Welcome to My Homepage

Biography

I am currently an Assistant Professor at Sun Yat-Sen University. Before that, I was a Postdoctoral Fellow, working with Prof. XiaoFeng Wang and Prof. Haixu Tang. I received my Ph.D. degree with honors in Information Engineering from the Chinese University of Hong Kong, advised by Prof. Kehuan Zhang and Prof. Dahua Lin.

My research is centered on AI Security, with a particular emphasis on Trustworthy ML and Responsible AI. Recently, I have been focusing on exploring the security challenges associated with emerging Large Generative Models (e.g., ChatGPT and DeepSeek). In my view, an AI system that lacks trustworthiness—or can be deemed irresponsible—pertains to a system whose functionality deviates from its original design, either due to intentional manipulation or unintentional defects. An adversary may deliberately alter an AI system to generate unreliable results, while unintentional bias within the AI model itself can also lead to outputs that lack trustworthiness. In my research, I alwasy strive to deliver dependable Security Guarantees for AI models.

In my existing research, I examined how adversaries could compromise the functionality of an AI system and identified countermeasures against such attacks. Specifically, I discovered carefully crafted patterns on web pages capable of manipulating search engine rankings (such as Google, Bing, etc.) (CCS’22) (which earned the Best Paper Honorable Mention Award). Additionally, I discovered how malicious users on shared cloud platforms can hijack the output of deployed AI systems (Usenix’24), and I proposed a simple yet highly effective method to bypass widely adopted AI backdoor detection techniques (NDSS’24). From a defense perspective, I introduced the First technique using reflected light to detect fake faces in front of AI-based face recognition systems, named as Face Flashing (NDSS’18). This method has since been adopted by WeChat and is now used by billions of people daily (news). Additionally, I emphasized the latent space’s role in distinguishing benign from malicious inputs into AI models (SCAn in Usenix’21) , and introduced a theoretical framework for evaluating the detection difficulty of various AI backdoors (paper). This backdoor-related research helped secure $704,980 in funding for the TrojAI project (TrojAI), where I played a pivotal role, as well as an additional $1,133,213 in follow-up funding. Moreover, the backdoor detection method that I proposed helped me Win the First Place in the Trojan Detection Competition 2022, hosted by NeurIPS (homepage). In addition to the general trustworthiness of AI, I also enhanced the reliability of specific AI tools for particular tasks. I improved the robustness of an AI for identifying the root cause of bugs across diverse code bases (Usenix’24), reduced the false positives of an AI model that is designed to detect logic flaws in 5G documentation (Usenix’22), and ensured that the AI tool for conformance testing covered all scenarios (Usenix’23).

For Potential Students and Collaborators

I am always seeking highly motivated students who are passionate about advancing research in AI Security. I firmly believe that groundbreaking ideas are born through collaboration, and I am thrilled to partner with researchers who are driven to push the boundaries of knowledge and create meaningful, real-world impact. If you are enthusiastic, intellectually curious, and committed to achieving excellence, I would love to explore opportunities to work together and deliver impactful, cutting-edge results. Let’s join forces to tackle the most pressing challenges in AI Security and shape the future of trustworthy and responsible AI!
Drop me an Email if you are interested!

News

• 01/2025: I have joined Sun Yat-Sen University as an Assistant Professor.