EnsembleSHAP: Faithful and Certifiably Robust Attribution for Random Subspace Method
arXiv:2603.30034v1 Announce Type: new Abstract: Random subspace method has wide security applications such as providing certified defenses against adversarial and backdoor attacks, and building robustly aligned LLM against jailbreaking attacks. However, the explanation of random subspace method lacks sufficient exploration. Existing state-of-the-art feature attribution methods, such as Shapley value and LIME, are computationally impractical and lacks security guarantee when applied to random subspace method. In this work, we propose EnsembleSHAP, an intrinsically faithful and secure feature attribution for random subspace method that reuses its computational byproducts. Specifically, our feature attribution method is 1) computationally efficient, 2) maintains essential properties of effect
View PDF
Abstract:Random subspace method has wide security applications such as providing certified defenses against adversarial and backdoor attacks, and building robustly aligned LLM against jailbreaking attacks. However, the explanation of random subspace method lacks sufficient exploration. Existing state-of-the-art feature attribution methods, such as Shapley value and LIME, are computationally impractical and lacks security guarantee when applied to random subspace method. In this work, we propose EnsembleSHAP, an intrinsically faithful and secure feature attribution for random subspace method that reuses its computational byproducts. Specifically, our feature attribution method is 1) computationally efficient, 2) maintains essential properties of effective feature attribution (such as local accuracy), and 3) offers guaranteed protection against privacy-preserving attacks on feature attribution methods. To the best of our knowledge, this is the first work to establish provable robustness against explanation-preserving attacks. We also perform comprehensive evaluations for our explanation's effectiveness when faced with different empirical attacks, including backdoor attacks, adversarial attacks, and jailbreak attacks. The code is at this https URL. WARNING: This document may include content that could be considered harmful.
Comments: Published at ICLR 2026
Subjects:
Cryptography and Security (cs.CR)
Cite as: arXiv:2603.30034 [cs.CR]
(or arXiv:2603.30034v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2603.30034
arXiv-issued DOI via DataCite
Submission history
From: Yanting Wang [view email] [v1] Tue, 31 Mar 2026 17:30:52 UTC (5,012 KB)
Sign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
announceproductapplication
Voice AI Agents: Building Speech-to-Speech Apps with TypeScript
Voice AI Agents: Building Speech-to-Speech Apps with TypeScript Voice is the most natural interface for AI. In 2026, speech-to-speech applications are transforming customer service, virtual assistants, and real-time translation. But building voice AI pipelines traditionally requires stitching together multiple SDKs: one for Speech-to-Text (STT), another for LLM inference, and a third for Text-to-Speech (TTS). NeuroLink unifies this entire pipeline into a single TypeScript SDK. In this guide, you'll learn how to build real-time voice AI agents using NeuroLink's streaming architecture. We'll cover speech-to-text integration, streaming LLM responses, text-to-speech synthesis, and practical patterns for production voice applications. Why Voice AI Is Hard (And How NeuroLink Solves It) Building
Semantic Search with TypeScript: Using embed() and embedMany() for Vector Search
Semantic Search with TypeScript: Using embed() and embedMany() for Vector Search In the age of information overload, keyword-based search often falls short. Users aren't just looking for exact matches; they're looking for meaning . This is where semantic search shines, allowing systems to understand the intent behind a query and retrieve results that are conceptually similar, even if they don't contain the exact keywords. At the heart of semantic search lies the concept of embeddings – dense numerical representations of text that capture its meaning. NeuroLink, the universal AI SDK for TypeScript, simplifies the process of generating and utilizing these embeddings, making it straightforward to build powerful semantic search capabilities into your applications. This article will guide you t
I Built 3 APIs for Turkey’s Used-Car Market with Apify
Turkey’s used-car market is massive, fragmented, and surprisingly hard to work with if you want structured data. Listings live across marketplaces, dealer pages are inconsistent, pricing changes fast, and even simple questions like “What is this car worth?” or “Which dealers dominate Istanbul for this brand?” are harder than they should be. So I built three focused APIs on top of Apify to solve different layers of the problem: A listing extraction API for Arabam A valuation API for Arabam + Sahibinden A dealer intelligence API for Arabam + Sahibinden All three are built for developers, analysts, insurers, lenders, marketplaces, and automotive businesses that need clean Turkish vehicle data instead of brittle scraping scripts. 1. Arabam.com Vehicle Scraper API The first API is the raw data
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
More in Products
Voice AI Agents: Building Speech-to-Speech Apps with TypeScript
Voice AI Agents: Building Speech-to-Speech Apps with TypeScript Voice is the most natural interface for AI. In 2026, speech-to-speech applications are transforming customer service, virtual assistants, and real-time translation. But building voice AI pipelines traditionally requires stitching together multiple SDKs: one for Speech-to-Text (STT), another for LLM inference, and a third for Text-to-Speech (TTS). NeuroLink unifies this entire pipeline into a single TypeScript SDK. In this guide, you'll learn how to build real-time voice AI agents using NeuroLink's streaming architecture. We'll cover speech-to-text integration, streaming LLM responses, text-to-speech synthesis, and practical patterns for production voice applications. Why Voice AI Is Hard (And How NeuroLink Solves It) Building
Semantic Search with TypeScript: Using embed() and embedMany() for Vector Search
Semantic Search with TypeScript: Using embed() and embedMany() for Vector Search In the age of information overload, keyword-based search often falls short. Users aren't just looking for exact matches; they're looking for meaning . This is where semantic search shines, allowing systems to understand the intent behind a query and retrieve results that are conceptually similar, even if they don't contain the exact keywords. At the heart of semantic search lies the concept of embeddings – dense numerical representations of text that capture its meaning. NeuroLink, the universal AI SDK for TypeScript, simplifies the process of generating and utilizing these embeddings, making it straightforward to build powerful semantic search capabilities into your applications. This article will guide you t
I Built 3 APIs for Turkey’s Used-Car Market with Apify
Turkey’s used-car market is massive, fragmented, and surprisingly hard to work with if you want structured data. Listings live across marketplaces, dealer pages are inconsistent, pricing changes fast, and even simple questions like “What is this car worth?” or “Which dealers dominate Istanbul for this brand?” are harder than they should be. So I built three focused APIs on top of Apify to solve different layers of the problem: A listing extraction API for Arabam A valuation API for Arabam + Sahibinden A dealer intelligence API for Arabam + Sahibinden All three are built for developers, analysts, insurers, lenders, marketplaces, and automotive businesses that need clean Turkish vehicle data instead of brittle scraping scripts. 1. Arabam.com Vehicle Scraper API The first API is the raw data
Building a Production-Ready Composable AI Agent System with CopilotKit and LangGraph
Introduction Building AI agents is one thing. Building agents that actually work together in a real application? That's where it gets tricky. Today, we're going to build a composable multi-agent system that combines three specialized agents - a Summarizer, a Q A engine, and a Code Generator - into a single, coordinated workflow. We'll use Next.js for the frontend, LangGraph for agent orchestration, and CopilotKit to wire everything together with a beautiful, real-time UI. You'll find architecture, the key patterns, how state flows between agents, and the step-by-step guide to building this from scratch. Let's build it. Check out the full source code on GitHub and the CopilotKit GitHub ⭐️ What is CopilotKit? CopilotKit is an open-source framework that makes it easy for developers to add AI
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!