About Me [中文主页]

I am a Professor at Xi'an Jiaotong University, China. In 2022-2023, I was a postdoc at CISPA Helmholtz Center for Information Security, Germany, hosted by Prof. Michael Backes and Dr. Yang Zhang. In 2017-2021, I did my PhD at Radboud University, Netherlands, supervised by Prof. Martha Larson, with my doctoral dissertation "Rethinking Realism: Towards More Transferable and Less Suspicious Adversarial Images".

Research Interests

• 50% Adversarial Machine Learning: Foundations of attacks/defenses
  
• 30% Adversarial Machine Learning: Applications of attacks/defenses for (multimodal) generative models, autonomous driving...
  
• 20% Multimedia Security: deepfake detection, content moderation...
  

Resources

• A curated list for large model safety, security, and privacy papers, leaderboards...
• A curated list for AI security & privacy workshops, tutorials, seminars...
• A curated list for transferable adversarial example papers

Honors & Awards

• Doctoral Consortium Award of CVPR 2021
• Outstanding Reviewer of NeurIPS 2023, AISTATS 2023, BMVC 2022, BMVC 2020
• Best Paper of PICASSO@UbiComp 2025
• 2nd place in ICML 2024 Competition on Black-box Adversarial Attacks against Multimodal Large Language Models
• 3rd place in CVPR 2024 Competition on Black-box Adversarial Attacks against Vision-Language Models
• Top 1% in CVPR 2021 Competition on Black-box Adversarial Attacks against ImageNet Classifiers
• Student Travel Grant, MM 2018 & 2019

Miscellaneous

• I like simple yet effective (research) ideas.
• I love music, particularly Chinese music.
• I respect Dr. Nicholas Carlini for his long-term dedication to rightful evaluations.