avatar

Zhengyu Zhao
(赵正宇)

Xi'an Jiaotong University
zhengyu.zhao (at) xjtu.edu.cn




Publications where I am the main student author or (co-)supervisor:

Conferences

  1. Improving Adversarial Transferability on Vision Transformers via Forward Propagation Refinement
    Yuchen Ren, Zhengyu Zhao, Chenhao Lin, Bo Yang, Lu Zhou, Zhe Liu, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2025.
    Code
  2. CLIP is Strong Enough to Fight Back: Test-time Counterattacks towards Zero-shot Adversarial Robustness of CLIP
    Songlong Xing, Zhengyu Zhao, Nicu Sebe
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2025.
    Code
  3. Revisiting Adversarial Patch Defenses on Object Detectors: Unified Evaluation, Large-Scale Dataset, and New Insights
    Junhao Zheng, Jiahao Sun, Chenhao Lin, Zhengyu Zhao, Chen Ma, Chong Zhang, Cong Wang, Qian Wang, Chao Shen
    International Conference on Computer Vision (ICCV), 2025.
    Code
  4. D3: Training-Free AI-Generated Video Detection Using Second-Order Features
    Chende Zheng, Ruiqi Suo, Chenhao Lin, Zhengyu Zhao, Le Yang, Shuai Liu, Minghui Yang, Cong Wang, Chao Shen
    International Conference on Computer Vision (ICCV), 2025.
    Code
  5. Improving Integrated Gradient-based Transferable Adversarial Examples by Refining the Integration Path
    Yuchen Ren, Zhengyu Zhao, Chenhao Lin, Bo Yang, Lu Zhou, Zhe Liu, Chao Shen
    AAAI Conference on Artificial Intelligence (AAAI), 2025.
    Code
  6. Revisiting Training-Inference Trigger Intensity in Backdoor Attacks
    Chenhao Lin, Chenyang Zhao, Shiwei Wang, Longtian Wang, Chao Shen, Zhengyu Zhao
    USENIX Security Symposium (USENIX Security), 2025.
    Code
  7. ControlLoc: Physical-World Hijacking Attack on Camera-based Perception in Autonomous Driving
    Chen Ma*, Ningfei Wang*, Zhengyu Zhao, Qian Wang, Qi Alfred Chen, Chao Shen
    ACM Conference on Computer and Communications Security (CCS), 2025.
    Code
  8. Universally Unfiltered and Unseen: Input-Agnostic Multimodal Jailbreaks against Text-to-Image Model Safeguards
    Song Yan, Hui Wei, Jinlong Fei, Guoliang Yang, Zhengyu Zhao, Zheng Wang
    ACM International Conference on Multimedia (MM), 2025.
    Code
  9. Typographic Attacks in a Multi-Image Setting
    Xiaomeng Wang, Zhengyu Zhao, Martha Larson
    North American Chapter of the Association for Computational Linguistics (NAACL), 2025.
    Code
  10. Evading Deepfake Detectors via Adversarially Degrading and Restoring Forged Images
    Zhengli Shi, Chenhao Lin, Zhengyu Zhao, Peter Peer, Chao Shen
    IEEE International Conference on Multimedia and Expo (ICME), 2025. Oral
    Code
  11. Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
    Qiwei Tian, Chenhao Lin, Zhengyu Zhao, Qian Li, Chao Shen
    International Conference on Machine Learning (ICML), 2024.
    Code
  12. Breaking Semantic Artifacts for Generalized AI-generated Image Detection
    Chende Zheng, Chenhao Lin, Zhengyu Zhao, Hang Wang, Xu Guo, Shuai Liu, Chao Shen
    Neural Information Processing Systems (NeurIPS), 2024.
    Code
  13. Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving
    Junhao Zheng, Chenhao Lin, Jiahao Sun, Zhengyu Zhao, Qian Li, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2024.
    Code
  14. Composite Backdoor Attacks Against Large Language Models
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang
    North American Chapter of the Association for Computational Linguistics (NAACL) Findings, 2024.
    Code
  15. Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    International Conference on Machine Learning (ICML), 2023.
    Code
  16. Is Adversarial Training Really a Silver Bullet for Mitigating Data Poisoning?
    Rui Wen, Zhengyu Zhao, Zhuoran Liu, Michael Backes, Tianhao Wang, Yang Zhang
    International Conference on Learning Representations (ICLR), 2023. Spotlight
    Code
  17. Membership Inference Attacks by Exploiting Loss Trajectory
    Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang
    ACM Conference on Computer and Communications Security (CCS), 2022.
    Code
  18. On Success and Simplicity: A Second Look at Transferable Targeted Attacks
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    Neural Information Processing Systems (NeurIPS), 2021.
    Code Video 中文解读 Rank Top-1 on ARES Leaderboard
  19. Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel
    Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, Martha Larson
    Network and Distributed System Security Symposium (NDSS), 2021.
    Code Video
  20. Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2020.
    Code Video
  21. Who's Afraid of Adversarial Queries? The Impact of Image Modifications on Content-based Image Retrieval
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    ACM International Conference on Multimedia Retrieval (ICMR), 2019.
    Code

Journals

  1. A Survey of Defenses against AI-generated Visual Media: Detection, Disruption, and Authentication
    Jingyi Deng, Chenhao Lin, Zhengyu Zhao, Shuai Liu, Zhe Peng, Qian Wang, Chao Shen
    ACM Computing Surveys (CSUR), 2025.
    Code
  2. Resisting Bag-based Attribute Profiling by Adding Adversarial Items to Existing Media Profiles
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    IEEE Transactions on Information Forensics and Security (TIFS), 2025.
    Code Preliminary version@UMAP 2021
  3. Adversarial Example Soups: Improving Transferability and Stealthiness for Free
    Bo Yang, Hengwei Zhang, Jindong Wang, Yulong Yang, Chenhao Lin, Chao Shen, Zhengyu Zhao
    IEEE Transactions on Information Forensics and Security (TIFS), 2025.
    Code
  4. Quantization Aware Attack: Enhancing Transferable Adversarial Attacks by Model Quantization
    Yulong Yang, Chenhao Lin, Qian Li, Zhengyu Zhao, Haoran Fan, Dawei Zhou, Nannan Wang, Tongliang Liu, Chao Shen
    IEEE Transactions on Information Forensics and Security (TIFS), 2024.
    Code
  5. Level Up with ML Vulnerability Identification: Leveraging Domain Constraints in Feature Space for Robust Android Malware Detection
    Hamid Bostani, Zhengyu Zhao, Zhuoran Liu, Veelasha Moonsamy
    ACM Transactions on Privacy and Security (TOPS), 2024.
    Code
  6. Adversarial Image Color Transformations in Explicit Color Filter Space
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Transactions on Information Forensics and Security (TIFS), 2023.
    Code Preliminary version@BMVC 2020