avatar

Zhengyu Zhao
(赵正宇)

Associate Professor
Xi'an Jiaotong University
zhengyu.zhao (at) xjtu.edu.cn


Security of Machine Learning: Foundations

  1. Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights
    Zhengyu Zhao*, Hanwei Zhang*, Renjue Li*, Ronan Sicre, Laurent Amsaleg, Michael Backes, Qi Li, Chao Shen
    Code
  2. Adversarial Example Soups: Improving Transferability and Stealthiness for Free
    Bo Yang, Hengwei Zhang, Jindong Wang, Yulong Yang, Chenhao Lin, Chao Shen, Zhengyu Zhao
  3. Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
    Qiwei Tian, Chenhao Lin, Zhengyu Zhao, Qian Li, Chao Shen
    International Conference on Machine Learning (ICML), 2024.
    Code
  4. Quantization Aware Attack: Enhancing Transferable Adversarial Attacks by Model Quantization
    Yulong Yang, Chenhao Lin, Qian Li, Zhengyu Zhao, Haoran Fan, Dawei Zhou, Nannan Wang, Tongliang Liu, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  5. Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    International Conference on Machine Learning (ICML), 2023.
    Code
  6. Is Adversarial Training Really a Silver Bullet for Mitigating Data Poisoning?
    Rui Wen, Zhengyu Zhao, Zhuoran Liu, Michael Backes, Tianhao Wang, Yang Zhang
    International Conference on Learning Representations (ICLR), 2023. (Spotlight)
    Code
  7. Adversarial Image Color Transformations in Explicit Color Filter Space
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Transactions on Information Forensics and Security (TIFS), 2023.
    Code Video BMVC 2020 version
  8. Membership Inference Attacks by Exploiting Loss Trajectory
    Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang
    ACM Conference on Computer and Communications Security (CCS), 2022.
    Code Video
  9. On Success and Simplicity: A Second Look at Transferable Targeted Attacks
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    Neural Information Processing Systems (NeurIPS), 2021.
    Code Video 中文解读 Rank Top-1 on ARES Leaderboard
  10. Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2020.
    Code Video
  11. Who's Afraid of Adversarial Queries? The Impact of Image Modifications on Content-based Image Retrieval
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    ACM International Conference on Multimedia Retrieval (ICMR), 2019.
    Code

Security of Machine Learning: Applications

  1. Security Matrix for Multimodal Agents on Mobile Devices: A Systematic and Proof of Concept Study
    Yulong Yang, Xinshan Yang, Shuaidong Li, Chenhao Lin, Zhengyu Zhao, Chao Shen, Tianwei Zhang
  3. ControlLoc: Physical-World Hijacking Attack on Visual Perception in Autonomous Driving
    Chen Ma*, Ningfei Wang*, Zhengyu Zhao, Qian Wang, Qi Alfred Chen, Chao Shen
  4. Robustness Over Time: Understanding Adversarial Examples' Effectiveness on Longitudinal Versions of Large Language Models
    Yugeng Liu*, Tianshuo Cong*, Zhengyu Zhao, Michael Backes, Yun Shen, Yang Zhang
  6. Prompt Backdoors in Visual Prompt Learning
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang
  7. Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving
    Junhao Zheng, Chenhao Lin, Jiahao Sun, Zhengyu Zhao, Qian Li, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2024.
    Code
  8. Exploiting the Adversarial Example Vulnerability of Transfer Learning of Source Code
    Yulong Yang, Haoran Fan, Chenhao Lin, Qian Li, Zhengyu Zhao, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  9. Composite Backdoor Attacks Against Large Language Models
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang
    North American Chapter of the Association for Computational Linguistics (NAACL) Findings, 2024.
    Code
  10. Level Up with ML Vulnerability Identification: Leveraging Domain Constraints in Feature Space for Robust Android Malware Detection
    Hamid Bostani, Zhengyu Zhao, Zhuoran Liu, Veelasha Moonsamy
    ACM Transactions on Privacy and Security (TOPS), 2024.
    Code
  11. Towards Transferable and Stealthy Attacks against Object Detection in Autonomous Driving Systems (in Chinese)
    Junhao Zheng, Chenhao Lin, Zhengyu Zhao, Ziyi Jia, Libing Wu, Chao Shen
    Journal of Computer Research and Development (CRaD), 2024.
    Code

Machine Learning for Security

  1. Evading Deepfake Detectors via Black-box 3D Adversarial Head Turn
    Weijie Wang, Zhengyu Zhao, Bo Li, Nicu Sebe, Bruno Lepri
  2. A Survey of Defenses against AI-generated Visual Media: Detection, Disruption, and Authentication
    Jingyi Deng, Chenhao Lin, Zhengyu Zhao, Shuai Liu, Qian Wang, Chao Shen
  3. Breaking Semantic Artifacts for Generalized AI-generated Image Detection
    Chende Zheng, Chenhao Lin, Zhengyu Zhao, Hang Wang, Xu Guo, Shuai Liu, Chao Shen
    Neural Information Processing Systems (NeurIPS), 2024.
  4. Exploiting Facial Relationships and Feature Aggregation for Multi-Face Forgery Detection
    Chenhao Lin, Fangbin Yi, Hang Wang, Jingyi Deng, Zhengyu Zhao, Qian Li, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  5. Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel
    Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, Martha Larson
    Network and Distributed System Security Symposium (NDSS), 2021.
    Code Video