I am currently a postdoc at CISPA Helmholtz Center for Information Security, supervised by Dr. Yang Zhang. Prior to that, I obtained my Ph.D. (2023) degree from CISPA Helmholtz Center for Information Security under the supervision of Dr. Yang Zhang. I received my bachelor (2017) and master (2020) degrees from Shandong University under the supervision of Prof. Shanqing Guo.

Research Interests

My research centers on Trustworthy Machine Learning (Privacy, Security, and Safety), especially analyzing machine learning model vulnerabilities, including privacy attacks (MIA and AIA), backdoors, and data poison attacks. Additionally, I work on technical solutions against unethical AI systems.

Experiences & Education

  • [2023.11 – current] Postdoc at CISPA Helmholtz Center for Information Security. Supervised by Dr. Yang Zhang.
  • [2022.07 – 2022.10] Research Intern at Bell Lab.
  • [2021.02 – 2023.10] Ph.D. in Computer Science, CISPA Helmholtz Center for Information Security. Supervised by Dr. Yang Zhang.
  • [2017.09 – 2020.06] Master in Computer Science, Shandong University. Supervised by Prof. Shanqing Guo.
  • [2013.09 – 2017.06] Bachelor in Computer Science, Shandong University. Supervised by Prof. Shanqing Guo.

News

  • [10/2024] I’ll join the PC of EuroS&P 2025!
  • [09/2024] Our paper “DE-FAKE: Detection and Attribution of Fake Images Generated by Text-to-Image Generation Models” is selected in Best Paper Finalist at CSAW Europe 2024!
  • [09/2024] One paper “ModScan: Measuring Stereotypical Bias in Large Vision-Language Models from Vision and Language Modalities” got accepted in EMNLP 2024!
  • [09/2024] I’m honored to receive ERCIM WG STM Best Ph.D. Thesis Award 2024!
  • [08/2024] One paper “Membership Inference Attacks Against In-Context Learning” got accepted in CCS 2024!
  • [08/2024] One paper “Membership Inference Attacks Against In-Context Learning” got accepted in CCS 2024!
  • [08/2024] One paper “A Comprehensive Study of Privacy Risks in Curriculum Learning” got accepted in PETS 2025!
  • [07/2024] I’ll join the PC of USENIX Security 2025!
  • [07/2024] I’ll join the PC of IEEE SaTML 2025!
  • [07/2024] One paper “BadMerging: Backdoor Attacks Against Model Merging” got accepted in CCS 2024!
  • [07/2024] One paper “SeqMIA: Sequential-Metric Based Membership Inference Attack” got accepted in CCS 2024!
  • [07/2024] One paper “Inside the Black Box: Detecting Data Leakage in Pre-trained Language Encoders” got accepted in ECAI 2024!
  • [04/2024] I’ll join the PC of PETS 2025!
  • [02/2024] I’ll join the PC of ACSAC 2024!
  • [12/2023] One paper titled “Detection and Attribution of Models Trained on Generated Data” got accepted in ICASSP 2024!
  • [10/2023] I have successfully passed my Ph.D. defense!
  • [09/2023] One paper titled “SecurityNet: Assessing Machine Learning Vulnerabilities on Public Models” got accepted in USENIX Security 2024!
  • [05/2023] One paper titled “DE-FAKE: Detection and Attribution of Fake Images Generated by Text-to-Image Generation Models” got accepted in CCS 2023!
  • [05/2023] One paper titled “NOTABLE: Transferable Backdoor Attacks Against Prompt-based NLP Models” got accepted in ACL 2023!
  • [04/2023] One paper titled “Data Poisoning Attacks Against Multimodal Encoders” got accepted in ICML 2023!
  • [12/2022] One paper titled “Backdoor Attacks Against Dataset Distillation” got accepted in NDSS 2023!
  • [9/2022] One paper titled “UnGANable: Defending Against GAN-based Face Manipulation” got accepted in USENIX Security 2023!
  • [7/2022] I started an internship at Bell Lab!
  • [5/2022] One paper titled “FuzzGAN: A Generation-Based Fuzzing Framework For Testing Deep Neural Networks” got accepted in HPCC 2022!
  • [4/2022] One paper titled “Auditing Membership Leakages of Multi-Exit Networks” got accepted in CCS 2022!
  • [3/2021] One paper titled “Membership Leakage in Label-Only Exposures” got accepted in CCS 2021!
  • [8/2019] One paper titled “How to Prove Your Model Belongs to You: A Blind-Watermark based Framework to Protect Intellectual Property of DNN” got accepted in ACSAC 2019!
  • [5/2019] One paper titled “DeepKeyStego: Protecting Communication by Key-dependent Steganography with Deep Networks” got accepted in HPCC 2019!