Welcome to my homepage
Biography
I am currently a fourth-year Ph.D. candidate in Data Science and Information Technology from the Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, advised by Professor Yong Jiang and Professor Shu-Tao Xia. Before that, I received my B.S. degree in Mathematics and Applied Mathematics (Yangming Innovation Class) from the Ningbo University in 2018, advised by Professor Lifeng Xi.
I was a research intern at Ant Security Lab (2021), working with Dr. Weifeng Qiu and Dr. Feng Xue; a research intern at Tencent AI Lab (2020, 2019), working with Dr. Baoyuan Wu and Dr. Zhifeng Li (supported by the Tencent Rhino-bird Elite Training Program).
My research mainly focuses on AI security, especially backdoor learning, adversarial learning, and data privacy. My research is supported by the Tsinghua ‘Future Scholar’ Ph.D. Fellowship.
Useful Resources
Github Repo about Backdoor Learning Resources
The ATT&CK Matrix of AI Security (The first technical report comprehensively covering different kinds of security threats in the full cycle of AI systems.)
News
- 09/2021: One paper is accepted by Pattern Recognition.
- 08/2021: I am invited as the Senior PC Member of AAAI 2022.
- 07/2021: One paper is accepted by the ICCV 2021.
- 07/2021: So glad that our paper ‘Defending against Model Stealing via Verifying Embedded External Features’ is awarded the Best Paper of Adversarial for Good Award by the ICML AdvML Workshop, 2021.
- 07/2021: I am invited as the PC Member of IJCAI and ICLR 2022.
Publications and Preprints
'*' indicates equal contribution
Backdoor Learning
Backdoor Learning: A Survey
Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, Shu-Tao Xia
submitted to Pattern Recognition, 2021
[Github Resources]Backdoor Attack against Speaker Verification
Tongqing Zhai*, Yiming Li* (corresponding author), Ziqi Zhang, Baoyuan Wu, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code] [Poster] [Slides] [Video]Invisible Backdoor Attack with Sample-Specific Triggers
Yuezun Li, Yiming Li, Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu
International Conference on Computer Vision (ICCV), 2021
[Code]Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits
Jiawang Bai, Baoyuan Wu, Yong Zhang, Yiming Li, Zhifeng Li, Shu-Tao Xia
International Conference on Learning Representations (ICLR), 2021
[Code] [Poster] [Video]Backdoor Attack in the Physical World
Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia
International Conference on Learning Representations (ICLR) Workshop, 2021
[Poster] [Extension]Hidden Backdoor Attack against Semantic Segmentation Models
Yiming Li*, Yanjie Li*, Yalei Lv, Yong Jiang, Shu-Tao Xia
International Conference on Learning Representations (ICLR) Workshop, 2021
[Poster] [Slides] [Video]
Adversarial Learning and Robust Machine Learning
Semi-supervised Robust Training with Generalized Perturbed Neighborhood
Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia
Pattern Recognition, under minor revision, 2021 (Best Student Research Award of TBSI-WODS, 2019)
[Code]t-k-means: A Robust and Stable k-means Variant
Yiming Li*, Yang Zhang*, Qingtao Tang, Weipeng Huang, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code][Poster] [Slides] [Video]Targeted Attack for Deep Hashing based Retrieval
Jiawang Bai*, Bin Chen*, Yiming Li*, Dongxian Wu, Weiwei Guo, Shu-Tao Xia, Enhui Yang
European Conference on Computer Vision (ECCV) (oral, TOP 2%), 2020
[Code] [Slides]Adversarial Defense via Local Flatness Regularization
Jia Xu*, Yiming Li*, Yong Jiang, Shu-Tao Xia
International Conference on Image Processing (ICIP), 2020
[Code] [Slides]Regional Adversarial Training for Better Robust Generalization
Chuanbiao Song, Yanbo Fan, Yichen Yang, Baoyuan Wu, Yiming Li, Zhifeng Li, Kun He
arXiv preprint 2109.00678
Data Privacy
Multinomial Random Forest
Jiawang Bai*, Yiming Li*, Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia
Pattern Recognition, 2021
[Code]Visual Privacy Protection via Mapping Distortion
Yiming Li*, Peidong Liu*, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code] [Poster] [Slides] [Video]Defending against Model Stealing via Verifying Embedded External Features
Linghui Zhu*, Yiming Li* (corresponding author), Xiaojun Jia, Yong Jiang, Shu-Tao Xia, Xiaochun Cao
International Conference on Machine Learning (ICML) Workshop (Best Paper of Adversarial for Good Award), 2021
[Slides]Open-sourced Dataset Protection via Backdoor Watermarking
Yiming Li, Ziqi Zhang, Jiawang Bai, Baoyuan Wu, Yong Jiang, Shu-Tao Xia^
Neural Information Processing Systems (NeurIPS) Workshop, 2020
[Code] [Poster]
Other Topics
Manhattan Property of Geodesic Paths on Self-affine Carpets
Yiming Li, Lifeng Xi
Archiv der Mathematik, 2018TNT: An Interpretable Tree-Network-Tree Learning Framework using Knowledge Distillation
Jiawei Li, Yiming Li, Xingchun Xiang, Shu-Tao Xia, Siyi Dong, Yun Cai
Entropy, 2020Rectified Decision Trees: Exploring the Landscape of Interpretable and Effective Machine Learning
Yiming Li*, Jiawang Bai*, Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia
arXiv preprint 2008.09413
Technical Reports and Patents
Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li, Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security, 2020/09/18. [Download] [Website][Media1] [Media2] [Media3] [Media4] [Media5] [Media6]…
李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 申请号: CN202010182180.5, HKS202989-CN)
李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 申请号: CN202011122124.9)
Invited Talks
A Brief Introduction of Backdoor Attack, TechBeat (online), 2021/09/29. [Slides][Video]
A Brief Introduction of Backdoor Attack in the Low-level Computer Vision, Virginia Tech (online), 2021/08/12. [Slides]
Defending against Model Stealing via Verifying Embedded External Features, ICML Workshop (online), 2021/07/24. [Slides]
A Brief Introduction of Backdoor Learning, Southwest Jiaotong University, 2021/04/12. [Slides]
Backdoor Attack: A New Security Threat towards the Training of DNNs, AI Drive (online), 2021/01/20. [Slides][Video]
A Brief Introduction of Backdoor Learning, The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), 2020/12/05. [Slides]
How to Improve Model Robustness via Adopting Unlabeled Data, CCF Young Computer Scientists & Engineers Forum, Shenzhen (CCF-YOCSEF-SZ), 2020/08/22. [Slides]
Teaching
- Spring, 2021. TA in Optimization Theory and Machine Learning, instructed by Prof. Somayeh Sojoudi.
Awards and Honors
- Adversarial for Good Award of ICML AdvML Workshop (TOP-1), 2021.
- Best Student Research Award of TBSI Workshop on Data Science (TOP-1), 2019.
- Top 25% PC Member of AAAI, 2021.
- Outstanding Undergraduate Thesis Award in Ningbo University (TOP 5%), 2018.
- First Prize of Chinese Mathematics Competition (TOP 3%), 2016.
- First Prize of China Undergraduate Mathematical Contest in Modeling (TOP 1%), 2015.
- Tsinghua ‘Future Scholar’ Ph.D. Fellowship (TOP-2 in TBSI), 2020.
- Tencent Rhino-bird Elite (TOP 10%), 2021.
- TBSI Excellence Scholarship (Rank First in our Track, TOP 20%), 2021.
- TBSI Dean’s Scholarship, 2020/2021.
- Undergraduate National Scholarship (TOP 1%), 2017.
- Outstanding Graduate of Zhejiang Province (TOP 1%), 2018.
Services
- Reviewer: IEEE Transactions on Dependable and Secure Computing (TDSC), IEEE Transactions on Circuits and Systems for Video Technology (TCSVT), IEEE Transactions on Industrial Informatics (TII), Neurocomputing, Computers & Security
- Senior Program Committee Member: AAAI’22
- Member of Program Committee Board: IJCAI’22-24
- Program Committee Member: NeurIPS, ICML, ICLR, CVPR, AISTATS, AAAI, IJCAI, ICONIP
- Executive Chairman Committee Member, TBSI Workshop on Data Science (TBSI-WODS), 2019
- Lecturer and Consultant, Academic Servicing Center of Tsinghua University, 2021
- Secretary of Master’s Thesis Committee, Tsinghua-Berkeley Shenzhen Institute, 2021.