Greetings and welcome to my homepage


I am currently a fifth-year Master-to-Ph.D. student in Computer Science and Technology from Tsinghua-Berkeley Shenzhen Institute (TBSI), Tsinghua Shenzhen International Graduate School (SIGS), Tsinghua University, advised by Professor Yong Jiang and Professor Shu-Tao Xia. Before that, I received my B.S. degree with honor in Mathematics and Applied Mathematics from Ningbo University (Yangming Innovation Class) in 2018, advised by Professor Lifeng Xi.

At the beginning of my Ph.D. journey, I studied tree-based methods for their interpretability and good theoretical properties. Currently, my research mainly focuses on AI security, especially backdoor learning, adversarial learning, data privacy, and copyright protection in deep learning. My research is supported by the Tsinghua ‘Future Scholar’ Ph.D. Fellowship.

Currently, I am working with Professor Bo Li at UIUC as a visiting Ph.D. student. I was a research intern at Ant Security Lab (2021, 2022), working with Dr. Haiqin Weng and Dr. Tao Wei; a research intern at Tencent AI Lab (2019, 2020), working with Dr. Baoyuan Wu and Dr. Zhifeng Li (supported by the Tencent Rhino-bird Elite Training Program); an intern at Wukong Investment (2018), working with Dr. Xinji Liu on ML-based high-frequency trading.


  • 09/2022: Our paper about dataset copyright protection is accepted by the NeurIPS 2022. Its codes will be released soon.
  • 09/2022: Our Springer book ‘Digital Watermarking for Machine Learning Models’ is accepted and currently under the production process. We contributed to its Chapter 4: The Robust and Harmless Model Watermarking.
  • 06/2022: Our survey about backdoor attacks and defenses is accepted by the IEEE TNNLS.
  • 06/2022: The attack part of our open-sourced Python toolbox BackdoorBox has been developed (10+ attacks). The defense part and the benchmark are coming soon. Feel free to check and play with it~
  • 01/2022: Two papers are accepted by the ICLR 2022. Their codes, posters, slides, and videos have been released.

Useful Resources

BackdoorBox: A Python Toolbox for Backdoor Attacks and Defenses

Github Repo about Backdoor Learning Resources

Technical Report about the ATT&CK Matrix of AI Security