I am an Assistant Professor (Lecturer) at Imperial College London and a Research Associate at The Alan Turing Institute. I work on formal verification of trustworthy machine learning properties in with some awesome collaborators form academia and industry.
My work focuses on provable guarantees for diverse notions of trustworthiness for machine learning models in order to enable responsible deployment
Here is a short list of some of my favorite recent works:
For a more complete list see my google scholar
Robust Explanation Constraints for Neural Networks
Accepted at ICLR 2023! We develop the first provable certificates of robustness for gradient-based explanations for neural networks. This work was the first work completed in collaboration with Accenture π (paper link)
Tractable Uncertainty for Structure Learning
Accepted at ICML 2022 (best paper at TPM 2022 π)! We introduce a method for causal structure learning with uncertainty by leveraging probabilistic circuits as a representation of our posterior distribution over causal structures. (paper link)
Individual Fairness Guarantees for Neural Networks
Accepted at IJCAI 2022 for an oral presentation! We introduce a mixed integer linear programming (MILP) formulation for global individual fairness certification. The first time global individual fairness has been certified π Future work in this direction coming soon! (paper link)
Bayesian Inference with Certifiable Adversarial Robustness
Accepted at AISTATS 2021! We combine certifiable robustness properties and Bayesian inference for neural network parameters in order to synthesize BNNs with strong robustness guarantees. (paper link)
Gradient-Free Adversarial Attacks for Bayesian Neural Networks
Accepted at AABI 2021! Given that BNNs have been shown to be robust to gradient-based attacks, we study how gradient-free methods perform. (paper link)
Robustness of Bayesian Neural Networks to Gradient-Based Attacks
Accepted at NeurIPS 2020! Here we show that vulnerability to gradient-based attacks arises as a result of degeneracy in the data distribution, ie, when the data lies on a lower-dimensional submanifold of the ambient space. As a direct consequence, we demonstrate that in the limit BNN posteriors are robust to gradient-based adversarial attacks. (paper link)
Below are some of my favorite results from my PhD. If any of them look interesting, youβre just a click away from the paper!
BNNs are more robust than DNNs!
Statistical Safety of BNNs in Autonomous Driving
Certifiable Bayesian Inference for NNs
Saliency-Based Attacks on NNs
Adversarial Examples for 3D Deep Learning
Are you interested in reproducing or extending my PhD work on robustness of BNNs (8 published papers worth) check out the following repository: