avatar

Zhengyu Zhao
(赵正宇)

Xi'an Jiaotong University
zhengyu.zhao (at) xjtu.edu.cn


Selected Publications

  1. Revisiting Transferable Adversarial Image Examples: Attack Categorization, Evaluation Guidelines, and New Insights
    Zhengyu Zhao, Hanwei Zhang, Renjue Li, Ronan Sicre, Laurent Amsaleg, Michael Backes, Qi Li, Chao Shen
    Code
  2. Revisiting Training-Inference Trigger Intensity in Backdoor Attacks
    Chenhao Lin, Chenyang Zhao, Shiwei Wang, Longtian Wang, Chao Shen, Zhengyu Zhao
    USENIX Security Symposium (USENIX Security), 2025.
    Code
  3. Improving Adversarial Transferability on Vision Transformers via Forward Propagation Refinement
    Yuchen Ren, Zhengyu Zhao, Chenhao Lin, Bo Yang, Lu Zhou, Zhe Liu, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2025.
    Code
  4. CLIP is Strong Enough to Fight Back: Test-time Counterattacks towards Zero-shot Adversarial Robustness of CLIP
    Songlong Xing, Zhengyu Zhao, Nicu Sebe
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2025.
    Code
  5. Improving Integrated Gradient-based Transferable Adversarial Examples by Refining the Integration Path
    Yuchen Ren, Zhengyu Zhao, Chenhao Lin, Bo Yang, Lu Zhou, Zhe Liu, Chao Shen
    AAAI Conference on Artificial Intelligence (AAAI), 2025.
    Code
  6. Adversarial Example Soups: Improving Transferability and Stealthiness for Free
    Bo Yang, Hengwei Zhang, Jindong Wang, Yulong Yang, Chenhao Lin, Chao Shen, Zhengyu Zhao
    IEEE Transactions on Information Forensics and Security (TIFS), 2025.
    Code
  7. Typographic Attacks in a Multi-Image Setting
    Xiaomeng Wang, Zhengyu Zhao, Martha Larson
    North American Chapter of the Association for Computational Linguistics (NAACL), 2025.
    Code
  8. Collapse-Aware Triplet Decoupling for Adversarially Robust Image Retrieval
    Qiwei Tian, Chenhao Lin, Zhengyu Zhao, Qian Li, Chao Shen
    International Conference on Machine Learning (ICML), 2024.
    Code
  9. Breaking Semantic Artifacts for Generalized AI-generated Image Detection
    Chende Zheng, Chenhao Lin, Zhengyu Zhao, Hang Wang, Xu Guo, Shuai Liu, Chao Shen
    Neural Information Processing Systems (NeurIPS), 2024.
    Code
  10. Physical 3D Adversarial Attacks against Monocular Depth Estimation in Autonomous Driving
    Junhao Zheng, Chenhao Lin, Jiahao Sun, Zhengyu Zhao, Qian Li, Chao Shen
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2024.
    Code
  11. Composite Backdoor Attacks Against Large Language Models
    Hai Huang, Zhengyu Zhao, Yun Shen, Michael Backes, Yang Zhang
    North American Chapter of the Association for Computational Linguistics (NAACL) Findings, 2024.
    Code
  12. Level Up with ML Vulnerability Identification: Leveraging Domain Constraints in Feature Space for Robust Android Malware Detection
    Hamid Bostani, Zhengyu Zhao, Zhuoran Liu, Veelasha Moonsamy
    ACM Transactions on Privacy and Security (TOPS), 2024.
    Code
  13. Image Shortcut Squeezing: Countering Perturbative Availability Poisons with Compression
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    International Conference on Machine Learning (ICML), 2023.
    Code
  14. Is Adversarial Training Really a Silver Bullet for Mitigating Data Poisoning?
    Rui Wen, Zhengyu Zhao, Zhuoran Liu, Michael Backes, Tianhao Wang, Yang Zhang
    International Conference on Learning Representations (ICLR), 2023. Spotlight
    Code
  15. Adversarial Image Color Transformations in Explicit Color Filter Space
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Transactions on Information Forensics and Security (TIFS), 2023.
    Code
  16. Membership Inference Attacks by Exploiting Loss Trajectory
    Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang
    ACM Conference on Computer and Communications Security (CCS), 2022.
    Code
  17. On Success and Simplicity: A Second Look at Transferable Targeted Attacks
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    Neural Information Processing Systems (NeurIPS), 2021.
    Code Video 中文解读 Rank Top-1 on ARES Leaderboard
  18. Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel
    Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina, Martha Larson
    Network and Distributed System Security Symposium (NDSS), 2021.
    Code Video
  19. Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2020.
    Code Video
  20. Adversarial Color Enhancement: Generating Unrestricted Adversarial Images by Optimizing a Color Filter
    Zhengyu Zhao, Zhuoran Liu, Martha Larson
    British Machine Vision Conference (BMVC), 2020.
    Code Video
  21. Who's Afraid of Adversarial Queries? The Impact of Image Modifications on Content-based Image Retrieval
    Zhuoran Liu, Zhengyu Zhao, Martha Larson
    ACM International Conference on Multimedia Retrieval (ICMR), 2019.
    Code