Deep Learning is the most widely used tool in the contemporary field of computer vision. Its
ability to accurately solve complex problems is employed in vision research to learn deep …

Smarter applications are making better use of the insights gleaned from data, having an
impact on every industry and research discipline. At the core of this revolution lies the tools …

Adaptive attacks have (rightfully) become the de facto standard for evaluating defenses to
adversarial examples. We find, however, that typical adaptive evaluations are incomplete …

In federated learning, multiple client devices jointly learn a machine learning model: each
client device maintains a local model for its local training dataset, while a master device …

We show how to turn any classifier that classifies well under Gaussian noise into a new
classifier that is certifiably robust to adversarial perturbations under the L2 norm. While this" …

The goal of a decision-based adversarial attack on a trained model is to generate
adversarial examples based solely on observing output labels returned by the targeted …

Recent works have shown the effectiveness of randomized smoothing as a scalable
technique for building neural network-based classifiers that are provably robust to $\ell_2 …

Finding minimum distortion of adversarial examples and thus certifying robustness in neural
networks classifiers is known to be a challenging problem. Nevertheless, recently it has …

Machine learning (ML) has become a core component of many real-world applications and
training data is a key factor that drives current progress. This huge success has led Internet …

In a membership inference attack, an attacker aims to infer whether a data sample is in a
target classifier's training dataset or not. Specifically, given a black-box access to the target …