Publications
2025
-
Backdoor in Seconds: Unlocking Backdoor Vulnerabilities for Pre-trained Large Model via Model EditingCIKM 2025
-
WWW.Risk.GPT: Preventing Unauthorized Real-Time Retrieval by Large Language ModelsEMNLP 2025USENIX Security 2025 Poster
-
FedContinualNovel: Federated Continual Learning for Novel Class DiscoveryICCV 2025
-
A Watermark for Auto-Regressive Speech Recognition ModelInterSpeech 2025Oral
-
Improved Unbiased Watermark for LLMACL 2025
-
Asymmetric Multi-linguistic Conflict for Machine TranslationACL Findings 2025
-
De-Mark: Detecting, Removing and Exploiting Watermark for LLMsICML 2025
-
Towards Sample-specific Backdoor Attack with Clean Labels via Attribute TriggerTDSC 2025
-
SleeperMark: Towards Robust Watermark against Fine-Tuning Text-to-image Diffusion ModelsCVPR 2025
-
Audio Watermark: Dynamic and Harmless Watermark for Black-box Voice Dataset Copyright ProtectionUSENIX Security 2025
-
Pattern Mark: A Watermark for Order-Agnostic Language ModelsICLR 2025
-
Mind Control through Causal Inference: Predicting Clean Images from Poisoned DataICLR 2025
2024
-
BBCaL: Black-box Backdoor Detection under the Causality LensTMLR 2024
-
ZeroMark: Towards Dataset Ownership Verification without the Verification Watermark DisclosureNeurIPS 2024
-
Training A Secure Model against Data-Free Model ExtractionECCV 2024
-
Few-Shot Class Incremental Learning with Attention-Aware Self-Adaptive PromptECCV 2024
-
Your Vision-Language Model Itself Is a Strong Filter: Towards High-Quality Instruction Tuning with Data SelectionACL 2024 Findings
-
DiPMark: A Stealthy, Provable Robust Watermark for LLMICML 2024
2023
-
Domain Watermark: Effective and Harmless Dataset Copyright Verification is Closed at HandNeurIPS 2023
-
PolicyCleanse: Detecting and Mitigating Trojan Attacks in Reinforcement LearningICCV 2023
-
MasterKey: Practical Backdoor Attack Against Speaker Verification SystemsMobiCom 2023
-
Sibling-Attack: Rethinking Transferable Adversarial Attacks against Face RecognitionCVPR 2023
-
SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction ConsistencyICLR 2023
2022
-
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value AnalysisICLR 2022
-
Neural Mean Discrepancy for Efficient Out-of-Distribution DetectionCVPR 2022
2021
-
Adv-Makeup: A New Imperceptible and Transferable Attack on Face RecognitionIJCAI 2021
2020
-
Practical Poisoning Attack on Deep Neural NetworksECCV 2020
-
PhysGAN: Generating Physical-World-Resilient Adversarial Examples for Autonomous DrivingCVPR 2020
-
DeepBillboard: Systematic Physical-World Testing of Autonomous Driving SystemsICSE 2020
Professional Service
Program Committee / Reviewer
ACL
AAAI
CVPR
ECCV
ICLR
ICML
NeurIPS
WACV
TPAMI
TNNLS