Publications

In the Media

Our work is making a significant impact on research, polices, and public opinion. Here are some selected news articles:

• Phantom Attacks on Driver-Assistance Systems:
  Wired, Ars Technica, ZDNet, Threat Post, deeplearning.ai, and Motor Trend.
• Deepfakes in Medical Scans:
  The Washington Post, Forbes, BBC, Engadget, PCMag, TechCrunch, and Gizmodo.
• Voice Deepfakes:
  protocol and Fortune
• Security of AI Assistants (GPTs):
  ARS Technica, Cloudflare, and The Register.
• Preventing Deepfake Calls: The Register

Talks

Academic Articles

The following is a selection of our publications. Stay tuned -we’ve only just begun!

• Cloak, Honey, Trap: Proactive Defenses Against LLM Agents D Ayzenshteyn, R Weiss, Y Mirsky. USENIX Security 2025 Rank A*
• The Threat of Deepfake Fingerprints Y Hacmon, K Gorelik, Y Mirsky. WDC, 2025 Best Paper Award
• PEAS: A Strategy for Crafting Transferable Adversarial Examples B Avraham, Y Mirsky. ACM TIST. 2025 Rank Q1.‏
• Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks R Bokobza, Y Mirsky. ACM TIST. 2025 Rank Q1‏
• What Was Your Prompt? A Remote Keylogging Attack on AI Assistants R Weiss, D Ayzenshteyn, G Amit, Y Mirsky. USENIX Security 2024 Rank A* & DEF CON 32.
• Efficient Model Extraction via Boundary Sampling Maor Biton Dor, Yisroel Mirsky. ACM AISec, 2024 Best Paper Award
• Exploiting LLMs for Scam Automation: A Looming Threat G Gressel, R Pankajakshan, Y Mirsky. WDC, 2024 Best Paper Award
• Transpose Attack: Stealing Datasets with Bidirectional Training Guy Amit, Moshe Levy, Yisroel Mirsky. NDSS, 2024. Rank A*
• VulChecker: Graph-based Vulnerability Localization in Source Code Yisroel Mirsky, George Macon, Michael Brown, Carter Yagemann, Matthew Pruett, Evan Downing, Sukarno Mertoguno, Wenke Lee. USENIX Security Symposium, 2023. Rank A*
• Deepfake CAPTCHA: A Method for Preventing Fake Calls Lior Yasur, Guy Frankovits, Fred M Grabovski, Yisroel Mirsky. ASIA CCS 2023. Rank A
• The Threat of Offensive AI to Organizations Yisroel Mirsky, Ambra Demontis, Jaidip Kotak, Ram Shankar, Deng Gelei, Liu Yang, Xiangyu Zhang, Maura Pintor, Wenke Lee, Yuval Elovici, Battista Biggio. Computers & Secuirty 2022. IF 5.1, 34/246, Q1
• DeepReflect: Discovering Malicious Functionality through Binary Reconstruction Evan Downing, Yisroel Mirsky, Kyuhong Park, and Wenke Lee. USENIX Security Symposium, 2021. Rank A*
• Attacking Tesla Model Xs Autopilot Using Compromised Advertisement Ben Nassi, Yisroel Mirsky, Dudi Nassi, Raz Ben-Netanel, Oleg Drokin, and Yuval Elovici. Workshop on Automotive and Autonomous Vehicle Security (AutoSec), 2021. Co-located with NDSS.
• The Creation and Detection of Deepfakes: A Survey Yisroel Mirsky, and Wenke Lee. ACM Computing Surveys (CSUR), 2020. Rank Q1
• Phantom of the ADAS: Securing Advanced Driver-Assistance Systems from Split-Second Phantom Attacks Ben Nassi, Yisroel Mirsky, Dudi Nassi, Raz Ben-Netanel, Oleg Drokin, and Yuval Elovici. ACM Conference on Computer and Communications Security (CCS), 2020. Rank A*
• CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning Yisroel Mirsky, Tom Mahler, Ilan Shelef, and Yuval Elovici. USENIX Security Symposium, 2019. Rank A*
• DICOM images have been hacked! Now what? Benoit Desjardins, Yisroel Mirsky, Markel Picado Ortiz, Zeev Glozmand, Lawrence Tarbox, Robert Hornf, and Steven C. Horii. American Roentgen Ray Society (ARRS), American Journal of Roentgenology (AJR), 2019. Rank Q1
• DeepReflect: Discovering Malicious Functionality through Binary Reconstruction Evan Downing, Yisroel Mirsky, Kyuhong Park, and Wenke Lee. USENIX Security Symposium, 2021. Rank A*