Publications

Haneen Najjar, Eyal Ronen, Mahmood Sharif. "Sy-FAR: Symmetry-based Fair Adversarial Robustness." USENIX Security Symposium. 2026.

Sol Yarkoni, Mahmood Sharif, Roi Livni. "Reconstructing Template-Memorized Images from Natural Prompts." International Conference on Machine Learning (ICML). 2026.

Matan Ben-Tov, Mor Geva, Mahmood Sharif. "Universal Jailbreak Suffixes Are Strong Attention Hijackers." Transactions of the Association for Computational Linguistics (TACL). 2026.

Jan Tolsdorf, Alan F. Luo, Monica Kodwani, Juno Eum, Mahmood Sharif, Michelle Mazurek, Adam Aviv. "How Probing for Problems and Bias Affects Perceptions of AI Chatbot Trustworthiness." ACM Conference on Fairness, Accountability, and Transparency (FAccT). 2026.

Nir Goren, Oren Katzir, Abhinav Nakarmi, Eyal Ronen, Mahmood Sharif, Or Patashnik. "NoisePrints: Distortion-Free Watermarks for Authorship in Private Diffusion Models." International Conference on Learning Representations (ICLR). 2026.

OpenReview Code

Shahar Katz, Bar Alon, Ariel Shaulov, Lior Wolf, Mahmood Sharif. "Safeguarding Language Models via Self-Destruct Trapdoor." Conference of the European Chapter of the Association for Computational Linguistics (EACL). 2026.

Kai-Hsiang Chou, Yi-An Wang, Chong Kai Lau, Mahmood Sharif, Hsu-Chun Hsiao. "Bot Among Us: Exploring User Awareness and Privacy Concerns About Chatbots in Group Chats." Annual Privacy Enhancing Technologies Symposium (PETS). 2026.

Matan Ben-Tov, Mahmood Sharif. "GASLITEing the Retrieval: Exploring Vulnerabilities in Dense Embedding-based Search." ACM Conference on Computer and Communications Security (CCS). 2025.

Jan Tolsdorf, Alan F. Luo, Monica Kodwani, Juno Eum, Mahmood Sharif, Michelle Mazurek, Adam Aviv. "Safety Perceptions of Generative AI Conversational Agents: Uncovering Perceptual Differences in Trust, Risk, and Fairness." Symposium on Usable Privacy and Security (SOUPS). 2025.

Jan Tolsdorf, Alan F. Luo, Monica Kodwani, Juno Eum, Mahmood Sharif, Michelle Mazurek, Adam Aviv. "On a Scale of 1 to 5, How Reliable Are AI User Studies? A Call for Developing Validated, Meaningful Scales and Metrics about User Perceptions of AI Systems." Workshop on Technology and Consumer Protection (ConPro). 2025.

Keane Lucas, Weiran Lin, Lujo Bauer, Michael K. Reiter, Mahmood Sharif. "Training Robust ML-based Raw-Binary Malware Detectors in Hours, not Months." ACM Conference on Computer and Communications Security (CCS). 2024.

Zebin Yun, Achi-Or Weingarten, Eyal Ronen, Mahmood Sharif. "The Ultimate Combo: Boosting Adversarial Example Transferability by Composing Data Augmentations." ACM Workshop on Artificial Intelligence and Security (AISec). 2024.

Nadav Gat, Mahmood Sharif. "Harmful Bias: A General Label-Leakage Attack on Federated Learning from Bias Gradients." ACM Workshop on Artificial Intelligence and Security (AISec). 2024.

Zahra Rahmani, Nahal Shahini, Nadav Gat, Zebin Yun, Yuzhou Jiang, Ofir Farchy, Yaniv Harel, Vipin Chaudhary, Mahmood Sharif, Erman Ayday. "Privacy-Preserving Collaborative Genomic Research: A Real-Life Deployment and Vision." ACM Workshop on Cybersecurity in Healthcare (HealthSec). 2024.

Yukiko Sawaya, Sarah Lu, Takamasa Isohara, Mahmood Sharif. "A High Coverage Cybersecurity Scale Predictive of User Behavior." USENIX Security Symposium. 2024.

Mahmood Sharif, Pubali Datta, Andy Riddle, Kim Westfall, Adam Bates, Vijay Ganti, Matthew Lentz, David Ott. "DrSec: Flexible Distributed Representations for Efficient Endpoint Security." IEEE Symposium on Security and Privacy (S&P). 2024.

Matan Ben-Tov, Daniel Deutch, Nave Frost, Mahmood Sharif. "CaFA: Cost-aware, Feasible Attacks With Database Constraints Against Neural Tabular Classifiers." IEEE Symposium on Security and Privacy (S&P). 2024.

Weiran Lin, Keane Lucas, Neo Eyal, Lujo Bauer, Michael K. Reiter, Mahmood Sharif. "Group-based Robustness: A General Framework for Customized Robustness in the Real World." ISOC Network and Distributed System Security Symposium (NDSS). 2024.

Keane Lucas, Samruddhi Pai, Weiran Lin, Lujo Bauer, Michael K. Reiter, Mahmood Sharif. "Adversarial Training for Raw-Binary Malware Classifiers." USENIX Security Symposium. 2023.

Amit Cohen, Mahmood Sharif. "Accessorize in the Dark: A Security Analysis of Near-Infrared Face Recognition." European Symposium on Research in Computer Security (ESORICS). 2023.

Arnav Chakravarthy, Nina Narodytska, Asmitha Rathis, Marius Vilcu, Mahmood Sharif, Gagandeep Singh. "Property-Driven Evaluation of RL-Controllers in Self-Driving Datacenters." Workshop on Challenges in Deploying and monitoring Machine Learning Systems (DMML@NeurIPS). 2022.

Haoze Wu, Clark Barrett, Mahmood Sharif, Nina Narodytska, Gagandeep Singh. "Scalable Verification of GNN-based Job Schedulers." International Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA). 2022.

Daniel Kats, Mahmood Sharif. ""I Have No Idea What a Social Bot Is": On Users' Perceptions of Social Bots and Ability to Detect Them." International Conference on Human-Agent Interaction (HAI). 2022.

Weiran Lin, Keane Lucas, Lujo Bauer, Michael K. Reiter, Mahmood Sharif. "Constrained Gradient Descent: A Powerful and Principled Evasion Attack Against Neural Networks." International Conference on Machine Learning (ICML). 2022.

Keane Lucas, Mahmood Sharif, Lujo Bauer, Michael K. Reiter, Saurabh Shintre. "Malware Makeover: Breaking ML-based Static Analysis by Modifying Executable Bytes." Asia Conference on Computer and Communications Security (AsiaCCS). 2021.

Camille Cobb, Milijana Surbatovich, Anna Kawakami, Mahmood Sharif, Lujo Bauer, Anupam Das, Limin Jia. "How Risky Are Real Users' IFTTT Applets?." Symposium on Usable Privacy and Security (SOUPS). 2020.

Molly Davies, Daniel Marino, Amelia Nash, Kevin A. Roundy, Mahmood Sharif, Acar Tamersoy. "Training Older Adults to Resist Scams with Fraud Bingo and Scam-Detection Challenges." Designing Interactions for the Ageing Populations Workshop at CHI. 2020.

Mahmood Sharif, Lujo Bauer, Michael K. Reiter. "$n$-ML: Mitigating Adversarial Examples via Ensembles of Topologically Manipulated Classifiers." arXiv pre-print. 2019.

Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, Michael K. Reiter. "A General Framework for Adversarial Examples with Objectives." ACM Transactions on Privacy and Security (TOPS). 2019.

PDF arXiv Code Demo

Mahmood Sharif, Kevin A. Roundy, Matteo Dellamico, Christopher Gates, Daniel Kats, Lujo Bauer, Nicolas Christin. "A Field Study of Computer-Security Perceptions Using Anti-Virus Customer-Support Chats." ACM Conference on Human Factors in Computing Systems (CHI). 2019.

Mahmood Sharif, Jumpei Urakawa, Nicolas Christin, Ayumu Kubota, Akira Yamada. "Predicting Impending Exposure to Malicious Content from User Behavior." ACM Conference on Computer and Communications Security (CCS). 2018.

Joshua Tan, Mahmood Sharif, Sruti Bhagavatula, Matthias Beckerle, Lujo Bauer, Michelle Mazurek. "Comparing Hypothetical and Realistic Privacy Valuations." Workshop on Privacy in the Electronic Society (WPES). 2018.

Mahmood Sharif, Lujo Bauer, Michael K. Reiter. "On the Suitability of $L_p$-norms for Creating and Preventing Adversarial Examples." The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CVPRW). 2018.

William Melicher, Anupam Das, Mahmood Sharif, Lujo Bauer, Limin Jia. "Riding Out DOMsday: Toward Detecting and Preventing DOM Cross-Site Scripting." ISOC Network and Distributed System Security Symposium (NDSS). 2018.

Zachary Weinberg, Mahmood Sharif, Janos Szurdi, Nicolas Christin. "Topics of Controversy: An Empirical Analysis of Web Censorship Lists." Annual Privacy Enhancing Technologies Symposium (PETS). 2017.

Yukiko Sawaya, Mahmood Sharif, Nicolas Christin, Ayumu Kubota, Akihiro Nakarai, Akira Yamada. "Self-Confidence Trumps Knowledge: A Cross-Cultural Study of Security Behavior." ACM Conference on Human Factors in Computing Systems (CHI). 2017. Equal contribution by the first two authors.

Mahmood Sharif, Sruti Bhagavatula, Lujo Bauer, Michael K. Reiter. "Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition." ACM Conference on Computer and Communications Security (CCS). 2016.

William Melicher, Mahmood Sharif, Joshua Tan, Lujo Bauer, Mihai Christodorescu, Pedro G. Leon. "(Do Not) Track Me Sometimes: Users' Contextual Preferences for Web Tracking." Annual Privacy Enhancing Technologies Symposium (PETS). 2016.