Deep feature space trojan attack of neural networks by controlled detoxification S Cheng, Y Liu, S Ma, X Zhang Proceedings of the AAAI Conference on Artificial Intelligence 35 (2), 1148-1156, 2021 | 140 | 2021 |
Backdoor scanning for deep neural networks through k-arm optimization G Shen, Y Liu, G Tao, S An, Q Xu, S Cheng, S Ma, X Zhang International Conference on Machine Learning, 9525-9536, 2021 | 108 | 2021 |
Towards feature space adversarial attack by style perturbation Q Xu, G Tao, S Cheng, X Zhang Proceedings of the AAAI Conference on Artificial Intelligence 35 (12), 10523 …, 2021 | 54* | 2021 |
Flip: A provable defense framework for backdoor mitigation in federated learning K Zhang, G Tao, Q Xu, S Cheng, S An, Y Liu, S Feng, G Shen, PY Chen, ... ICLR 2023 (Best Paper Award at ECCV 2022 AROW Workshop), 2022 | 35 | 2022 |
Detecting backdoors in pre-trained encoders S Feng, G Tao, S Cheng, G Shen, X Xu, Y Liu, K Zhang, S Ma, X Zhang Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2023 | 28 | 2023 |
Backdoor vulnerabilities in normally trained deep learning models G Tao, Z Wang, S Cheng, S Ma, S An, Y Liu, G Shen, Z Zhang, Y Mao, ... arXiv preprint arXiv:2211.15929, 2022 | 14 | 2022 |
BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense S Cheng, G Tao, Y Liu, S An, X Xu, S Feng, G Shen, K Zhang, Q Xu, S Ma, ... 30th Annual Network And Distributed System Security Symposium (NDSS 2023), 2023 | 11 | 2023 |
On large language models’ resilience to coercive interrogation Z Zhang, G Shen, G Tao, S Cheng, X Zhang 2024 IEEE Symposium on Security and Privacy (SP), 252-252, 2024 | 10* | 2024 |
Elijah: Eliminating backdoors injected in diffusion models via distribution shift S An, SY Chou, K Zhang, Q Xu, G Tao, G Shen, S Cheng, S Ma, PY Chen, ... Proceedings of the AAAI Conference on Artificial Intelligence 38 (10), 10847 …, 2024 | 8* | 2024 |
Medic: Remove model backdoors via importance driven cloning Q Xu, G Tao, J Honorio, Y Liu, S An, G Shen, S Cheng, X Zhang Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2023 | 8* | 2023 |
Opening a Pandora's box: things you should know in the era of custom GPTs G Tao, S Cheng, Z Zhang, J Zhu, G Shen, X Zhang arXiv preprint arXiv:2401.00905, 2023 | 6 | 2023 |
Improving binary code similarity transformer models by semantics-driven instruction deemphasis X Xu, S Feng, Y Ye, G Shen, Z Su, S Cheng, G Tao, Q Shi, Z Zhang, ... Proceedings of the 32nd ACM SIGSOFT International Symposium on Software …, 2023 | 6 | 2023 |
Hard-label black-box universal adversarial patch attack G Tao, S An, S Cheng, G Shen, X Zhang 32nd USENIX Security Symposium (USENIX Security 23), 697-714, 2023 | 5 | 2023 |
Lmpa: Improving decompilation by synergy of large language model and program analysis X Xu, Z Zhang, S Feng, Y Ye, Z Su, N Jiang, S Cheng, L Tan, X Zhang arXiv preprint arXiv:2306.02546, 2023 | 5 | 2023 |
Deck: Model hardening for defending pervasive backdoors G Tao, Y Liu, S Cheng, S An, Z Zhang, Q Xu, G Shen, X Zhang arXiv preprint arXiv:2206.09272, 2022 | 5 | 2022 |
Django: Detecting trojans in object detection models via gaussian focus calibration G Shen, S Cheng, G Tao, K Zhang, Y Liu, S An, S Ma, X Zhang Advances in Neural Information Processing Systems 36, 2024 | 3 | 2024 |
Rapid optimization for jailbreaking llms via subconscious exploitation and echopraxia G Shen, S Cheng, K Zhang, G Tao, S An, L Yan, Z Zhang, S Ma, X Zhang arXiv preprint arXiv:2402.05467, 2024 | 3 | 2024 |
: Detoxing Deep Learning Dataset L Yan, S Cheng, G Shen, G Tao, X Chen, K Zhang, Y Mao, X Zhang NeurIPS 2023 Workshop on Backdoors in Deep Learning-The Good, the Bad, and …, 2023 | 3 | 2023 |
Lotus: Evasive and resilient backdoor attacks through sub-partitioning S Cheng, G Tao, Y Liu, G Shen, S An, S Feng, X Xu, K Zhang, S Ma, ... Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2024 | 2 | 2024 |
Exploring the Orthogonality and Linearity of Backdoor Attacks K Zhang, S Cheng, G Shen, G Tao, S An, A Makur, S Ma, X Zhang 2024 IEEE Symposium on Security and Privacy (SP), 225-225, 2024 | 1 | 2024 |