I am an Associate Professor at Xi’an Jiaotong University (XJTU), China. I was a postdoc at CISPA Helmholtz Center for Information Security, Germany, hosted by Prof. Michael Backes. I received my PhD from Radboud University, Netherlands, supervised by Prof. Martha Larson, with my PhD thesis entitled “Rethinking Realism: Towards More Transferable and Less Suspicious Adversarial Images”.

Research Interests

• Security of Machine Learning: Foundations of attacks/defenses
  (ICML'24, TIFS'24, ICML'23, ICLR'23, TIFS'23, CCS'22, NeurIPS'21, CVPR'20, BMVC'20, ICMR'19)
• Security of Machine Learning: Applications of attacks/defenses in large (multimodal) models, autonomous driving...
  (CVPR'24, TIFS'24, TOPS'24, NAACL Findings'24, UMAP'21)
• Machine Learning for Security: Detecting AI-generated multimedia, preventing inference of sensitive information...
  (NeurIPS'24, TIFS'24, NDSS'21, MM'18)

Resources

• A curated list for large model safety, security, and privacy papers, leaderboards...
• A curated list for AI security & privacy workshops, tutorials, seminars...
• A curated list for transferable adversarial example papers

Services

• Poster Session Co-Chair of MM 2019
• Area Chair of NeurIPS, Senior Program Committee of AAAI
• Program Committee of ICLR, ICML, NeurIPS, CVPR, ICCV, ECCV, ACL, AAAI, IJCAI, AISTATS, BMVC, FAccT
• Journal Reviewer of TPAMI, TIFS, TKDE, TDSC, TCSS, IJCV, PR
• Task Co-Organizer of Pixel Privacy and Multimedia Satellite at MediaEval Workshop 2018-2020

Honors & Awards

• Doctoral Consortium Award of CVPR 2021
• Notable Area Chair Award of NeurIPS 2024
• Outstanding Reviewer Award of NeurIPS 2023, AISTATS 2023, BMVC 2022, BMVC 2020
• 2nd place in ICML 2024 Competition on Black-box Adversarial Attacks against Multimodal Large Language Models
• 3rd place in CVPR 2024 Competition on Black-box Adversarial Attacks against Vision-Language Models
• Top 1% in CVPR 2021 Competition on Black-box Adversarial Attacks against ImageNet Classifiers
• Student Travel Grant, MM 2018 & 2019

Invited Talks

• Security and Privacy Risks of AI Large Models, ICIG2023, 2023-09-23.
• Adversarial Examples and Data Poisons, Saarland University (Guest Lecture), 2023-06-19.
• Computer Vision in Adversarial Scenarios, LIS - Ecole Centrale Marseille, 2023-03-03. [Slides]
• Computer Vision against Adversarial Perturbations, Hong Kong PolyU, 2022-12-16. [Slides]
• Transferable and Stealthy Adversarial Images, Alibaba Turing Lab, 2022-03-03. [Slides]
• Transferability of Targeted Attacks, AI TIME, 2022-02-17. [Video (in Chinese)] [Slides]

Miscellaneous

• I like simple yet effective (research) ideas.
• I love music, particularly Chinese music.
• I respect Dr. Nicholas Carlini for his long-term dedication to rightful evaluations.