Scholar
Avital Shafran
Google Scholar ID: h58d7XQAAAAJ
Hebrew University of Jerusalem
Citations & Impact
Citations
93
H-index
4
i10-index
2
Publications
6
Co-authors
11
list available
Publications
Resume (English only)
Academic Achievements
- 1. 'Rerouting LLM Routers', COLM 2025
- 2. 'Machine Against the RAG: Jamming Retrieval-Augmented Generation with Blocker Documents', USENIX Security Symposium 2025
- 3. 'Beyond Labeling Oracles: What does it mean to steal ML models?', TMLR 2024
- 4. 'Is ML-Based Cryptanalysis Inherently Limited? Simulating Cryptographic Adversaries via Gradient-Based Methods', Advances in Cryptology - CRYPTO, 2024
- 5. 'Membership inference attacks are easier on difficult problems', ICCV 2021
Research Experience
- 1. Postdoctoral Researcher at ETH Zürich, Secure and Private AI (SPY) Lab, led by Prof. Florian Tramèr
- 2. Visited the CleverHans lab at the Vector AI institute in summer 2022, working with Prof. Nicolas Papernot on adversarial machine learning
- 3. Visited Cornell Tech in summer 2023, working with Prof. Tom Ristenpart on the interplay between machine learning and cryptography
Education
- 1. PhD in Computer Science, 2025, The Hebrew University of Jerusalem, Advisors: Prof. Shmuel Peleg and Prof. Gil Segev
- 2. M.Sc. in Computer Science, 2020, The Hebrew University of Jerusalem
- 3. B.Sc. in Computer Engineering, 2017, The Hebrew University of Jerusalem
Background
- Research interests include the security of machine learning and the intersection between machine learning and cryptography. Studies the security of ML systems from an adversarial perspective, attempting to understand the extent of different threat models. Interested in the role of ML systems and tools in solving cryptographic tasks and the use of existing cryptographic techniques for increasing the trustworthiness of ML systems.
Miscellany
- Organizer of the NeurIPS 2024 Workshop: 'Red Teaming GenAI: What Can We Learn from Adversaries?'
- Reviewer at IEEE SaTML 2023-2026, USENIX security 2025-2026, AsiaCCS 2026, ACM CCS 2026
