Selected Publications:

Preprints

Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks [paper]
Mehrdad Saberi, Vinu Sankar Sadasivan, Keivan Rezaei, Aounon Kumar, Atoosa Chegini, Wenxiao Wang, Soheil Feizi
Available on arXiv.
News Coverage: : Wired, MIT Technology Review, Bloomberg News

Can AI-Generated Text be Reliably Detected? [paper]
Vinu Sankar Sadasivan, Aounon Kumar, Sriram Balasubramanian, Wenxiao Wang and Soheil Feizi
Available on arXiv.
News Coverage: : Washington Post, UMD Science, New Scientist, The Register

Certifying llm safety against adversarial prompting [paper]
Aounon Kumar, Chirag Agarwal, Suraj Srinivas, Soheil Feizi, Hima Lakkaraju
Available on arXiv.

Online Advertisements with LLMs: Opportunities and Challenges [paper]
Soheil Feizi, MohammadTaghi Hajiaghayi, Keivan Rezaei, Suho Shin
Available on arXiv.

Localizing and Editing Knowledge in Text-to-Image Generative Models [paper]
Samyadeep Basu, Nanxuan Zhao, Vlad Morariu, Soheil Feizi, Varun Manjunatha
Available on arXiv.

Augmenting CLIP with Improved Visio-Linguistic Reasoning [paper]
Samyadeep Basu, Maziar Sanjabi, Daniela Massiceti, Shell Xu Hu, Soheil Feizi
Available on arXiv.

Invariant Learning via Diffusion Dreamed Distribution Shifts [paper]
Priyatham Kattakinda, Alexander Levine, Soheil Feizi
Available on arXiv.

2023

Exploring Geometry of Blind Spots in Vision models [paper]
S. Balasubramanian, G. Sriramanan, V. Sankar Sadasivan and Soheil Feizi
NeurIPS, 2023.

Spuriosity Rankings: Sorting Data to Measure and Mitigate Biases [paper]
Mazda Moayeri, Wenxiao Wang, Sahil Singla and Soheil Feizi
NeurIPS, 2023.

Diffused Redundancy in Pre-trained Representations [paper]
V. Nanda, T. Speicher, J. P Dickerson, K. P. Gummadi, S. Feizi, A. Weller
NeurIPS, 2023.

Temporal Robustness against Data poisoning [paper]
Wenxiao Wang and Soheil Feizi
NeurIPS, 2023.

Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses [paper]
CP. Lau, J. Liu, H. Souri, WA. Lin, S. Feizi, R. Chellappa
IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2023.

Adapting Self-Supervised Representations to Multi-Domain Setups [paper]
N. Kalibhat, S. Sharpe, J. Goodsitt, C. Bruss , S. Feizi
BMVC, 2023.

Towards Improved Input Masking for Convolutional Neural Networks [paper]
Sriram Balasubramanian and Soheil Feizi
ICCV, 2023.

Run-Off Election: Improved Provable Defense against Data Poisoning Attacks [paper]
Keivan Rezaei, Kiarash Banihashem, Atoosa Chegini, Soheil Feizi
ICML, 2023.

Text-To-Concept (and Back) via Cross-Model Alignment [paper]
Mazda Moayeri, Keivan Rezaei, Maziar Sanjabi, Soheil Feizi
ICML, 2023.

Interpretable Subspaces in Image Representations [paper]
Neha Kalibhat, Shweta Bhardwaj, Bayan Bruss, Hossein Firooz, Maziar Sanjabi, Soheil Feizi
ICML, 2023.

Towards Improved Input Masking for Convolutional Neural Networks [paper]
Sriram Balasubramanian and Soheil Feizi
ICCV, 2023.

Interpretable Mixture of Experts [paper]
Aya Abdelsalam Ismail, Sercan O Arik, Jinsung Yoon, Ankur Taly, Soheil Feizi, Tomas Pfister
TMLR, 2023.

CUDA: Convolution-based Unlearnable Datasets [paper]
Vinu Sankar Sadasivan, Mahdi Soltanolkotabi and Soheil Feizi
CVPR, 2023.

Goal-Conditioned Q-Learning as Knowledge Distillation [paper]
Alex Levine and Soheil Feizi
AAAI, 2023.

Provable Robustness against Wasserstein Distribution Shifts via Input Randomization [paper]
Aounon Kumar, Alex Levine and Soheil Feizi
ICLR, 2023.

Certifiably Robust Policy Learning against Adversarial Multi-Agent Communication [paper]
Yanchao Sun, Ruijie Zheng, Parisa Hassanzadeh, Yongyuan Liang, Soheil Feizi, Sumitra Ganesh, Furong Huang
ICLR, 2023.

Hard-Meta-Dataset++: Towards Understanding Few-Shot Performance on Difficult Tasks [paper]
Samyadeep Basu, Megan Stanley, John F Bronskill, Soheil Feizi, Daniela Massiceti
ICLR, 2023.

2022

Lethal Dose Conjecture on Data Poisoning [paper]
Wenxiao Wang, Alex Levine and Soheil Feizi
NeurIPS, 2022.

Explicit Tradeoffs between Adversarial and Natural Distributional Robustness [paper]
Mazda Moayeri, Kiarash Banihashem, Soheil Feizi
NeurIPS, 2022.

Improved techniques for deterministic l2 robustness [paper]
Sahil Singla and Soheil Feizi
NeurIPS, 2022.

Toward Efficient Robust Training against Union of Lp Threat Models [paper]
Gaurang Sriramanan, Maharshi Gor, Soheil Feizi
NeurIPS, 2022.

Hard ImageNet: Segmentations for Objects with Strong Spurious Cues [paper]
Mazda Moayeri, Sahil Singla, Soheil Feizi
NeurIPS (Datasets and Benchmarks Track), 2022.

FOCUS: Familiar Objects in Common and Uncommon Settings [paper]
Priyatham Kattakinda and Soheil Feizi
ICML, 2022.

Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation [paper]
Wenxiao Wang, Alex Levine and Soheil Feizi
ICML, 2022.

Mutual Adversarial Training: Learning together is better than going alone [paper]
J Liu, CP Lau, H Souri, S Feizi, R Chellappa
IEEE Transactions on Information Forensics and Security , 2022.

A Comprehensive Study of Image Classification Model Sensitivity to Foregrounds, Backgrounds, and Visual Attributes [paper]
Mazda Moayeri, Phillip Pope, Yogesh Balaji and Soheil Feizi
CVPR, 2022.

Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection [paper]
Jiang Liu, Alexander Levine, Chun Pong Lau, Rama Chellappa and Soheil Feizi
CVPR, 2022.

Salient ImageNet: How to discover spurious features in Deep Learning? [paper]
Sahil Singla and Soheil Feizi
ICLR, 2022.

Policy Smoothing for Provably Robust Reinforcement Learning [paper]
Aounon Kumar, Alex Levine and Soheil Feizi
ICLR, 2022.

Improved deterministic l2 robustness on CIFAR-10 and CIFAR-100 [paper]
Sahil Singla and Soheil Feizi
ICLR, 2022.

Provable Adversarial Robustness for Fractional Lp Threat Models [paper]
Alex Levine and Soheil Feizi
AISTATS, 2022.

2021

Improving Deep Learning Interpretability by Saliency Guided Training [paper]
A. Ismail, H. Bravo, S. Feizi
NeurIPS, 2021.

Improved, Deterministic Smoothing for L1 Certified Robustness [paper]
Alex Levine and Soheil Feizi
ICML 2021 (selected for a long talk, among top 3% of submissions).

Skew Orthogonal Convolutions [paper]
Sahil Singla and Soheil Feizi
ICML 2021.

Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings [paper]
Mazda Moayeri and Soheil Feizi
ICCV 2021.

Low Curvature Activations Reduce Overfitting in Adversarial Training [paper]
Vasu Singla, Sahil Singla, David Jacobs and Soheil Feizi
ICCV 2021.

GANs with Conditional Independence Graphs: On Subadditivity of Probability Divergences [paper]
Mucong Ding, Constantinos Daskalakis, Soheil Feizi
AISTATS 2021 (selected for an oral presentation, among top 3% of submissions).

Perceptual Adversarial Robustness: Defense Against Unseen Threat Models [paper]
Cassidy Laidlaw, Sahil Singla and Soheil Feizi
ICLR 2021.

Deep Partition Aggregation: Provable Defense against General Poisoning Attacks [paper]
Alexander Levine, Soheil Feizi
Best paper award from MIT-IBM Watson AI Lab at KDD's Adversarial ML workshop, 2020.
ICLR 2021.

Influence Functions in Deep Learning Are Fragile [paper]
Samyadeep Basu, Philip Pope, Soheil Feizi
ICLR 2021.

Bounding Singular Values of Convolution Layers [paper] [code]
Sahil Singla, Soheil Feizi
ICLR 2021.

Understanding Over-parameterization in Generative Adversarial Networks [paper]
Yogesh Balaji, Mohammadmahdi Sajedi, Neha Mukund Kalibhat, Mucong Ding, Dominik Stöger, Mahdi Soltanolkotabi, Soheil Feizi
ICLR 2021.

Chapter 15: Network Functional Compression of Book "Information-Theoretic Methods in Data Science"
Soheil Feizi and Muriel Medard
Edited by: Miguel R. D. Rodrigues and Yonina C. Eldar
Publisher: Cambridge University Press, 2021

Winning Lottery Tickets in Deep Generative Models [paper]
Neha Mukund Kalibhat, Yogesh Balaji and Soheil Feizi
AAAI 2021.

Unsupervised Anomaly Detection with Adversarial Mirrored AutoEncoders [paper]
G. Somepalli, Y. Wu, Y. Balaji, B. Vinzamuri, S. Feizi
UAI 2021 (selected for a long presentation).

Fairness Through Robustness: Investigating Robustness Disparity in Deep Learning [paper]
Vedant Nanda, Samuel Dooley, Sahil Singla, Soheil Feizi, John P. Dickerson
FAcct 2021.

2020

Robust Optimal Transport with Applications in Generative Modeling and Domain Adaptation [paper] [code]
Yogesh Balaji, Rama Chellappa, and Soheil Feizi
NeurIPS 2020.

(De)Randomized Smoothing for Certifiable Defense against Patch Attacks [paper] [code]
Alexander Levine, Soheil Feizi
NeurIPS 2020.

Dual Manifold Adversarial Robustness: Defense against Lp and non-Lp Adversarial Attacks [paper] [code]
Wei-An Lin, Chun Pong Lau, Alexander Levine, Rama Chellappa and Soheil Feizi
NeurIPS 2020.

Benchmarking Deep Learning Interpretability in Time Series Predictions [paper] [code]
A. Ismail, M. Gunady, H. Bravo, S. Feizi
NeurIPS, 2020.

Certifying Confidence via Randomized Smoothing [paper]
Aounon Kumar, Alexander Levine, Soheil Feizi, Tom Goldstein
NeurIPS 2020.

Second-Order Provable Defenses against Adversarial Attacks [paper]
Sahil Singla, Soheil Feizi
ICML, 2020.

Curse of Dimensionality on Randomized Smoothing for Certifiable Robustness [paper]
Aounon Kumar, Alexander Levine, Tom Goldstein, Soheil Feizi
ICML, 2020.

Second-Order Group Influence Functions for Black-Box Predictions [paper]
Samyadeep Basu, Xuchen You, Soheil Feizi
ICML, 2020.

Understanding GANs in the LQG Setting: Formulation, Generalization and Stability [paper]
Soheil Feizi, Farzan Farnia, Tony Ginart, David Tse
IEEE Journal on Selected Areas in Information Theory (Special Issue on Deep Learning), 2020.

Adversarial Robustness of Flow-Based Generative Models [paper]
Phillip Pope, Yogesh Balaji, Soheil Feizi
AISTATS, 2020.

Wasserstein Smoothing: Certified Robustness against Wasserstein Adversarial Attacks [paper] [code]
Alexander Levine, Soheil Feizi
AISTATS, 2020.

Robustness Certificates for Sparse Adversarial Attacks by Randomized Ablation [paper] [code]
Alexander Levine, Soheil Feizi
AAAI, 2020

Adversarially Robust Distillation [paper]
Micah Goldblum, Liam Fowl, Soheil Feizi, Tom Goldstein
AAAI, 2020.

Maximum Likelihood Latent Space Embedding of Logistic Random Dot Product Graphs [paper] [code]
Luke O'Connor, Muriel Medard, Soheil Feizi
AAAI, 2020

2019

Functional Adversarial Attacks [paper] [code]
Cassidy Laidlaw, Soheil Feizi
NeurIPS, 2019.

Input-Cell Attention Reduces Vanishing Saliency of Recurrent Neural Networks [paper] [code]
A. Ismail, M. Gunady, L. Pessoa, H. Bravo, S. Feizi
NeurIPS, 2019.

Quantum Wasserstein GANs [paper]
S. Chakrabarti, H. Yiming. T. Li, S. Feizi, X.Wu
NeurIPS, 2019.

Certifiably Robust Interpretation in Deep Learning [paper]
Alexander Levine, Sahil Singla, Soheil Feizi
Neurips Workshop on Machine Learning with Guarantees, 2019.

Normalized Wasserstein Distance for Mixture Distributions with Applications in Adversarial Learning and Domain Adaptation [paper] [code]
Yogesh Balaji, Rama Chellappa, and Soheil Feizi
ICCV, 2019.

Understanding Impacts of High-Order Loss Approximations and Features in Deep Learning Interpretation [paper] [code]
Sahil Singla, Eric Wallace, Shi Feng, Soheil Feizi
ICML, 2019.

Entropic GANs meet VAEs: A Statistical Approach to Compute Sample Likelihoods in GANs [paper] [code]
Yogesh Balaji, Hamed Hassani, Rama Chellappa, and Soheil Feizi
ICML, 2019.

Are adversarial examples inevitable? [paper]
Ali Shafahi, W. Ronny Huang, Christoph Studer, Soheil Feizi, Tom Goldstein
ICLR, 2019.

2018 and Before

Porcupine Neural Networks: (Almost) All Local Optima Are Global [paper] [code]
Soheil Feizi, Hamid Javadi, Jesse Zhang, David Tse
NeurIPS, 2018.

Spectral Alignment of Graphs [paper] [code]
Soheil Feizi, Gerald Quon, Mariana Mendoza, Muriel Medard, Manolis Kellis, Ali Jadbabaie
IEEE Transactions on Network Science and Engineering, 2019.

Network Infusion to Infer Information Sources in Networks [paper]
Soheil Feizi, Muriel Medard, Gerald Quon, Manolis Kellis, Ken Duffy
IEEE Transactions on Network Science and Engineering, 2018.

Maximally Correlated Principal Component Analysis [paper][code]
Soheil Feizi, David Tse
Available on arXiv, 2018.

Tensor Biclustering [paper] [code]
Soheil Feizi, Hamid Javadi, David Tse
NeurIPS, 2017.

Network Maximal Correlation [paper]
Soheil Feizi*, Ali Makhdoumi* , Ken Duffy, Manolis Kellis, Muriel Medard
IEEE Transactions on Network Science and Engineering, 2017.

Biclustering Using Message Passing [paper] [code]
Luke O'Connor* and Soheil Feizi*
Advances in Neural Information Processing Systems Foundation (NeurIPS), 2014.

On Network Functional Compression [paper]
Soheil Feizi, Muriel Medard
IEEE Transactions on Information Theory, Vol. 60, No. 9, 2014.

Backward Adaptation for Power Efficient Sampling [paper]
Soheil Feizi, Georgios Angelopoulos, Vivek K Goyal, Muriel Medard
IEEE Transactions on Signal Processing, Vol. 62, No. 16, 2014.

Network Deconvolution as a General Method to Distinguish Direct Dependencies in Networks [paper] [code]
Soheil Feizi, Daniel Marbach , Muriel Medard, Manolis Kellis
Nature Biotechnology 31, pp. 726-733, 2013.

Time-Stampless Adaptive Nonuniform Sampling for Stochastic Signals [paper]
Soheil Feizi, Vivek K Goyal, Muriel Medard
IEEE Transactions on Signal Processing, Vol. 60, No. 10, 2012.

A Power Efficient Sensing/Communication Scheme: Joint Source-Channel-Network Coding by Using Compressive Sensing [paper]
Soheil Feizi, Muriel Medard
Allerton Conference on Communication, Control, and Computing, 2011.

Compressive Sensing Over Networks [paper]
Soheil Feizi, Muriel Medard, Michelle Effros
Allerton Conference on Communication, Control, and Computing, 2010.

Impulsive Noise Cancellation Based on Soft Decision and Recursion [paper]
Sina Zahedpour, Soheil Feizi, Arash Amini, Farrokh Marvasti
IEEE Transactions on Instrumentation and Measurement, Vol. 58, No. 8, 2780-2790, 2009.

Robust Audio Data Hiding Using Correlated Quantization With Histogram-Based Detector [paper]
Ali Akhaee, Mohammad Saberian, Soheil Feizi, Farrokh Marvasti
IEEE Transactions on Multimedia, Vol. 51, No. 6, 2009.