Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks F Croce, M Hein ICML 2020, 2020 | 1667 | 2020 |
Square Attack: a query-efficient black-box adversarial attack via random search M Andriushchenko*, F Croce*, N Flammarion, M Hein ECCV 2020, 2019 | 930 | 2019 |
Robustbench: a standardized adversarial robustness benchmark F Croce*, M Andriushchenko*, V Sehwag*, E Debenedetti*, N Flammarion, ... NeurIPS 2021 Datasets and Benchmarks Track, 2020 | 596 | 2020 |
Minimally distorted Adversarial Examples with a Fast Adaptive Boundary Attack F Croce, M Hein ICML 2020, 2019 | 463 | 2019 |
Sparse and Imperceivable Adversarial Attacks F Croce, M Hein ICCV 2019, 2019 | 216 | 2019 |
Provable robustness of ReLU networks via maximization of linear regions F Croce*, M Andriushchenko*, M Hein AISTATS 2019, 2018 | 183 | 2018 |
Sparse-RS: a versatile framework for query-efficient sparse black-box adversarial attacks F Croce, M Andriushchenko, ND Singh, N Flammarion, M Hein AAAI 2022, 2020 | 87 | 2020 |
Provable robustness against all adversarial lp-perturbations for p≥1 F Croce, M Hein ICLR 2020, 2019 | 82* | 2019 |
Evaluating the Adversarial Robustness of Adaptive Test-time Defenses F Croce*, S Gowal*, T Brunner*, E Shelhamer*, M Hein, T Cemgil ICML 2022, 2022 | 58 | 2022 |
Diffusion Visual Counterfactual Explanations M Augustin, V Boreiko, F Croce, M Hein arXiv preprint arXiv:2210.11841, 2022 | 55 | 2022 |
Mind the box: -APGD for sparse adversarial attacks on image classifiers F Croce, M Hein ICML 2021, 2021 | 52 | 2021 |
A modern look at the relationship between sharpness and generalization M Andriushchenko, F Croce, M Müller, M Hein, N Flammarion arXiv preprint arXiv:2302.07011, 2023 | 42 | 2023 |
Scaling up the randomized gradient-free adversarial attack reveals overestimation of robustness using established attacks F Croce*, J Rauber*, M Hein International Journal of Computer Vision, 2019 | 36 | 2019 |
A randomized gradient-free attack on ReLU networks F Croce, M Hein GCPR 2018, 2018 | 33 | 2018 |
Sparse Visual Counterfactual Explanations in Image Space V Boreiko, M Augustin, F Croce, P Berens, M Hein GCPR 2022, 2022 | 27 | 2022 |
Revisiting Adversarial Training for ImageNet: Architectures, Training and Generalization across Threat Models ND Singh, F Croce, M Hein arXiv preprint arXiv:2303.01870, 2023 | 23 | 2023 |
Adversarial Robustness against Multiple and Single -Threat Models via Quick Fine-Tuning of Robust Classifiers F Croce, M Hein ICML 2022, 2022 | 19* | 2022 |
Seasoning Model Soups for Robustness to Adversarial and Natural Distribution Shifts F Croce, SA Rebuffi, E Shelhamer, S Gowal arXiv preprint arXiv:2302.10164, 2023 | 12 | 2023 |
JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models P Chao, E Debenedetti, A Robey, M Andriushchenko, F Croce, V Sehwag, ... arXiv preprint arXiv:2404.01318, 2024 | 10 | 2024 |
Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks M Andriushchenko, F Croce, N Flammarion arXiv preprint arXiv:2404.02151, 2024 | 9 | 2024 |