I am an Assistant Professor (Lecturer) at Imperial College London and a Research Associate at The Alan Turing Institute. I work on formal verification of trustworthy machine learning properties in with some awesome collaborators form academia and industry.

My work focuses on provable guarantees for diverse notions of trustworthiness for machine learning models in order to enable responsible deployment

Here is a short list of some of my favorite recent works:

For a more complete list see my google scholar

Robust Explanation Constraints for Neural Networks

Accepted at ICLR 2023! We develop the first provable certificates of robustness for gradient-based explanations for neural networks. This work was the first work completed in collaboration with Accenture πŸŽ‰ (paper link)

 

Tractable Uncertainty for Structure Learning

Accepted at ICML 2022 (best paper at TPM 2022 πŸŽ‰)! We introduce a method for causal structure learning with uncertainty by leveraging probabilistic circuits as a representation of our posterior distribution over causal structures. (paper link)

 

Individual Fairness Guarantees for Neural Networks

Accepted at IJCAI 2022 for an oral presentation! We introduce a mixed integer linear programming (MILP) formulation for global individual fairness certification. The first time global individual fairness has been certified 🎊 Future work in this direction coming soon! (paper link)

Bayesian Inference with Certifiable Adversarial Robustness

Accepted at AISTATS 2021! We combine certifiable robustness properties and Bayesian inference for neural network parameters in order to synthesize BNNs with strong robustness guarantees. (paper link)

 

Gradient-Free Adversarial Attacks for Bayesian Neural Networks

Accepted at AABI 2021! Given that BNNs have been shown to be robust to gradient-based attacks, we study how gradient-free methods perform. (paper link)

 

Robustness of Bayesian Neural Networks to Gradient-Based Attacks

Accepted at NeurIPS 2020! Here we show that vulnerability to gradient-based attacks arises as a result of degeneracy in the data distribution, ie, when the data lies on a lower-dimensional submanifold of the ambient space. As a direct consequence, we demonstrate that in the limit BNN posteriors are robust to gradient-based adversarial attacks. (paper link)

Below are some of my favorite results from my PhD. If any of them look interesting, you’re just a click away from the paper!

Are you interested in reproducing or extending my PhD work on robustness of BNNs (8 published papers worth) check out the following repository:

https://github.com/matthewwicker/deepbayes