Publications

You can also find my articles on my Google Scholar profile.

Refereed Papers

2025

• Silencing Empowerment, Allowing Bigotry: Auditing the Moderation of Hate Speech on Twitch
  with P. Shukla, W. Y. Chong, Y. Patel, B. Schaffner, D. Pruthi
  63rd Annual Meeting of the Association for Computational Linguistics (ACL), 2025
• Adapting to Evolving Adversaries with Regularized Continual Robust Training
  with S. Dai, C. Cianfarani, V. Sehwag, P. Mittal
  42nd International Conference on Machine Learning (ICML), 2025

2024

• Feasibility of State Space Models for Network Traffic Generation
  with A. Chu, X. Jiang, S. Liu, F. Bronzino, P. Schmitt, N. Feamster
  SIGCOMM Workshop on Networks for AI Computing (NAIC)
• Toward Automated DNS Tampering Detection Using Machine Learning
  with P. Calle, L. Savitsky, N.P. Hoang, S. Cho
  Free and Open Communications on the Internet (FOCI), 2024
• “Community Guidelines Make this the Best Party on the Internet”: An In-Depth Study of Online Platforms’ Content Moderation Policies
  with B. Schaffner, S. Cheng, J. Mei, J. Shen, G. Wang, M. Chetty, N. Feamster, G. Lakier, C. Tan
  ACM CHI Conference on Human Factors in Computing Systems, 2024
  Website, Press
• Towards Scalable and Robust Model Versioning
  with W. Ding, B.Y. Zhao, H. Zheng
  2nd IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), 2024
• NetDiffusion: Network Data Augmentation Through Protocol-Constrained Traffic Generation
  with X. Jiang, S. Liu, A. Gember-Jacobson, F. Bronzino, P. Schmitt, N. Feamster
  Proceedings of the ACM on Measurement and Analysis of Computing Systems, 2024

2023

• Characterizing the Optimal 0-1 Loss for Multi-class Classification with a Test-time Attacker
  with S. Dai, W. Ding, D. Cullina, B.Y. Zhao, H. Zheng, P. Mittal
  36th Conference on Neural Information Processing Systems (NeurIPS), 2023 (Spotlight)
• Lower Bounds on the Robustness of Fixed Feature Extractors to Test-time Adversaries
  with D. Cullina and B. Y. Zhao
  ICML 2023 Workshop on New Frontiers in Adversarial Machine Learning
• LEAF: Navigating Concept Drift in Cellular Networks
  with S. Liu, F. Bronzino, P. Schmitt, N. Feamster, H. G. Crespo, T. Coyle, B. Ward
  Proceedings of the ACM on Networking, 2023
• Augmenting Rule-based DNS Censorship Detection at Scale with Machine Learning
  with J.A.M. Brown, X. Jiang, V. Tran, N.P. Hoang, N. Feamster, P. Mittal, V. Yegneswaran
  29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD), 2023

2022

• Finding Naturally Occurring Physical Backdoors in Image Datasets
  with E. Wenger, R. Bhattacharjee, J. Passananti, E. Andere, H. Zheng and B. Y. Zhao
  36th Conference on Neural Information Processing Systems (NeurIPS), 2022
• Understanding Robust Learning through the Lens of Representation Similarities
  with C. Cianfarani, V. Sehwag, B. Y. Zhao and P. Mittal
  36th Conference on Neural Information Processing Systems (NeurIPS), 2022
• Traceback of Data Poisoning Attacks in Neural Networks
  with S. Shawn, H. Zheng and B. Y. Zhao
  31st USENIX Security Symposium, 2022
• SparseFed: Mitigating Model Poisoning Attacks in Federated Learning with Sparsification
  with A. Panda, S. Mahloujifar, S. Chakraborty and P. Mittal
  25th International Conference on Artificial Intelligence and Statistics (AISTATS), 2022

2021

• A Real-time Defense against Website Fingerprinting Attacks
  with S. Shawn, H. Zheng and B. Y. Zhao
  14th ACM Workshop on Artificial Intelligence and Security (AISec), 2021
• PatchGuard: A Provable Robust Defense against Adversarial Patches via Small Receptive Fields and Masking
  with C. Xiang, V. Sehwag and P. Mittal
  30th USENIX Security Symposium (USENIX Security), 2021
• Lower Bounds on Cross-Entropy Loss in the Presence of Test-time Adversaries
  with D. Cullina, V. Sehwag and P. Mittal
  38th International Conference on Machine Learning (ICML), 2021
• Backdoor Attacks on Facial Recognition in the Physical World
  with E. Wenger, J. Passananti, Y. Yao, H. Zheng and B. Y. Zhao
  Computer Vision and Pattern Recognition (CVPR), 2021

2019

• Lower Bounds on Adversarial Robustness from Optimal Transport
  with D. Cullina and P. Mittal
  33rd Conference on Neural Information Processing Systems (NeurIPS), 2019
• Analyzing the Robustness of Open-World Machine Learning
  with V. Sehwag, L. Song, C. Sitawarin, D. Cullina, A. Mosenia, P. Mittal and M. Chiang
  12th ACM Workshop on Artificial Intelligence and Security (AISec), 2019
• Analyzing Federated Learning through an Adversarial Lens
  with S. Chakraborty, P. Mittal and S. Calo
  36th International Conference on Machine Learning (ICML), 2019

2018

• PAC-learning in the presence of evasion adversaries
  with D. Cullina and P. Mittal
  32nd Conference on Neural Information Processing Systems (NeurIPS), 2018
• Rogue Signs: Deceiving Traffic Sign Recognition with Malicious Ads and Logos
  with C. Sitawarin, A. Mosenia, M. Chiang and P. Mittal
  1st Deep Learning and Security Workshop (co-located with IEEE S&P), 2018
• Practical Black-box Attacks on Deep Neural Networks using Efficient Query Mechanisms
  with W. He, B. Li and D. Song
  European Conference on Computer Vision (ECCV), 2018

2017 and earlier

• Enhancing robustness of machine learning systems via data transformations
  with D. Cullina, C. Sitawarin and P. Mittal
  52nd Annual Conference on Information Sciences and Systems (CISS), 2018
• Equivalence of 2D color codes (without translational symmetry) to surface codes
  with P. Sarvepalli
  International Symposium on Information Theory (ISIT), 2015

Pre-prints and papers under submission

• Adapting to Evolving Adversaries with Regularized Continual Robust Training
  with S. Dai, C. Cianfarani, V. Sehwag and P. Mittal
• MYCROFT: Towards Effective and Efficient External Data Augmentation
  with Z. Sarwar, V. Tran,, N. Feamster, B. Y. Zhao and S. Chakraborty
• Can Backdoor Attacks Survive Time-Varying Models?
  with H. Li, H. Zheng and B. Y. Zhao
  ArXiv 2022
• A Critical Evaluation of Open-world Machine Learning
  with L. Song, V. Sehwag and P. Mittal
  ArXiv 2020
• On the Local Equivalence of 2D Color Codes and Surface Codes with Applications
  with A.B. Aloshious and P. Sarvepalli
  ArXiv 2018

Books and Book Chapters

• Assessing vulnerabilities and securing federated learning
  with S. Chakraborty
  in Federated Learning: Theory and Practice
• Adversarial Attacks for Anomaly Detection
  with P. Shirani
  in Springer Encyclopedia of Machine Learning and Data Science
• Advances and Open Problems in Federated Learning
  with P. Kairouz, H. B. McMahan et.al.
  Foundations and Trends in Machine Learning (FnTML), 2021

Theses

• The Role of Data Geometry in Adversarial Machine Learning
  Ph. D. Thesis, Department of Electrical and Computer Engineering, Princeton University, 2020
• Equivalence of color codes and surface codes
  Dual Degree (B. Tech/M.Tech) Thesis, Department of Electrical Engineering, IIT Madras

Other Writing

• Comment for the Federal Trade Commission Regulation Rule on Commercial Surveillance and Data Security
  with E. Wenger