| Towards Deep Learning Models Resistant to Adversarial Attacks A Madry, A Makelov, L Schmidt, D Tsipras, A Vladu International Conference on Learning Representations (ICLR), 2018 | 7641 | 2018 |
| How Does Batch Normalization Help Optimization? S Santurkar, D Tsipras, A Ilyas, A Madry Neural Information Processing Systems (NeurIPS), 2018 | 1443 | 2018 |
| Robustness may be at odds with accuracy D Tsipras, S Santurkar, L Engstrom, A Turner, A Madry International Conference on Learning Representations (ICLR), 2019 | 1306 | 2019 |
| Adversarial examples are not bugs, they are features A Ilyas, S Santurkar, D Tsipras, L Engstrom, B Tran, A Madry Neural Information Processing Systems (NeurIPS), 2019 | 1296 | 2019 |
| On Evaluating Adversarial Robustness N Carlini, A Athalye, N Papernot, W Brendel, J Rauber, D Tsipras, ... arXiv preprint arXiv:1902.06705, 2019 | 674 | 2019 |
| Exploring the Landscape of Spatial Robustness L Engstrom, B Tran, D Tsipras, L Schmidt, A Madry International Conference on Machine Learning (ICML), 2019 | 660* | 2019 |
| Adversarially robust generalization requires more data L Schmidt, S Santurkar, D Tsipras, K Talwar, A Madry Neural Information Processing Systems (NeurIPS), 2018 | 626 | 2018 |
| Implementation Matters in Deep RL: A Case Study on PPO and TRPO L Engstrom, A Ilyas, S Santurkar, D Tsipras, F Janoos, L Rudolph, ... International Conference on Learning Representations (ICLR), 2019 | 246* | 2019 |
| Label-Consistent Backdoor Attacks A Turner, D Tsipras, A Madry arXiv preprint arXiv:1912.02771, 2019 | 226* | 2019 |
| Adversarial robustness as a prior for learned representations L Engstrom, A Ilyas, S Santurkar, D Tsipras, B Tran, A Madry arXiv preprint arXiv:1906.00945, 2019 | 172* | 2019 |
| Image Synthesis with a Single (Robust) Classifier S Santurkar, A Ilyas, D Tsipras, L Engstrom, B Tran, A Madry Neural Information Processing Systems (NeurIPS), 2019 | 153* | 2019 |
| Robustness (python library), 2019 L Engstrom, A Ilyas, S Santurkar, D Tsipras https://github. com/MadryLab/robustness, 0 | 133* | |
| A Closer Look at Deep Policy Gradients A Ilyas, L Engstrom, S Santurkar, D Tsipras, F Janoos, L Rudolph, ... International Conference on Learning Representations (ICLR), 2020 | 107* | 2020 |
| Matrix Scaling and Balancing via Box Constrained Newton's Method and Interior Point Methods MB Cohen, A Madry, D Tsipras, A Vladu Foundations of Computer Science (FOCS), 2017 | 101 | 2017 |
| Dataset security for machine learning: Data poisoning, backdoor attacks, and defenses M Goldblum, D Tsipras, C Xie, X Chen, A Schwarzschild, D Song, ... IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2022 | 98* | 2022 |
| From imagenet to image classification: Contextualizing progress on benchmarks D Tsipras, S Santurkar, L Engstrom, A Ilyas, A Madry International Conference on Machine Learning (ICML), 2020 | 93 | 2020 |
| BREEDS: Benchmarks for Subpopulation Shift S Santurkar, D Tsipras, A Madry International Conference on Learning Representations (ICLR), 2021 | 73 | 2021 |
| Identifying statistical bias in dataset replication L Engstrom, A Ilyas, S Santurkar, D Tsipras, J Steinhardt, A Madry International Conference on Machine Learning (ICML), 2020 | 38 | 2020 |
| Editing a classifier by rewriting its prediction rules S Santurkar, D Tsipras, M Elango, D Bau, A Torralba, A Madry Neural Information Processing Systems (NeurIPS), 2021 | 24 | 2021 |
| A Discussion of'Adversarial Examples Are Not Bugs, They Are Features': Discussion and Author Responses L Engstrom, A Ilyas, A Madry, S Santurkar, B Tran, D Tsipras Distill 4 (8), e00019. 7, 2019 | 22 | 2019 |
Aleksander MądryMITVerified email at mit.edu
