Analysis with Machine Learning Prediction.
[BibTeX]
[DOI]
Mingyue Yang
,
David Lie
,
Nicolas Papernot
Proceedings of the IEEE International Conference on Software Analysis, 2024

Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD.
[BibTeX]
[DOI]
Anvith Thudi
,
Hengrui Jia
,
Casey Meehan
,
Ilia Shumailov
,
Nicolas Papernot
Proceedings of the 33rd USENIX Security Symposium, 2024

The Fundamental Limits of Least-Privilege Learning.
[BibTeX]
[DOI]
Theresa Stadler
,
Bogdan Kulynych
,
Michael Gastpar
,
Nicolas Papernot
,
Carmela Troncoso
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Position: Fundamental Limitations of LLM Censorship Necessitate New Approaches.
[BibTeX]
[DOI]
David Glukhov
,
Ilia Shumailov
,
Yarin Gal
,
Nicolas Papernot
,
Vardan Papyan
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Auditing Private Prediction.
[BibTeX]
[DOI]
Karan Chadha
,
Matthew Jagielski
,
Nicolas Papernot
,
Christopher A. Choquette-Choo
,
Milad Nasr
Proceedings of the Forty-first International Conference on Machine Learning, 2024

Memorization in Self-Supervised Learning Improves Downstream Generalization.
[BibTeX]
[DOI]
Wenhao Wang
,
Muhammad Ahmad Kaleem
,
Adam Dziedzic
,
Michael Backes
,
Nicolas Papernot
,
Franziska Boenisch
Proceedings of the Twelfth International Conference on Learning Representations, 2024

Confidential-DPproof: Confidential Proof of Differentially Private Training.
[BibTeX]
[DOI]
Ali Shahin Shamsabadi
,
Gefei Tan
,
Tudor Cebere
,
Aurélien Bellet
,
Hamed Haddadi
,
Nicolas Papernot
,
Xiao Wang
,
Adrian Weller
Proceedings of the Twelfth International Conference on Learning Representations, 2024

Fairness Feedback Loops: Training on Synthetic Data Amplifies Bias.
[BibTeX]
[DOI]
Sierra Calanda Wyllie
,
Ilia Shumailov
,
Nicolas Papernot
Proceedings of the 2024 ACM Conference on Fairness, Accountability, and Transparency, 2024

2023
Losing Less: A Loss for Differentially Private Deep Learning.
[BibTeX]
[DOI]
Ali Shahin Shamsabadi
,
Nicolas Papernot
Proc. Priv. Enhancing Technol., July, 2023

Differentially Private Speaker Anonymization.
[BibTeX]
[DOI]
Ali Shahin Shamsabadi
,
Brij Mohan Lal Srivastava
,
Aurélien Bellet
,
Nathalie Vauquier
,
Emmanuel Vincent
,
Mohamed Maouche
,
Marc Tommasi
,
Nicolas Papernot
Proc. Priv. Enhancing Technol., January, 2023

Private Multi-Winner Voting for Machine Learning.
[BibTeX]
[DOI]
Adam Dziedzic
,
Christopher A. Choquette-Choo
,
Natalie Dullerud
,
Vinith M. Suriyakumar
,
Ali Shahin Shamsabadi
,
Muhammad Ahmad Kaleem
,
Somesh Jha
,
Nicolas Papernot
,
Xiao Wang
Proc. Priv. Enhancing Technol., January, 2023

Robust and Actively Secure Serverless Collaborative Learning.
[BibTeX]
[DOI]
Olive Franzese
,
Adam Dziedzic
,
Christopher A. Choquette-Choo
,
Mark R. Thomas
,
Muhammad Ahmad Kaleem
,
Stephan Rabanser
,
Congyu Fang
,
Somesh Jha
,
Nicolas Papernot
,
Xiao Wang
CoRR, 2023

Beyond Labeling Oracles: What does it mean to steal ML models?
[BibTeX]
[DOI]
Avital Shafran
,
Ilia Shumailov
,
Murat A. Erdogdu
,
Nicolas Papernot
CoRR, 2023

LLM Censorship: A Machine Learning Challenge or a Computer Security Problem?
[BibTeX]
[DOI]
David Glukhov
,
Ilia Shumailov
,
Yarin Gal
,
Nicolas Papernot
,
Vardan Papyan
CoRR, 2023

When Vision Fails: Text Attacks Against ViT and OCR.
[BibTeX]
[DOI]
Nicholas Boucher
,
Jenny Blessing
,
Ilia Shumailov
,
Ross Anderson
,
Nicolas Papernot
CoRR, 2023

The Curse of Recursion: Training on Generated Data Makes Models Forget.
[BibTeX]
[DOI]
Ilia Shumailov
,
Zakhar Shumaylov
,
Yiren Zhao
,
Yarin Gal
,
Nicolas Papernot
,
Ross J. Anderson
CoRR, 2023

Challenges towards the Next Frontier in Privacy.
[BibTeX]
[DOI]
Rachel Cummings
,
Damien Desfontaines
,
David Evans
,
Roxana Geambasu
,
Matthew Jagielski
,
Yangsibo Huang
,
Peter Kairouz
,
Gautam Kamath
,
Sewoong Oh
,
Olga Ohrimenko
,
Nicolas Papernot
,
Ryan Rogers
,
Milan Shen
,
Shuang Song
,
Weijie J. Su
,
Andreas Terzis
,
Abhradeep Thakurta
,
Sergei Vassilvitskii
,
Yu-Xiang Wang
,
Li Xiong
,
Sergey Yekhanin
,
Da Yu
,
Huanyu Zhang
,
Wanrong Zhang
CoRR, 2023

Learning with Impartiality to Walk on the Pareto Frontier of Fairness, Privacy, and Utility.
[BibTeX]
[DOI]
Mohammad Yaghini
,
Patty Liu
,
Franziska Boenisch
,
Nicolas Papernot
CoRR, 2023

Is Federated Learning a Practical PET Yet?
[BibTeX]
[DOI]
Franziska Boenisch
,
Adam Dziedzic
,
Roei Schuster
,
Ali Shahin Shamsabadi
,
Ilia Shumailov
,
Nicolas Papernot
CoRR, 2023

Tubes Among Us: Analog Attack on Automatic Speaker Identification.
[BibTeX]
[DOI]
Shimaa Ahmed
,
Yash Wani
,
Ali Shahin Shamsabadi
,
Mohammad Yaghini
,
Ilia Shumailov
,
Nicolas Papernot
,
Kassem Fawaz
Proceedings of the 32nd USENIX Security Symposium, 2023

Training Private Models That Know What They Don't Know.
[BibTeX]
[DOI]
Stephan Rabanser
,
Anvith Thudi
,
Abhradeep Guha Thakurta
,
Krishnamurthy Dvijotham
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Robust and Actively Secure Serverless Collaborative Learning.
[BibTeX]
[DOI]
Nicholas Franzese
,
Adam Dziedzic
,
Christopher A. Choquette-Choo
,
Mark R. Thomas
,
Muhammad Ahmad Kaleem
,
Stephan Rabanser
,
Congyu Fang
,
Somesh Jha
,
Nicolas Papernot
,
Xiao Wang
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Flocks of Stochastic Parrots: Differentially Private Prompt Learning for Large Language Models.
[BibTeX]
[DOI]
Haonan Duan
,
Adam Dziedzic
,
Nicolas Papernot
,
Franziska Boenisch
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Have it your way: Individualized Privacy Assignment for DP-SGD.
[BibTeX]
[DOI]
Franziska Boenisch
,
Christopher Mühl
,
Adam Dziedzic
,
Roy Rinberg
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023

Confidential-PROFITT: Confidential PROof of FaIr Training of Trees.
[BibTeX]
[DOI]
Ali Shahin Shamsabadi
,
Sierra Calanda Wyllie
,
Nicholas Franzese
,
Natalie Dullerud
,
Sébastien Gambs
,
Nicolas Papernot
,
Xiao Wang
,
Adrian Weller
Proceedings of the Eleventh International Conference on Learning Representations, 2023

Measuring Forgetting of Memorized Training Examples.
[BibTeX]
[DOI]
Matthew Jagielski
,
Om Thakkar
,
Florian Tramèr
,
Daphne Ippolito
,
Katherine Lee
,
Nicholas Carlini
,
Eric Wallace
,
Shuang Song
,
Abhradeep Guha Thakurta
,
Nicolas Papernot
,
Chiyuan Zhang
Proceedings of the Eleventh International Conference on Learning Representations, 2023

Proof-of-Learning is Currently More Broken Than You Think.
[BibTeX]
[DOI]
Congyu Fang
,
Hengrui Jia
,
Anvith Thudi
,
Mohammad Yaghini
,
Christopher A. Choquette-Choo
,
Natalie Dullerud
,
Varun Chandrasekaran
,
Nicolas Papernot
Proceedings of the 8th IEEE European Symposium on Security and Privacy, 2023

Reconstructing Individual Data Points in Federated Learning Hardened with Differential Privacy and Secure Aggregation.
[BibTeX]
[DOI]
Franziska Boenisch
,
Adam Dziedzic
,
Roei Schuster
,
Ali Shahin Shamsabadi
,
Ilia Shumailov
,
Nicolas Papernot
Proceedings of the 8th IEEE European Symposium on Security and Privacy, 2023

When the Curious Abandon Honesty: Federated Learning Is Not Private.
[BibTeX]
[DOI]
Franziska Boenisch
,
Adam Dziedzic
,
Roei Schuster
,
Ali Shahin Shamsabadi
,
Ilia Shumailov
,
Nicolas Papernot
Proceedings of the 8th IEEE European Symposium on Security and Privacy, 2023

Architectural Backdoors in Neural Networks.
[BibTeX]
[DOI]
Mikel Bober-Irizar
,
Ilia Shumailov
,
Yiren Zhao
,
Robert D. Mullins
,
Nicolas Papernot
Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2023

The Adversarial Implications of Variable-Time Inference.
[BibTeX]
[DOI]
Dudi Biton
,
Aditi Misra
,
Efrat Levy
,
Jaidip Kotak
,
Ron Bitton
,
Roei Schuster
,
Nicolas Papernot
,
Yuval Elovici
,
Ben Nassi
Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, 2023

2022
Adversarial examples for network intrusion detection systems.
[BibTeX]
[DOI]
Ryan Sheatsley
,
Nicolas Papernot
,
Michael J. Weisman
,
Gunjan Verma
,
Patrick D. McDaniel
J. Comput. Secur., 2022

Learned Systems Security.
[BibTeX]
[DOI]
Roei Schuster
,
Jin Peng Zhou
,
Thorsten Eisenhofer
,
Paul Grubbs
,
Nicolas Papernot
CoRR, 2022

Verifiable and Provably Secure Machine Unlearning.
[BibTeX]
[DOI]
Thorsten Eisenhofer
,
Doreen Riepel
,
Varun Chandrasekaran
,
Esha Ghosh
,
Olga Ohrimenko
,
Nicolas Papernot
CoRR, 2022

Fine-Tuning with Differential Privacy Necessitates an Additional Hyperparameter Search.
[BibTeX]
[DOI]
Yannis Cattan
,
Christopher A. Choquette-Choo
,
Nicolas Papernot
,
Abhradeep Thakurta
CoRR, 2022

In Differential Privacy, There is Truth: On Vote Leakage in Ensemble Private Learning.
[BibTeX]
[DOI]
Jiaqi Wang
,
Roei Schuster
,
Ilia Shumailov
,
David Lie
,
Nicolas Papernot
CoRR, 2022

On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning.
[BibTeX]
[DOI]
Congyu Fang
,
Hengrui Jia
,
Anvith Thudi
,
Mohammad Yaghini
,
Christopher A. Choquette-Choo
,
Natalie Dullerud
,
Varun Chandrasekaran
,
Nicolas Papernot
CoRR, 2022

Generative Extraction of Audio Classifiers for Speaker Identification.
[BibTeX]
[DOI]
Tejumade Afonja
,
Lucas Bourtoule
,
Varun Chandrasekaran
,
Sageev Oore
,
Nicolas Papernot
CoRR, 2022

p-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations.
[BibTeX]
[DOI]
Adam Dziedzic
,
Stephan Rabanser
,
Mohammad Yaghini
,
Armin Ale
,
Murat A. Erdogdu
,
Nicolas Papernot
CoRR, 2022

Efficient Adversarial Training With Data Pruning.
[BibTeX]
[DOI]
Maximilian Kaufmann
,
Yiren Zhao
,
Ilia Shumailov
,
Robert D. Mullins
,
Nicolas Papernot
CoRR, 2022

Intrinsic Anomaly Detection for Multi-Variate Time Series.
[BibTeX]
[DOI]
Stephan Rabanser
,
Tim Januschowski
,
Kashif Rasul
,
Oliver Borchert
,
Richard Kurle
,
Jan Gasthaus
,
Michael Bohlke-Schneider
,
Nicolas Papernot
,
Valentin Flunkert
CoRR, 2022

Selective Classification Via Neural Network Training Dynamics.
[BibTeX]
[DOI]
Stephan Rabanser
,
Anvith Thudi
,
Kimia Hamidieh
,
Adam Dziedzic
,
Nicolas Papernot
CoRR, 2022

Bounding Membership Inference.
[BibTeX]
[DOI]
Anvith Thudi
,
Ilia Shumailov
,
Franziska Boenisch
,
Nicolas Papernot
CoRR, 2022

Pipe Overflow: Smashing Voice Authentication for Fun and Profit.
[BibTeX]
[DOI]
Shimaa Ahmed
,
Yash Wani
,
Ali Shahin Shamsabadi
,
Mohammad Yaghini
,
Ilia Shumailov
,
Nicolas Papernot
,
Kassem Fawaz
CoRR, 2022

On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning.
[BibTeX]
[DOI]
Anvith Thudi
,
Hengrui Jia
,
Ilia Shumailov
,
Nicolas Papernot
Proceedings of the 31st USENIX Security Symposium, 2022

Towards More Robust Keyword Spotting for Voice Assistants.
[BibTeX]
[DOI]
Shimaa Ahmed
,
Ilia Shumailov
,
Nicolas Papernot
,
Kassem Fawaz
Proceedings of the 31st USENIX Security Symposium, 2022

Bad Characters: Imperceptible NLP Attacks.
[BibTeX]
[DOI]
Nicholas Boucher
,
Ilia Shumailov
,
Ross Anderson
,
Nicolas Papernot
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

In Differential Privacy, There is Truth: on Vote-Histogram Leakage in Ensemble Private Learning.
[BibTeX]
[DOI]
Jiaqi Wang
,
Roei Schuster
,
Ilia Shumailov
,
David Lie
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Washing The Unwashable : On The (Im)possibility of Fairwashing Detection.
[BibTeX]
[DOI]
Ali Shahin Shamsabadi
,
Mohammad Yaghini
,
Natalie Dullerud
,
Sierra Calanda Wyllie
,
Ulrich Aïvodji
,
Aisha Alaagib
,
Sébastien Gambs
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

Dataset Inference for Self-Supervised Models.
[BibTeX]
[DOI]
Adam Dziedzic
,
Haonan Duan
,
Muhammad Ahmad Kaleem
,
Nikita Dhawan
,
Jonas Guan
,
Yannis Cattan
,
Franziska Boenisch
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

The Privacy Onion Effect: Memorization is Relative.
[BibTeX]
[DOI]
Nicholas Carlini
,
Matthew Jagielski
,
Chiyuan Zhang
,
Nicolas Papernot
,
Andreas Terzis
,
Florian Tramèr
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

On the Limitations of Stochastic Pre-processing Defenses.
[BibTeX]
[DOI]
Yue Gao
,
Ilia Shumailov
,
Kassem Fawaz
,
Nicolas Papernot
Proceedings of the Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, 2022

On the Difficulty of Defending Self-Supervised Learning against Model Extraction.
[BibTeX]
[DOI]
Adam Dziedzic
,
Nikita Dhawan
,
Muhammad Ahmad Kaleem
,
Jonas Guan
,
Nicolas Papernot
Proceedings of the International Conference on Machine Learning, 2022

Hyperparameter Tuning with Renyi Differential Privacy.
[BibTeX]
[DOI]
Nicolas Papernot
,
Thomas Steinke
Proceedings of the Tenth International Conference on Learning Representations, 2022

A Zest of LIME: Towards Architecture-Independent Model Distances.
[BibTeX]
[DOI]
Hengrui Jia
,
Hongyu Chen
,
Jonas Guan
,
Ali Shahin Shamsabadi
,
Nicolas Papernot
Proceedings of the Tenth International Conference on Learning Representations, 2022

Increasing the Cost of Model Extraction with Calibrated Proof of Work.
[BibTeX]
[DOI]
Adam Dziedzic
,
Muhammad Ahmad Kaleem
,
Yu Shen Lu
,
Nicolas Papernot
Proceedings of the Tenth International Conference on Learning Representations, 2022

Is Fairness Only Metric Deep? Evaluating and Addressing Subgroup Gaps in Deep Metric Learning.
[BibTeX]
[DOI]
Natalie Dullerud
,
Karsten Roth
,
Kimia Hamidieh
,
Nicolas Papernot
,
Marzyeh Ghassemi
Proceedings of the Tenth International Conference on Learning Representations, 2022

Unrolling SGD: Understanding Factors Influencing Machine Unlearning.
[BibTeX]
[DOI]
Anvith Thudi
,
Gabriel Deza
,
Varun Chandrasekaran
,
Nicolas Papernot
Proceedings of the 7th IEEE European Symposium on Security and Privacy, 2022

The Role of Randomization in Trustworthy Machine Learning.
[BibTeX]
[DOI]
Nicolas Papernot
Proceedings of the 9th ACM Workshop on Moving Target Defense, 2022

2021
Interpretability in Safety-Critical FinancialTrading Systems.
[BibTeX]
[DOI]
Gabriel Deza
,
Adelin Travers
,
Colin Rowat
,
Nicolas Papernot
CoRR, 2021

SoK: Machine Learning Governance.
[BibTeX]
[DOI]
Varun Chandrasekaran
,
Hengrui Jia
,
Anvith Thudi
,
Adelin Travers
,
Mohammad Yaghini
,
Nicolas Papernot
CoRR, 2021

On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples.
[BibTeX]
[DOI]
Adelin Travers
,
Lorna Licollari
,
Guanghan Wang
,
Varun Chandrasekaran
,
Adam Dziedzic
,
David Lie
,
Nicolas Papernot
CoRR, 2021

Entangled Watermarks as a Defense against Model Extraction.
[BibTeX]
[DOI]
Hengrui Jia
,
Christopher A. Choquette-Choo
,
Varun Chandrasekaran
,
Nicolas Papernot
Proceedings of the 30th USENIX Security Symposium, 2021

Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning.
[BibTeX]
[DOI]
Milad Nasr
,
Shuang Song
,
Abhradeep Thakurta
,
Nicolas Papernot
,
Nicholas Carlini
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Proof-of-Learning: Definitions and Practice.
[BibTeX]
[DOI]
Hengrui Jia
,
Mohammad Yaghini
,
Christopher A. Choquette-Choo
,
Natalie Dullerud
,
Anvith Thudi
,
Varun Chandrasekaran
,
Nicolas Papernot
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Machine Unlearning.
[BibTeX]
[DOI]
Lucas Bourtoule
,
Varun Chandrasekaran
,
Christopher A. Choquette-Choo
,
Hengrui Jia
,
Adelin Travers
,
Baiwu Zhang
,
David Lie
,
Nicolas Papernot
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems.
[BibTeX]
[DOI]
Hadi Abdullah
,
Kevin Warren
,
Vincent Bindschaedler
,
Nicolas Papernot
,
Patrick Traynor
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Manipulating SGD with Data Ordering Attacks.
[BibTeX]
[DOI]
Ilia Shumailov
,
Zakhar Shumaylov
,
Dmitry Kazhdan
,
Yiren Zhao
,
Nicolas Papernot
,
Murat A. Erdogdu
,
Ross J. Anderson
Proceedings of the Advances in Neural Information Processing Systems 34: Annual Conference on Neural Information Processing Systems 2021, 2021

Accelerating Symbolic Analysis for Android Apps.
[BibTeX]
[DOI]
Mingyue Yang
,
David Lie
,
Nicolas Papernot
Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering, 2021

Markpainting: Adversarial Machine Learning meets Inpainting.
[BibTeX]
[DOI]
David Khachaturov
,
Ilia Shumailov
,
Yiren Zhao
,
Nicolas Papernot
,
Ross J. Anderson
Proceedings of the 38th International Conference on Machine Learning, 2021

Label-Only Membership Inference Attacks.
[BibTeX]
[DOI]
Christopher A. Choquette-Choo
,
Florian Tramèr
,
Nicholas Carlini
,
Nicolas Papernot
Proceedings of the 38th International Conference on Machine Learning, 2021

Dataset Inference: Ownership Resolution in Machine Learning.
[BibTeX]
[DOI]
Pratyush Maini
,
Mohammad Yaghini
,
Nicolas Papernot
Proceedings of the 9th International Conference on Learning Representations, 2021

CaPC Learning: Confidential and Private Collaborative Learning.
[BibTeX]
[DOI]
Christopher A. Choquette-Choo
,
Natalie Dullerud
,
Adam Dziedzic
,
Yunxiang Zhang
,
Somesh Jha
,
Nicolas Papernot
,
Xiao Wang
Proceedings of the 9th International Conference on Learning Representations, 2021

Chasing Your Long Tails: Differentially Private Prediction in Health Care Settings.
[BibTeX]
[DOI]
Vinith M. Suriyakumar
,
Nicolas Papernot
,
Anna Goldenberg
,
Marzyeh Ghassemi
Proceedings of the FAccT '21: 2021 ACM Conference on Fairness, 2021

Sponge Examples: Energy-Latency Attacks on Neural Networks.
[BibTeX]
[DOI]
Ilia Shumailov
,
Yiren Zhao
,
Daniel Bates
,
Nicolas Papernot
,
Robert D. Mullins
,
Ross Anderson
Proceedings of the IEEE European Symposium on Security and Privacy, 2021

Fourth International Workshop on Dependable and Secure Machine Learning - DSML 2021.
[BibTeX]
[DOI]
Hui Xu
,
Guanpeng Li
,
Homa Alemzadeh
,
Rakesh Bobba
,
Varun Chandrasekaran
,
David E. Evans
,
Nicolas Papernot
,
Karthik Pattabiraman
,
Florian Tramèr
Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, 2021

Data-Free Model Extraction.
[BibTeX]
[DOI]
Jean-Baptiste Truong
,
Pratyush Maini
,
Robert J. Walls
,
Nicolas Papernot
Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, 2021

Tempered Sigmoid Activations for Deep Learning with Differential Privacy.
[BibTeX]
[DOI]
Nicolas Papernot
,
Abhradeep Thakurta
,
Shuang Song
,
Steve Chien
,
Úlfar Erlingsson
Proceedings of the Thirty-Fifth AAAI Conference on Artificial Intelligence, 2021

2020
Adversarial Examples in Constrained Domains.
[BibTeX]
[DOI]
Ryan Sheatsley
,
Nicolas Papernot
,
Michael J. Weisman
,
Gunjan Verma
,
Patrick D. McDaniel
CoRR, 2020

Not My Deepfake: Towards Plausible Deniability for Machine-Generated Media.
[BibTeX]
[DOI]
Baiwu Zhang
,
Jin Peng Zhou
,
Ilia Shumailov
,
Nicolas Papernot
CoRR, 2020

Entangled Watermarks as a Defense against Model Extraction.
[BibTeX]
[DOI]
Hengrui Jia
,
Christopher A. Choquette-Choo
,
Nicolas Papernot
CoRR, 2020

On the Effectiveness of Mitigating Data Poisoning Attacks with Gradient Shaping.
[BibTeX]
[DOI]
Sanghyun Hong
,
Varun Chandrasekaran
,
Yigitcan Kaya
,
Tudor Dumitras
,
Nicolas Papernot
CoRR, 2020

High Accuracy and High Fidelity Extraction of Neural Networks.
[BibTeX]
[DOI]
Matthew Jagielski
,
Nicholas Carlini
,
David Berthelot
,
Alex Kurakin
,
Nicolas Papernot
Proceedings of the 29th USENIX Security Symposium, 2020

On the Robustness of Cooperative Multi-Agent Reinforcement Learning.
[BibTeX]
[DOI]
Jieyu Lin
,
Kristina Dzeparoska
,
Sai Qian Zhang
,
Alberto Leon-Garcia
,
Nicolas Papernot
Proceedings of the 2020 IEEE Security and Privacy Workshops, 2020

Fundamental Tradeoffs between Invariance and Sensitivity to Adversarial Perturbations.
[BibTeX]
[DOI]
Florian Tramèr
,
Jens Behrmann
,
Nicholas Carlini
,
Nicolas Papernot
,
Jörn-Henrik Jacobsen
Proceedings of the 37th International Conference on Machine Learning, 2020

Thieves on Sesame Street! Model Extraction of BERT-based APIs.
[BibTeX]
[DOI]
Kalpesh Krishna
,
Gaurav Singh Tomar
,
Ankur P. Parikh
,
Nicolas Papernot
,
Mohit Iyyer
Proceedings of the 8th International Conference on Learning Representations, 2020

Neighbors From Hell: Voltage Attacks Against Deep Learning Accelerators on Multi-Tenant FPGAs.
[BibTeX]
[DOI]
Andrew Boutros
,
Mathew Hall
,
Nicolas Papernot
,
Vaughn Betz
Proceedings of the International Conference on Field-Programmable Technology, 2020

Third International Workshop on Dependable and Secure Machine Learning - DSML 2020.
[BibTeX]
[DOI]
Homa Alemzadeh
,
Rakesh Bobba
,
Varun Chandrasekaran
,
David E. Evans
,
Nicolas Papernot
,
Karthik Pattabiraman
,
Florian Tramèr
Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, 2020

2019
How Relevant Is the Turing Test in the Age of Sophisbots?
[BibTeX]
[DOI]
Dan Boneh
,
Andrew J. Grotto
,
Patrick D. McDaniel
,
Nicolas Papernot
IEEE Secur. Priv., 2019

Distribution Density, Tails, and Outliers in Machine Learning: Metrics and Applications.
[BibTeX]
[DOI]
Nicholas Carlini
,
Úlfar Erlingsson
,
Nicolas Papernot
CoRR, 2019

Improving Differentially Private Models with Active Learning.
[BibTeX]
[DOI]
Zhengli Zhao
,
Nicolas Papernot
,
Sameer Singh
,
Neoklis Polyzotis
,
Augustus Odena
CoRR, 2019

High-Fidelity Extraction of Neural Network Models.
[BibTeX]
[DOI]
Matthew Jagielski
,
Nicholas Carlini
,
David Berthelot
,
Alex Kurakin
,
Nicolas Papernot
CoRR, 2019

Exploiting Excessive Invariance caused by Norm-Bounded Adversarial Robustness.
[BibTeX]
[DOI]
Jörn-Henrik Jacobsen
,
Jens Behrmann
,
Nicholas Carlini
,
Florian Tramèr
,
Nicolas Papernot
CoRR, 2019

On Evaluating Adversarial Robustness.
[BibTeX]
[DOI]
Nicholas Carlini
,
Anish Athalye
,
Nicolas Papernot
,
Wieland Brendel
,
Jonas Rauber
,
Dimitris Tsipras
,
Ian J. Goodfellow
,
Aleksander Madry
,
Alexey Kurakin
CoRR, 2019

MixMatch: A Holistic Approach to Semi-Supervised Learning.
[BibTeX]
[DOI]
David Berthelot
,
Nicholas Carlini
,
Ian J. Goodfellow
,
Nicolas Papernot
,
Avital Oliver
,
Colin Raffel
Proceedings of the Advances in Neural Information Processing Systems 32: Annual Conference on Neural Information Processing Systems 2019, 2019

Analyzing and Improving Representations with the Soft Nearest Neighbor Loss.
[BibTeX]
[DOI]
Nicholas Frosst
,
Nicolas Papernot
,
Geoffrey E. Hinton
Proceedings of the 36th International Conference on Machine Learning, 2019

2018
A Marauder's Map of Security and Privacy in Machine Learning.
[BibTeX]
[DOI]
Nicolas Papernot
CoRR, 2018

Adversarial Vision Challenge.
[BibTeX]
[DOI]
Wieland Brendel
,
Jonas Rauber
,
Alexey Kurakin
,
Nicolas Papernot
,
Behar Veliqi
,
Marcel Salathé
,
Sharada P. Mohanty
,
Matthias Bethge
CoRR, 2018

Deep k-Nearest Neighbors: Towards Confident, Interpretable and Robust Deep Learning.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
CoRR, 2018

Adversarial Examples that Fool both Human and Computer Vision.
[BibTeX]
[DOI]
Gamaleldin F. Elsayed
,
Shreya Shankar
,
Brian Cheung
,
Nicolas Papernot
,
Alex Kurakin
,
Ian J. Goodfellow
,
Jascha Sohl-Dickstein
CoRR, 2018

Making machine learning robust against adversarial inputs.
[BibTeX]
[DOI]
Ian J. Goodfellow
,
Patrick D. McDaniel
,
Nicolas Papernot
Commun. ACM, 2018

Adversarial Examples that Fool both Computer Vision and Time-Limited Humans.
[BibTeX]
[DOI]
Gamaleldin F. Elsayed
,
Shreya Shankar
,
Brian Cheung
,
Nicolas Papernot
,
Alexey Kurakin
,
Ian J. Goodfellow
,
Jascha Sohl-Dickstein
Proceedings of the Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018, 2018

Ensemble Adversarial Training: Attacks and Defenses.
[BibTeX]
[DOI]
Florian Tramèr
,
Alexey Kurakin
,
Nicolas Papernot
,
Ian J. Goodfellow
,
Dan Boneh
,
Patrick D. McDaniel
Proceedings of the 6th International Conference on Learning Representations, 2018

Scalable Private Learning with PATE.
[BibTeX]
[DOI]
Nicolas Papernot
,
Shuang Song
,
Ilya Mironov
,
Ananth Raghunathan
,
Kunal Talwar
,
Úlfar Erlingsson
Proceedings of the 6th International Conference on Learning Representations, 2018

SoK: Security and Privacy in Machine Learning.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Arunesh Sinha
,
Michael P. Wellman
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018

A Marauder's Map of Security and Privacy in Machine Learning: An overview of current and future research directions for making machine learning secure and private.
[BibTeX]
[DOI]
Nicolas Papernot
Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security, 2018

Detection under Privileged Information.
[BibTeX]
[DOI]
Z. Berkay Celik
,
Patrick D. McDaniel
,
Rauf Izmailov
,
Nicolas Papernot
,
Ryan Sheatsley
,
Raquel Alvarez
,
Ananthram Swami
Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

2017
On the Protection of Private Information in Machine Learning Systems: Two Recent Approaches.
[BibTeX]
[DOI]
Martín Abadi
,
Úlfar Erlingsson
,
Ian J. Goodfellow
,
H. Brendan McMahan
,
Ilya Mironov
,
Nicolas Papernot
,
Kunal Talwar
,
Li Zhang
CoRR, 2017

The Space of Transferable Adversarial Examples.
[BibTeX]
[DOI]
Florian Tramèr
,
Nicolas Papernot
,
Ian J. Goodfellow
,
Dan Boneh
,
Patrick D. McDaniel
CoRR, 2017

Ensemble Adversarial Training: Attacks and Defenses.
[BibTeX]
[DOI]
Florian Tramèr
,
Alexey Kurakin
,
Nicolas Papernot
,
Dan Boneh
,
Patrick D. McDaniel
CoRR, 2017

Extending Defensive Distillation.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
CoRR, 2017

On the (Statistical) Detection of Adversarial Examples.
[BibTeX]
[DOI]
Kathrin Grosse
,
Praveen Manoharan
,
Nicolas Papernot
,
Michael Backes
,
Patrick D. McDaniel
CoRR, 2017

Semi-supervised Knowledge Transfer for Deep Learning from Private Training Data.
[BibTeX]
[DOI]
Nicolas Papernot
,
Martín Abadi
,
Úlfar Erlingsson
,
Ian J. Goodfellow
,
Kunal Talwar
Proceedings of the 5th International Conference on Learning Representations, 2017

Adversarial Attacks on Neural Network Policies.
[BibTeX]
[DOI]
Sandy H. Huang
,
Nicolas Papernot
,
Ian J. Goodfellow
,
Yan Duan
,
Pieter Abbeel
Proceedings of the 5th International Conference on Learning Representations, 2017

Adversarial Examples for Malware Detection.
[BibTeX]
[DOI]
Kathrin Grosse
,
Nicolas Papernot
,
Praveen Manoharan
,
Michael Backes
,
Patrick D. McDaniel
Proceedings of the Computer Security - ESORICS 2017, 2017

On the Protection of Private Information in Machine Learning Systems: Two Recent Approches.
[BibTeX]
[DOI]
Martín Abadi
,
Úlfar Erlingsson
,
Ian J. Goodfellow
,
H. Brendan McMahan
,
Ilya Mironov
,
Nicolas Papernot
,
Kunal Talwar
,
Li Zhang
Proceedings of the 30th IEEE Computer Security Foundations Symposium, 2017

Practical Black-Box Attacks against Machine Learning.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Ian J. Goodfellow
,
Somesh Jha
,
Z. Berkay Celik
,
Ananthram Swami
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017

2016
Machine Learning in Adversarial Settings.
[BibTeX]
[DOI]
Patrick D. McDaniel
,
Nicolas Papernot
,
Z. Berkay Celik
IEEE Secur. Priv., 2016

Towards the Science of Security and Privacy in Machine Learning.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Arunesh Sinha
,
Michael P. Wellman
CoRR, 2016

Practical Black-Box Attacks against Deep Learning Systems using Adversarial Examples.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Ian J. Goodfellow
,
Somesh Jha
,
Z. Berkay Celik
,
Ananthram Swami
CoRR, 2016

Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Ian J. Goodfellow
CoRR, 2016

On the Effectiveness of Defensive Distillation.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
CoRR, 2016

Adversarial Perturbations Against Deep Neural Networks for Malware Classification.
[BibTeX]
[DOI]
Kathrin Grosse
,
Nicolas Papernot
,
Praveen Manoharan
,
Michael Backes
,
Patrick D. McDaniel
CoRR, 2016

cleverhans v0.1: an adversarial machine learning library.
[BibTeX]
[DOI]
Ian J. Goodfellow
,
Nicolas Papernot
,
Patrick D. McDaniel
CoRR, 2016

Building Better Detection with Privileged Information.
[BibTeX]
[DOI]
Z. Berkay Celik
,
Patrick D. McDaniel
,
Rauf Izmailov
,
Nicolas Papernot
,
Ananthram Swami
CoRR, 2016

Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Xi Wu
,
Somesh Jha
,
Ananthram Swami
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Crafting adversarial input sequences for recurrent neural networks.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Ananthram Swami
,
Richard E. Harang
Proceedings of the 2016 IEEE Military Communications Conference, 2016

Mapping sample scenarios to operational models.
[BibTeX]
[DOI]
Z. Berkay Celik
,
Nan Hu
,
Yun Li
,
Nicolas Papernot
,
Patrick D. McDaniel
,
Robert J. Walls
,
Jeff Rowe
,
Karl N. Levitt
,
Novella Bartolini
,
Thomas F. La Porta
,
Ritu Chadha
Proceedings of the 2016 IEEE Military Communications Conference, 2016

The Limitations of Deep Learning in Adversarial Settings.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Somesh Jha
,
Matt Fredrikson
,
Z. Berkay Celik
,
Ananthram Swami
Proceedings of the IEEE European Symposium on Security and Privacy, 2016

2015
Enforcing agile access control policies in relational databases using views.
[BibTeX]
[DOI]
Nicolas Papernot
,
Patrick D. McDaniel
,
Robert J. Walls
Proceedings of the 34th IEEE Military Communications Conference, 2015

2014
Security and Science of Agility.
[BibTeX]
[DOI]
Patrick D. McDaniel
,
Trent Jaeger
,
Thomas F. La Porta
,
Nicolas Papernot
,
Robert J. Walls
,
Alexander Kott
,
Lisa M. Marvel
,
Ananthram Swami
,
Prasant Mohapatra
,
Srikanth V. Krishnamurthy
,
Iulian Neamtiu
Proceedings of the First ACM Workshop on Moving Target Defense, 2014


  Loading...