Jean-Charles Noirot Ferrand

Publications

2026

Targeting Alignment: Extracting Safety Classifiers of Aligned LLMs
Jean-Charles Noirot Ferrand, Yohan Beugin, Eric Pauley, Ryan Sheatsley, Patrick McDaniel
IEEE Secure and Trustworthy Machine Learning Conference (SaTML), 2026

arXiv Code

DOI

Slides

Poster Cite

@inproceedings{noirot_ferrand_targeting_2026,
                 author = {Jean-Charles {Noirot Ferrand} and Yohan Beugin and Eric Pauley and Ryan Sheatsley and Patrick McDaniel},
                 booktitle = {IEEE Secure and Trustworthy Machine Learning Conference (SaTML)},
                 doi = {10.48550/arXiv.2501.16534},
                 month = {March},
                 title = {{Targeting} {Alignment}: {Extracting} {Safety} {Classifiers} of {Aligned} {LLMs}},
                 year = {2026}
                }

Longitudinal Analyses of SAST Tools: A CodeQL Case Study
Jean-Charles Noirot Ferrand, Kyle Domico, Yohan Beugin, Patrick McDaniel
In Submission, 2026

arXiv

DOI Cite

@misc{ferrand2026longitudinalanalysessasttools,
                 archiveprefix = {arXiv},
                 author = {Jean-Charles {Noirot Ferrand} and Kyle Domico and Yohan Beugin and Patrick McDaniel},
                 doi = {10.48550/arXiv.2605.07900},
                 eprint = {2605.07900},
                 primaryclass = {cs.CR},
                 title = {Longitudinal Analyses of SAST Tools: A CodeQL Case Study},
                 year = {2026}
                }

Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning
Kyle Domico, Jean-Charles Noirot Ferrand, Ryan Sheatsley, Eric Pauley, Josiah Hanna, Patrick McDaniel
Findings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2026

arXiv

DOI Cite

@inproceedings{domico2026adversarialagents,
                 author = {Kyle Domico and Jean-Charles {Noirot Ferrand} and Ryan Sheatsley and Eric Pauley and Josiah Hanna and Patrick McDaniel},
                 booktitle = {Findings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
                 doi = {10.48550/arXiv.2503.01734},
                 title = {Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning},
                 year = {2026}
                }

The Role of Learning in Attacking Intrusion Detection Systems
Kyle Domico, Jean-Charles Noirot Ferrand, Patrick McDaniel
In Submission, 2026

arXiv

DOI Cite

@misc{domico2026rolelearningattackingintrusion,
                 archiveprefix = {arXiv},
                 author = {Kyle Domico and Jean-Charles {Noirot Ferrand} and Patrick McDaniel},
                 doi = {https://doi.org/10.48550/arXiv.2602.10299},
                 eprint = {2602.10299},
                 primaryclass = {cs.CR},
                 title = {{The} {Role} of {Learning} in {Attacking} {Intrusion} {Detection} {Systems}},
                 year = {2026}
                }

2025

On the Robustness Tradeoff in Fine-Tuning
Kunyang Li, Jean-Charles Noirot Ferrand, Ryan Sheatsley, Blaine Hoak, Yohan Beugin, Eric Pauley, Patrick McDaniel
IEEE/CVF International Conference on Computer Vision (ICCV), 2025

arXiv Code

DOI Cite

@inproceedings{li_robustness_2025,
                 author = {Kunyang Li and Jean-Charles {Noirot Ferrand} and Ryan Sheatsley and Blaine Hoak and Yohan Beugin and Eric Pauley and Patrick McDaniel},
                 booktitle = {IEEE/CVF International Conference on Computer Vision (ICCV)},
                 doi = {10.48550/arXiv.2503.14836},
                 month = {October},
                 title = {On the {Robustness} {Tradeoff} in {Fine}-{Tuning}},
                 year = {2025}
                }

LibIHT: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis
Changyu Zhao, Yohan Beugin, Jean-Charles Noirot Ferrand, Quinn Burke, Guancheng Li, Patrick McDaniel
Workshop on Software Understanding and Reverse Engineering (SURE), 2025

arXiv Code

DOI Cite

@inproceedings{zhao_libiht_2025,
                 address = {Taipei, Taiwan},
                 author = {Changyu Zhao and Yohan Beugin and Jean-Charles {Noirot Ferrand} and Quinn Burke and Guancheng Li and Patrick McDaniel},
                 booktitle = {Workshop on Software Understanding and Reverse Engineering (SURE)},
                 doi = {10.1145/3733822.3764670},
                 keywords = {workshop},
                 month = {October},
                 title = {{LibIHT}: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis},
                 year = {2025}
                }

2024

Extracting the Harmfulness Classifier of Aligned LLMs
Jean-Charles Noirot Ferrand
M.S. Thesis, 2024

Paper Cite

@mastersthesis{noirot_ferrand_extracting_2024,
                 author = {Jean-Charles {Noirot Ferrand}},
                 booktitle = {M.S. Thesis},
                 month = {December},
                 school = {University of Wisconsin-Madison},
                 title = {{Extracting} {the} {Harmfulness} {Classifier} {of} {Aligned} {LLMs}},
                 url = {https://jcnf.me/static/publications/ms_thesis_2024.pdf},
                 year = {2024}
                }

2023

The Efficacy of Transformer-Based Adversarial Attacks in Security Domains
Kunyang Li, Kyle Domico, Jean-Charles Noirot Ferrand, Patrick McDaniel
MILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM), 2023

arXiv

DOI Cite

@inproceedings{li_efficacy_2023,
                 address = {Boston, USA},
                 author = {Kunyang Li and Kyle Domico and Jean-Charles {Noirot Ferrand} and Patrick McDaniel},
                 booktitle = {MILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM)},
                 doi = {10.1109/MILCOM58377.2023.10356372},
                 keywords = {workshop},
                 number = {},
                 title = {The Efficacy of {Transformer-Based} Adversarial Attacks in Security Domains},
                 volume = {},
                 year = {2023}
                }