Martin Vechev

Recovered in Translation: Efficient Pipeline for Automated Translation of Benchmarks and Datasets

arXiv 2026

Watermarking Autoregressive Image Generation

arXiv 2025

Mind the Gap: A Practical Attack on GGUF Quantization

arXiv 2025

MixAT: Combining Continuous and Discrete Adversarial Training for LLMs

arXiv 2025

COMPL-AI Framework: A Technical Interpretation and LLM Benchmarking Suite for the EU Artificial Intelligence Act

arXiv 2024

SWT-Bench: Testing and Validating Real-World Bug-Fixes with Code Agents

arXiv 2024

A Synthetic Dataset for Personal Attribute Inference

arXiv 2024

BgGPT 1.0: Extending English-centric LLMs to other languages

arXiv 2024

Discovering Spoofing Attempts on Language Model Watermarks

arXiv 2024

Large Language Models for Code: Security Hardening and Adversarial Testing

arXiv 2023

Beyond Memorization: Violating Privacy Via Inference with Large Language Models

arXiv 2023

Controlled Text Generation via Language Model Arithmetic

arXiv 2023

Hiding in Plain Sight: Disguising Data Stealing Attacks in Federated Learning

arXiv 2023

From Principle to Practice: Vertical Data Minimization for Machine Learning

arXiv 2023

Understanding Certified Training with Interval Bound Propagation

arXiv 2023

Self-contradictory Hallucinations of Large Language Models: Evaluation, Detection and Mitigation

arXiv 2023

LAMP: Extracting Text from Gradients with Language Model Priors

arXiv 2022

Private and Reliable Neural Network Inference

arXiv 2022

Certified Training: Small Boxes are All You Need

arXiv 2022

On Distribution Shift in Learning-based Bug Detectors

arXiv 2022

FARE: Provably Fair Representation Learning with Practical Certificates

arXiv 2022

Robustness Certification for Point Cloud Models

ICCV 2021 10

Latent Space Smoothing for Individually Fair Representations

latent-space-smoothing-for-individually-fair

Fair Normalizing Flows

fair-normalizing-flows-1

Efficient Certification of Spatial Robustness

arXiv 2020

Learning Certified Individually Fair Representations

NeurIPS 2020 12

A Provable Defense for Deep Residual Networks

arXiv 2019

Mislav Balunović

Nikola Jovanović

Robin Staab

Anian Ruoss

Dimitar I. Dimitrov

Jingxuan He

Marc Fischer

Mark Vero

Mark Niklas Müller

Anton Alexandrov