Publications

2026

• Targeting Alignment: Extracting Safety Classifiers of Aligned LLMs
  Jean-Charles Noirot Ferrand, Yohan Beugin, Eric Pauley, Ryan Sheatsley, Patrick McDaniel
  IEEE Secure and Trustworthy Machine Learning Conference (SaTML), 2026
  PDF Code DOI Cite

  @inproceedings{noirot_ferrand_targeting_2026,
                   author = {Jean-Charles {Noirot Ferrand} and Yohan Beugin and Eric Pauley and Ryan Sheatsley and Patrick McDaniel},
                   booktitle = {IEEE Secure and Trustworthy Machine Learning Conference (SaTML)},
                   doi = {10.48550/arXiv.2501.16534},
                   month = {March},
                   title = {{Targeting} {Alignment}: {Extracting} {Safety} {Classifiers} of {Aligned} {LLMs}},
                   url = {https://arxiv.org/abs/2501.16534},
                   year = {2026}
                  }
                  

• The Role of Learning in Attacking Intrusion Detection Systems
  Kyle Domico, Jean-Charles Noirot Ferrand, Patrick McDaniel
  In Submission, 2026
  PDF DOI Cite

  @misc{domico2026rolelearningattackingintrusion,
                   archiveprefix = {arXiv},
                   author = {Kyle Domico and Jean-Charles {Noirot Ferrand} and Patrick McDaniel},
                   doi = {https://doi.org/10.48550/arXiv.2602.10299},
                   eprint = {2602.10299},
                   primaryclass = {cs.CR},
                   title = {{The} {Role} of {Learning} in {Attacking} {Intrusion} {Detection} {Systems}},
                   url = {https://arxiv.org/abs/2602.10299},
                   year = {2026}
                  }
                  

2025

• On the Robustness Tradeoff in Fine-Tuning
  Kunyang Li, Jean-Charles Noirot Ferrand, Ryan Sheatsley, Blaine Hoak, Yohan Beugin, Eric Pauley, Patrick McDaniel
  IEEE/CVF International Conference on Computer Vision (ICCV), 2025
  PDF Code DOI Cite

  @inproceedings{li_robustness_2025,
                   author = {Kunyang Li and Jean-Charles {Noirot Ferrand} and Ryan Sheatsley and Blaine Hoak and Yohan Beugin and Eric Pauley and Patrick McDaniel},
                   booktitle = {IEEE/CVF International Conference on Computer Vision (ICCV)},
                   doi = {10.48550/arXiv.2503.14836},
                   month = {October},
                   title = {On the {Robustness} {Tradeoff} in {Fine}-{Tuning}},
                   url = {https://arxiv.org/abs/2503.14836},
                   year = {2025}
                  }
                  

• LibIHT: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis
  Changyu Zhao, Yohan Beugin, Jean-Charles Noirot Ferrand, Quinn Burke, Guancheng Li, Patrick McDaniel
  Workshop on Software Understanding and Reverse Engineering (SURE), 2025
  PDF Code DOI Cite

  @inproceedings{zhao_libiht_2025,
                   address = {Taipei, Taiwan},
                   author = {Changyu Zhao and Yohan Beugin and Jean-Charles {Noirot Ferrand} and Quinn Burke and Guancheng Li and Patrick McDaniel},
                   booktitle = {Workshop on Software Understanding and Reverse Engineering (SURE)},
                   doi = {10.1145/3733822.3764670},
                   keywords = {workshop},
                   month = {October},
                   title = {{LibIHT}: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis},
                   url = {https://arxiv.org/abs/2510.16251},
                   year = {2025}
                  }
                  

• Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning
  Kyle Domico, Jean-Charles Noirot Ferrand, Ryan Sheatsley, Eric Pauley, Josiah Hanna, Patrick McDaniel
  In Submission, 2025
  PDF DOI Cite

  @misc{domico2025adversarialagentsblackboxevasion,
                   archiveprefix = {arXiv},
                   author = {Kyle Domico and Jean-Charles {Noirot Ferrand} and Ryan Sheatsley and Eric Pauley and Josiah Hanna and Patrick McDaniel},
                   doi = {10.48550/arXiv.2503.01734},
                   eprint = {2503.01734},
                   primaryclass = {cs.CR},
                   title = {Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning},
                   url = {https://arxiv.org/abs/2503.01734},
                   year = {2025}
                  }
                  

2024

• Extracting the Harmfulness Classifier of Aligned LLMs
  Jean-Charles Noirot Ferrand
  M.S. Thesis, 2024
  PDF Cite

  @mastersthesis{noirot_ferrand_extracting_2024,
                   author = {Jean-Charles {Noirot Ferrand}},
                   booktitle = {M.S. Thesis},
                   month = {December},
                   school = {University of Wisconsin-Madison},
                   title = {{Extracting} {the} {Harmfulness} {Classifier} {of} {Aligned} {LLMs}},
                   url = {https://jcnf.me/static/publications/ms_thesis_2024.pdf},
                   year = {2024}
                  }
                  

2023

• The Efficacy of Transformer-Based Adversarial Attacks in Security Domains
  Kunyang Li, Kyle D Domico, Jean-Charles Noirot Ferrand, Patrick McDaniel
  Workshop on Artificial Intelligence for Cyber, 2023
  PDF DOI Cite

  @inproceedings{Li2310:Efficacy,
                   address = {Boston, USA},
                   author = {Kunyang Li and Kyle D Domico and Jean-Charles {Noirot Ferrand} and Patrick McDaniel},
                   booktitle = {Workshop on Artificial Intelligence for Cyber},
                   days = {30},
                   doi = {10.48550/arXiv.2310.11597},
                   keywords = {workshop},
                   month = {October},
                   pages = {6},
                   title = {The Efficacy of {Transformer-Based} Adversarial Attacks in Security Domains},
                   url = {https://arxiv.org/abs/2310.11597},
                   year = {2023}
                  }