Huzaifa Arif

📧 arifh@rpi.edu | huzaifaarif20@gmail.com

📞 (518) 961-8482

I am a fifth-year Ph.D. candidate and researcher with multiple first-author publications in trustworthy AI. My work focuses on exposing and mitigating privacy and safety vulnerabilities in Large Language Models, demonstrated through research at IBM and LLNL.

I am open to collaboration.

Research Interests

My research spans several key areas in trustworthy AI:

LLM Safety & Alignment: Parameter-efficient methods for steering large language models towards safe behavior
Privacy in ML: Exposing and mitigating privacy vulnerabilities, including novel attacks like association leakage
Federated Learning: Improving utility-privacy tradeoffs through model reprogramming and differential privacy
Bias & Fairness: Developing algorithms for fair federated learning and mitigating demographic bias

news

Dec 09, 2025	📈 Improved theoretical result of our previous work! “DS FedProxGrad: Asymptotic Stationarity Without Noise Floor” now on arXiv. Improved convergence analysis eliminating the noise floor dependence from my previous Group Fed Paper work!
Nov 11, 2025	🔬 New preprint released! “Patching LLM Like Software” work from IBM 2025 internship now available on arXiv. Lightweight safety improvements for large language models!
Sep 01, 2025	🏆 Awarded the Founders Award of Excellence (Top 1% Graduate Students at RPI) for excellence in academics and overall leadership.
Apr 15, 2025	🥈 2nd Place at the 3 Minute Thesis Competition for my thesis presentation. Listen to my pitch!
Apr 01, 2025	🎯 Successfully defended my PhD Candidacy Exam!
Dec 15, 2024	🏅 Awarded the Belsky Award for Computational Science and Engineering 2025 (Top 6 Graduate Students for Excellence in Research). Learn more
Dec 10, 2024	📄 Three papers accepted! Data leakage work from IBM internship accepted to SATML 2025, federated learning work to TMLR 2025, and weather prediction attacks from LLNL internship to AAAI 2025.
Oct 01, 2024	📚 Book chapter published! First author on “Utility Privacy Tradeoff” chapter in Federated Learning for Medical Imaging book.
Aug 01, 2024	📜 Patent published! “Reprogrammable FL” patent now publicly available (US20240256894A1).
Feb 01, 2023	🎉 IBM internship work published! “Reprogrammable-FL” research from IBM 2022 internship accepted to SATML 2023. Novel federated learning approach with model reprogramming techniques.

selected publications

Patching LLM Like Software: A Lightweight Method for Improving Safety Policy in Large Language Models

Huzaifa Arif, Keerthiram Murugesan, Ching-Yun Ko, and 3 more authors

Nov 2025

arXiv preprint

Abs Bib HTML Code

We propose patching for large language models (LLMs) like software versions, a lightweight and modular approach for addressing safety vulnerabilities. This "patch" introduces only 0.003% additional parameters, yet reliably steers model behavior toward that of a safer reference model across toxicity mitigation, bias reduction, and harmfulness refusal.
@misc{arif2025patching, title = {Patching LLM Like Software: A Lightweight Method for Improving Safety Policy in Large Language Models}, author = {Arif, Huzaifa and Murugesan, Keerthiram and Ko, Ching-Yun and Chen, Pin-Yu and Das, Payel and Gittens, Alex}, year = {2025}, month = nov, note = {arXiv preprint}, }
Reprogrammable-FL: Improving Utility-Privacy Tradeoff in Federated Learning via Model Reprogramming

Huzaifa Arif, Alex Gittens, and Pin-Yu Chen

In IEEE Conference on Secure and Trustworthy Machine Learning, Feb 2023

Abs Bib HTML Video Code

We present a novel approach to improve the utility-privacy tradeoff in federated learning through model reprogramming techniques.
@inproceedings{arif2023reprogrammable, title = {Reprogrammable-FL: Improving Utility-Privacy Tradeoff in Federated Learning via Model Reprogramming}, author = {Arif, Huzaifa and Gittens, Alex and Chen, Pin-Yu}, booktitle = {IEEE Conference on Secure and Trustworthy Machine Learning}, year = {2023}, month = feb, }

PEEL the Layers and Find Yourself: Revisiting Inference-time Data Leakage for Residual Neural Networks

Huzaifa Arif, Keerthiram Murugesan, Payel Das, and 2 more authors

In IEEE Conference on Secure and Trustworthy Machine Learning, Apr 2025

Abs Bib HTML Code

@inproceedings{arif2025peel,
  title = {PEEL the Layers and Find Yourself: Revisiting Inference-time Data Leakage for Residual Neural Networks},
  author = {Arif, Huzaifa and Murugesan, Keerthiram and Das, Payel and Gittens, Alex and Chen, Pin-Yu},
  booktitle = {IEEE Conference on Secure and Trustworthy Machine Learning},
  year = {2025},
  month = apr,
}

Group Fair Federated Learning via Stochastic Kernel Regularization

Huzaifa Arif, Pin-Yu Chen, Keerthiram Murugesan, and 1 more author

Transactions on Machine Learning Research, Apr 2025

Abs Bib HTML Code

@article{arif2025group,
  title = {Group Fair Federated Learning via Stochastic Kernel Regularization},
  author = {Arif, Huzaifa and Chen, Pin-Yu and Murugesan, Keerthiram and Gittens, Alex},
  journal = {Transactions on Machine Learning Research},
  year = {2025},
  month = apr,
}