| The limitations of deep learning in adversarial settings N Papernot, P McDaniel, S Jha, M Fredrikson, ZB Celik, A Swami 2016 IEEE European symposium on security and privacy (EuroS&P), 372-387, 2016 | 5755 | 2016 |
| Practical black-box attacks against machine learning N Papernot, P McDaniel, I Goodfellow, S Jha, ZB Celik, A Swami Proceedings of the 2017 ACM on Asia conference on computer and …, 2017 | 5083 | 2017 |
| Distillation as a defense to adversarial perturbations against deep neural networks N Papernot, P McDaniel, X Wu, S Jha, A Swami 2016 IEEE symposium on security and privacy (SP), 582-597, 2016 | 4446 | 2016 |
| Model inversion attacks that exploit confidence information and basic countermeasures M Fredrikson, S Jha, T Ristenpart Proceedings of the 22nd ACM SIGSAC conference on computer and communications …, 2015 | 4288 | 2015 |
| Counterexample-guided abstraction refinement E Clarke, O Grumberg, S Jha, Y Lu, H Veith International Conference on Computer Aided Verification, 154-169, 2000 | 2828 | 2000 |
| Automated generation and analysis of attack graphs O Sheyner, J Haines, S Jha, R Lippmann, JM Wing Proceedings 2002 IEEE Symposium on Security and Privacy, 273-284, 2002 | 2040 | 2002 |
| Privacy risk in machine learning: Analyzing the connection to overfitting S Yeom, I Giacomelli, M Fredrikson, S Jha 2018 IEEE 31st computer security foundations symposium (CSF), 268-282, 2018 | 1817 | 2018 |
| Counterexample-guided abstraction refinement for symbolic model checking E Clarke, O Grumberg, S Jha, Y Lu, H Veith Journal of the ACM (JACM) 50 (5), 752-794, 2003 | 1414 | 2003 |
| Privacy in pharmacogenetics: An {End-to-End} case study of personalized warfarin dosing M Fredrikson, E Lantz, S Jha, S Lin, D Page, T Ristenpart 23rd USENIX security symposium (USENIX Security 14), 17-32, 2014 | 1254 | 2014 |
| Semantics-aware malware detection M Christodorescu, S Jha, SA Seshia, D Song, RE Bryant 2005 IEEE symposium on security and privacy (S&P'05), 32-46, 2005 | 1199 | 2005 |
| Static analysis of executables to detect malicious patterns M Christodorescu, S Jha 12th USENIX Security Symposium (USENIX Security 03), 2003 | 1109 | 2003 |
| Two formal analyses of attack graphs S Jha, O Sheyner, J Wing Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15, 49-63, 2002 | 901 | 2002 |
| Locally differentially private protocols for frequency estimation T Wang, J Blocki, N Li, S Jha 26th USENIX security symposium (USENIX Security 17), 729-745, 2017 | 798 | 2017 |
| Exploiting symmetry in temporal logic model checking EM Clarke, R Enders, T Filkorn, S Jha Formal methods in system design 9 (1), 77-104, 1996 | 735 | 1996 |
| Modular verification of software components in C S Chaki, EM Clarke, A Groce, S Jha, H Veith IEEE Transactions on Software Engineering 30 (6), 388-402, 2004 | 704 | 2004 |
| Mining specifications of malicious behavior M Christodorescu, S Jha, C Kruegel Proceedings of the the 6th joint meeting of the European software …, 2007 | 674 | 2007 |
| Effective {Inter-Component} communication mapping in android: An essential step towards holistic security analysis D Octeau, P McDaniel, S Jha, A Bartel, E Bodden, J Klein, Y Le Traon 22nd USENIX Security Symposium (USENIX Security 13), 543-558, 2013 | 596 | 2013 |
| Practical black-box attacks against deep learning systems using adversarial examples N Papernot, P McDaniel, I Goodfellow, S Jha, ZB Celik, A Swami arXiv preprint arXiv:1602.02697 1 (2), 3, 2016 | 535 | 2016 |
| Testing malware detectors M Christodorescu, S Jha ACM SIGSOFT Software Engineering Notes 29 (4), 34-44, 2004 | 498 | 2004 |
| Verification of the Futurebus+ cache coherence protocol EM Clarke, O Grumberg, H Hiraishi, S Jha, DE Long, KL McMillan, ... Formal Methods in System Design 6 (2), 217-232, 1995 | 450 | 1995 |
Patrick McDanielTsun-Ming Shih Professor of Computer Sciences, University of Wisconsin-MadisonVerified email at cs.wisc.edu
