Ambra Demontis

Cited by

	All	Since 2018
Citations	2256	2215
h-index	17	17
i10-index	21	21

620

310

155

465

201720182019202020212022202327 112 170 354 412 543 611

Public access

View all

13 articles

1 article

available

not available

Based on funding mandates

Co-authors

Battista BiggioAssociate Professor at University of Cagliari, Co-Founder of Pluribus OneVerified email at unica.it
Fabio RoliProfessor, University of Genova, ItalyVerified email at unige.it
Maura PintorUniversity of CagliariVerified email at unica.it
Marco MelisIndividualVerified email at unica.it
Giorgio GiacintoProfessor, University of CagliariVerified email at unica.it
Davide MaiorcaAssistant Professor of Computer Engineering at University of Cagliari, ItalyVerified email at unica.it
Angelo SotgiuPostdoctoral Researcher, University of CagliariVerified email at unica.it
Giorgio FumeraAssociate Professor of Computer Engineering, University of CagliariVerified email at unica.it
Luca DemetrioAssistant Professor at Università degli Studi di GenovaVerified email at unige.it
Alina OpreaNortheastern UniversityVerified email at neu.edu
Antonio Emanuele CinàAssistant Professor @ University of GenoaVerified email at unige.it
Marcello PelilloProfessor of Computer Science, FIEEE, FIAPR, FAAIA, Ca' Foscari University of VeniceVerified email at dsi.unive.it
Cristina Nita-RotaruProfessor, Khoury College of Computer Science, Northeastern UniversityVerified email at northeastern.edu
Matthew JagielskiGoogle DeepMindVerified email at google.com
Konrad RieckTechnische Universität BerlinVerified email at tu-berlin.de
Luis Muñoz-GonzálezSenior Research Scientist, Telefónica ResearchVerified email at telefonica.com
Emil LupuProfessor of Computer SystemsVerified email at imperial.ac.uk
Andrea PaudiceUniversità degli Studi di MilanoVerified email at unimi.it
Kathrin GrosseEPFLVerified email at epfl.ch
Bojan KolosnjajiResearcher, PhD Student, Technical University of MunichVerified email at sec.in.tum.de

Ambra Demontis

Assistant Professor at University of Cagliari

Verified email at unica.it - Homepage

machine learning adversarial machine learning image recognition


Title Sort by citations Sort by year Sort by title	Cited by Cited by	Year
Towards poisoning of deep learning algorithms with back-gradient optimization L Muñoz-González, B Biggio, A Demontis, A Paudice, V Wongrassamee, ... Proceedings of the 10th ACM workshop on artificial intelligence and security …, 2017	600	2017
Adversarial malware binaries: Evading deep learning for malware detection in executables B Kolosnjaji, A Demontis, B Biggio, D Maiorca, G Giacinto, C Eckert, ... 2018 26th European signal processing conference (EUSIPCO), 533-537, 2018	360	2018
Why do adversarial attacks transfer? explaining transferability of evasion and poisoning attacks A Demontis, M Melis, M Pintor, M Jagielski, B Biggio, A Oprea, ... 28th USENIX security symposium (USENIX security 19), 321-338, 2019	336	2019
Yes, machine learning can be more secure! a case study on android malware detection A Demontis, M Melis, B Biggio, D Maiorca, D Arp, K Rieck, I Corona, ... IEEE Transactions on Dependable and Secure Computing, 2017	313	2017
Is deep learning safe for robot vision? adversarial examples against the icub humanoid M Melis, A Demontis, B Biggio, G Brown, G Fumera, F Roli Proceedings of the IEEE international conference on computer vision …, 2017	118	2017
Secure kernel machines against evasion attacks P Russu, A Demontis, B Biggio, G Fumera, F Roli Proceedings of the 2016 ACM workshop on artificial intelligence and security …, 2016	72	2016
Deep neural rejection against adversarial examples A Sotgiu, A Demontis, M Melis, B Biggio, G Fumera, X Feng, F Roli EURASIP Journal on Information Security 2020, 1-10, 2020	52	2020
On security and sparsity of linear classifiers for adversarial settings A Demontis, P Russu, B Biggio, G Fumera, F Roli Structural, Syntactic, and Statistical Pattern Recognition: Joint IAPR …, 2016	46	2016
The threat of offensive ai to organizations Y Mirsky, A Demontis, J Kotak, R Shankar, D Gelei, L Yang, X Zhang, ... Computers & Security 124, 103006, 2023	42	2023
secml: Secure and explainable machine learning in Python M Pintor, L Demetrio, A Sotgiu, M Melis, A Demontis, B Biggio SoftwareX 18, 101095, 2022	42*	2022
Wild patterns reloaded: A survey of machine learning security against training data poisoning AE Cinà, K Grosse, A Demontis, S Vascon, W Zellinger, BA Moser, ... ACM Computing Surveys 55 (13s), 1-39, 2023	40	2023
Do gradient-based explanations tell anything about adversarial robustness to android malware? M Melis, M Scalas, A Demontis, D Maiorca, B Biggio, G Giacinto, F Roli International journal of machine learning and cybernetics, 1-16, 2022	27	2022
Adversarial detection of flash malware: Limitations and open issues D Maiorca, A Demontis, B Biggio, F Roli, G Giacinto Computers & Security 96, 101901, 2020	26	2020
Domain knowledge alleviates adversarial attacks in multi-label classifiers S Melacci, G Ciravegna, A Sotgiu, A Demontis, B Biggio, M Gori, F Roli IEEE Transactions on Pattern Analysis and Machine Intelligence 44 (12), 9944 …, 2021	25*	2021
Indicators of attack failure: Debugging and improving optimization of adversarial examples M Pintor, L Demetrio, A Sotgiu, A Demontis, N Carlini, B Biggio, F Roli Advances in Neural Information Processing Systems 35, 23063-23076, 2022	23	2022
ImageNet-Patch: A dataset for benchmarking machine learning robustness against adversarial patches M Pintor, D Angioni, A Sotgiu, L Demetrio, A Demontis, B Biggio, F Roli Pattern Recognition 134, 109064, 2023	21	2023
Machine learning security against data poisoning: Are we there yet? AE Cinà, K Grosse, A Demontis, B Biggio, F Roli, M Pelillo arXiv preprint arXiv:2204.05986, 2022	20	2022
Why adversarial reprogramming works, when it fails, and how to tell the difference Y Zheng, X Feng, Z Xia, X Jiang, A Demontis, M Pintor, B Biggio, F Roli Information Sciences 632, 130-143, 2023	16	2023
The hammer and the nut: Is bilevel optimization really needed to poison linear classifiers? AE Cinà, S Vascon, A Demontis, B Biggio, F Roli, M Pelillo 2021 International Joint Conference on Neural Networks (IJCNN), 1-8, 2021	14	2021
Infinity-norm support vector machines against adversarial label contamination A Demontis, B Biggio, G Fumera, G Giacinto, F Roli CEUR WORKSHOP PROCEEDINGS 1816, 106-115, 2017	14	2017

The system can't perform the operation now. Try again later.

Articles 1–20

Citations per year

Duplicate citations

Merged citations

Add co-authorsCo-authors

Follow

Cited by

Co-authors