Standing at the turning point of AI times, I want to bridge the gap between learning on machines and humans, and build next-generation learning systems that are both intelligent and trustworthy.
I am an Associate Professor in the State Key Laboratory of Software Development Environment, Department of Computer Science and Engineering at Beihang University. My research interestes are centered around AI Safety and Security, with broad interests in the areas of Adversarial Examples, Backdoor Attacks, Interpretable Deep Learning , Model Robustness, Fairness Testing, AI Testing and Evaluation, and their applications in real-world scenarios.
I received my Ph.D. degree in 2021 from Beihang University, supervised by Prof. Wei Li and Prof. Xianglong Liu. Before that, I obtained the M.Sc and B.Sc degree from Beihang University at 2016 and 2013, respectively, where I was supervised by Prof. Wei Li. In my Ph.D study, during 2021, I was a visiting student at UC Berkeley, supervised by Prof. Dawn Song; during 2020, I was a visiting student at the University of Sydney, supervised by Prof. Dacheng Tao; in 2019, I interned at AI Lab at Tencent supported by Tecent Rhino-Bird Elite Program, supervised by Prof. Liwei Wang. I serve as a reviewer for the top conferences and journals such as CVPR, ICML, ICCV, ECCV, NeurIPS, ICLR, AAAI, TPAMI, IJCV, TIP, etc.
[Prospective students] Our group has positions for PhD students, Master students, and visiting students. If you are interested, please send me an email with your CV and publications (if any).
CONTACT
Address: No.37 Xueyuan Road, Beijing, China
Google Scholar / Github / dblp
RECENT NEWS
[Textbook on AI Security] Our textbook 人工智能安全导论 (Introduction to AI Security) has been published. Available on JD and Taobao.
[Workshop@CVPR 2025] I am co-organizing the 5th Workshop of Adversarial Machine Learning on Computer Vision: Foundation Models + X on CVPR 2025. Please submit your papers and participate the challenge to win prizes!
[Special Issue@Electronics] I am serving as the Guest Editor for the Special Issue Trustworthy Deep Learning in Practice on Electronics (SCI JCR Q2). Please submit your papers!
[2025.03] Two papers accepted by IEEE TIFS and ISSTA 2025.
[2025.02] I am invited as an Area Chair of NeurIPS 2025.
[2025.02] Two papers accepted by CVPR 2025 and Science China Information Sciences.
[2025.01] Two papers accepted by IJCV and ICLR 2025.
[2024.12] One paper accepted by IJCV.
[2024.12] I am invited as an Area Chair of ICML 2025.
[2024.10] Our paper GenderCARE is awarded the Distinguished Artifact Award in ACM CCS 2024. Congrats!
[2024.10] Two papers accepted by NeurIPS 2024 and ICSE 2025.
[2024.09] One paper accepted by 信息安全学报 (Journal of Cyber Security).
[2024.07] Three papers accepted by ACM Multimedia 2024.
[2024.06] One paper accepted by IJCV.
[2024.04] One paper accepted by ACM CCS 2024.
[2024.04] I am invited as an Area Chair of NeurIPS 2024.
[2024.04] I am invited as an Area Chair of NeurIPS 2024 Track Datasets and Benchmarks.
[2024.03] One paper accepted by IEEE TIP.
[2024.02] One paper accepted by CVPR 2024 (Highlight).
[2024.01] I am invited as an Area Chair of IEEE CAI 2024 and ICPR 2024.
[2024.01] Two papers accepted by ICLR 2024 (One Spotlight).
[2024.01] One paper accepted by IEEE TMM.
[2023.10] One paper accepted by IEEE S&P 2024.
[2023.08] One paper accepted by ICSE 2024.
[2023.08] One paper accepted by IJCV.
[2023.07] Three papers accepted by ACM Multimedia 2023 (Two Orals).
[2023.06] One paper accepted by TOSEM.
[2023.05] One paper accepted by ISSTA 2023.
[2023.04] One paper accepted by ICML 2023.
[2023.04] One paper accepted by IJCAI 2023.
[2023.02] Two papers accepted by CVPR 2023.
[2023.02] One paper accepted by USENIX Security Symposium 2023.
[2023.02] One paper accepted by Sixth Conference on Machine Learning and Systems (MLSys 2023).
[2023.01] Two papers accepted by Pattern Recognition and 智能安全.
[2022.12] Two papers accepted by IEEE TMM and 计算机学报 (Chinese Journal of Computers, CCF-A).
[2022.12] I am co-organizing the 2nd Workshop of Practical Deep Learning in the Wild on AAAI 2023. Please submit your papers and participate the challenge to win prizes!
[2022.11] One paper accepted by AAAI 2023.
[2022.08] One paper accepted by ACM CCS 2022.
[2022.07] I am serving as the Guest Editor on Practical Deep Learning in the Wild at Pattern Recognition (JCR Q1). Please submit your papers!
[2022.07] One paper accepted by IEEE CYB.
[2022.06] Three papers accepted by ACM Multimedia 2022.
[2022.03] Two papers accepted by CVPR 2022.
[2022.01] One paper accepted by ICLR 2022.
[2021.10] Two papers accepted by IEEE TIP.
[2021.09] We released the first comprehensive Robustness investigation benchmark (RobustART) on large-scale dataset ImageNet regarding ARchitectural design (1000+) and Training techniques (10+).
[2021.08] One paper accepted by IEEE TNNLS.
[2021.08] One paper accepted by ACM Multimedia 2021.