EnsembleSHAP: Faithful and Certifiably Robust Attribution for Random Subspace Method

Computer Science > Cryptography and Security [Submitted on 31 Mar 2026] EnsembleSHAP: Faithful and Certifiably Robust Attribution for Random Subspace Method Yanting Wang, Jinyuan Jia Random subspace method has wide security applications such as providing certified defenses against adversarial and backdoor attacks, and building robustly aligned LLM against jailbreaking attacks. However, the explanation of random subspace method lacks sufficient exploration. Existing state-of-the-art feature attribution methods, such as Shapley value and LIME, are computationally impractical and lacks security guarantee when applied to random subspace method. In this work, we propose EnsembleSHAP, an intrinsically faithful and secure feature attribution for random subspace method that reuses its computational byproducts. Specifically, our feature attribution method is 1) computationally efficient, 2) maintains essential properties of effective feature attribution (such as local accuracy), and 3) offers guaranteed protection against privacy-preserving attacks on feature attribution methods. To the best of our knowledge, this is the first work to establish provable robustness against explanation-preserving attacks. We also perform comprehensive evaluations for our explanation's effectiveness when faced with different empirical attacks, including backdoor attacks, adversarial attacks, and jailbreak attacks. The code is at this https URL. WARNING: This document may include content that could be considered harmful. Comments: Published at ICLR 2026 Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2603.30034 [cs.CR]   (or arXiv:2603.30034v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2603.30034 Focus to learn more Submission history From: Yanting Wang [view email] [v1] Tue, 31 Mar 2026 17:30:52 UTC (5,012 KB) Access Paper: view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-03 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)