Towards deep learning models resistant to adversarial attacks A Madry, A Makelov, L Schmidt, D Tsipras, A Vladu Proceedings of the International Conference on Representation Learning (ICLR …, 2018 | 12252 | 2018 |
How does batch normalization help optimization? S Santurkar, D Tsipras, A Ilyas, A Madry Advances in neural information processing systems 31, 2018 | 2100 | 2018 |
Adversarial examples are not bugs, they are features A Ilyas, S Santurkar, D Tsipras, L Engstrom, B Tran, A Madry Advances in neural information processing systems 32, 2019 | 1962 | 2019 |
Robustness may be at odds with accuracy D Tsipras, S Santurkar, L Engstrom, A Turner, A Madry Proceedings of the International Conference on Representation Learning (ICLR …, 2019 | 1878 | 2019 |
On evaluating adversarial robustness N Carlini, A Athalye, N Papernot, W Brendel, J Rauber, D Tsipras, ... arXiv preprint arXiv:1902.06705, 2019 | 961 | 2019 |
Exploring the landscape of spatial robustness L Engstrom, B Tran, D Tsipras, L Schmidt, A Madry International conference on machine learning, 1802-1811, 2019 | 854* | 2019 |
On adaptive attacks to adversarial example defenses F Tramer, N Carlini, W Brendel, A Madry Advances in neural information processing systems 33, 1633-1645, 2020 | 852 | 2020 |
Adversarially robust generalization requires more data L Schmidt, S Santurkar, D Tsipras, K Talwar, A Madry Advances in neural information processing systems 31, 2018 | 838 | 2018 |
Spectral signatures in backdoor attacks B Tran, J Li, A Madry Advances in neural information processing systems 31, 2018 | 770 | 2018 |
Do adversarially robust imagenet models transfer better? H Salman, A Ilyas, L Engstrom, A Kapoor, A Madry Advances in Neural Information Processing Systems 33, 3533-3545, 2020 | 420 | 2020 |
Prior convictions: Black-box adversarial attacks with bandits and priors A Ilyas, L Engstrom, A Madry arXiv preprint arXiv:1807.07978, 2018 | 412 | 2018 |
Electrical flows, laplacian systems, and faster approximation of maximum flow in undirected graphs P Christiano, JA Kelner, A Madry, DA Spielman, SH Teng Proceedings of the forty-third annual ACM symposium on Theory of computing …, 2011 | 408 | 2011 |
Noise or signal: The role of image backgrounds in object recognition K Xiao, L Engstrom, A Ilyas, A Madry arXiv preprint arXiv:2006.09994, 2020 | 347 | 2020 |
Label-consistent backdoor attacks A Turner, D Tsipras, A Madry arXiv preprint arXiv:1912.02771, 2019 | 338 | 2019 |
Navigating central path with electrical flows: From flows to matchings, and back A Madry 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, 253-262, 2013 | 296 | 2013 |
An O(log n/log log n)-Approximation Algorithm for the Asymmetric Traveling Salesman Problem A Asadpour, MX Goemans, A Mądry, SO Gharan, A Saberi Operations Research 65 (4), 1043-1061, 2017 | 263 | 2017 |
Implementation matters in deep rl: A case study on ppo and trpo L Engstrom, A Ilyas, S Santurkar, D Tsipras, F Janoos, L Rudolph, ... International conference on learning representations, 2019 | 262 | 2019 |
Adversarial robustness as a prior for learned representations L Engstrom, A Ilyas, S Santurkar, D Tsipras, B Tran, A Madry arXiv preprint arXiv:1906.00945, 2019 | 251* | 2019 |
Image synthesis with a single (robust) classifier S Santurkar, A Ilyas, D Tsipras, L Engstrom, B Tran, A Madry Advances in Neural Information Processing Systems 32, 2019 | 221* | 2019 |
Training for faster adversarial robustness verification via inducing relu stability KY Xiao, V Tjeng, NM Shafiullah, A Madry arXiv preprint arXiv:1809.03008, 2018 | 217 | 2018 |