Switzerland
Optimize and improve ML algorithms. I am currently a Postdoctoral Research Scientist at Nanyang Technological University (NTU) Singapore, focusing on trustworthy AI. I recently completed my Ph.D. from Heidelberg University, Germany, specializing in adversarial machine learning for classification, generative diffusion models with a focus on harmful outlier detection to increase the trustworthiness of AI models and prepare them for open-world problems. During my Ph.D., I conducted an internship at MIT-IBM Watson AI Lab and achieved notable results, including a top 3% paper award at the ICASSP conference, a top-20 ranking in the CVPR 2022 Art-of-Robustness Challenge, and two times Oxford summer school acceptance. In addition to my research, I actively contribute to the machine learning community as a reviewer for top-tier conference workshops such as ICML, ICLR, and NeurIPS, but also ICASSP (ML track) and EuroCrypt (ML track). My passion lies in advancing the field of machine learning, with a particular focus on its practical applications. Previously, I worked in academia and industry on the CARLA simulator for pedestrian safety and classification models for mobile robotics, including vehicles and drones. Before that, I contributed to the vision system of autonomous robots (Team TEDUSAR @TU Graz, which won the RoboCup competition "best in autonomy" in 2016.) in terms of my Bachelor thesis. In future, I would be interested in adaptive and evolving AI, in particularly in industry setting such as tech or finance.
Foundation model fine-tuning for static and time-series data for PAD (presentation attack detection) - face spoofing detection. AI coding with cursor (claude, opus, sonnet, codex, ...).
Improved Google-Research's model theft [1, 2] approach [3]—more accurate and deeper layer reconstruction of model weights. The research community assumed that this was not the case [4]. We proved otherwise. Resulted in a EUROCRYPT publication. I am fortunate to work with Prof. Thomas Peyrin. Ranked as the 2nd best in AI worldwide (usnews.com), 30k students and staff. [1] https://arxiv.org/pdf/2506.17047 [2] https://owasp.org/www-project-machine-learning-security-top-10/docs/ML05_2023-Model_Theft [3] https://github.com/google-research/cryptanalytic-model-extraction [4] https://www.youtube.com/watch?v=PfoYLmbyOQE - Stealing Weights of a Production LLM Like OpenAI’s ChatGPT with Nicholas Carlini
Robust Computer Vision. Pattern Recognition and Data Science. GenAI such as Diffusion Models. Multimodality (text-to-image). - I showed with empirical evaluations that AutoAttack's perturbation is not the best choice for an adversarial attack. - Created as first-time prompts to neutralize harmful, manipulated data. - Created a diffusion model deepfake dataset. - I found that the latent spaces of diffusion models are misaligned with the learned manifold. Open-source code: - SpectralDefense: https://github.com/adverML/SpectralDef_Framework - OpenOOD: https://github.com/Jingkang50/OpenOOD/pull/275 I am grateful to my advisor, Prof. Janis Keuper, and my team lead.
Published the paper "Visual prompting for adversarial robustness" at NeurIPS workshops and ICASSP where it got recognition in the top 3%. The idea of visual prompting is derived from Large Language Model (LLM) prompting. It is the first attempt with test-time prompt selection. https://research.ibm.com/publications/visual-prompting-for-adversarial-robustness I am very grateful for the supervision of Prof. Sijia Liu and Dr. Pin-Yu Chen.
Top 1% Leading Employer Germany Data cleaning and preprocessing on 1000 samples for initial successful training. PoC by fine-tuning deep learning (time series, LSTM) vision models (Yolo, MobileNet) for drone applications for the FCAS project (Taurus) within a few months.