This page collects traditional research outputs of CATCH: peer-reviewed publications as well as preprints. Where available, links are provided to publisher sites, preprints, and code repositories.

2023

Yiding Chen, Xiaojin Zhu, and Kirthevasan Kandasamy. “Mechanism design for collaborative normal mean estimation.” In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted spotlight, 2023. [preprint]

Matt Fredrikson, Kaiji Lu, Somesh Jha, Saranya Vijayakumar, Vijay Ganesh, and Zifan Wang. “Grounding Neural Inference with Satisfiability Modulo Theories.” In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted spotlight, 2023.

Zhuoqun Huang, Neil G. Marchant, Keane Lucas, Lujo Bauer, Olga Ohrimenko, and Benjamin I. P. Rubinstein. “RS-Del: Edit distance robustness certificates for sequence classifiers”. In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted, 2023. [preprint]

Kai Hu, Andy Zou, Zifan Wang, Klas Leino, and Matt Fredrikson. “Scaling in Depth: Unlocking Robustness Certification on ImageNet.” In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted, 2023. [preprint]

Xuefeng Du, Yiyou Sun, Xiaojin Zhu, and Yixuan Li. “Dream the impossible: Outlier imagination with diffusion models”. In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted, 2023. [preprint]

Nicholas Franzese, Adam Dziedzic, Christopher A. Choquette-Choo, Mark R. Thomas, Muhammad Ahmad Kaleem, Stephan Rabanser, Congyu Fang, Somesh Jha, Nicolas Papernot, and Xiao Wang. “Doubly Robust Peer-To-Peer Learning Protocol”. In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted, 2023.

Nicholas Rittler and Kamalika Chaudhuri. “Agnostic Multi-group Active Learning”. In Advances in Neural Information Processing Systems (NeurIPS 2023), accepted, 2023. [preprint]

Keane Lucas, Samruddhi Pai, Weiran Lin, Lujo Bauer, Michael K. Reiter, and Mahmood Sharif. “Adversarial Training for Raw-Binary Malware Classifiers”. In 32nd USENIX Security Symposium (USENIX Security 23), pp. 1163-1180, 2023.

Murray S. Bennett, Laiton Gregory Hedley, Jonathon Love, Joseph W. Houpt, Scott D. Brown, and Ami Eidels. “Human Performance in Competitive and Collaborative Human-Machine Teams”. In Topics in Cognitive Science, 2023. [preprint]

Nicholas Rittler and Kamalika Chaudhuri. “A Two-Stage Active Learning Algorithm for k-nearest neighbour classification”, In Proceedings of the 40th International Conference on Machine Learning (ICML 2023), PMLR 202:29103-29129, 2023. [preprint]

Benjamin Tag, Niels van Berkel, Sunny Verma, Benjamin Zhao, Shlomo Berkovsky, Mohamed Ali Kaafar, Vassilis Kostakos, and Olga Ohrimenko. “DDoD: Dual Denial of Decision Attacks on Human-AI Teams”. In: IEEE Pervasive Computing, volume 22, pp. 77-84, 2023. [preprint]

Tyler Malloy, Yinuo Du, Fei Fang, and Cleotilde Gonzalez. “Accounting for Transfer of Learning using Human Behavior Models”. In 11th AAAI Conference on Human Computation and Crowdsourcing (HCOMP 2023), accepted, 2023.

Yinuo Du, Tyler Malloy, Baptiste Prébot, and Cleotilde Gonzalez. “A cyber-war between bots: Cognitive attackers are more challenging for defenders than strategic attackers”. In ACM Transactions on Social Computing, to appear, 2023.

Washington Garcia, Pin-Yu Chen, Hamilton Scott Clouse, Somesh Jha, and Kevin R.B. Butler. “Less is More: Dimension Reduction Finds On-Manifold Adversarial Examples in Hard-Label Attacks”. In 2023 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), pp. 254-270, 2023.

Zhifeng Kong and Kamalika Chaudhuri. “Data Redaction from Pre-trained GANs”. In 2023 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), pp. 638-677, 2023. [preprint]

Yinuo Du, Baptiste Prébot, Xiaoli Xi, and Cleotilde Gonzalez. “A Cyber-War Between Bots: Human-Like Attackers are More Challenging for Defenders than Deterministic Attackers”. In Proceedings of the 56 Hawaii International Conference on System Sciences (HICSS), pp. 856-865, 2023.

Yiding Chen, Xuezhou Zhang, Kaiqing Zhang, Mengdi Wang, and Xiaojin Zhu. “Byzantine robust online and offline distributed reinforcement learning”. In Proceedings of The 26th International Conference on Artificial Intelligence and Statistics (AISTATS 2023), PMLR 206:3230-3269, 2023. [preprint]

Tyler Malloy and Cleotilde Gonzalez. “Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning in Cybersecurity Games”. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 458-464, 2023. [preprint]

Toby Murray, Pengbo Yan, and Gidon Ernst. “Compositional Vulnerability Detection with Insecurity Separation Logic”. In 24th International Conference on Formal Engineering Methods, ICFEM, accepted, 2023. [preprint]

Baptiste Prébot, Yinuo Du, and Cleotilde Gonzalez. “Learning About Simulated Adversaries from Human Defenders using Interactive Cyber-Defense Games”, arXiv:2304.01142 [cs.CR], 2023. [preprint]

Zhifeng Kong and Kamalika Chaudhuri. “Data Redaction from Conditional Generative Models”, arXiv:2305.11351 [cs.LG], 2023. [preprint]

Andy Zou, Zifan Wang, J. Zico Kolter, and Matt Fredrikson. “Universal and Transferable Adversarial Attacks on Aligned Language Models”, arXiv:2307.15043 [cs.CL], 2023. [preprint] [code]

Matt Fredrikson, Kaiji Lu, Saranya Vijayakumar, Somesh Jha, Vijay Ganesh, and Zifan Wang. “Learning Modulo Theories”, arXiv:2301.11435 [cs.LG], 2023. [preprint]

2022

Ryan Sheatsley, Blaine Hoak, Eric Pauley, and Patrick McDaniel. “The Space of Adversarial Strategies”. In: Proceedings of the 32nd USENIX Security Symposium, pp. 3745-3761, 2023. [preprint]

Jiankai Jin, Eleanor McMurtry, Benjamin I. P. Rubinstein, and Olga Ohrimenko. “Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems”. In: Proceedings of the 43rd IEEE Symposium on Security and Privacy, pp. 1547-1547, 2022. [preprint]

Zi Wang, Gautam Prakriya, and Somesh Jha. “A Quantitative Geometric Approach to Neural-Network Smoothness”. In Advances in Neural Information Processing Systems 35 (NeurIPS 2022), pp. 34201-34215, 2022. [preprint]

Shubham Bharti, Xuezhou Zhang, Adish Singla, and Jerry Zhu. “Provable Defense against Backdoor Policies in Reinforcement Learning”. In Advances in Neural Information Processing Systems 35 (NeurIPS 2022), pp. 14704-14714, 2022. [preprint]

Yinuo Du, Baptiste Prébot, Xiaoli Xi, and Cleotilde Gonzalez. “Towards Autonomous Cyber Defense: Predictions from a cognitive model”. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 66(1), 1121-–1125, 2022.

Daniel Gibert, Matt Fredrikson, Carles Mateu, Jordi Planes, and Quan Le. “Enhancing the insertion of NOP instructions to obfuscate malware via deep reinforcement learning”. In Computers and Security, volume 113, 2022. [preprint]

Casey Meehan, Amrita Roy Chowdhury, Kamalika Chaudhuri, and Somesh Jha. “Privacy Implications of Shuffling”. In International Conference on Learning Representations (ICLR 2022), 2022.

Klas Leino, Aymeric Fromherz, Ravi Mangal, Matt Fredrikson, Bryan Parno, and Corina Păsăreanu. “Self-correcting neural networks for safe classification”. In International Workshop on Numerical Software, 2022. [preprint]

Baptiste Prébot, Yinuo Du, Xiaoli Xi, and Cleotilde Gonzalez. “Cognitive Models of Dynamic Decisions in Autonomous Intelligent Cyber Defense”, In: Proceedings of the 2nd International Conference on Autonomous Intelligent Cyber-Defense Agents (AICA), 2022.

Vijay Ganesh, Sanjit A. Seshia, and Somesh Jha. “Machine learning and logic: a new frontier in artificial intelligence”. In Formal Methods in System Design, volume 60, pp. 426–451, 2022.

Chhavi Yadav and Kamalika Chaudhuri. “Behavior of k-NN as an Instance-Based Explanation Method”. In ECML PKDD 2021: Machine Learning and Principles and Practice of Knowledge Discovery in Databases, pp. 90-96, 2022. [preprint]

Pengbo Yan. “Proving Obliviousness of Probabilistic Algorithms with Formal Verification”. In: Companion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity (SPLASH), pp. 25–28, 2022.

Laiton Gregory Hedley, Murray S. Bennett, Jonathon Love, Joe Houpt, Scott Brown, and Ami Eidels. “Dynamic Behaviour in Competitive and Collaborative Human-Machine Teams”. PsyArXiv, 2022. [preprint]

Vincent V. Frigo, Lang Chen, and Timothy T. Rogers. “A cognitive mechanism for the persistence of widespread false beliefs”, PsyArXiv, 2022. [preprint]

Yao-Yuan Yang, Chi-Ning Chou, and Kamalika Chaudhuri. “Understanding Rare Spurious Correlations in Neural Networks”, arXiv:2202.05189 [cs.LG], 2022. [preprint] [code]

Chhavi Yadav, Michal Moshkovitz, and Kamalika Chaudhuri. “XAudit: A Theoretical Look at Auditing with Explanations”, arXiv:2206.04740 [cs.LG], 2022. [preprint]

Jiankai Jin, Olga Ohrimenko, and Benjamin I. P. Rubinstein. “Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness”. arXiv:2205.10159 [cs.CR], 2022. [preprint]

2021

Zhuolin Yang, Linyi Li, Xiaojun Xu, Shiliang Zuo, Qian Chen, Pan Zhou, Benjamin I. P. Rubinstein, Ce Zhang, and Bo Li. “TRS: Transferability Reduced Ensemble via Promoting Gradient Diversity and Model Smoothness”. In: Advances in Neural Information Processing Systems 34 (NeurIPS 2021), vol 34, pp. 17642-17655, 2021. [preprint]

Robi Bhattacharjee and Kamalika Chaudhuri. “Consistent Non-Parametric Methods for Maximizing Robustness”. In Advances in Neural Information Processing Systems 34 (NeurIPS 2021), vol 34, pp. 9036-9048, 2021. [preprint]

Zhifeng Kong and Kamalika Chaudhuri. “Understanding Instance-based Interpretability of Variational Auto-Encoders”. In: Advances in Neural Information Processing Systems 34 (NeurIPS 2021), vol 34, pp. 17642-17655, 2021. [preprint]