Workshop
3rd Workshop on New Frontiers in Adversarial Machine Learning (AdvML-Frontiers)
Sijia Liu · Kathrin Grosse · Pin-Yu Chen · Dongxiao Zhu · Eric Wong · Yao Qin · Baharan Mirzasoleiman · Sanmi Koyejo · Yuguang Yao · Yihua Zhang
East Ballroom C
Sat 14 Dec, 8:30 a.m. PST
Adversarial machine learning (AdvML), a discipline that delves into the interaction of machine learning (ML) with ‘adversarial’ elements, has embarked on a new era propelled by the ever-expanding capabilities of artificial intelligence (AI). This momentum has been fueled by recent technological breakthroughs in large multimodal models (LMMs), particularly those designed for vision and language applications. The 3rd AdvML-Frontiers workshop at NeurIPS’24 continues the success of its predecessors, AdvML-Frontiers’22-23, by delving into the dynamic intersection of AdvML and LMMs. The rapid evolution of LMMs presents both new challenges and opportunities for AdvML, which can be distilled into two primary categories: AdvML for LMMs and LMMs for AdvML. This year, in addition to continuing to advance AdvML across the full theory-algorithm-application stack, the workshop is dedicated to addressing the intricate issues that emerge from these converging fields, with a focus on adversarial threats, cross-modal vulnerabilities, defensive strategies, multimodal human/AI feedback, and the overarching implications for security, privacy, and ethics. Join us at AdvML-Frontiers'24 for a comprehensive exploration of adversarial learning at the intersection with cutting-edge multimodal technologies, setting the stage for future advancements in adversarial machine learning. The workshop also hosts the 2024 AdvML Rising Star Award.
Chat is not available.
Timezone: America/Los_Angeles
Schedule
|
Sat 8:30 a.m. - 9:00 a.m.
|
Poster Setup
(
Poster Setup
)
>
|
🔗 |
|
Sat 9:00 a.m. - 9:10 a.m.
|
Opening Remarks
(
Opening
)
>
SlidesLive Video |
🔗 |
|
Sat 9:10 a.m. - 9:40 a.m.
|
Alina Oprea
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 9:40 a.m. - 10:10 a.m.
|
Eleni Triantafillou
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 10:10 a.m. - 10:40 a.m.
|
Franziska Boenisch
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 10:40 a.m. - 12:00 p.m.
|
Poster Session
(
Poster Session
)
>
|
🔗 |
|
Sat 12:00 p.m. - 1:00 p.m.
|
Lunch
(
Lunch
)
>
|
🔗 |
|
Sat 1:00 p.m. - 2:00 p.m.
|
Oral 1 to Oral 8
(
Oral
)
>
SlidesLive Video |
🔗 |
|
Sat 2:00 p.m. - 2:30 p.m.
|
Alvaro Velasquez
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 2:30 p.m. - 3:00 p.m.
|
Hoda Heidari
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 3:00 p.m. - 3:30 p.m.
|
Cornelia Caragea
(
Keynote Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 3:30 p.m. - 4:00 p.m.
|
Rising Stars 1 - 2
(
Rising Star Talk
)
>
SlidesLive Video |
🔗 |
|
Sat 4:00 p.m. - 5:00 p.m.
|
Poster Session
(
Poster Session
)
>
|
🔗 |
|
-
|
Rethinking Randomized Smoothing from the Perspective of Scalability ( Poster ) > link | Sukrit Jindal · Devansh Bhardwaj · Anupriya Kumari 🔗 |
|
-
|
In-distribution adversarial attacks on object recognition models using gradient-free search. ( Poster ) > link | Spandan Madan · Tomotake Sasaki · Tzu-Mao Li · Hanspeter Pfister · Xavier Boix 🔗 |
|
-
|
Track 1: Robust Offline Learning via Adversarial World Models ( Poster ) > link | Uljad Berdica · Kelvin Li · Michael Beukman · Alexander D. Goldie · Perla Maiolino · Jakob Foerster 🔗 |
|
-
|
Learning to Forget using Diffusion Hypernetworks ( Poster ) > link | Jose Miguel Lara Rangel · Usman Anwar · Stefan Schoepf · Jack Foster · David Krueger 🔗 |
|
-
|
SkipOOD: Efficient Out-of-Distribution Input Detection using Skipping Mechanism ( Poster ) > link | Mirazul Haque · Natraj Raman · Petr Babkin · Armineh Nourbakhsh · Xiaomo Liu 🔗 |
|
-
|
LLM-PIRATE: A benchmark for indirect prompt injection attacks in Large Language Models ( Poster ) > link | Anil Ramakrishna · Jimit Majmudar · Rahul Gupta · Devamanyu Hazarika 🔗 |
|
-
|
Smoothing-Based Adversarial Defense Methods for Inverse Problems ( Poster ) > link | Yang Sun · Jonathan Scarlett 🔗 |
|
-
|
Unveiling Synthetic Faces: How Synthetic Datasets Can Expose Real Identities ( Poster ) > link | Hatef Otroshi Shahreza · Sébastien Marcel 🔗 |
|
-
|
TrackPGD: Efficient Adversarial Attack using Object Binary Masks against Robust Transformer Trackers ( Poster ) > link | Fatemeh Nourilenjan Nokabadi · Yann Pequignot · Jean-Francois Lalonde · Christian Gagné 🔗 |
|
-
|
RenderAttack: Hundreds of Adversarial Attacks Through Differentiable Texture Generation ( Poster ) > link | Dron Hazra · Alex Bie · Mantas Mazeika · Xuwang Yin · Andy Zou · Dan Hendrycks · Max Kaufmann 🔗 |
|
-
|
Adversarial Databases Improve Success in Retrieval-based Large Language Models ( Poster ) > link | Sean Wu · Michael Koo · Li Kao · Andy Black · Lesley Blum · Fabien Scalzo · Ira Kurtz 🔗 |
|
-
|
Robustness of Practical Perceptual Hashing Algorithms to Hash-Evasion and Hash-Inversion Attacks ( Poster ) > link | Jordan Madden · Moxanki Bhavsar · Lhamo Dorje · Xiaohua Li 🔗 |
|
-
|
When Do Universal Image Jailbreaks Transfer Between Vision-Language Models? ( Poster ) > link |
16 presentersRylan Schaeffer · Dan Valentine · Luke Bailey · James Chua · Cristobal Eyzaguirre · Zane Durante · Joe Benton · Brando Miranda · Henry Sleight · Tony Wang · John Hughes · Rajashree Agrawal · Mrinank Sharma · Scott Emmons · Sanmi Koyejo · Ethan Perez |
|
-
|
The Ultimate Cookbook for Invisible Poison: Crafting Subtle Clean-Label Text Backdoors with Style Attributes ( Poster ) > link | Wencong You · Daniel Lowd 🔗 |
|
-
|
Advancing NLP Security by Leveraging LLMs as Adversarial Engines ( Poster ) > link | Sudarshan Srinivasan · Maria Mahbub · Amir Sadovnik 🔗 |
|
-
|
dSTAR: Straggler Tolerant and Byzantine Resilient Distributed SGD ( Poster ) > link | Jiahe Yan · Pratik Chaudhari · Leonard Kleinrock 🔗 |
|
-
|
Adversarial Watermarking for Face Recognition ( Poster ) > link | Yuguang Yao · Anil Jain · Sijia Liu 🔗 |
|
-
|
vTune: Verifiable Fine-Tuning Through Backdooring ( Poster ) > link | Eva Zhang · Akilesh Potti · Micah Goldblum 🔗 |
|
-
|
Certified Robustness via Knowledge Continuity ( Poster ) > link | Alan Sun · Chiyu Ma · Kenneth Ge · Soroush Vosoughi 🔗 |
|
-
|
Adversarial Training based Domain Adaptation for Cross-Subject Emotion Recognition ( Poster ) > link | Sungpil Woo · MUHAMMAD ZUBAIR · Sunhwan Lim · Daeyoung Kim 🔗 |
|
-
|
Jailbreak Defense in a Narrow Domain: Failures of existing methods and Improving Transcript-Based Classifiers ( Poster ) > link | Tony Wang · John Hughes · Henry Sleight · Rylan Schaeffer · Rajashree Agrawal · Fazl Barez · Mrinank Sharma · Jesse Mu · Nir Shavit · Ethan Perez 🔗 |
|
-
|
Imitation Guided Automated Red Teaming ( Poster ) > link | Sajad Mousavi · Desik Rengarajan · Ashwin Ramesh Babu · Vineet Gundecha · Antonio Guillen-Perez · Ricardo Luna Gutierrez · Avisek Naug · Sahand Ghorbanpour · Soumyendu Sarkar 🔗 |
|
-
|
Adversarial Bounding Boxes Generation (ABBG) Attack against Visual Object Trackers ( Poster ) > link | Fatemeh Nourilenjan Nokabadi · Jean-Francois Lalonde · Christian Gagné 🔗 |
|
-
|
Rethinking Backdoor Detection Evaluation for Language Models ( Poster ) > link | Jun Yan · Wenjie Mo · Xiang Ren · Robin Jia 🔗 |
|
-
|
Moral Persuasion in Large Language Models: Evaluating Susceptibility and Ethical Alignment ( Poster ) > link | Allison Huang · Carlos Mougan · Yulu Pi 🔗 |
|
-
|
Class Attribute Inference Attacks: Inferring Sensitive Class Information by Diffusion-Based Attribute Manipulations ( Poster ) > link | Lukas Struppek · Dominik Hintersdorf · Felix Friedrich · Manuel Brack · Patrick Schramowski · Kristian Kersting 🔗 |
|
-
|
Provable Robustness of (Graph) Neural Networks Against Data Poisoning and Backdoor Attacks ( Poster ) > link | Lukas Gosch · Mahalakshmi Sabanayagam · Debarghya Ghoshdastidar · Stephan Günnemann 🔗 |
|
-
|
Logicbreaks: A Framework for Understanding Subversion of Rule-based Inference ( Poster ) > link | Anton Xue · Avishree Khare · Rajeev Alur · Surbhi Goel · Eric Wong 🔗 |
|
-
|
Sparse Transfer Learning Accelerates and Enhances Certified Robustness: A Comprehensive Study ( Poster ) > link | Zhangheng LI · Tianlong Chen · Linyi Li · Bo Li · Zhangyang "Atlas" Wang 🔗 |
|
-
|
Hiding-in-Plain-Sight (HiPS) Attack on CLIP for Targetted Object Removal from Images ( Poster ) > link | Megan Chung · Arka Daw · Maria Mahbub · Amir Sadovnik 🔗 |
|
-
|
Can Watermarking Large Language Models Prevent Copyrighted Text Generation and Hide Training Data? ( Poster ) > link | Michael-Andrei Panaitescu-Liess · Zora Che · Bang An · Yuancheng Xu · Pankayaraj Pathmanathan · Souradip Chakraborty · Sicheng Zhu · Tom Goldstein · Furong Huang 🔗 |
|
-
|
Ensemble everything everywhere: Multi-scale aggregation for adversarial robustness ( Poster ) > link | Stanislav Fort · Balaji Lakshminarayanan 🔗 |
|
-
|
In Search of the $\textit{Successful}$ Interpolation: On the Role of $\textit{Sharpness}$ in CLIP Generalization ( Poster ) > link | alireza abdollahpour 🔗 |
|
-
|
Learning From Convolution-based Unlearnable Datasets ( Poster ) > link | Dohyun Kim · Pedro Sandoval-Segura 🔗 |
|
-
|
Adversarial Learnig in Irregular Time-Series Forecasting ( Poster ) > link | Heejeong Nam · Jihyun Kim · Jimin Yeom 🔗 |
|
-
|
Sparse patches adversarial attacks via extrapolating point-wise information ( Poster ) > link | Yaniv Nemcovsky · Avi Mendelson · Chaim Baskin 🔗 |
|
-
|
AdjointDEIS: Efficient Gradients for Diffusion Models ( Poster ) > link | Zander W. Blasingame · Chen Liu 🔗 |