default search action
Ambra Demontis
Person information
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
showing all ?? records
2020 – today
- 2024
- [j15]Antonio Emanuele Cinà
, Kathrin Grosse, Ambra Demontis
Machine Learning Security Against Data Poisoning: Are We There Yet? Computer 57(3): 26-34 (2024) - [i32]Antonio Emanuele Cinà, Jérôme Rony, Maura Pintor, Luca Demetrio, Ambra Demontis, Battista Biggio, Ismail Ben Ayed, Fabio Roli:
AttackBench: Evaluating Gradient-based Attacks for Adversarial Examples. CoRR abs/2404.19460 (2024) - [i31]Zhang Chen, Luca Demetrio, Srishti Gupta, Xiaoyi Feng, Zhaoqiang Xia, Antonio Emanuele Cinà, Maura Pintor, Luca Oneto, Ambra Demontis, Battista Biggio, Fabio Roli:
Over-parameterization and Adversarial Robustness in Neural Networks: An Overview and Empirical Analysis. CoRR abs/2406.10090 (2024) - [i30]Lu Zhang, Sangarapillai Lambotharan, Gan Zheng, Guisheng Liao, Ambra Demontis, Fabio Roli:
A Hybrid Training-time and Run-time Defense Against Adversarial Attacks in Modulation Classification. CoRR abs/2407.06807 (2024) - [i29]Raffaele Mura, Giuseppe Floris, Luca Scionis, Giorgio Piras, Maura Pintor, Ambra Demontis, Giorgio Giacinto, Battista Biggio, Fabio Roli:
HO-FMN: Hyperparameter Optimization for Fast Minimum-Norm Attacks. CoRR abs/2407.08806 (2024) - [i28]Giorgio Piras, Maura Pintor, Ambra Demontis, Battista Biggio, Giorgio Giacinto, Fabio Roli:
Adversarial Pruning: A Survey and Benchmark of Pruning Methods for Adversarial Robustness. CoRR abs/2409.01249 (2024) - 2023
- [j14]Yisroel Mirsky, Ambra Demontis, Jaidip Kotak, Ram Shankar, Gelei Deng, Liu Yang, Xiangyu Zhang, Maura Pintor
The Threat of Offensive AI to Organizations. Comput. Secur. 124: 103006 (2023) - [j13]Antonio Emanuele Cinà
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. ACM Comput. Surv. 55(13s): 294:1-294:39 (2023) - [j12]Yang Zheng, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Ambra Demontis
Why adversarial reprogramming works, when it fails, and how to tell the difference. Inf. Sci. 632: 130-143 (2023) - [j11]Yang Zheng, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Maura Pintor
Stateful detection of adversarial reprogramming. Inf. Sci. 642: 119093 (2023) - [j10]Yang Zheng, Luca Demetrio, Antonio Emanuele Cinà
Hardening RGB-D object recognition systems against adversarial patch attacks. Inf. Sci. 651: 119701 (2023) - [j9]Maura Pintor
ImageNet-Patch: A dataset for benchmarking machine learning robustness against adversarial patches. Pattern Recognit. 134: 109064 (2023) - [c21]Maura Pintor, Ambra Demontis, Battista Biggio:
Towards Machine Learning Models that We Can Trust: Testing, Improving, and Explaining Robustness. ESANN 2023 - [c20]Giorgio Piras, Giuseppe Floris
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization. ESANN 2023 - [c19]Dario Lazzaro
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training. ICIAP (2) 2023: 515-526 - [c18]Maura Pintor
Detecting Attacks Against Deep Reinforcement Learning for Autonomous Driving. ICMLC 2023: 57-62 - [c17]Giorgio Piras, Maura Pintor
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks. ICMLC 2023: 229-235 - [c16]Ambra Demontis, Maura Pintor, Luca Demetrio, Angelo Sotgiu, Daniele Angioni, Giorgio Piras, Srishti Gupta, Battista Biggio, Fabio Roli:
AI Security and Safety: The PRALab Research Experience. Ital-IA 2023: 324-328 - [c15]Maura Pintor, Giulia Orrù, Davide Maiorca, Ambra Demontis, Luca Demetrio, Gian Luca Marcialis, Battista Biggio, Fabio Roli:
Cybersecurity and AI: The PRALab Research Experience. Ital-IA 2023: 426-431 - [c14]Xinglong Chang, Katharina Dost
BAARD: Blocking Adversarial Examples by Testing for Applicability, Reliability and Decidability. PAKDD (1) 2023: 3-14 - [i27]Dario Lazzaro, Antonio Emanuele Cinà, Maura Pintor, Ambra Demontis, Battista Biggio, Fabio Roli, Marcello Pelillo:
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training. CoRR abs/2307.00368 (2023) - [i26]Yang Zheng, Luca Demetrio, Antonio Emanuele Cinà, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Ambra Demontis, Battista Biggio, Fabio Roli:
Hardening RGB-D Object Recognition Systems against Adversarial Patch Attacks. CoRR abs/2309.07106 (2023) - [i25]Giorgio Piras, Maura Pintor, Ambra Demontis, Battista Biggio:
Samples on Thin Ice: Re-Evaluating Adversarial Pruning of Neural Networks. CoRR abs/2310.08073 (2023) - [i24]Giuseppe Floris, Raffaele Mura, Luca Scionis, Giorgio Piras, Maura Pintor, Ambra Demontis, Battista Biggio:
Improving Fast Minimum-Norm Attacks with Hyperparameter Optimization. CoRR abs/2310.08177 (2023) - 2022
- [j8]Marco Melis
Do gradient-based explanations tell anything about adversarial robustness to android malware? Int. J. Mach. Learn. Cybern. 13(1): 217-232 (2022) - [j7]Stefano Melacci
Domain Knowledge Alleviates Adversarial Attacks in Multi-Label Classifiers. IEEE Trans. Pattern Anal. Mach. Intell. 44(12): 9944-9959 (2022) - [j6]Maura Pintor
secml: Secure and explainable machine learning in Python. SoftwareX 18: 101095 (2022) - [j5]Lu Zhang
A Hybrid Training-Time and Run-Time Defense Against Adversarial Attacks in Modulation Classification. IEEE Wirel. Commun. Lett. 11(6): 1161-1165 (2022) - [c13]Ambra Demontis, Xinyun Chen, Florian Tramèr:
AISec '22: 15th ACM Workshop on Artificial Intelligence and Security. CCS 2022: 3549-3551 - [c12]Maura Pintor, Luca Demetrio, Angelo Sotgiu, Ambra Demontis, Nicholas Carlini, Battista Biggio, Fabio Roli:
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. NeurIPS 2022 - [e2]Ambra Demontis, Xinyun Chen, Florian Tramèr:
Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security, AISec 2022, Los Angeles, CA, USA, 11 November 2022. ACM 2022, ISBN 978-1-4503-9880-0 [contents] - [i23]Maura Pintor, Daniele Angioni, Angelo Sotgiu, Luca Demetrio, Ambra Demontis, Battista Biggio, Fabio Roli:
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches. CoRR abs/2203.04412 (2022) - [i22]Antonio Emanuele Cinà
Energy-Latency Attacks via Sponge Poisoning. CoRR abs/2203.08147 (2022) - [i21]Antonio Emanuele Cinà
Machine Learning Security against Data Poisoning: Are We There Yet? CoRR abs/2204.05986 (2022) - [i20]Antonio Emanuele Cinà
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning. CoRR abs/2205.01992 (2022) - [i19]Yang Zheng, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Maura Pintor, Ambra Demontis, Battista Biggio, Fabio Roli:
Stateful Detection of Adversarial Reprogramming. CoRR abs/2211.02885 (2022) - [i18]Ambra Demontis, Maura Pintor, Luca Demetrio
A Survey on Reinforcement Learning Security with Application to Autonomous Driving. CoRR abs/2212.06123 (2022) - 2021
- [c11]Ambra Demontis:
Session details: Session 2B: Machine Learning for Cybersecurity. AISec@CCS 2021 - [c10]Antonio Emanuele Cinà
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers? IJCNN 2021: 1-8 - [e1]Nicholas Carlini, Ambra Demontis, Yizheng Chen:
AISec@CCS 2021: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security, Virtual Event, Republic of Korea, 15 November 2021. ACM 2021, ISBN 978-1-4503-8657-9 [contents] - [i17]Antonio Emanuele Cinà, Sebastiano Vascon, Ambra Demontis, Battista Biggio, Fabio Roli, Marcello Pelillo:
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers? CoRR abs/2103.12399 (2021) - [i16]Luke Chang, Katharina Dost, Kaiqi Zhao, Ambra Demontis, Fabio Roli, Gill Dobbie, Jörg Wicker
Intriguing Usage of Applicability Domain: Lessons from Cheminformatics Applied to Adversarial Learning. CoRR abs/2105.00495 (2021) - [i15]Antonio Emanuele Cinà, Kathrin Grosse, Sebastiano Vascon, Ambra Demontis, Battista Biggio, Fabio Roli, Marcello Pelillo:
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions. CoRR abs/2106.07214 (2021) - [i14]Maura Pintor, Luca Demetrio, Angelo Sotgiu, Giovanni Manca, Ambra Demontis, Nicholas Carlini, Battista Biggio, Fabio Roli:
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples. CoRR abs/2106.09947 (2021) - [i13]Yisroel Mirsky, Ambra Demontis, Jaidip Kotak, Ram Shankar, Gelei Deng, Liu Yang, Xiangyu Zhang, Wenke Lee, Yuval Elovici, Battista Biggio:
The Threat of Offensive AI to Organizations. CoRR abs/2106.15764 (2021) - [i12]Yang Zheng, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Ambra Demontis, Maura Pintor, Battista Biggio, Fabio Roli:
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference. CoRR abs/2108.11673 (2021) - 2020
- [j4]Davide Maiorca
Adversarial Detection of Flash Malware: Limitations and Open Issues. Comput. Secur. 96: 101901 (2020) - [j3]Angelo Sotgiu
Deep neural rejection against adversarial examples. EURASIP J. Inf. Secur. 2020: 5 (2020) - [c9]Sadia Afroz, Nicholas Carlini, Ambra Demontis
AISec'20: 13th Workshop on Artificial Intelligence and Security. CCS 2020: 2143-2144 - [i11]Marco Melis, Michele Scalas, Ambra Demontis, Davide Maiorca, Battista Biggio, Giorgio Giacinto, Fabio Roli:
Do Gradient-based Explanations Tell Anything About Adversarial Robustness to Android Malware? CoRR abs/2005.01452 (2020) - [i10]Stefano Melacci, Gabriele Ciravegna, Angelo Sotgiu, Ambra Demontis, Battista Biggio, Marco Gori, Fabio Roli:
Can Domain Knowledge Alleviate Adversarial Attacks in Multi-Label Classifiers? CoRR abs/2006.03833 (2020)
2010 – 2019
- 2019
- [j2]Ambra Demontis
Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection. IEEE Trans. Dependable Secur. Comput. 16(4): 711-724 (2019) - [c8]Ambra Demontis, Marco Melis, Maura Pintor, Matthew Jagielski, Battista Biggio, Alina Oprea, Cristina Nita-Rotaru, Fabio Roli:
Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks. USENIX Security Symposium 2019: 321-338 - [i9]Angelo Sotgiu, Ambra Demontis, Marco Melis, Battista Biggio, Giorgio Fumera, Xiaoyi Feng, Fabio Roli:
Deep Neural Rejection against Adversarial Examples. CoRR abs/1910.00470 (2019) - [i8]Marco Melis, Ambra Demontis, Maura Pintor, Angelo Sotgiu, Battista Biggio:
secml: A Python Library for Secure and Explainable Machine Learning. CoRR abs/1912.10013 (2019) - 2018
- [c7]Bojan Kolosnjaji, Ambra Demontis
Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables. EUSIPCO 2018: 533-537 - [i7]Bojan Kolosnjaji, Ambra Demontis, Battista Biggio, Davide Maiorca, Giorgio Giacinto, Claudia Eckert, Fabio Roli:
Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables. CoRR abs/1803.04173 (2018) - [i6]Ambra Demontis, Marco Melis, Maura Pintor, Matthew Jagielski, Battista Biggio, Alina Oprea, Cristina Nita-Rotaru, Fabio Roli:
On the Intriguing Connections of Regularization, Input Gradients and Transferability of Evasion and Poisoning Attacks. CoRR abs/1809.02861 (2018) - 2017
- [c6]Luis Muñoz-González
Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization. AISec@CCS 2017: 27-38 - [c5]Marco Melis
Is Deep Learning Safe for Robot Vision? Adversarial Examples Against the iCub Humanoid. ICCV Workshops 2017: 751-759 - [c4]Ambra Demontis, Battista Biggio, Giorgio Fumera, Giorgio Giacinto, Fabio Roli:
Infinity-Norm Support Vector Machines Against Adversarial Label Contamination. ITASEC 2017: 106-115 - [i5]Ambra Demontis, Marco Melis, Battista Biggio, Davide Maiorca, Daniel Arp, Konrad Rieck, Igino Corona, Giorgio Giacinto, Fabio Roli:
Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection. CoRR abs/1704.08996 (2017) - [i4]Marco Melis, Ambra Demontis, Battista Biggio, Gavin Brown, Giorgio Fumera, Fabio Roli:
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub Humanoid. CoRR abs/1708.06939 (2017) - [i3]Luis Muñoz-González, Battista Biggio, Ambra Demontis, Andrea Paudice, Vasin Wongrassamee, Emil C. Lupu, Fabio Roli:
Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization. CoRR abs/1708.08689 (2017) - [i2]Ambra Demontis, Paolo Russu, Battista Biggio, Giorgio Fumera, Fabio Roli:
On Security and Sparsity of Linear Classifiers for Adversarial Settings. CoRR abs/1709.00045 (2017) - [i1]Ambra Demontis, Marco Melis, Battista Biggio, Giorgio Fumera, Fabio Roli:
Super-sparse Learning in Similarity Spaces. CoRR abs/1712.06131 (2017) - 2016
- [j1]Ambra Demontis
Super-Sparse Learning in Similarity Spaces. IEEE Comput. Intell. Mag. 11(4): 36-45 (2016) - [c3]Paolo Russu, Ambra Demontis
Secure Kernel Machines against Evasion Attacks. AISec@CCS 2016: 59-69 - [c2]Ambra Demontis
On Security and Sparsity of Linear Classifiers for Adversarial Settings. S+SSPR 2016: 322-332 - 2015
- [c1]Ambra Demontis
Super-Sparse Regression for Fast Age Estimation from Faces at Test Time. ICIAP (2) 2015: 551-562
Coauthor Index
[j15] [i32] [i31] [i29] [i28] [j14] [j13] [j12] [j11] [j10] [j9] [c21] [c20] [c19] [c18] [c17] [c16] [c15] [i27] [i26] [i25] [i24] [j8] [j7] [j6] [c12] [i23] [i22] [i21] [i20] [i19] [i18] [c10] [i17] [i15] [i14] [i13] [i12] [j4] [j3] [i11] [i10] [j2] [c8] [i9] [i8] [c7] [i7] [i6] [c6] [c5] [c4] [i5] [i4] [i3] [i2] [i1] [j1] [c3] [c2] [c1]
[j15] [i32] [i31] [i30] [i29] [i28] [j13] [j12] [j11] [j10] [j9] [c19] [c16] [c15] [c14] [i27] [i26] [j8] [j7] [j5] [c12] [i23] [i22] [i21] [i20] [i19] [i18] [c10] [i17] [i16] [i15] [i14] [i12] [j4] [j3] [i11] [i10] [j2] [c8] [i9] [c7] [i7] [i6] [c6] [c5] [c4] [i5] [i4] [i3] [i2] [i1] [j1] [c3] [c2] [c1]
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from ,
, and
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and
to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-10-07 21:21 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: