1. Battista Biggio Blaine Nelson and Pavel Laskov. 2012. Poisoning attacks against support vector machines. In ICML. Battista Biggio Blaine Nelson and Pavel Laskov. 2012. Poisoning attacks against support vector machines. In ICML.
2. Nicholas Carlini and David Wagner. 2017. Towards Evaluating the Robustness of Neural Networks. In IEEE S & P. Nicholas Carlini and David Wagner. 2017. Towards Evaluating the Robustness of Neural Networks. In IEEE S & P.
3. Ian J Goodfellow Jonathon Shlens and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. In arXiv. Ian J Goodfellow Jonathon Shlens and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. In arXiv.
4. Kathrin Grosse Praveen Manoharan Nicolas Papernot Michael Backes and Patrick McDaniel. 2017. On the (statistical) detection of adversarial examples. In arXiv. Kathrin Grosse Praveen Manoharan Nicolas Papernot Michael Backes and Patrick McDaniel. 2017. On the (statistical) detection of adversarial examples. In arXiv.
5. Kaiming He Xiangyu Zhang Shaoqing Ren and Jian Sun. 2016. Deep Residual Learning for Image Recognition. In CVPR. Kaiming He Xiangyu Zhang Shaoqing Ren and Jian Sun. 2016. Deep Residual Learning for Image Recognition. In CVPR.