Nicolas Papernot

papers

743

total citations

papers (21)

Flocks of Stochastic Parrots: Differentially Private Prompt Learning for Large Language Models

NEURIPS 2023arXiv

citations

Dataset Inference for Self-Supervised Models

NEURIPS 2022arXiv

citations

Architectural Backdoors in Neural Networks

CVPR 2023arXiv

citations

On the Limitations of Stochastic Pre-processing Defenses

NEURIPS 2022arXiv

citations

Have it your way: Individualized Privacy Assignment for DP-SGD

NEURIPS 2023arXiv

citations

Breach By A Thousand Leaks: Unsafe Information Leakage in 'Safe' AI Responses

ICLR 2025arXiv

citations

Auditing Private Prediction

ICML 2024arXiv

citations

Robust and Actively Secure Serverless Collaborative Learning

NEURIPS 2023arXiv

citations

Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention

ICML 2025arXiv

citations

The Fundamental Limits of Least-Privilege Learning

ICML 2024arXiv

citations

Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy and Research

NEURIPS 2025arXiv

citations

Suitability Filter: A Statistical Framework for Classifier Evaluation in Real-World Deployment Settings

ICML 2025arXiv

citations

What Does It Take to Build a Performant Selective Classifier?

NEURIPS 2025arXiv

citations

Leveraging Per-Instance Privacy for Machine Unlearning

ICML 2025arXiv

citations

Washing The Unwashable : On The (Im)possibility of Fairwashing Detection

NEURIPS 2022

citations

In Differential Privacy, There is Truth: on Vote-Histogram Leakage in Ensemble Private Learning

NEURIPS 2022

citations

Training Private Models That Know What They Don’t Know

NEURIPS 2023

citations

Position: Fundamental Limitations of LLM Censorship Necessitate New Approaches

ICML 2024

citations

Nicolas Papernot

papers (21)

Data-Free Model Extraction

The Privacy Onion Effect: Memorization is Relative

Manipulating SGD with Data Ordering Attacks

Flocks of Stochastic Parrots: Differentially Private Prompt Learning for Large Language Models

Dataset Inference for Self-Supervised Models

Architectural Backdoors in Neural Networks

On the Limitations of Stochastic Pre-processing Defenses

Have it your way: Individualized Privacy Assignment for DP-SGD

Breach By A Thousand Leaks: Unsafe Information Leakage in 'Safe' AI Responses

Auditing Private Prediction

Robust and Actively Secure Serverless Collaborative Learning

Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention

The Fundamental Limits of Least-Privilege Learning

Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy and Research

Suitability Filter: A Statistical Framework for Classifier Evaluation in Real-World Deployment Settings

What Does It Take to Build a Performant Selective Classifier?

Leveraging Per-Instance Privacy for Machine Unlearning

Washing The Unwashable : On The (Im)possibility of Fairwashing Detection

In Differential Privacy, There is Truth: on Vote-Histogram Leakage in Ensemble Private Learning

Training Private Models That Know What They Don’t Know

Position: Fundamental Limitations of LLM Censorship Necessitate New Approaches

papers (21)

Data-Free Model Extraction

The Privacy Onion Effect: Memorization is Relative

Manipulating SGD with Data Ordering Attacks

Flocks of Stochastic Parrots: Differentially Private Prompt Learning for Large Language Models

Dataset Inference for Self-Supervised Models

Architectural Backdoors in Neural Networks

On the Limitations of Stochastic Pre-processing Defenses

Have it your way: Individualized Privacy Assignment for DP-SGD

Breach By A Thousand Leaks: Unsafe Information Leakage in 'Safe' AI Responses

Auditing Private Prediction

Robust and Actively Secure Serverless Collaborative Learning

Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention

The Fundamental Limits of Least-Privilege Learning

Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy and Research

Suitability Filter: A Statistical Framework for Classifier Evaluation in Real-World Deployment Settings

What Does It Take to Build a Performant Selective Classifier?

Leveraging Per-Instance Privacy for Machine Unlearning

Washing The Unwashable : On The (Im)possibility of Fairwashing Detection

In Differential Privacy, There is Truth: on Vote-Histogram Leakage in Ensemble Private Learning

Training Private Models That Know What They Don’t Know

Position: Fundamental Limitations of LLM Censorship Necessitate New Approaches