| Federated mutual learning: a collaborative machine learning method for heterogeneous data, models, and objectives T Shen, J Zhang, X Jia, F Zhang, Z Lv, K Kuang, C Wu, F Wu Frontiers of Information Technology & Electronic Engineering 24 (10), 1390-1402, 2023 | 183* | 2023 |
| Federated learning with label distribution skew via logits calibration J Zhang, Z Li, B Li, J Xu, S Wu, S Ding, C Wu International Conference on Machine Learning, 26311-26329, 2022 | 168 | 2022 |
| Dense: Data-free one-shot federated learning J Zhang, C Chen, B Li, L Lyu, S Wu, S Ding, C Shen, C Wu Advances in Neural Information Processing Systems 35, 21414-21428, 2022 | 133* | 2022 |
| Towards efficient data free black-box adversarial attack J Zhang, B Li, J Xu, S Wu, S Ding, L Zhang, C Wu CVPR 2022, 15115-15125, 2022 | 73 | 2022 |
| Accelerating Dataset Distillation via Model Augmentation L Zhang*, J Zhang*, B Lei, S Mukherjee, X Pan, B Zhao, C Ding, Y Li, ... CVPR 2023, 2022 | 67 | 2022 |
| Target: Federated class-continual learning via exemplar-free distillation J Zhang, C Chen, W Zhuang, L Lyu Proceedings of the IEEE/CVF International Conference on Computer Vision …, 2023 | 61* | 2023 |
| Delving into the adversarial robustness of federated learning J Zhang, B Li, C Chen, L Lyu, S Wu, S Ding, C Wu AAAI 2023, 2023 | 35 | 2023 |
| Real-fake: Effective training data synthesis through distribution matching J Yuan, J Zhang, S Sun, P Torr, B Zhao International Conference on Learning Representations (ICLR), 2024 | 31 | 2024 |
| IDEAL: Query-efficient data-free learning from black-box models J Zhang, C Chen, L Lyu The Eleventh International Conference on Learning Representations, 2022 | 26* | 2022 |
| Evaluations of Machine Learning Privacy Defenses are Misleading M Aerni*, J Zhang*, F Tramèr CCS 2024, 2024 | 25 | 2024 |
| Jailbreaking prompt attack: A controllable adversarial attack against diffusion models J Ma, A Cao, Z Xiao, Y Li, J Zhang, C Ye, J Zhao NAACL 2025, 2024 | 25 | 2024 |
| Agentdojo: A dynamic environment to evaluate prompt injection attacks and defenses for LLM agents E Debenedetti, J Zhang, M Balunovic, L Beurer-Kellner, M Fischer, ... Advances in Neural Information Processing Systems 37, 82895-82920, 2025 | 24* | 2025 |
| Blind baselines beat membership inference attacks for foundation models D Das, J Zhang, F Tramèr arXiv preprint arXiv:2406.16201, 2024 | 21 | 2024 |
| Federated generative learning with foundation models J Zhang, X Qi, B Zhao arXiv preprint arXiv:2306.16064, 2023 | 18 | 2023 |
| Rethinking data distillation: Do not overlook calibration D Zhu, B Lei, J Zhang, Y Fang, Y Xie, R Zhang, D Xu Proceedings of the IEEE/CVF International Conference on Computer Vision …, 2023 | 16 | 2023 |
| Adversarial examples for good: Adversarial examples guided imbalanced learning J Zhang, L Zhang, G Li, C Wu 2022 IEEE International Conference on Image Processing (ICIP), 136-140, 2022 | 13 | 2022 |
| Diffclass: Diffusion-based class incremental learning Z Meng, J Zhang, C Yang, Z Zhan, P Zhao, Y WAng ECCV 2024, 2024 | 12 | 2024 |
| Sampling to distill: Knowledge transfer from open-world data Y Wang, Z Chen, J Zhang, D Yang, Z Ge, Y Liu, S Liu, Y Sun, W Zhang, ... Proceedings of the 32nd ACM International Conference on Multimedia, 2438-2447, 2024 | 10 | 2024 |
| Membership Inference Attacks Cannot Prove that a Model Was Trained On Your Data J Zhang, D Das, G Kamath, F Tramèr IEEE SaTML 2025, 2024 | 4 | 2024 |
| Textual unlearning gives a false sense of unlearning J Du, Z Wang, J Zhang, X Pang, J Hu, K Ren arXiv preprint arXiv:2406.13348, 2024 | 4 | 2024 |
Florian TramèrAssistant Professor of Computer Science, ETH ZurichOverená e-mailová adresa na: inf.ethz.ch