| Robust physical-world attacks on deep learning visual classification K Eykholt, I Evtimov, E Fernandes, B Li, A Rahmati, C Xiao, A Prakash, ... Proceedings of the IEEE Conference on Computer Vision and Pattern …, 2018 | 1191* | 2018 |
| Targeted backdoor attacks on deep learning systems using data poisoning X Chen, C Liu, B Li, K Lu, D Song arXiv preprint arXiv:1712.05526, 2017 | 367 | 2017 |
| Characterizing adversarial subspaces using local intrinsic dimensionality X Ma, B Li, Y Wang, SM Erfani, S Wijewickrema, G Schoenebeck, D Song, ... arXiv preprint arXiv:1801.02613, 2018 | 288 | 2018 |
| Manipulating machine learning: Poisoning attacks and countermeasures for regression learning M Jagielski, A Oprea, B Biggio, C Liu, C Nita-Rotaru, B Li 2018 IEEE Symposium on Security and Privacy (SP), 19-35, 2018 | 276 | 2018 |
| Generating adversarial examples with adversarial networks C Xiao, B Li, JY Zhu, W He, M Liu, D Song arXiv preprint arXiv:1801.02610, 2018 | 273 | 2018 |
| Deepgauge: Multi-granularity testing criteria for deep learning systems L Ma, F Juefei-Xu, F Zhang, J Sun, M Xue, B Li, C Chen, T Su, L Li, Y Liu, ... Proceedings of the 33rd ACM/IEEE International Conference on Automated …, 2018 | 266 | 2018 |
| Spatially transformed adversarial examples C Xiao, JY Zhu, B Li, W He, M Liu, D Song arXiv preprint arXiv:1801.02612, 2018 | 221 | 2018 |
| Data poisoning attacks on factorization-based collaborative filtering B Li, Y Wang, A Singh, Y Vorobeychik arXiv preprint arXiv:1608.08182, 2016 | 153 | 2016 |
| Data Poisoning Attacks on Factorization-based Collaborative Filtering YV B. Li, Y. Wang, A. Singh In Proceedings of the Neural Information Processing Systems (NIPS), 2016 | 153* | 2016 |
| Deepmutation: Mutation testing of deep learning systems L Ma, F Zhang, J Sun, M Xue, B Li, F Juefei-Xu, C Xie, L Li, Y Liu, J Zhao, ... 2018 IEEE 29th International Symposium on Software Reliability Engineering …, 2018 | 149 | 2018 |
| Physical adversarial examples for object detectors D Song, K Eykholt, I Evtimov, E Fernandes, B Li, A Rahmati, F Tramer, ... 12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18), 2018 | 147 | 2018 |
| Textbugger: Generating adversarial text against real-world applications J Li, S Ji, T Du, B Li, T Wang arXiv preprint arXiv:1812.05271, 2018 | 118 | 2018 |
| Feature cross-substitution in adversarial classification B Li, Y Vorobeychik Advances in neural information processing systems, 2087-2095, 2014 | 117 | 2014 |
| Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach S Chen, M Xue, L Fan, S Hao, L Xu, H Zhu, B Li computers & security 73, 326-344, 2018 | 104 | 2018 |
| Practical black-box attacks on deep neural networks using efficient query mechanisms AN Bhagoji, W He, B Li, D Song Proceedings of the European Conference on Computer Vision (ECCV), 154-169, 2018 | 100 | 2018 |
| Deepct: Tomographic combinatorial testing for deep learning systems L Ma, F Juefei-Xu, M Xue, B Li, L Li, Y Liu, J Zhao 2019 IEEE 26th International Conference on Software Analysis, Evolution and …, 2019 | 97* | 2019 |
| Orthogonal weight normalization: Solution to optimization over multiple dependent stiefel manifolds in deep neural networks L Huang, X Liu, B Lang, A Yu, Y Wang, B Li Proceedings of the AAAI Conference on Artificial Intelligence 32 (1), 2018 | 95 | 2018 |
| Deephunter: A coverage-guided fuzz testing framework for deep neural networks X Xie, L Ma, F Juefei-Xu, M Xue, H Chen, Y Liu, J Zhao, B Li, J Yin, S See Proceedings of the 28th ACM SIGSOFT International Symposium on Software …, 2019 | 93 | 2019 |
| Optimal randomized classification in adversarial settings. Y Vorobeychik, B Li AAMAS, 485-492, 2014 | 69 | 2014 |
| Detection of deep network generated images using disparities in color components H Li, B Li, S Tan, J Huang arXiv preprint arXiv:1808.07276, 2018 | 66* | 2018 |
Dawn SongProfessor of Computer Science, UC BerkeleyVerified email at cs.berkeley.edu
