Huzaifa Arif

About Me

I am a fifth-year Ph.D. candidate and researcher with multiple first-author publications in trustworthy AI. My work focuses on exposing and mitigating privacy and safety vulnerabilities in Large Language Models, demonstrated through research at IBM and LLNL. I am seeking a full-time Research Scientist position starting December 2025 where I can apply my expertise in LLM alignment and privacy to build verifiably safe AI systems.

Quick Links

• 📄 CV
• 🎓 Google Scholar
• 💻 GitHub

Professional Experience

IBM T.J Watson Research Center - Yorktown Heights, NY

AI Research Extern - Trustworthy AI | Jun 2025–Aug 2025
Mentors: Pin-Yu Chen, Ching-Yun Ko, Keerthiram Murugesan, Payel Das

Lawrence Livermore National Laboratory - Livermore, CA

Data Science Intern | May 2024–Aug 2024
Mentors: Bhavya Kailkhura, James Diffenderfer

IBM T.J Watson Research Center - Yorktown Heights, NY

AI Research Extern - Trustworthy AI | Jun 2023–Aug 2023
Mentors: Pin-Yu Chen, Keerthiram Murugesan, Payel Das

IBM T.J Watson Research Center - Yorktown Heights, NY

AI Research Extern - Trustworthy AI | Jun 2022–Aug 2022
Mentor: Pin-Yu Chen

Education

Rensselaer Polytechnic Institute - Troy, NY

Ph.D. in Electrical and Computer Systems Engineering | Expected Dec 2025

Lahore University of Management Sciences - Lahore, Pakistan

B.S. in Electrical Engineering

Ongoing work

Project 1: Parameter-Efficient LLM Safety Alignment: I am developing a lightweight, prefix-based method to steer LLMs towards safe behavior without needing to retrain the entire model. By combining Supervised Fine-Tuning (SFT) with Direct Preference Optimization (DPO), this work efficiently instills safety, mitigates toxicity, and can be adapted to prevent demographic bias and PII leakage. (Manuscript in preparation for ICLR 2026).

Project 2: Exposing Association Leakage in LLMs: I have identified a novel privacy vulnerability, “association leakage,” where LLMs can be prompted to reveal sensitive linked information (e.g., a name and its corresponding private data). My work introduces a new post-hoc attack that amplifies this leakage by manipulating attention heads at inference time, defining a new threat model for LLM safety audits. (Manuscript in preparation for ICLR 2026).

Publications

1. Reprogrammable-FL: Improving Utility-Privacy Tradeoff in Federated Learning via Model Reprogramming

Conference: IEEE Conference on Secure and Trustworthy Machine Learning, February 2023
Authors: Huzaifa Arif, Alex Gittens, Pin-Yu Chen
🎥 Talk | 💻 Code | 📄 Paper

2. PEEL the Layers and Find Yourself: Revisiting Inference-time Data Leakage for Residual Neural Networks

Conference: IEEE Conference on Secure and Trustworthy Machine Learning, April 2025
Authors: Huzaifa Arif, Keerthiram Murugesan, Payel Das, Alex Gittens, Pin-Yu Chen
📄 Paper

3. Group Fair Federated Learning via Stochastic Kernel Regularization

Journal: Transactions on Machine Learning Research, April 2025
Authors: Huzaifa Arif, Pin-Yu Chen, Keerthiram Murugesan, Alex Gittens
📄 Paper

4. Forecasting Fails: Unveiling Evasion Attacks in Weather Prediction Models

Conference (Workshop): AAAI Workshop on AI to Accelerate Science and Engineering
Authors: Huzaifa Arif, Pin-Yu Chen, Alex Gittens, James Diffenderfer, Bhavya Kailkhura
📄 Paper

Patents

• Differentially Private Federated Learning using Model Reprogramming

  Inventors: Huzaifa Arif, Pin-Yu Chen, Bo Wu, Zhengfang Chen, Chuang Gan
  Patent No. US20240256894A1

• Method for Quantifying Private Leakage in Pretrained Neural Networks

  Inventors: Huzaifa Arif, Keerthiram Murugesan, Payel Das, Pin-Yu Chen

Book Chapters

• “Utility-privacy Tradeoff in Federated Learning” Book chapter in Federated Learning for Medical Imaging, Elsevier, 2025
  Huzaifa Arif, Alex Gittens, and Pin-Yu Chen
  Link

Preprints

DP-Compressed VFL is secure for Model Inversion Attacks

Paper | Code

Additional Research Work

• Our adaptation of Hypergradient Descent Project
• PhD Qualifier Report Paper

Professional Service

Reviewer Experience

• ICLR 2025
• International Conference on Acoustics, Speech, and Signal Processing
  • ICASSP 2025
  • ICASSP 2023
• Artificial Intelligence and Statistics (AISTATS) 2023
• IEEE International Workshop on Machine Learning for Signal Processing (MLSP 2023)

Recent News & Achievements

2025

• Apr 2025: 2nd Place runners-up at 3MT for my thesis Listen to my Pitch
• Apr 2025: Gave a talk at RPI School of Mathematical Sciences Algorithmic Designs to Investigate Trustworthiness in AI models
• Apr 2025: Successfully defended my PhD Candidacy Exam

2024

• Dec 2024: Awarded the Belsky Award for Computational Science and Engineering 2025 Award Learn more
• Dec 2024: Work on composite gradient-based bias mitigation algorithm in Federated Learning accepted to TMLR 2025
• Dec 2024: LLNL internship work (WAPPO) accepted at AAAI 2025
• Dec 2024: IBM internship work (Data Leakage in Residual Networks) accepted at SATML 2025
• Aug 2024: Patent “Reprogrammable FL” publicly available (US20240256894A1)

2022

• Apr 2022: Passed PhD Qualification Exam (Rank: Top-5)
• Apr 2022: Completed work with Dr. Stacy Patterson Preprint: DP-Compressed VFL is secure for Model Inversion Attacks

2021

• Jan 2021: Joined RPI as a PhD student

Contact Information

📧 Email: arifh@rpi.edu | huzaifaarif20@gmail.com
📞 Phone: (518) 961-8482

---

Last updated: August 2025