Welcome to my homepage

Biography

I am currently a third year Ph.D. candidate from the Tsinghua-Berkeley Shenzhen Institute (TBSI), Tsinghua Shenzhen International Graduate School (SIGS) at Tsinghua University, China. Before that, I received my B.S. degree in Mathematics and Applied Mathematics from Ningbo University, China, in 2018. My research mainly focus on the AI security, including

  • Model Security of the Training Process (mainly on the Backdoor Learning)
  • Model Security of the Inference Process (mainly on the Adversarial Learning and Robust Machine Learning)
  • Data Privacy

Github Repo about Backdoor Learning Resources

The ATT&CK Matrix of AI Security [Website](It is the first technical report comprehensively covering different kinds of security threats in the full cycle of an AI system.)

News

  • 07/2021: One paper is accepted by ICCV 2021.
  • 07/2021: So glad that our paper ‘Defending against Model Stealing via Verifying Embedded External Features’ is awarded the Adversarial for Good Award by ICML AdvML Workshop, 2021. Looking forward to discussing it at the workshop in July 24, 2021.
  • 07/2021: I am invited as the PC Member of IJCAI and ICLR 2022.
  • 07/2021: So glad to be awarded the TBSI Excellence Scholarship, 2021.
  • 06/2021: One paper is accepted by ICML Workshop 2021. Its codes will be released on Github when we publish its extension.

Education

Research

* indicates equal contribution; ^ indicates corresponding author

Model Security of the Training Process

  • Tongqing Zhai*, Yiming Li*^, Ziqi Zhang, Baoyuan Wu, Yong Jiang, Shu-Tao Xia. Backdoor Attack against Speaker Verification. ICASSP, 2021.[arXiv][Code][Poster][Slides][Video]

  • Yuezun Li, Yiming Li, Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu. Invisible Backdoor Attack with Sample-Specific Triggers. ICCV, 2021. [arXiv]

  • Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Attack in the Physical World. ICLR Workshop, 2021. [arXiv][Poster][Extension]

  • Yiming Li*, Yanjie Li*, Yalei Lv, Yong Jiang, Shu-Tao Xia. Hidden Backdoor Attack against Semantic Segmentation Models. ICLR Workshop, 2021. [arXiv][Poster][Slides][Video]

  • Jiawang Bai, Baoyuan Wu, Yong Zhang, Yiming Li, Zhifeng Li, Shu-Tao Xia. Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits. ICLR, 2021. [arXiv][Code][Poster][Video]

  • Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Learning: A Survey. Under Review, 2020. [arXiv][Github Resources]

Model Security of the Inference Process

  • Jiawang Bai*, Bin Chen*, Yiming Li*, Dongxian Wu, Weiwei Guo, Shu-Tao Xia, Enhui Yang. Targeted Attack for Deep Hashing based Retrieval. ECCV (oral, TOP 2%), 2020. [arXiv][Code][Slides]

  • Yiming Li*, Yang Zhang*, Qingtao Tang, Weipeng Huang, Yong Jiang, Shu-Tao Xia. t-k-means: A Robust and Stable k-means Variant. ICASSP, 2021. [arXiv][Code][Poster][Slides][Video]

  • Jia Xu*, Yiming Li*, Yong Jiang, Shu-Tao Xia. Adversarial Defense via Local Flatness Regularization. ICIP, 2020. [arXiv][Code][Slides]

  • Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Semi-supervised Robust Training with Generalized Perturbed Neighborhood. Under Review, 2020. (Best Student Research Award of TBSI-WODS 2019, TOP-1) [Preprint][Code]

Data Privacy

  • Yiming Li*, Peidong Liu*, Yong Jiang, Shu-Tao Xia. Visual Privacy Protection via Mapping Distortion. ICASSP, 2021. [arXiv][Code][Poster][Slides][Video]

  • Linghui Zhu*, Yiming Li*^, Xiaojun Jia, Yong Jiang, Shu-Tao Xia, Xiaochun Cao. Defending against Model Stealing via Verifying Embedded External Features. ICML Workshop (Adversarial for Good Award, oral, TOP-1), 2021.[Link][Poster][Slides][Video]

  • Yiming Li, Ziqi Zhang, Jiawang Bai, Baoyuan Wu, Yong Jiang, Shu-Tao Xia. Open-sourced Dataset Protection via Backdoor Watermarking. NeurIPS Workshop, 2020. [arXiv][Code][Poster]

  • Yiming Li*, Jiawang Bai*, Jiawei Li, Chun Li, Yong Jiang, Xue Yang, Shu-Tao Xia. Multinomial Random Forest: Toward Consistency and Privacy-Preservation. Under Review, 2020. [arXiv][Code]

Other Topics

  • Yiming Li, Lifeng Xi. Manhattan Property of Geodesic Paths on Self-affine Carpets. Archiv der Mathematik, 2018. [Link]

  • Jiawei Li, Yiming Li, Xingchun Xiang, Shu-Tao Xia, Siyi Dong, Yun Cai. TNT: An Interpretable Tree-Network-Tree Learning Framework using Knowledge Distillation. Entropy, 2020. [Link][Code]

  • Yiming Li*, Jiawang Bai*, Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia. Rectified Decision Trees: Exploring the Landscape of Interpretable and Effective Machine Learning. Under Review, 2020. [arXiv]

Technical Reports and Patents

  • Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li, Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security, 2020/09/18. [Download] [Website][Media1] [Media2] [Media3] [Media4] [Media5] [Media6]

  • 李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 申请号: CN202010182180.5, HKS202989-CN)

  • 李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 申请号: CN202011122124.9)

Invited Talks

  • A Brief Introduction of Backdoor Attack in the Low-level Computer Vision, Virginia Tech (online), 2021/08/12. [Slides]

  • Defending against Model Stealing via Verifying Embedded External Features, ICML Workshop, 2021/07/24. [Slides][Video]

  • A Brief Introduction of Backdoor Learning, Southwest Jiaotong University, 2021/04/12. [Slides]

  • Backdoor Attack: A New Security Threat towards the Training of DNNs, AI Drive (online), 2021/01/20. [Slides][Video]

  • A Brief Introduction of Backdoor Learning, The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), 2020/12/05. [Slides]

  • How to Improve Model Robustness via Adopting Unlabeled Data, CCF Young Computer Scientists & Engineers Forum, Shenzhen (CCF-YOCSEF-SZ), 2020/08/22. [Slides]

Teaching

  • Spring, 2021. TA in Optimization Theory and Machine Learning, instructed by Prof. Somayeh Sojoudi.

Work Experiences

  • Research Intern (Talent Program), Ant Security Lab, Ant Group, Alibaba Group, June 2021 - Present
    • Working on AI Security
    • Mentor: Dr. Weifeng Qiu and Dr. Feng Xue
  • Visiting Ph.D. Student (online), The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), Dec 2020 - Apr 2021
    • Working on Backdoor Learning
    • Supervisor: Dr. Baoyuan Wu, Associate Professor
  • Research Intern, Tencent AI Lab, Jul 2019 - Oct 2020
    • Supported by the Tencent Rhino-bird Elite Training Program, working on AI Security
    • Mentor: Dr. Baoyuan Wu, Principle Research Scientist
    • Partly involved in the Tencent technical report, The ATT&CK Matrix of AI Security (in Chinese) [Link] [News]. Mainly responsible for backdoor-related sections and report editing.
  • Intern, Department of Vision Technology, OPPO, May 2019 - Jun 2019
    • Supported by the TBSI Capstone Project, working on human instance segmentation
    • Mentor: Haidong Huang, Senior Algorithm Engineer

Awards and Honors

  • Adversarial for Good Award of ICML AdvML Workshop (TOP-1), 2021.
  • Best Student Research Award of TBSI Workshop on Data Science (TOP-1), 2019.
  • Outstanding Undergraduate Thesis Award in Ningbo University (TOP 5%), 2018.
  • First Prize of Chinese Mathematics Competition (TOP 3%), 2016.
  • First Prize of China Undergraduate Mathematical Contest in Modeling (TOP 1%), 2015.
  • Tsinghua ‘Future Scholar’ Ph.D. Scholarship (TOP-2 in TBSI), 2020.
  • Tencent Rhino-bird Elite Training Program (TOP 10%), 2020.
  • TBSI Excellence Scholarship (Rank First in our Track, TOP 20%), 2021.
  • TBSI Dean’s Scholarship, 2020/2021.
  • Undergraduate National Scholarship (TOP 1%), 2017.
  • Outstanding Graduate of Zhejiang Province (TOP 1%), 2018.

Services

  • Reviewer, IEEE Transactions on Industrial Informatics (TII), IEEE Transactions on Circuits and Systems for Video Technology (TCSVT), Neurocomputing
  • Program Committee Member, NeurIPS, ICML, ICLR, CVPR, AISTATS, AAAI, IJCAI, ICONIP, ISPA
  • Executive Chairman Committee Member, TBSI Workshop on Data Science (TBSI-WODS), 2019
  • Lecturer and Consultant (paper writing and submission track), Academic Servicing Center of Tsinghua University, 2021
  • Secretary of Masters Thesis Committee, Tsinghua-Berkeley Shenzhen Institute, 2021.