| Provable defenses against adversarial examples via the convex outer adversarial polytope E Wong, JZ Kolter arXiv preprint arXiv:1711.00851, 2017 | 1767 | 2017 |
| Fast is better than free: Revisiting adversarial training E Wong, L Rice, JZ Kolter arXiv preprint arXiv:2001.03994, 2020 | 1416 | 2020 |
| Overfitting in adversarially robust deep learning L Rice, E Wong, Z Kolter International Conference on Machine Learning, 8093-8104, 2020 | 992 | 2020 |
| Scaling provable adversarial defenses E Wong, F Schmidt, JH Metzen, JZ Kolter Advances in Neural Information Processing Systems, 8400-8409, 2018 | 491 | 2018 |
| Jailbreaking black box large language models in twenty queries P Chao, A Robey, E Dobriban, H Hassani, GJ Pappas, E Wong arXiv preprint arXiv:2310.08419, 2023 | 439 | 2023 |
| Wasserstein adversarial examples via projected sinkhorn iterations E Wong, F Schmidt, Z Kolter International Conference on Machine Learning, 6808-6817, 2019 | 268 | 2019 |
| Faithful Chain-of-Thought Reasoning Q Lyu, S Havaldar, A Stein, L Zhang, D Rao, E Wong, M Apidianaki, ... arXiv preprint arXiv:2301.13379, 2023 | 217 | 2023 |
| Smoothllm: Defending large language models against jailbreaking attacks A Robey, E Wong, H Hassani, GJ Pappas arXiv preprint arXiv:2310.03684, 2023 | 214 | 2023 |
| Adversarial robustness against the union of multiple perturbation models P Maini, E Wong, Z Kolter International Conference on Machine Learning, 6640-6650, 2020 | 192 | 2020 |
| Black box adversarial prompting for foundation models N Maus, P Chao, E Wong, J Gardner arXiv preprint arXiv:2302.04237, 2023 | 102* | 2023 |
| JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models P Chao, E Debenedetti, A Robey, M Andriushchenko, F Croce, V Sehwag, ... arXiv preprint arXiv:2404.01318, 2024 | 95 | 2024 |
| Leveraging sparse linear layers for debuggable deep networks E Wong, S Santurkar, A Madry International Conference on Machine Learning, 11205-11216, 2021 | 90 | 2021 |
| Salun: Empowering machine unlearning via gradient-based weight saliency in both image classification and generation C Fan, J Liu, Y Zhang, E Wong, D Wei, S Liu arXiv preprint arXiv:2310.12508, 2023 | 85 | 2023 |
| Learning perturbation sets for robust machine learning E Wong, JZ Kolter arXiv preprint arXiv:2007.08450, 2020 | 83 | 2020 |
| Certified patch robustness via smoothed vision transformers H Salman, S Jain, E Wong, A Madry Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2022 | 72 | 2022 |
| In-context Example Selection with Influences T Nguyen, E Wong arXiv preprint arXiv:2302.11042, 2023 | 45 | 2023 |
| A Data-Based Perspective on Transfer Learning S Jain, H Salman, A Khaddaj, E Wong, SM Park, A Mądry Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2023 | 43 | 2023 |
| When does Bias Transfer in Transfer Learning? H Salman, S Jain, A Ilyas, L Engstrom, E Wong, A Madry arXiv preprint arXiv:2207.02842, 2022 | 37 | 2022 |
| Defending Large Language Models against Jailbreak Attacks via Semantic Smoothing J Ji, B Hou, A Robey, GJ Pappas, H Hassani, Y Zhang, E Wong, S Chang arXiv preprint arXiv:2402.16192, 2024 | 30 | 2024 |
| Missingness Bias in Model Debugging S Jain, H Salman, E Wong, P Zhang, V Vineet, S Vemprala, A Madry International Conference on Learning Representations, 2021 | 30 | 2021 |