publications

2025

1. 

   Proof or Bluff? Evaluating LLMs on 2025 USA Math Olympiad

   Ivo Petrov, Jasper Dekoninck, Lyuben Baltadzhiev, Maria Drencheva, Kristian Minchev, Mislav Balunović, Nikola Jovanović, and Martin Vechev

   arXiv, 2025

   arXiv
2. ICML

   

   MathConstruct: Challenging LLM Reasoning with Constructive Proofs

   Mislav Balunovic, Jasper Dekoninck, Nikola Jovanovic, Ivo Petrov, and Martin T. Vechev

   In ICML, 2025

   arXiv
3. ICLR

   

   Language Models are Advanced Anonymizers

   Robin Staab, Mark Vero, Mislav Balunovic, and Martin Vechev

   In ICLR, 2025

   arXiv

2024

1. 

   AI Agents with Formal Security Guarantees

   Mislav Balunovic, Luca Beurer-Kellner, Marc Fischer, and Martin Vechev

   In ICML 2024 Next Generation of AI Safety Workshop, 2024

   PDF
2. arXiv

   

   COMPL-AI Framework: A Technical Interpretation and LLM Benchmarking Suite for the EU Artificial Intelligence Act

   Philipp Guldimann, Alexander Spiridonov, Robin Staab, Nikola Jovanovic, Mark Vero, Velko Vechev, Anna Gueorguieva, Mislav Balunovic, Nikola Konstantinov, Pavol Bielik, and 2 more authors

   arXiv, 2024

   arXiv
3. NeurIPS

   

   AgentDojo: A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents

   Edoardo Debenedetti, Jie Zhang, Mislav Balunovic, Luca Beurer-Kellner, Marc Fischer, and Florian Tramèr

   In NeurIPS, 2024

   arXiv
4. ICML

   

   CuTS: Customizable Tabular Synthetic Data Generation

   Mark Vero, Mislav Balunovic, and Martin T. Vechev

   In ICML, 2024

   arXiv
5. ICLR

   

   Beyond Memorization: Violating Privacy via Inference with Large Language Models

   Robin Staab, Mark Vero, Mislav Balunovic, and Martin T. Vechev

   In ICLR, 2024

   Spotlight presentation arXiv Code

   Spotlight presentation is awarded to the top 5% submitted papers

6. IEEE S&P

   

   From Principle to Practice: Vertical Data Minimization for Machine Learning

   Robin Staab, Nikola Jovanovic, Mislav Balunovic, and Martin T. Vechev

   In IEEE S&P, 2024

   arXiv

2023

1. ICML

   

   FARE: Provably Fair Representation Learning with Practical Certificates

   Nikola Jovanovic, Mislav Balunovic, Dimitar Iliev Dimitrov, and Martin T. Vechev

   In ICML, 2023

   arXiv
2. ICML

   

   TabLeak: Tabular Data Leakage in Federated Learning

   Mark Vero, Mislav Balunovic, Dimitar Iliev Dimitrov, and Martin T. Vechev

   In ICML, 2023

   arXiv

2022

1. NeurIPS

   

   LAMP: Extracting Text from Gradients with Language Model Priors

   Mislav Balunovic, Dimitar I. Dimitrov, Nikola Jovanovic, and Martin T. Vechev

   In NeurIPS, 2022

   arXiv
2. TMLR

   

   Data Leakage in Federated Averaging

   Dimitar Iliev Dimitrov, Mislav Balunovic, Nikola Konstantinov, and Martin T. Vechev

   Transactions of Machine Learning Research, 2022

   PDF
3. ICLR

   

   Bayesian Framework for Gradient Leakage

   Mislav Balunovic, Dimitar Iliev Dimitrov, Robin Staab, and Martin T. Vechev

   In ICLR, 2022

   arXiv
4. ECCV

   

   Latent Space Smoothing for Individually Fair Representations

   Momchil Peychev, Anian Ruoss, Mislav Balunovic, Maximilian Baader, and Martin T. Vechev

   In ECCV, 2022

   arXiv
5. TMLR

   

   On the Paradox of Certified Training

   Nikola Jovanovic, Mislav Balunovic, Maximilian Baader, and Martin T. Vechev

   Transactions of Machine Learning Research, 2022

   arXiv
6. ICLR

   

   Fair Normalizing Flows

   Mislav Balunovic, Anian Ruoss, and Martin T. Vechev

   In ICLR, 2022

   arXiv

2021

1. ICCV

   

   Robustness Certification for Point Cloud Models

   Tobias Lorenz, Anian Ruoss, Mislav Balunovic, Gagandeep Singh, and Martin T. Vechev

   In ICCV, 2021

   arXiv
2. CAV

   

   Scalable Polyhedral Verification of Recurrent Neural Networks

   Wonryong Ryou, Jiayu Chen, Mislav Balunovic, Gagandeep Singh, Andrei Marian Dan, and Martin T. Vechev

   In CAV, 2021

   arXiv
3. ICLR

   

   Certify or Predict: Boosting Certified Robustness with Compositional Architectures

   Mark Niklas Müller, Mislav Balunovic, and Martin T. Vechev

   In ICLR, 2021

   PDF
4. AAAI

   

   Efficient Certification of Spatial Robustness

   Anian Ruoss, Maximilian Baader, Mislav Balunovic, and Martin T. Vechev

   In AAAI, 2021

   arXiv

2020

1. NeurIPS

   

   Learning Certified Individually Fair Representations

   Anian Ruoss, Mislav Balunovic, Marc Fischer, and Martin T. Vechev

   In NeurIPS, 2020

   arXiv
2. ICLR

   

   Adversarial Training and Provable Defenses: Bridging the Gap

   Mislav Balunovic and Martin T. Vechev

   In ICLR, 2020

   Oral presentation PDF

   Oral presentation is awarded to the top submitted papers

2019

1. NeurIPS

   

   Certifying Geometric Robustness of Neural Networks

   Mislav Balunovic, Maximilian Baader, Gagandeep Singh, Timon Gehr, and Martin T. Vechev

   In NeurIPS, 2019

   PDF
2. CCS

   

   Learning to Fuzz from Symbolic Execution with Application to Smart Contracts

   Jingxuan He, Mislav Balunovic, Nodar Ambroladze, Petar Tsankov, and Martin T. Vechev

   In CCS, 2019

   PDF
3. ICML

   

   DL2: Training and Querying Neural Networks with Logic

   Marc Fischer, Mislav Balunovic, Dana Drachsler-Cohen, Timon Gehr, Ce Zhang, and Martin T. Vechev

   In ICML, 2019

   PDF

2018

1. NeurIPS

   

   Learning to Solve SMT Formulas

   Mislav Balunovic, Pavol Bielik, and Martin T. Vechev

   In NeurIPS, 2018

   Oral presentation PDF

   Oral presentation is awarded to the top submitted papers