Research

Robustness and Security of Quantized & Approximate Neural Networks

ICLR · 2026

TriQDef: Disrupting Semantic and Gradient Alignment to Prevent Adversarial Patch Transferability in Quantized Neural Networks

Amira Guesmi, Bassem Ouni, Muhammad Shafique

A defense framework that disrupts semantic and gradient alignment across bit-widths to prevent patch transferability in quantized neural networks.

Paper

ASPLOS · 2021

Defensive Approximation: Securing CNNs using Approximate Computing

Amira Guesmi, Ihsen Alouani, Khaled N. Khasawneh, Mouna Baklouti, Tarek Frikha, Mohamed Abid, Nael Abu-Ghazaleh

A hardware-level defense that leverages approximate computing to improve robustness of CNNs against adversarial attacks while reducing energy consumption.

Adversarial Machine Learning — Foundations

ICLR · 2026

DRIFT: Divergent Response in Filtered Transformations for Robust Adversarial Defense

Amira Guesmi, Muhammad Shafique

A stochastic differentiable defense framework that breaks gradient consensus via divergent responses across filtered transformations.

Paper

arXiv · 2025

TESSER: Transfer-Enhancing Adversarial Attacks from Vision Transformers via Spectral and Semantic Regularization

Amira Guesmi, Bassem Ouni, Muhammad Shafique

A framework that significantly improves black-box adversarial attack transferability from Vision Transformers via spectral and semantic regularization.

Paper

Adversarial Machine Learning — Vision & Autonomous Systems

ICCV 2025 · 2025

ODDR: Outlier Detection & Dimension Reduction Based Defense Against Adversarial Patch Attacks

Nandish Chattopadhyay, Amira Guesmi, Muhammad Abdullah Hanif, Bassem Ouni, Muhammad Shafique

A defense framework that detects and suppresses adversarial patch artifacts via feature outlier modeling and dimensionality reduction.

Paper

CVPR · 2024

DAP: A Dynamic Adversarial Patch for Evading Person Detectors

Amira Guesmi, Ruitian Ding, Muhammad Abdullah Hanif, Ihsen Alouani, Muhammad Shafique

A dynamic adversarial patch that adapts spatially and temporally to effectively evade modern person detection models under realistic conditions.

Paper

IROS · 2024

SSAP: A Shape-Sensitive Adversarial Patch for Monocular Depth Estimation

Amira Guesmi, Muhammad Abdullah Hanif, Ihsen Alouani, Bassem Ouni, Muhammad Shafique

A shape-aware adversarial patch that disrupts monocular depth estimation in autonomous navigation systems.

Paper

Physical-World and Multi-Modal Adversarial Threats *(Updates coming soon.)* Privacy-Preserving and Trustworthy Machine Learning *(Updates coming soon.)* Interpretability and Robustness *(Updates coming soon.)* Continual Learning and Representation Dynamics *(Updates coming soon.)* Vision–Language Model (VLM) Security, Hallucination, and Privacy *(Updates coming soon.)*