Soheil Feizi
Research Output

Publications

A selection of work on robustness, interpretability, detection, unlearning and reliable foundation models. Full lists on Google Scholar and DBLP.

20264 papers
Decomposition-Enhanced Training for Post-Hoc Attributions in Language Models
S. Balasubramanian, S. Basu, K. Goswami, R. Rossi, V. Manjunatha, R. Santhosh, R. Zhang, S. Feizi, N. Lipka
EACL Main
SliderEdit: Continuous Image Editing with Fine-Grained Instruction Control
A. Zarei, S. Basu, M. Pournemat, S. Nag, R. A. Rossi, S. Feizi
CVPR
Revisiting the Past: Data Unlearning with Model State History
K. Rezaei, M. Saberi, A. Ravichander, S. Feizi
ICLR
GHOST: Hallucination-Inducing Image Generation for Multimodal LLMs
A. Y. Parast, P. Hosseini, H. Asadollahzadeh, A. S. Moakhar, B. Azam, S. Feizi, N. Akhtar
ICLR
202517 papers
RESTOR: Knowledge Recovery in Machine Unlearning
K. Rezaei, K. Chandu, S. Feizi, Y. Choi, F. Brahman, A. Ravichander
TMLR
Can AI-Generated Text be Reliably Detected? Stress Testing AI Text Detectors Under Various Attacks
V. S. Sadasivan, A. Kumar, S. Balasubramanian, W. Wang, S. Feizi
TMLR
[ paper ]
Localizing Knowledge in Diffusion Transformers
A. Zarei, S. Basu, K. Rezaei, Z. Lin, S. Nag, S. Feizi
NeurIPS
RePanda: pandas-powered tabular verification and reasoning
A. Chegini, K. Rezaei, H. Eghbalzadeh, S. Feizi
ACL Main
Tool Preferences in Agentic LLMs are Unreliable
K. Faghih, W. Wang, Y. Cheng, S. Bharti, G. Sriramanan, S. Balasubramanian, P. Hosseini, S. Feizi
EMNLP
On Mechanistic Circuits for Extractive Question-Answering
S. Basu, C. Zhao, J. Wang, R. Rossi, V. Morariu, S. Feizi, V. Manjunatha
COLM
Almost AI, Almost Human: The Challenge of Detecting AI-polished Writing
S. Saha, S. Feizi
ACL
A Closer Look at Bias and Chain-of-Thought Faithfulness of Large (Vision) Language Models
S. Balasubramanian, S. Basu, S. Feizi
EMNLP
Adversarial Paraphrasing: A Universal Attack for Humanizing AI-Generated Text
Y. Cheng, V. S. Sadasivan, M. Saberi, S. Saha, S. Feizi
NeurIPS
DyePack: Provably Flagging Test Set Contamination in LLMs Using Backdoors
Y. Cheng, W. Wang, M. Moayeri, S. Feizi
EMNLP
Unearthing Skill-level Insights for Understanding Trade-offs of Foundation Models
M. Moayeri, V. Balachandran, V. Chandrasekaran, S. Yousefi, T. Fel, S. Feizi, B. Nushi, N. Joshi, V. Vineet
ICLR
AgentComp: From Agentic Reasoning to Compositional Mastery in Text-to-Image Models
A. Zarei, J. Pan, M. Gwilliam, S. Feizi, Z. Yang
Preprint
Reasoning Under Uncertainty: Exploring Probabilistic Reasoning Capabilities of LLMs
M. Pournemat, K. Rezaei, G. Sriramanan, A. Zarei, J. Fu, Y. Wang, H. Eghbalzadeh, S. Feizi
Preprint
SpurLens: Automatic Detection of Spurious Cues in Multimodal LLMs
P. Hosseini, S. Nawathe, M. Moayeri, S. Balasubramanian, S. Feizi
Preprint
IConMark: Robust Interpretable Concept-Based Watermark for AI Images
V. S. Sadasivan, M. Saberi, S. Feizi
ICLR Workshop on GenAI Watermarking
Chain-of-Defensive-Thought: Structured Reasoning Elicits Robustness against Reference Corruption
W. Wang, P. Hosseini, S. Feizi
Preprint
How Learnable Grids Recover Fine Detail in Low Dimensions: An NTK Analysis of Multigrid Parametric Encodings
S. Audia, S. Feizi, M. Zwicker, D. Manocha
Preprint
202416 papers
Certifying LLM Safety against Adversarial Prompting
A. Kumar, C. Agarwal, S. Srinivas, A. Li, S. Feizi, H. Lakkaraju
COLM
[ paper ]
LLM-Check: Investigating Detection of Hallucinations in Large Language Models
G. Sriramanan, S. Bharti, V. S. Sadasivan, S. Saha, P. Kattakinda, S. Feizi
NeurIPS
PRIME: Prioritizing Interpretability in Failure Mode Extraction
K. Rezaei, M. Saberi, M. Moayeri, S. Feizi
ICLR
Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks
M. Saberi, V. S. Sadasivan, K. Rezaei, A. Kumar, A. Chegini, W. Wang, S. Feizi
ICLR
[ paper ]
Decomposing and Interpreting Image Representations via Text in ViTs Beyond CLIP
S. Balasubramanian, S. Basu, S. Feizi
NeurIPS
On Mechanistic Knowledge Localization in Text-to-Image Generative Models
S. Basu, K. Rezaei, P. Kattakinda, V. Morariu, N. Zhao, R. A. Rossi, V. Manjunatha, S. Feizi
ICML
Understanding Information Storage and Transfer in Multi-Modal Large Language Models
S. Basu, M. Grayson, C. Morrison, B. Nushi, S. Feizi, D. Massiceti
NeurIPS
Localizing and Editing Knowledge in Text-to-Image Generative Models
S. Basu, N. Zhao, V. Morariu, S. Feizi, V. Manjunatha
ICLR
[ paper ]
Distilling Knowledge from Text-to-Image Generative Models Improves Visio-Linguistic Reasoning in CLIP
S. Basu, S. Xu Hu, M. Sanjabi, D. Massiceti, S. Feizi
EMNLP
[ paper ]
DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness
S. Saha, W. Wang, Y. Kaya, S. Feizi, T. Dumitras
ICLR
Fast Adversarial Attacks on Language Models In One GPU Minute
V. S. Sadasivan, S. Saha, G. Sriramanan, P. Kattakinda, A. Chegini, S. Feizi
ICML
WorldBench: Quantifying Geographic Disparities in LLM Factual Recall
M. Moayeri, E. Tabassi, S. Feizi
FAccT
Efficient Attention using Low-Dimensional Keys (Loki)
P. Singhania, S. Singh, S. He, S. Feizi, A. Bhatele
NeurIPS
Strong Baselines for Parameter-Efficient Few-Shot Learning
S. Basu, S. Xu Hu, D. Massiceti, S. Feizi
AAAI
Data-Centric Debugging: Mitigating Model Failures via Targeted Image Retrieval
S. Singla, A. M. Chegini, M. Moayeri, S. Feizi
WACV
Rethinking Artistic Copyright Infringements in the Era of Text-to-Image Generative Models
M. Moayeri, S. Basu, S. Balasubramanian, P. Kattakinda, A. Chegini, R. Brauneis, S. Feizi
Preprint
202316 papers
Identifying and Mitigating the Security Risks of Generative AI
C. Barrett, B. Boyd, S. Feizi, and others
Foundations and Trends in Privacy and Security
Interpolated Joint Space Adversarial Training for Robust and Generalizable Defenses
C. P. Lau, J. Liu, H. Souri, W. Lin, S. Feizi, R. Chellappa
IEEE TPAMI
[ paper ]
Goal-Conditioned Q-Learning as Knowledge Distillation
A. Levine, S. Feizi
AAAI
[ paper ]
Provable Robustness against Wasserstein Distribution Shifts via Input Randomization
A. Kumar, A. Levine, S. Feizi
ICLR
[ paper ]
Run-Off Election: Improved Provable Defense against Data Poisoning Attacks
K. Rezaei, K. Banihashem, A. Chegini, S. Feizi
ICML
[ paper ]
Text-To-Concept (and Back) via Cross-Model Alignment
M. Moayeri, K. Rezaei, M. Sanjabi, S. Feizi
ICML
[ paper ]
Spuriosity Rankings: Sorting Data to Measure and Mitigate Biases
M. Moayeri, W. Wang, S. Singla, S. Feizi
NeurIPS
[ paper ]
Identifying Interpretable Subspaces in Image Representations
N. Kalibhat, S. Bhardwaj, C. Bruss, H. Firooz, M. Sanjabi, S. Feizi
ICML
[ paper ]
Adapting Self-Supervised Representations to Multi-Domain Setups
N. Kalibhat, S. Sharpe, J. Goodsitt, C. Bruss, S. Feizi
BMVC
Exploring Geometry of Blind Spots in Vision Models
S. Balasubramanian, G. Sriramanan, V. S. Sadasivan, S. Feizi
NeurIPS
Towards Improved Input Masking for Convolutional Neural Networks
S. Balasubramanian, S. Feizi
ICCV
[ paper ]
Hard-Meta-Dataset++: Towards Understanding Few-Shot Performance on Difficult Tasks
S. Basu, M. Stanley, J. Bronskill, S. Feizi, D. Massiceti
ICLR
[ paper ]
Sample Efficient Detection and Classification of Adversarial Attacks via Self-Supervised Embeddings
S. Balasubramanian, S. Feizi
ICCV
Diffused Redundancy in Pre-trained Representations
V. Nanda, T. Speicher, J. Dickerson, K. P. Gummadi, S. Feizi, A. Weller
NeurIPS
[ paper ]
CUDA: Convolution-based Unlearnable Datasets
V. S. Sadasivan, M. Soltanolkotabi, S. Feizi
CVPR
[ paper ]
Certifiably Robust Policy Learning against Adversarial Multi-Agent Communication
Y. Sun, R. Zheng, P. Hassanzadeh, Y. Liang, S. Feizi, S. Ganesh, F. Huang
ICLR
[ paper ]
202214 papers
Mutual Adversarial Training: Learning together is better than going alone
J. Liu, C. P. Lau, H. Souri, S. Feizi, R. Chellappa
IEEE TIFS
[ paper ]
Provable Adversarial Robustness for Fractional Lp Threat Models
A. Levine, S. Feizi
AISTATS
[ paper ]
Policy Smoothing for Provably Robust Reinforcement Learning
A. Kumar, A. Levine, S. Feizi
ICLR
[ paper ]
Toward Efficient Robust Training against Union of Lp Threat Models
G. Sriramanan, M. Gor, S. Feizi
NeurIPS
[ paper ]
Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks
J. Liu, A. Levine, C. P. Lau, R. Chellappa, S. Feizi
CVPR
[ paper ]
Explicit Tradeoffs between Adversarial and Natural Distributional Robustness
M. Moayeri, K. Banihashem, S. Feizi
NeurIPS
[ paper ]
Hard ImageNet: Segmentations for Objects with Strong Spurious Cues
M. Moayeri, S. Singla, S. Feizi
NeurIPS Datasets & Benchmarks
[ paper ]
A Comprehensive Study of Image Classification Model Sensitivity to Foregrounds, Backgrounds and Visual Attributes
M. Moayeri, Y. Balaji, P. Pope, S. Feizi
CVPR★ Oral — top 3%
[ paper ]
FOCUS: Familiar Objects in Common and Uncommon Settings
P. Kattakinda, S. Feizi
ICML
[ paper ]
Improved deterministic L2 robustness on CIFAR-10 and CIFAR-100
S. Singla, S. Feizi
ICLR★ Oral — top 3%
[ paper ]
Improved Techniques for Deterministic L2 Robustness
S. Singla, S. Feizi
NeurIPS
[ paper ]
Salient ImageNet: How to Discover Spurious Features in Deep Learning?
S. Singla, S. Feizi
ICLR
[ paper ]
Improved Certified Defenses against Data Poisoning with (Deterministic) Finite Aggregation
W. Wang, A. Levine, S. Feizi
ICML
[ paper ]
Lethal Dose Conjecture on Data Poisoning
W. Wang, A. Levine, S. Feizi
NeurIPS
[ paper ]
Selected Earlier Work17 papers
Improved, Deterministic Smoothing for L1 Certified Robustness
A. Levine, S. Feizi
ICML 2021★ Long talk — top 3%
[ paper ]
Deep Partition Aggregation: Provable Defense against General Poisoning Attacks
A. Levine, S. Feizi
ICLR 2021★ Best Paper, KDD AdvML Workshop
[ paper ]
Perceptual Adversarial Robustness: Defense Against Unseen Threat Models
C. Laidlaw, S. Singla, S. Feizi
ICLR 2021
[ paper ]
Influence Functions in Deep Learning Are Fragile
S. Basu, P. Pope, S. Feizi
ICLR 2021
[ paper ]
Improving Deep Learning Interpretability by Saliency Guided Training
A. Ismail, H. Bravo, S. Feizi
NeurIPS 2021
[ paper ]
GANs with Conditional Independence Graphs: On Subadditivity of Probability Divergences
M. Ding, C. Daskalakis, S. Feizi
AISTATS 2021★ Oral — top 3%
[ paper ]
Network Functional Compression (Book Chapter)
S. Feizi, M. Medard
Information-Theoretic Methods in Data Science, Cambridge Univ. Press 2021
Robustness Certificates for Sparse Adversarial Attacks by Randomized Ablation
A. Levine, S. Feizi
AAAI 2020★ Oral — top 5%
[ paper ]
(De)Randomized Smoothing for Certifiable Defense against Patch Attacks
A. Levine, S. Feizi
NeurIPS 2020
[ paper ]
Curse of Dimensionality on Randomized Smoothing for Certifiable Robustness
A. Kumar, A. Levine, T. Goldstein, S. Feizi
ICML 2020
[ paper ]
Understanding GANs in the LQG Setting: Formulation, Generalization and Stability
S. Feizi, F. Farnia, T. Ginart, D. Tse
IEEE J-SAIT 2020
[ paper ]
Functional Adversarial Attacks
C. Laidlaw, S. Feizi
NeurIPS 2019
[ paper ]
Are adversarial examples inevitable?
A. Shafahi, W. Huang, C. Studer, S. Feizi, T. Goldstein
ICLR 2019
[ paper ]
Spectral Alignment of Graphs
S. Feizi, M. Mendoza, G. Quon, M. Medard, M. Kellis, A. Jadbabaie
IEEE TNSE 2018
[ paper ]
Network Maximal Correlation
S. Feizi*, A. Makhdoumi*, K. Duffy, M. Kellis, M. Medard
IEEE TNSE 2017★ Best Paper (3-year period)
[ paper ]
Network Functional Compression
S. Feizi, M. Medard
IEEE Trans. Information Theory, 2014
[ paper ]
Network Deconvolution as a General Method to Distinguish Direct Dependencies in Networks
S. Feizi, D. Marbach, M. Medard, M. Kellis
Nature Biotechnology, 2013
[ paper ]