| Advances and open problems in federated learning P Kairouz, HB McMahan, B Avent, A Bellet, M Bennis, AN Bhagoji, ... Foundations and Trends® in Machine Learning 14 (1–2), 1-210, 2021 | 2926 | 2021 |
| Analyzing federated learning through an adversarial lens AN Bhagoji, S Chakraborty, P Mittal, S Calo International Conference on Machine Learning, 634-643, 2019 | 634 | 2019 |
| Enhancing Robustness of Machine Learning Systems via Data Transformations AN Bhagoji, D Cullina, C Sitawarin, P Mittal arXiv preprint arXiv:1704.02654, 2017 | 335* | 2017 |
| Practical black-box attacks on deep neural networks using efficient query mechanisms AN Bhagoji, W He, B Li, D Song Proceedings of the European conference on computer vision (ECCV), 154-169, 2018 | 270* | 2018 |
| Darts: Deceiving autonomous cars with toxic signs C Sitawarin, AN Bhagoji, A Mosenia, M Chiang, P Mittal arXiv preprint arXiv:1802.06430, 2018 | 223 | 2018 |
| PAC-learning in the presence of evasion adversaries D Cullina, AN Bhagoji, P Mittal Advances in Neural Information Processing Systems, 228-239, 2018 | 110* | 2018 |
| Backdoor attacks on facial recognition in the physical world E Wenger, J Passananti, AN Bhagoji, Y Yao, H Zheng, BY Zhao arXiv preprint arXiv:2006.14580, 2020 | 81* | 2020 |
| Lower bounds on adversarial robustness from optimal transport AN Bhagoji, D Cullina, P Mittal Advances in Neural Information Processing Systems 32, 2019 | 73 | 2019 |
| Rogue signs: Deceiving traffic sign recognition with malicious ads and logos C Sitawarin, AN Bhagoji, A Mosenia, P Mittal, M Chiang arXiv preprint arXiv:1801.02780, 2018 | 68 | 2018 |
| PatchGuard: A Provably Robust Defense against Adversarial Patches via Small Receptive Fields and Masking. C Xiang, AN Bhagoji, V Sehwag, P Mittal USENIX Security Symposium, 2237-2254, 2021 | 57 | 2021 |
| Analyzing the robustness of open-world machine learning V Sehwag, AN Bhagoji, L Song, C Sitawarin, D Cullina, M Chiang, P Mittal Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security …, 2019 | 56* | 2019 |
| Model poisoning attacks in federated learning AN Bhagoji, S Chakraborty, P Mittal, S Calo Proc. Workshop Secur. Mach. Learn.(SecML) 32nd Conf. Neural Inf. Process …, 2018 | 42 | 2018 |
| Patch-based defenses against web fingerprinting attacks S Shan, AN Bhagoji, H Zheng, BY Zhao Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security …, 2021 | 19* | 2021 |
| Sparsefed: Mitigating model poisoning attacks in federated learning with sparsification A Panda, S Mahloujifar, AN Bhagoji, S Chakraborty, P Mittal International Conference on Artificial Intelligence and Statistics, 7587-7624, 2022 | 14 | 2022 |
| A critical evaluation of open-world machine learning L Song, V Sehwag, AN Bhagoji, P Mittal arXiv preprint arXiv:2007.04391, 2020 | 12 | 2020 |
| Poison forensics: Traceback of data poisoning attacks in neural networks S Shan, AN Bhagoji, H Zheng, BY Zhao 31st USENIX Security Symposium (USENIX Security 22), 3575-3592, 2022 | 8* | 2022 |
| Not all pixels are born equal: An analysis of evasion attacks under locality constraints V Sehwag, C Sitawarin, AN Bhagoji, A Mosenia, M Chiang, P Mittal Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications …, 2018 | 7 | 2018 |
| Black-box Attacks on Deep Neural Networks via Gradient Estimation AN Bhagoji, W He, B Li, D Song ICLR Workshop, 2018 | 7 | 2018 |
| Equivalence of 2D color codes (without translational symmetry) to surface codes A Bhagoji, P Sarvepalli 2015 IEEE International Symposium on Information Theory (ISIT), 1109-1113, 2015 | 7 | 2015 |
| A nano-satellite mission to study charged particle precipitation from the Van Allen radiation belts caused due to Seismo-electromagnetic emissions N Sivadas, A Gulati, D Kannapan, AS Yalamarthy, A Dhiman, A Bhagoji, ... arXiv preprint arXiv:1411.6034, 2014 | 7 | 2014 |
Prateek MittalProfessor, Princeton UniversityVerified email at princeton.edu
