default search action
Ilia Shumailov
Person information
SPARQL queries
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2024
- [j2]Ilia Shumailov, Zakhar Shumaylov, Yiren Zhao, Nicolas Papernot, Ross J. Anderson, Yarin Gal:
AI models collapse when trained on recursively generated data. Nat. 631(8022): 755-759 (2024) - [j1]Anvith Thudi, Ilia Shumailov, Franziska Boenisch, Nicolas Papernot:
From Differential Privacy to Bounds on Membership Inference: Less can be More. Trans. Mach. Learn. Res. 2024 (2024) - [c35]Sierra Calanda Wyllie, Ilia Shumailov, Nicolas Papernot:
Fairness Feedback Loops: Training on Synthetic Data Amplifies Bias. FAccT 2024: 2113-2147 - [c34]David Glukhov, Ilia Shumailov, Yarin Gal, Nicolas Papernot, Vardan Papyan:
Position: Fundamental Limitations of LLM Censorship Necessitate New Approaches. ICML 2024 - [c33]Eleanor Clifford, Ilia Shumailov, Yiren Zhao, Ross J. Anderson, Robert D. Mullins:
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. SaTML 2024: 344-357 - [c32]Pranav Dahiya, Ilia Shumailov, Ross Anderson:
Machine Learning needs Better Randomness Standards: Randomised Smoothing and PRNG-based attacks. USENIX Security Symposium 2024 - [c31]Anvith Thudi, Hengrui Jia, Casey Meehan, Ilia Shumailov, Nicolas Papernot:
Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD. USENIX Security Symposium 2024 - [i56]Jamie Hayes, Ilia Shumailov, Itay Yona:
Buffer Overflow in Mixture of Experts. CoRR abs/2402.05526 (2024) - [i55]Harry Langford, Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Nicolas Papernot:
Architectural Neural Backdoors from First Principles. CoRR abs/2402.06957 (2024) - [i54]Jamie Hayes, Ilia Shumailov, Eleni Triantafillou, Amr Khalifa, Nicolas Papernot:
Inexact Unlearning Needs More Careful Evaluations to Avoid a False Sense of Privacy. CoRR abs/2403.01218 (2024) - [i53]Sierra Calanda Wyllie, Ilia Shumailov, Nicolas Papernot:
Fairness Feedback Loops: Training on Synthetic Data Amplifies Bias. CoRR abs/2403.07857 (2024) - [i52]Eleanor Clifford, Adhithya Saravanan, Harry Langford, Cheng Zhang, Yiren Zhao, Robert D. Mullins, Ilia Shumailov, Jamie Hayes:
Locking Machine Learning Models into Hardware. CoRR abs/2405.20990 (2024) - [i51]Hanna Foerster, Robert D. Mullins, Ilia Shumailov, Jamie Hayes:
Beyond Slow Signs in High-fidelity Model Extraction. CoRR abs/2406.10011 (2024) - [i50]Aneesh Pappu, Billy Porter, Ilia Shumailov, Jamie Hayes:
Measuring memorization in RLHF for code completion. CoRR abs/2406.11715 (2024) - [i49]Ilia Shumailov, Jamie Hayes, Eleni Triantafillou, Guillermo Ortiz-Jiménez, Nicolas Papernot, Matthew Jagielski, Itay Yona, Heidi Howard, Eugene Bagdasaryan:
UnUnlearning: Unlearning is not sufficient for content regulation in advanced generative AI. CoRR abs/2407.00106 (2024) - [i48]David Glukhov, Ziwen Han, Ilia Shumailov, Vardan Papyan, Nicolas Papernot:
A False Sense of Safety: Unsafe Information Leakage in 'Safe' AI Responses. CoRR abs/2407.02551 (2024) - [i47]Sahra Ghalebikesabi, Eugene Bagdasaryan, Ren Yi, Itay Yona, Ilia Shumailov, Aneesh Pappu, Chongyang Shi, Laura Weidinger, Robert Stanforth, Leonard Berrada, Pushmeet Kohli, Po-Sen Huang, Borja Balle:
Operationalizing Contextual Integrity in Privacy-Conscious Assistants. CoRR abs/2408.02373 (2024) - [i46]Jamie Hayes, Marika Swanberg, Harsh Chaudhari, Itay Yona, Ilia Shumailov:
Measuring memorization through probabilistic discoverable extraction. CoRR abs/2410.19482 (2024) - [i45]Itay Yona, Ilia Shumailov, Jamie Hayes, Nicholas Carlini:
Stealing User Prompts from Mixture of Experts. CoRR abs/2410.22884 (2024) - 2023
- [c30]Yulin Zhou, Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Yarin Gal:
Revisiting Automated Prompting: Are We Actually Doing Better? ACL (2) 2023: 1822-1832 - [c29]Mikel Bober-Irizar, Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Nicolas Papernot:
Architectural Backdoors in Neural Networks. CVPR 2023: 24595-24604 - [c28]Cheng Zhang, Jianyi Cheng, Ilia Shumailov, George A. Constantinides, Yiren Zhao:
Revisiting Block-based Quantisation: What is Important for Sub-8-bit LLM Inference? EMNLP 2023: 9988-10006 - [c27]Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot:
When the Curious Abandon Honesty: Federated Learning Is Not Private. EuroS&P 2023: 175-199 - [c26]Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot:
Reconstructing Individual Data Points in Federated Learning Hardened with Differential Privacy and Secure Aggregation. EuroS&P 2023: 241-257 - [c25]Nicholas Boucher, Luca Pajola, Ilia Shumailov, Ross J. Anderson, Mauro Conti:
Boosting Big Brother: Attacking Search Engines with Encodings. RAID 2023: 700-713 - [c24]Shimaa Ahmed, Yash Wani, Ali Shahin Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz:
Tubes Among Us: Analog Attack on Automatic Speaker Identification. USENIX Security Symposium 2023: 265-282 - [i44]Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot:
Is Federated Learning a Practical PET Yet? CoRR abs/2301.04017 (2023) - [i43]Yulin Zhou, Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Yarin Gal:
Revisiting Automated Prompting: Are We Actually Doing Better? CoRR abs/2304.03609 (2023) - [i42]Nicholas Boucher, Luca Pajola, Ilia Shumailov, Ross J. Anderson, Mauro Conti:
Boosting Big Brother: Attacking Search Engines with Encodings. CoRR abs/2304.14031 (2023) - [i41]Ilia Shumailov, Zakhar Shumaylov, Yiren Zhao, Yarin Gal, Nicolas Papernot, Ross J. Anderson:
The Curse of Recursion: Training on Generated Data Makes Models Forget. CoRR abs/2305.17493 (2023) - [i40]Nicholas Boucher, Jenny Blessing, Ilia Shumailov, Ross Anderson, Nicolas Papernot:
When Vision Fails: Text Attacks Against ViT and OCR. CoRR abs/2306.07033 (2023) - [i39]Pranav Dahiya, Ilia Shumailov, Ross J. Anderson:
Machine Learning needs its own Randomness Standard: Randomised Smoothing and PRNG-based attacks. CoRR abs/2306.14043 (2023) - [i38]Anvith Thudi, Hengrui Jia, Casey Meehan, Ilia Shumailov, Nicolas Papernot:
Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD. CoRR abs/2307.00310 (2023) - [i37]David Glukhov, Ilia Shumailov, Yarin Gal, Nicolas Papernot, Vardan Papyan:
LLM Censorship: A Machine Learning Challenge or a Computer Security Problem? CoRR abs/2307.10719 (2023) - [i36]Yue Gao, Ilia Shumailov, Kassem Fawaz:
SEA: Shareable and Explainable Attribution for Query-based Black-box Attacks. CoRR abs/2308.11845 (2023) - [i35]David Khachaturov, Yue Gao, Ilia Shumailov, Robert D. Mullins, Ross J. Anderson, Kassem Fawaz:
Human-Producible Adversarial Examples. CoRR abs/2310.00438 (2023) - [i34]Avital Shafran, Ilia Shumailov, Murat A. Erdogdu, Nicolas Papernot:
Beyond Labeling Oracles: What does it mean to steal ML models? CoRR abs/2310.01959 (2023) - [i33]Cheng Zhang, Jianyi Cheng, Ilia Shumailov, George A. Constantinides, Yiren Zhao:
Revisiting Block-based Quantisation: What is Important for Sub-8-bit LLM Inference? CoRR abs/2310.05079 (2023) - 2022
- [c23]Yue Gao, Ilia Shumailov, Kassem Fawaz:
Rethinking Image-Scaling Attacks: The Interplay Between Vulnerabilities in Machine Learning Systems. ICML 2022: 7102-7121 - [c22]Yue Gao, Ilia Shumailov, Kassem Fawaz, Nicolas Papernot:
On the Limitations of Stochastic Pre-processing Defenses. NeurIPS 2022 - [c21]Jiaqi Wang, Roei Schuster, Ilia Shumailov, David Lie, Nicolas Papernot:
In Differential Privacy, There is Truth: on Vote-Histogram Leakage in Ensemble Private Learning. NeurIPS 2022 - [c20]Yiren Zhao, Xitong Gao, Ilia Shumailov, Nicolò Fusi, Robert D. Mullins:
Rapid Model Architecture Adaption for Meta-Learning. NeurIPS 2022 - [c19]Nicholas Boucher, Ilia Shumailov, Ross Anderson, Nicolas Papernot:
Bad Characters: Imperceptible NLP Attacks. SP 2022: 1987-2004 - [c18]Shimaa Ahmed, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz:
Towards More Robust Keyword Spotting for Voice Assistants. USENIX Security Symposium 2022: 2655-2672 - [c17]Anvith Thudi, Hengrui Jia, Ilia Shumailov, Nicolas Papernot:
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. USENIX Security Symposium 2022: 4007-4022 - [i32]Shimaa Ahmed, Yash Wani, Ali Shahin Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz:
Pipe Overflow: Smashing Voice Authentication for Fun and Profit. CoRR abs/2202.02751 (2022) - [i31]Duo Wang, Yiren Zhao, Ilia Shumailov, Robert D. Mullins:
Model Architecture Adaption for Bayesian Neural Networks. CoRR abs/2202.04392 (2022) - [i30]Anvith Thudi, Ilia Shumailov, Franziska Boenisch, Nicolas Papernot:
Bounding Membership Inference. CoRR abs/2202.12232 (2022) - [i29]Mikel Bober-Irizar, Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Nicolas Papernot:
Architectural Backdoors in Neural Networks. CoRR abs/2206.07840 (2022) - [i28]Yue Gao, Ilia Shumailov, Kassem Fawaz, Nicolas Papernot:
On the Limitations of Stochastic Pre-processing Defenses. CoRR abs/2206.09491 (2022) - [i27]Maximilian Kaufmann, Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Nicolas Papernot:
Efficient Adversarial Training With Data Pruning. CoRR abs/2207.00694 (2022) - [i26]Jiaqi Wang, Roei Schuster, Ilia Shumailov, David Lie, Nicolas Papernot:
In Differential Privacy, There is Truth: On Vote Leakage in Ensemble Private Learning. CoRR abs/2209.10732 (2022) - [i25]Joseph Rance, Yiren Zhao, Ilia Shumailov, Robert D. Mullins:
Augmentation Backdoors. CoRR abs/2209.15139 (2022) - [i24]Tim Clifford, Ilia Shumailov, Yiren Zhao, Ross J. Anderson, Robert D. Mullins:
ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks. CoRR abs/2210.00108 (2022) - [i23]Jason Ross Brown, Yiren Zhao, Ilia Shumailov, Robert D. Mullins:
Wide Attention Is The Way Forward For Transformers. CoRR abs/2210.00640 (2022) - [i22]Jason Ross Brown, Yiren Zhao, Ilia Shumailov, Robert D. Mullins:
DARTFormer: Finding The Best Type Of Attention. CoRR abs/2210.00641 (2022) - 2021
- [c16]Ilia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert D. Mullins, Ross Anderson:
Sponge Examples: Energy-Latency Attacks on Neural Networks. EuroS&P 2021: 212-231 - [c15]David Khachaturov, Ilia Shumailov, Yiren Zhao, Nicolas Papernot, Ross J. Anderson:
Markpainting: Adversarial Machine Learning meets Inpainting. ICML 2021: 5409-5419 - [c14]Ilia Shumailov, Zakhar Shumaylov, Dmitry Kazhdan, Yiren Zhao, Nicolas Papernot, Murat A. Erdogdu, Ross J. Anderson:
Manipulating SGD with Data Ordering Attacks. NeurIPS 2021: 18021-18032 - [i21]Ilia Shumailov, Zakhar Shumaylov, Dmitry Kazhdan, Yiren Zhao, Nicolas Papernot, Murat A. Erdogdu, Ross J. Anderson:
Manipulating SGD with Data Ordering Attacks. CoRR abs/2104.09667 (2021) - [i20]David Khachaturov, Ilia Shumailov, Yiren Zhao, Nicolas Papernot, Ross J. Anderson:
Markpainting: Adversarial Machine Learning meets Inpainting. CoRR abs/2106.00660 (2021) - [i19]Nicholas Boucher, Ilia Shumailov, Ross J. Anderson, Nicolas Papernot:
Bad Characters: Imperceptible NLP Attacks. CoRR abs/2106.09898 (2021) - [i18]Yiren Zhao, Xitong Gao, Ilia Shumailov, Nicolò Fusi, Robert D. Mullins:
Rapid Model Architecture Adaption for Meta-Learning. CoRR abs/2109.04925 (2021) - [i17]Anvith Thudi, Hengrui Jia, Ilia Shumailov, Nicolas Papernot:
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning. CoRR abs/2110.11891 (2021) - [i16]Anh V. Vu, Lydia Wilson, Yi Ting Chua, Ilia Shumailov, Ross J. Anderson:
ExtremeBB: Enabling Large-Scale Research into Extremism, the Manosphere and Their Correlation by Online Forum Data. CoRR abs/2111.04479 (2021) - [i15]Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot:
When the Curious Abandon Honesty: Federated Learning Is Not Private. CoRR abs/2112.02918 (2021) - 2020
- [c13]Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Ross J. Anderson:
Towards Certifiable Adversarial Sample Detection. AISec@CCS 2020: 13-24 - [c12]Yiren Zhao, Ilia Shumailov, Han Cui, Xitong Gao, Robert D. Mullins, Ross J. Anderson:
Blackbox Attacks on Reinforcement Learning Agents Using Approximated Temporal Information. DSN Workshops 2020: 16-24 - [c11]Anh V. Vu, Jack Hughes, Ildiko Pete, Ben Collier, Yi Ting Chua, Ilia Shumailov, Alice Hutchings:
Turning Up the Dial: the Evolution of a Cybercrime Market Through Set-up, Stable, and Covid-19 Eras. Internet Measurement Conference 2020: 551-566 - [i14]Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Ross J. Anderson:
Towards Certifiable Adversarial Sample Detection. CoRR abs/2002.08740 (2020) - [i13]Ilia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert D. Mullins, Ross J. Anderson:
Sponge Examples: Energy-Latency Attacks on Neural Networks. CoRR abs/2006.03463 (2020) - [i12]Mansoor Ahmed-Rengers, Ross J. Anderson, Darija Halatova, Ilia Shumailov:
Snitches Get Stitches: On The Difficulty of Whistleblowing. CoRR abs/2006.14407 (2020) - [i11]Almos Zarandy, Ilia Shumailov, Ross J. Anderson:
BatNet: Data transmission between smartphones over ultrasound. CoRR abs/2008.00136 (2020) - [i10]Baiwu Zhang, Jin Peng Zhou, Ilia Shumailov, Nicolas Papernot:
Not My Deepfake: Towards Plausible Deniability for Machine-Generated Media. CoRR abs/2008.09194 (2020) - [i9]Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Ross J. Anderson:
Nudge Attacks on Point-Cloud DNNs. CoRR abs/2011.11637 (2020) - [i8]Almos Zarandy, Ilia Shumailov, Ross J. Anderson:
Hey Alexa what did I just type? Decoding smartphone sounds with a voice assistant. CoRR abs/2012.00687 (2020)
2010 – 2019
- 2019
- [c10]Rasika Bhalerao, Maxwell Aliapoulios, Ilia Shumailov, Sadia Afroz, Damon McCoy:
Mapping the Underground: Supervised Discovery of Cybercrime Supply Chains. eCrime 2019: 1-16 - [c9]Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Ross Anderson:
To Compress Or Not To Compress: Understanding The Interactions Between Adversarial Attacks And Neural Network Compression. SysML 2019 - [c8]Benjamin Maximilian Reinheimer, Fairooz Islam, Ilia Shumailov:
Audio CAPTCHA with a Few Cocktails: It's so Noisy I Can't Hear You. Security Protocols Workshop 2019: 20-40 - [c7]Benjamin Maximilian Reinheimer, Fairooz Islam, Ilia Shumailov:
Audio CAPTCHA with a Few Cocktails: It's So Noisy I Can't Hear You (Transcript of Discussion). Security Protocols Workshop 2019: 41-47 - [c6]Mansoor Ahmed-Rengers, Ross J. Anderson, Darija Halatova, Ilia Shumailov:
Snitches Get Stitches: On the Difficulty of Whistleblowing. Security Protocols Workshop 2019: 289-303 - [c5]Mansoor Ahmed-Rengers, Ross J. Anderson, Darija Halatova, Ilia Shumailov:
Snitches Get Stitches: On the Difficulty of Whistleblowing (Transcript of Discussion). Security Protocols Workshop 2019: 304-312 - [c4]Matthias Kirchner, Cecilia Pasquini, Ilia Shumailov:
Information Security Meets Adversarial Examples. WIFS 2019: 1-2 - [i7]Mansoor Ahmed-Rengers, Ilia Shumailov, Ross Anderson:
Tendrils of Crime: Visualizing the Diffusion of Stolen Bitcoins. CoRR abs/1901.01769 (2019) - [i6]Ilia Shumailov, Xitong Gao, Yiren Zhao, Robert D. Mullins, Ross Anderson, Cheng-Zhong Xu:
Sitatapatra: Blocking the Transfer of Adversarial Samples. CoRR abs/1901.08121 (2019) - [i5]Ilia Shumailov, Laurent Simon, Jeff Yan, Ross Anderson:
Hearing your touch: A new acoustic side channel on smartphones. CoRR abs/1903.11137 (2019) - [i4]Yiren Zhao, Ilia Shumailov, Han Cui, Xitong Gao, Robert D. Mullins, Ross J. Anderson:
Blackbox Attacks on Reinforcement Learning Agents Using Approximated Temporal Information. CoRR abs/1909.02918 (2019) - 2018
- [c3]Mansoor Ahmed-Rengers, Ilia Shumailov, Ross Anderson:
Tendrils of Crime: Visualizing the Diffusion of Stolen Bitcoins. GraMSec@FLoC 2018: 1-12 - [c2]Ross Anderson, Ilia Shumailov, Mansoor Ahmed-Rengers:
Making Bitcoin Legal. Security Protocols Workshop 2018: 243-253 - [i3]Yiren Zhao, Ilia Shumailov, Robert D. Mullins, Ross Anderson:
To compress or not to compress: Understanding the Interactions between Adversarial Attacks and Neural Network Compression. CoRR abs/1810.00208 (2018) - [i2]Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Ross Anderson:
The Taboo Trap: Behavioural Detection of Adversarial Samples. CoRR abs/1811.07375 (2018) - [i1]Rasika Bhalerao, Maxwell Aliapoulios, Ilia Shumailov, Sadia Afroz, Damon McCoy:
Towards Automatic Discovery of Cybercrime Supply Chains. CoRR abs/1812.00381 (2018) - 2017
- [c1]Ilia Shumailov, Hatice Gunes:
Computational analysis of valence and arousal in virtual reality gaming using lower arm electromyograms. ACII 2017: 164-169
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from , , and to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-12-10 21:42 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint