Publications

2024

1. 

   Leveraging Optimization for Adaptive Attacks on Image Watermarks

   Nils Lukas, Abdulrahman Diaa, Lucas Fenaux, and 1 more author

   The Twelfth International Conference on Learning Representations (ICLR 2024), 2024

   arXiv Bib

   @article{lukas2023leveraging,
     title = {Leveraging Optimization for Adaptive Attacks on Image Watermarks},
     author = {Lukas, Nils and Diaa, Abdulrahman and Fenaux, Lucas and Kerschbaum, Florian},
     journal = {The Twelfth International Conference on Learning Representations (ICLR 2024)},
     year = {2024}
   }

2. 

   Universal Backdoor Attacks

   Benjamin Schneider, Nils Lukas, and Florian Kerschbaum

   The Twelfth International Conference on Learning Representations (ICLR 2024), 2024

   arXiv Bib

   @article{schneider2023universal,
     title = {Universal Backdoor Attacks},
     author = {Schneider, Benjamin and Lukas, Nils and Kerschbaum, Florian},
     journal = {The Twelfth International Conference on Learning Representations (ICLR 2024)},
     year = {2024},
   }

3. 

   Fast and Private Inference of Deep Neural Networks by Co-designing Activation Functions

   Abdulrahman Diaa, Lucas Fenaux, Thomas Humphries, and 8 more authors

   33rd USENIX Security Symposium, 2024

   arXiv Bib

   @article{diaa2023fast,
     title = {Fast and Private Inference of Deep Neural Networks by Co-designing Activation Functions},
     author = {Diaa, Abdulrahman and Fenaux, Lucas and Humphries, Thomas and Dietz, Marian and Ebrahimianghazani, Faezeh and Kacsmar, Bailey and Li, Xinda and Lukas, Nils and Mahdavi, Rasoul Akhavan and Oya, Simon and others},
     journal = {33rd USENIX Security Symposium},
     year = {2024}
   }

2023

1. 

   PEPSI: Practically Efficient Private Set Intersection in the Unbalanced Setting

   Rasoul Akhavan Mahdavi, Nils Lukas, Faezeh Ebrahimianghazani, and 7 more authors

   2023

   arXiv Bib

   @misc{mahdavi2023pepsi,
     title = {PEPSI: Practically Efficient Private Set Intersection in the Unbalanced Setting},
     author = {Mahdavi, Rasoul Akhavan and Lukas, Nils and Ebrahimianghazani, Faezeh and Humphries, Thomas and Kacsmar, Bailey and Premkumar, John and Li, Xinda and Oya, Simon and Amjadian, Ehsan and Kerschbaum, Florian},
     year = {2023},
     journal = {Preprint},
   }

2. 

   Pick your Poison: Undetectability versus Robustness in Data Poisoning Attacks against Deep Image Classification

   Nils Lukas, and Florian Kerschbaum

   Preprint, 2023

   arXiv Bib

   @article{lukas2023pick,
     title = {Pick your Poison: Undetectability versus Robustness in Data Poisoning Attacks against Deep Image Classification},
     author = {Lukas, Nils and Kerschbaum, Florian},
     journal = {Preprint},
     year = {2023},
   }

3. 

   PTW: Pivotal Tuning Watermarking for Pre-Trained Image Generators

   Nils Lukas, and Florian Kerschbaum

   32nd USENIX Security Symposium, 2023

   arXiv Bib Code

   @article{lukas2023ptw,
     title = {PTW: Pivotal Tuning Watermarking for Pre-Trained Image Generators},
     author = {Lukas, Nils and Kerschbaum, Florian},
     journal = {32nd USENIX Security Symposium},
     year = {2023},
   }

4. 

   Analyzing Leakage of Personally Identifiable Information in Language Models

   Nils Lukas, Ahmed Salem, Robert Sim, and 3 more authors

   44th IEEE Symposium on Security and Privacy (SP), 2023

   arXiv Bib Code

   @article{lukas2023analyzing,
     title = {Analyzing Leakage of Personally Identifiable Information in Language Models},
     author = {Lukas, Nils and Salem, Ahmed and Sim, Robert and Tople, Shruti and Wutschitz, Lukas and Zanella-B{\'e}guelin, Santiago},
     journal = {44th IEEE Symposium on Security and Privacy (SP)},
     year = {2023},
   }

2022

1. 

   Sok: How Robust is Image Classification Deep Neural Network Watermarking?

   Nils Lukas, Edward Jiang, Xinda Li, and 1 more author

   In 43rd IEEE Symposium on Security and Privacy (SP), 2022

   arXiv Bib Code

   @inproceedings{lukas2022sok,
     title = {Sok: How Robust is Image Classification Deep Neural Network Watermarking?},
     author = {Lukas, Nils and Jiang, Edward and Li, Xinda and Kerschbaum, Florian},
     booktitle = {43rd IEEE Symposium on Security and Privacy (SP)},
     pages = {787--804},
     year = {2022},
     organization = {IEEE},
   }

2021

1. 

   Deep Neural Network Fingerprinting by Conferrable Adversarial Examples

   Nils Lukas, Yuxuan Zhang, and Florian Kerschbaum

   Splotlight Presentation at The Ninth International Conference on Learning Representations (ICLR 2021), 2021

   arXiv Bib

   @article{lukas2021deep,
     title = {Deep Neural Network Fingerprinting by Conferrable Adversarial Examples},
     author = {Lukas, Nils and Zhang, Yuxuan and Kerschbaum, Florian},
     journal = {Splotlight Presentation at The Ninth International Conference on Learning Representations (ICLR 2021)},
     year = {2021},
   }

2. 

   On the Robustness of Backdoor-based Watermarking in Deep Neural Networks

   Masoumeh Shafieinejad, Nils Lukas, Jiaqi Wang, and 2 more authors

   In Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security, 2021

   Bib

   @inproceedings{shafieinejad2021robustness,
     title = {On the Robustness of Backdoor-based Watermarking in Deep Neural Networks},
     author = {Shafieinejad, Masoumeh and Lukas, Nils and Wang, Jiaqi and Li, Xinda and Kerschbaum, Florian},
     booktitle = {Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security},
     pages = {177--188},
     year = {2021},
   }

2020

1. 

   Differentially Private Two-party Set Operations

   Bailey Kacsmar, Basit Khurram, Nils Lukas, and 7 more authors

   In 2020 IEEE European Symposium on Security and Privacy (EuroS&P), 2020

   Bib

   @inproceedings{kacsmar2020differentially,
     title = {Differentially Private Two-party Set Operations},
     author = {Kacsmar, Bailey and Khurram, Basit and Lukas, Nils and Norton, Alexander and Shafieinejad, Masoumeh and Shang, Zhiwei and Baseri, Yaser and Sepehri, Maryam and Oya, Simon and Kerschbaum, Florian},
     booktitle = {2020 IEEE European Symposium on Security and Privacy (EuroS\&P)},
     pages = {390--404},
     year = {2020},
     organization = {IEEE},
   }

2. 

   Practical Over-threshold Multi-party Private Set Intersection

   Rasoul Akhavan Mahdavi, Thomas Humphries, Bailey Kacsmar, and 7 more authors

   In Annual Computer Security Applications Conference, 2020

   Bib

   @inproceedings{mahdavi2020practical,
     title = {Practical Over-threshold Multi-party Private Set Intersection},
     author = {Mahdavi, Rasoul Akhavan and Humphries, Thomas and Kacsmar, Bailey and Krastnikov, Simeon and Lukas, Nils and Premkumar, John A and Shafieinejad, Masoumeh and Oya, Simon and Kerschbaum, Florian and Blass, Erik-Oliver},
     booktitle = {Annual Computer Security Applications Conference},
     pages = {772--783},
     year = {2020},
   }