| Local Model Poisoning Attacks to Byzantine-Robust Federated Learning M Fang, X Cao, J Jia, NZ Gong USENIX Security Symposium, 2019 | 937 | 2019 |
| FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping X Cao, M Fang, J Liu, NZ Gong NDSS 2021, 2021 | 412 | 2021 |
| Mitigating evasion attacks to deep neural networks via region-based classification X Cao, NZ Gong Proceedings of the 33rd Annual Computer Security Applications Conference …, 2017 | 234 | 2017 |
| IPGuard: Protecting the Intellectual Property of Deep Neural Networks via Fingerprinting the Classification Boundary X Cao, J Jia, NZ Gong ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2021 | 117 | 2021 |
| FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients Z Zhang, X Cao, J Jia, N Zhenqiang Gong arXiv e-prints, arXiv: 2207.09209, 2022 | 107 | 2022 |
| Provably Secure Federated Learning against Malicious Clients X Cao, J Jia, NZ Gong AAAI Conference on Artificial Intelligence (AAAI), 2021 | 107 | 2021 |
| Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks J Jia, X Cao, NZ Gong AAAI Conference on Artificial Intelligence (AAAI), 2021 | 94 | 2021 |
| On Certifying Robustness against Backdoor Attacks via Randomized Smoothing B Wang, X Cao, NZ Gong CVPR 2020 Workshop on Adversarial Machine Learning in Computer Vision, 2020, 2020 | 94 | 2020 |
| Certified Robustness for Top-k Predictions against Adversarial Perturbations via Randomized Smoothing J Jia, X Cao, B Wang, NZ Gong ICLR 2020, 2020 | 87 | 2020 |
| Certified Robustness of Community Detection against Adversarial Structural Perturbation via Randomized Smoothing J Jia, B Wang, X Cao, NZ Gong The Web Conference (WWW) 2020, 2020 | 77 | 2020 |
| Data Poisoning Attacks to Local Differential Privacy Protocols X Cao, J Jia, NZ Gong USENIX Security Symposium, 2021 | 74 | 2021 |
| MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients X Cao, NZ Gong Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern …, 2022 | 73 | 2022 |
| Certified robustness of graph neural networks against adversarial structural perturbation B Wang, J Jia, X Cao, NZ Gong Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data …, 2021 | 52 | 2021 |
| Certified Robustness of Nearest Neighbors against Data Poisoning and Backdoor Attacks J Jia, Y Liu, X Cao, NZ Gong AAAI, 2022 | 39 | 2022 |
| Certified Robustness of Nearest Neighbors against Data Poisoning Attacks J Jia, X Cao, NZ Gong arXiv preprint arXiv:2012.03765, 2020 | 29 | 2020 |
| Poisoning Attacks to Local Differential Privacy Protocols for Key-Value Data Y Wu, X Cao, J Jia, NZ Gong arXiv preprint arXiv:2111.11534, 2021 | 27 | 2021 |
| Piano: Proximity-based user authentication on voice-powered internet-of-things devices NZ Gong, A Ozen, Y Wu, X Cao, R Shin, D Song, H Jin, X Bao 2017 IEEE 37th International Conference on Distributed Computing Systems …, 2017 | 27 | 2017 |
| Almost Tight L0-norm Certified Robustness of Top-k Predictions against Adversarial Perturbations J Jia, B Wang, X Cao, H Liu, NZ Gong arXiv preprint arXiv:2011.07633, 2020 | 22 | 2020 |
| Understanding the Security of Deepfake Detection X Cao, NZ Gong International Conference on Digital Forensics and Cyber Crime, 360-378, 2022 | 13 | 2022 |
| FaceGuard: Proactive Deepfake Detection Y Yang, C Liang, H He, X Cao, NZ Gong arXiv preprint arXiv:2109.05673, 2021 | 13 | 2021 |
