avatar

Zhengyu Zhao
(赵正宇)

Associate Professor
Xi'an Jiaotong University
zhengyu.zhao (at) xjtu.edu.cn


About Me

I am an Associate Professor at Xi’an Jiaotong University (XJTU), China. I was a postdoc at CISPA Helmholtz Center for Information Security, Germany, hosted by Prof. Michael Backes. I received my PhD from Radboud University, Netherlands, supervised by Prof. Martha Larson, with the thesis titled Rethinking Realism: Towards More Transferable and Less Suspicious Adversarial Images. My general research interest is Security of Machine Learning; Most of my work has concentrated on analyzing the vulnerability of deep neural networks to various attacks, e.g., adversarial examples and data poisons.

Resources

Pre-prints

  1. Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights
    Zhengyu Zhao*, Hanwei Zhang*, Renjue Li*, Ronan Sicre, Laurent Amsaleg, Michael Backes, Qi Li, Chao Shen
    Code
  2. Adversarial Example Soups: Improving Transferability and Stealthiness for Free
    Bo Yang, Hengwei Zhang, Jindong Wang, Yulong Yang, Chenhao Lin, Chao Shen, Zhengyu Zhao
  3. Evading Deepfake Detectors via Black-box 3D Adversarial Head Turn
    Weijie Wang, Zhengyu Zhao, Bo Li, Nicu Sebe, Bruno Lepri
  4. ControlLoc: Physical-World Hijacking Attack on Visual Perception in Autonomous Driving
    Chen Ma*, Ningfei Wang*, Zhengyu Zhao, Qian Wang, Qi Alfred Chen, Chao Shen
  5. Security Matrix for Multimodal Agents on Mobile Devices: A Systematic and Proof of Concept Study
    Yulong Yang, Xinshan Yang, Shuaidong Li, Chenhao Lin, Zhengyu Zhao, Chao Shen, Tianwei Zhang
  7. Robustness Over Time: Understanding Adversarial Examples' Effectiveness on Longitudinal Versions of Large Language Models
    Yugeng Liu*, Tianshuo Cong*, Zhengyu Zhao, Michael Backes, Yun Shen, Yang Zhang
  8. Prompt Backdoors in Visual Prompt Learning
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang

Conference Publications

  1. Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
    Qiwei Tian, Chenhao Lin, Zhengyu Zhao, Qian Li, Chao Shen
    International Conference on Machine Learning (ICML), 2024.
    Code
  2. Composite Backdoor Attacks Against Large Language Models
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang
    North American Chapter of the Association for Computational Linguistics (NAACL) Findings, 2024.
    Code
  3. Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving
    Junhao Zheng, Chenhao Lin, Jiahao Sun, Zhengyu Zhao, Qian Li, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2024.
    Code
  4. Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    International Conference on Machine Learning (ICML), 2023.
    Code
  5. Is Adversarial Training Really a Silver Bullet for Mitigating Data Poisoning?
    Rui Wen, Zhengyu Zhao, Zhuoran Liu, Michael Backes, Tianhao Wang, Yang Zhang
    International Conference on Learning Representations (ICLR), 2023. (Spotlight)
    Code
  6. Membership Inference Attacks by Exploiting Loss Trajectory
    Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang
    ACM Conference on Computer and Communications Security (CCS), 2022.
    Code Video
  7. On Success and Simplicity: A Second Look at Transferable Targeted Attacks
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    Neural Information Processing Systems (NeurIPS), 2021.
    Code Video 中文解读 Rank Top-1 on ARES Leaderboard
  8. Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel
    Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, Martha Larson
    Network and Distributed System Security Symposium (NDSS), 2021.
    Code Video
  9. Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2020.
    Code Video
  10. Who's Afraid of Adversarial Queries? The Impact of Image Modifications on Content-based Image Retrieval
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    ACM International Conference on Multimedia Retrieval (ICMR), 2019.
    Code

Journal Publications

  1. Towards Transferable and Stealthy Attacks against Object Detection in Autonomous Driving Systems (in Chinese)
    Junhao Zheng, Chenhao Lin, Zhengyu Zhao, Ziyi Jia, Libing Wu, Chao Shen
    Journal of Computer Research and Development (CRaD), 2024.
    Code
  2. Exploiting the Adversarial Example Vulnerability of Transfer Learning of Source Code
    Yulong Yang, Haoran Fan, Chenhao Lin, Qian Li, Zhengyu Zhao, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  3. Quantization Aware Attack: Enhancing Transferable Adversarial Attacks by Model Quantization
    Yulong Yang, Chenhao Lin, Qian Li, Zhengyu Zhao, Haoran Fan, Dawei Zhou, Nannan Wang, Tongliang Liu, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  4. Adversarial Image Color Transformations in Explicit Color Filter Space
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Transactions on Information Forensics and Security (TIFS), 2023.
    Code Video BMVC 2020 version

Services

Honors & Awards

Invited Talks

Teaching

Miscellaneous



Powered by Jekyll and Minimal Light theme.