Publications
This page provides an overview on my publications.
| Author(s) | Year | Title and Publication | Link |
|---|---|---|---|
| Adarsh Jamadandi, Jing Xu, Adam Dziedzic, Franziska Boenisch | 2025 | Memorization in Graph Neural Networks. NeurIPS | here |
| Louis Kerner, Michel Meintz, Bihe Zhao, Franziska Boenisch, Adam Dziedzic | 2025 | BitMark for Infinity: Watermarking Bitwise Autoregressive Image Generative Models. NeurIPS | here |
| Jamie Hayes, Ilia Shumailov, Christopher A Choquette-Choo, Matthew Jagielski, George Kaissis, Katherine Lee, Milad Nasr, Sahra Ghalebikesabi, Niloofar Mireshghallah, Meenatchi Sundaram Mutu Selva Annamalai, Igor Shilov, Matthieu Meeus, Yves-Alexandre de Montjoye, Franziska Boenisch, Adam Dziedzic, A Feder Cooper | 2025 | Strong Membership Inference Attacks on Massive Datasets and (Moderately) Large Language Models. NeurIPS | here |
| Yihan Wang, Yiwei Lu, Guojun Zhang, Franziska Boenisch, Adam Dziedzic, Yaoliang Yu, Xiao-Shan Gao | 2025 | MUC: Machine Unlearning for Contrastive Learning with Black-box Evaluation. TMLR | here |
| Jan Dubiński, Antoni Kowalczuk, Franziska Boenisch , Adam Dziedzic | 2025 | Privacy Attacks on Image AutoRegressive Models. ICML | here |
| Xun Wang, Jing Xu, Franziska Boenisch , Michael Backes, Christopher A. Choquette-Choo, Adam Dziedzic | 2025 | Efficient and Privacy-Preserving Soft Prompt Transfer for LLMs. ICML | here |
| Bihe Zhao, Pratyush Maini, Franziska Boenisch , Adam Dziedzic | 2025 | Unlocking Post-hoc Dataset Inference with Synthetic Data. ICML | here |
| Jan Dubiński, Antoni Kowalczuk, Franziska Boenisch , Adam Dziedzic | 2025 | CDI: Copyrighted Data Identification in Diffusion Models. CVPR | here |
| Shahrzad Kiani, Nupur Kulkarni, Adam Dziedzic, Stark Draper, Franziska Boenisch | 2025 | Differentially Private Federated Learning with Time-Adaptive Privacy Spending. ICLR | here |
| Łukasz Staniszewski, Bartosz Cywiński, Franziska Boenisch, Kamil Deja, Adam Dziedzic | 2025 | Precise Parameter Localization for Textual Generation in Diffusion Models. ICLR | here |
| Wenhao Wang, Adam Dziedzic, Grace C. Kim, Michael Backes, Franziska Boenisch | 2025 | Captured by Captions: On Memorization and its Mitigation in CLIP Models. ICLR | here |
| Dariush Wahdany, Matthew Jagielski, Adam Dziedzic, Franziska Boenisch | 2025 | Differentially Private Prototypes for Imbalanced Transfer Learning. AAAI | here |
| Vincent Hanke, Tom Blanchard, Franziska Boenisch, Iyiola Emmanuel Olatunji, Michael Backes, Adam Dziedzic | 2024 | Open LLMs are Necessary for Current Private Adaptations and Outperform their Closed Alternatives. NeurIPS | here |
| Wenhao Wang, Adam Dziedzic, Michael Backes, Franziska Boenisch | 2024 | Localizing Memorization in SSL Vision Encoders. NeurIPS | here |
| Dominik Hintersdorf, Lukas Struppek, Kristian Kersting, Adam Dziedzic, Franziska Boenisch | 2024 | Finding NeMo: Localizing Neurons Responsible For Memorization in Diffusion Models. NeurIPS | here |
| Jiapeng Wu, Atiyeh Ashari Ghomi, David Glukhov, Jesse Cresswell, Franziska Boenisch , Nicolas Papernot | 2024 | Augment then Smooth: Reconciling Differential Privacy with Certified Robustness. TMLR | here |
| Shahrzad Kiani, Franziska Boenisch, and Stark C Draper | 2024 | Controlled privacy leakage propagation throughout overlapping grouped learning. IEEE Journal on Selected Areas in Information Theory | here |
| Wenhao Wang, Muhammad Ahmad Kaleem, Adam Dziedzic, Michael Backes, Nicolas Papernot, and Franziska Boenisch | 2024 | Memorization in Self-Supervised Learning Improves Downstream Generalization. ICLR | here |
| Anvith Thudi, Ilia Shumailov, Franziska Boenisch, and Nicolas Papernot | 2024 | From Differential Privacy to Bounds on Membership Inference: Less can be More. TMLR | here |
| Haonan Duan, Adam Dziedzic, Mohammad Yaghini, Nicolas Papernot, and Franziska Boenisch | 2023 | On the Privacy Risk of In-context Learning. ACL TrustNLP Workshop | here |
| Haonan Duan, Adam Dziedzic, Nicolas Papernot, and Franziska Boenisch | 2023 | Flocks of stochastic parrots: Differentially private prompt learning for large language models. NeurIPS | here |
| Jan Dubiński, Stanisław Pawlak, Franziska Boenisch, Tomasz Trzcinski, and Adam Dziedzi | 2023 | Bucksforbuckets(b4b):Active defenses against stealing encoders NeurIPS | here |
| Franziska Boenisch, Christopher Mühl, Adam Dziedzic, Roy Rinberg, Nicolas Papernot | 2023 | Have it your way: Individualized Privacy Assignment for DP-SGD NeurIPS | here |
| Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov and Nicolas Papernot | 2023 | When the Curious Abandon Honesty: Federated Learning Is Not Private. IEEE Euro S&P | here |
| Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov and Nicolas Papernot | 2023 | Is Federated Learning a Practical PET Yet? IEEE Euro S&P | here |
| Franziska Boenisch, Christopher Mühl, Roy Rinberg, Jannis Ihrig, and Adam Dziedzic | 2023 | Individualized PATE: Differentially Private Machine Learning with Individual Privacy Guarantees. 23rd Privacy Enhancing Technologies Symposium (PoPETs ‘23) | here |
| Matteo Giomi, Franziska Boenisch, Christoph Wehmeyer, and Borbála Tasnádi | 2023 | A Unified Framework for Quantifying Privacy Risk in Synthetic Data. 23rd Privacy Enhancing Technologies Symposium (PoPETs ‘23) | here |
| Adam Dziedzic, Haonan Duan, Muhammad Ahmad Kaleem, Nikita Dhawan, Jonas Guan, Yannis Cattan, Franziska Boenisch, and Nicolas Papernot | 2022 | Dataset Inference for Self-Supervised Models. NeurIPS | here |
| Karla Pizzi, Franziska Boenisch, Ugur Sahin, and Konstantin Böttinger | 2022 | Introducing Model Inversion Attacks on Automatic Speaker Recognition. Proc. 2nd Symposium on Security and Privacy in Speech Communication | here |
| Tabea Kossen, Manuel Hirzel, Vince Madai, Franziska Boenisch, Anja Hennemuth, Kristian Hildebrand, Sebastian Pokutta, Kartikey Sharma, Adam Hilbert, Jan Sobesky, Ivana Galinovich, Ahmed Khalil, Jochen Fiebach, and Dietmar Frey. | 2022 | Towards sharing brain images: Differentially private TOF-MRA images with segmentation labels using generative adversarial networks. Frontiers in Artificial Intelligence | here |
| Franziska Boenisch | 2021 | A Systematic Review on Model Watermarking for Neural Networks. Frontiers in Big Data, 4(96). | here |
| Franziska Boenisch, Reinhard Munz, Marcel Tiepelt, Simon Hanisch, Christiane Kuhn, and Paul Francis | 2021 | Side-Channel Attacks on Query-Based Data Anonymization. ACM CCS | here |
| Franziska Boenisch, Verena Battis, Nicolas Buchmann, and Maija Poikela | 2021 | “I Never Thought About Securing My Machine Learning Systems”: A Study of Security and Privacy Awareness of Machine Learning Practitioners Mensch und Computer 2021, 520-546. | here |
| Sörries, Peter, Claudia Müller-Birn, Katrin Glinka, Franziska Boenisch, Marian Margraf, Sabine Sayegh-Jodehl, and Matthias Rose | 2021 | Privacy Needs Reflection: Conceptional Design Rationales for Privacy-Preserving Explanation User Interfaces. Mensch und Computer 2021, Workshow-Proceedings. | here |
| Franziska Boenisch | 2021 | Privatsphäre und Maschinelles Lernen. Datenschutz Datensicherheit 45, 448–452. | here |
| Franziska Boenisch, Philip Sperl, and Konstantin Böttinger | 2021 | Gradient Masking and the Underestimated Robustness Threats of Differential Privacy in Deep Learning. arXiv preprint arXiv:2105.07985 | here |
| Franziska Boenisch, Benjamin Rosemann, Benjamin Wild, David Dormagen, Fernando Wario, and Tim Landgraf | 2018 | Tracking all members of a honey bee colony over their lifetime using learned models of correspondence. Frontiers in Robotics and AI. 5(35). | here |