Jonas Rauber

PhD Candidate in Machine Learning

University of Tübingen

Max Planck Research School for Intelligent Systems

Hey, I am Jonas!

I have recently completed in my PhD 🎓 in Machine Learning with summa cum laude and I am currently looking for new job opportunities in Europe 🇪🇺🇩🇪🇨🇭🇬🇧 and abroad 🇺🇸. I combine experience in machine learning research 👨‍🔬 (several high-impact papers published at NeurIPS, ICLR, and ICML; 2,500+ citations) with expertise in machine learning software engineering 🚀 (lead developer of two popular open source Python projects with 500+ and 2,000+ stars).

If you or your company are looking for a machine learning researcher or engineer, please reach out.

Interests

🤖 Machine Learning and AI
🚀 Entrepreneurship and Startups
🚵‍♂️ Cycling and Gravel Bikes
📷 Photography
🌍 Green Economy
📜 Constitutional Law
🎧 Podcasts

Education

PhD in Machine Learning, 2021

University of Tübingen & Max Planck Research School for Intelligent Systems
MSc in Neural Information Processing, 2016

University of Tübingen
BSc in Computer Science, 2014

Karlsruhe Institute of Technology

Experience

Software Developer

Freelancer

Nov 2021 – Present Tübingen, Germany

Machine Learning Engineer

Layer7 AI

Nov 2019 – Dec 2019 Tübingen, Germany

Machine Learning Research Intern

Apple Inc.

May 2019 – Sep 2019 Seattle, US

Health AI team, working with Leon Gatys and Emily Fox

Researcher & PhD Student

University of Tübingen

Nov 2016 – Nov 2021 Tübingen, Germany

Perceiving Neural Networks Group, led by Prof. Matthias Bethge. My research focused on understanding and improving the robustness of deep neural networks.

Machine Learning Research Intern

Max Planck Institute for Intelligent Systems

Oct 2015 – Dec 2015 Tübingen, Germany

Probabilistic Numerics Group, led by Prof. Philipp Hennig

Research Assistant

University of Tübingen

Feb 2015 – Sep 2016 Tübingen, Germany

Perceiving Neural Networks Group, led by Prof. Matthias Bethge

Research Assistant

Karlsruhe Institute of Technology

Apr 2014 – Sep 2014 Karlsruhe, Germany

In summer 2014, I wrote my Bachelor thesis in the High Performance Humanoid Technologies Lab led by Prof. Tamim Asfour on Learning Tool Use on the Humanoid Robot ARMAR-III using Kinematic Bézier Maps.

Research Assistant

Karlsruhe Institute of Technology

Aug 2013 – Apr 2014 Karlsruhe, Germany

I worked in the Cognitive Systems Lab on a research project on silent speech recognition using EMG data (electromyography).

Software Developer

Freelancer

Aug 2002 – May 2011 Oberwolfach, Germany

Some examples of what I’ve built in my early years as a developer:

a flashcards web app for myself, that I later sold to a special school for children with physical disabilities,
a custom in-house information management system for a small company, and
a timetable management system for a school.

Projects

Open Source Projects, Robots, Politics, Prototypes, and more

arXiv + Bear.app

With this bookmarklet, the awesome Bear.app can be used a reference manager for arXiv papers.

EagerPy

EagerPy is an open source Python framework that lets you write beautiful code that automatically works natively with PyTorch, TensorFlow, JAX, and NumPy.

Foolbox

A state-of-the-art open source adversarial attacks toolbox to fool neural networks (1.5k stars).

Deep Art Glasses

AR smart glasses to view the world live in real-time in the style of any artist. Makes the world a more beautiful place.

ARMAR-III Tool Use

Learning Tool Use on the Humanoid Robot ARMAR-III using Kinematic Bézier Maps

Grüne Jugend Ortenau

In 2010, I was one of the initiators and co-founders of the Grüne Jugend Ortenau, the political youth organization of the the Green party in the Ortenaukreis.

Käfer Soccer Robot

Käfer was our autonomous soccer robot built using LEGO for the 2005 and 2007 autonomous robot soccer competition at Offenburg University.

Recent Talks

Talks, Workshops, Presentations

Advances in Reliably Evaluating and Improving Adversarial Robustness

PhD Defense

Nov 5, 2021 Tübingen, Germany

Jonas Rauber

Advances in Reliably Evaluating and Improving Adversarial Robustness

I presented a brief summary of my PhD research at the annual meeting of the Bosch Research Foundation.

Feb 25, 2021 — Feb 26, 2021

Jonas Rauber

Foundation

Making Machine Learning Robust Against Adversarial Inputs

I presented my latest research results at the annual meeting of the Bosch Research Foundation.

Mar 4, 2020 — Mar 5, 2020 Renningen, Germany

Jonas Rauber

Foundation

Making Machine Learning Robust Against Adversarial Inputs

How to evaluate adversarial robustness?

We tought an interactive workshop on evaluating adversarial robustness at the 1st Tübingen Robust Learning Symposium.

Feb 17, 2020 Tübingen, Germany

Wieland Brendel, Jonas Rauber

Symposium

How to evaluate adversarial robustness?

I tought an interactive workshop on evaluating adversarial robustness at the Deep Learning and Inverse Problems Autumn School in Bremen.

Nov 5, 2019 Bremen, Germany

Jonas Rauber

Autumn School

Modeling patterns of smartphone usage and their relationship to cognitive health

Presented my intership work at an internal Apple Machine Learning Research Symposium

Sep 20, 2019 Cupertino, US

Jonas Rauber

Modeling patterns of smartphone usage and their relationship to cognitive health

Making Machine Learning Robust Against Adversarial Inputs

I presented my latest research results at the annual meeting of the Bosch Research Foundation.

Feb 20, 2019 — Feb 21, 2019 Gerlingen, Germany

Jonas Rauber

Foundation

Linear Region Attack

I presented our work on a new type of geometric adversarial attack in the Schölkopf group at the Max Planck Institute for Intelligent Systems

Feb 13, 2019 Tübingen, Germany

Jonas Rauber

Towards Robust Neural Networks

I presented my latest research results at the annual meeting of the Bosch Research Foundation.

Feb 13, 2018 — Feb 14, 2018 Renningen, Germany

Jonas Rauber

Foundation

TensorFlow Workshop for Computational Neuroscientists

We gave an interactive tutorial on TensorFlow targeted at compututational neuroscientists.

Sep 12, 2017

Matthias Betghe, Wieland Brendel, Alexander Ecker, Jonas Rauber

Conference

TensorFlow Workshop for Computational Neuroscientists

See all talks

Featured Publications

An up-to-date list of publications is also available on Google Scholar.

Advances in Reliably Evaluating and Improving Adversarial Robustness

Machine learning has made enormous progress in the last five to ten years. We can now make a computer, a machine, learn complex …

Jonas Rauber

Foolbox Native: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX

Machine learning has made enormous progress in recent years and is now being used in many real-world applications. Nevertheless, even …

Jonas Rauber, Roland Zimmermann, Matthias Bethge, Wieland Brendel

PDF Code Project DOI JOSS

Foolbox Native: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX

EagerPy: Writing Code That Works Natively with PyTorch, TensorFlow, JAX, and NumPy

EagerPy is a Python framework that lets you write code that automatically works natively with PyTorch, TensorFlow, JAX, and NumPy. …

Jonas Rauber, Matthias Bethge, Wieland Brendel

PDF Code Website arXiv

EagerPy: Writing Code That Works Natively with PyTorch, TensorFlow, JAX, and NumPy

Fast Differentiable Clipping-Aware Normalization and Rescaling

Rescaling a vector δ⃗ ∈ ℝ^n to a desired length is a common operation in many areas such as data science and machine learning. When the …

Jonas Rauber, Matthias Bethge

PDF Code arXiv

Fast Differentiable Clipping-Aware Normalization and Rescaling

Scaling up the randomized gradient-free adversarial attack reveals overestimation of robustness using established attacks

Modern neural networks are highly non-robust against adversarial manipulation. A significant amount of work has been invested in …

Francesco Croce*, Jonas Rauber*, Matthias Hein

PDF Code arXiv Springer Link

Scaling up the randomized gradient-free adversarial attack reveals overestimation of robustness using established attacks

Generalisation in humans and deep neural networks

We compare the robustness of humans and current convolutional deep neural networks (DNNs) on object recognition under twelve different …

Robert Geirhos*, Carlos R. Medina Temme*, Jonas Rauber*, Heiko H. Schuett, Matthias Bethge, Felix A. Wichmann

PDF Code arXiv

Generalisation in humans and deep neural networks

Adversarial Vision Challenge

The NIPS 2018 Adversarial Vision Challenge is a competition to facilitate measurable progress towards robust machine vision models and …

Wieland Brendel, Jonas Rauber, Alexey Kurakin, Nicolas Papernot, Behar Veliqi, Marcel Salathé, Sharada P. Mohanty, Matthias Bethge

PDF arXiv Competition Track crowdAI

Towards the first adversarially robust neural network model on MNIST

Despite much effort, deep neural networks remain highly susceptible to tiny input perturbations and even for MNIST, one of the most …

Lukas Schott*, Jonas Rauber*, Matthias Bethge, Wieland Brendel

PDF Code arXiv OpenReview

Towards the first adversarially robust neural network model on MNIST

Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models

Many machine learning algorithms are vulnerable to almost imperceptible perturbations of their inputs. So far it was unclear how much …

Wieland Brendel*, Jonas Rauber*, Matthias Bethge

PDF Code arXiv OpenReview

Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models

Foolbox: A Python toolbox to benchmark the robustness of machine learning models

Even todays most advanced machine learning models are easily fooled by almost imperceptible perturbations of their inputs. Foolbox is a …

Jonas Rauber*, Wieland Brendel*, Matthias Bethge

PDF Code Project arXiv Workshop

Foolbox: A Python toolbox to benchmark the robustness of machine learning models

See all publications