Projects

ICLR · 2026

TriQDef: Disrupting Semantic and Gradient Alignment to Prevent Adversarial Patch Transferability in Quantized Neural Networks

Amira Guesmi, Bassem Ouni, Muhammad Shafique

A defense framework that disrupts cross-bit structural alignment to prevent patch transferability in quantized neural networks.

Paper

ASPLOS · 2021

Defensive Approximation: Securing CNNs using Approximate Computing

Amira Guesmi, Ihsen Alouani, Khaled N. Khasawneh, Mouna Baklouti, Tarek Frikha, Mohamed Abid, Nael Abu-Ghazaleh

We show that approximate computing can act as a security primitive by injecting input-dependent noise into neural computations. Defensive Approximation leverages hardware-level approximation to disrupt adversarial transferability while improving efficiency.

Paper

ICLR · 2026

DRIFT: Divergent Response in Filtered Transformations for Robust Adversarial Defense

Amira Guesmi, Muhammad Shafique

A stochastic differentiable defense framework that breaks gradient consensus via divergent responses across filtered transformations.

Paper

arXiv · 2025

TESSER: Transfer-Enhancing Adversarial Attacks from Vision Transformers via Spectral and Semantic Regularization

Amira Guesmi, Bassem Ouni, Muhammad Shafique

A framework that significantly improves black-box adversarial attack transferability from Vision Transformers via spectral and semantic regularization.

Paper

ICCV · 2025

ODDR: Outlier Detection & Dimension Reduction Based Defense Against Adversarial Patch Attacks

Nandish Chattopadhyay*, Amira Guesmi*, Muhammad Abdullah Hanif, Bassem Ouni, Muhammad Shafique

We show that adversarial patches dominate predictions by creating outlier feature activations. ODDR detects and suppresses these anomalies through feature-space outlier modeling and dimension reduction, restoring robust predictions.

Paper

CVPR · 2024

DAP: A Dynamic Adversarial Patch for Evading Person Detectors

Amira Guesmi, Ruitian Ding, Muhammad Abdullah Hanif, Ihsen Alouani, Bassem Ouni, Muhammad Shafique

A dynamic adversarial patch that generates printable, naturalistic patterns robust to pose changes, clothing deformation, and real-world transformations.

Paper

IROS · 2024

SSAP: A Shape-Sensitive Adversarial Patch for Monocular Depth Estimation

Amira Guesmi, Muhammad Abdullah Hanif, Ihsen Alouani, Bassem Ouni, Muhammad Shafique

A shape-aware adversarial patch that reveals fundamental vulnerabilities in geometric perception systems.

Paper

ECCV · 2026

Do Not Leave a Gap: Hallucination-Free Object Concealment in Vision-Language Models

Amira Guesmi, Muhammad Shafique

We show that hallucination in vision-language models is caused by representational discontinuity—not object absence. We introduce Background-Consistent Re-encoding (BCR), which conceals objects by aligning their representations with the background while preserving token structure and attention flow.

Paper