Himanshu Singh

B611, R and D Block

IIIT Delhi

Okhla Phase 3, Delhi 110020

I am a Ph.D. candidate in Machine Learning at IIIT Delhi where I am part of the Visual Conception Group under the supervision of Dr. AV Subramanyam. My research focuses on robustness, security, and alignment of modern machine learning systems. I study the vulnerabilities of deep neural networks to adversarial attacks and design principled defenses grounded in representation learning, geometry, and optimization.

My work spans adversarial training, projection-based feature regularization, diffusion-based purification methods, and systematic robustness evaluation under white-box and gray-box threat models. I am particularly interested in understanding how representation geometry influences adversarial vulnerability and generalization.

I recently completed a Visiting Scholar position at the NUS Artificial Intelligence Institute, where I worked on foundational model alignment and LLM/VLM security, including neuron-level interventions, value steering, and probing alignment under adversarial prompts.

Prior to academia, I worked as a Research Scientist at Animaker, contributing to the development of the text-to-video system Steve AI. This experience strengthened my interest in building AI systems that bridge theoretical insight with real-world deployment.

I am broadly interested in trustworthy and controllable AI. I welcome collaborations and discussions at the intersection of robustness, alignment, and security.

selected publications

Language Guided Adversarial Purification

Himanshu Singh, and A V Subramanyam

In ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Apr 2024

Abs IEEE arXiv Code

Adversarial purification using generative models demonstrates strong adversarial defense performance. These methods are classifier and attack-agnostic, making them versatile but often computationally intensive. Recent strides in diffusion and score networks have improved image generation and, by extension, adversarial purification. Another highly efficient class of adversarial defense methods known as adversarial training requires specific knowledge of attack vectors, forcing them to be trained extensively on adversarial examples. To overcome these limitations, we introduce a new framework, namely Language Guided Adversarial Purification (LGAP), utilizing pre-trained diffusion models and caption generators to defend against adversarial attacks. Given an input image, our method first generates a caption, which is then used to guide the adversarial purification process through a diffusion network. Our approach has been evaluated against strong adversarial attacks, proving its effectiveness in enhancing adversarial robustness. Our results indicate that LGAP outperforms most existing adversarial defense techniques without requiring specialized network training. This underscores the generalizability of models trained on large datasets, highlighting a promising direction for further research.