I am currently a third year Ph.D. candidate from the Tsinghua-Berkeley Shenzhen Institute (TBSI), Tsinghua Shenzhen International Graduate School (SIGS) at Tsinghua University, China. Before that, I received my B.S. degree in Mathematics and Applied Mathematics from Ningbo University, China, in 2018. My research mainly focus on the AI security, including
- Model Security of the Training Process (mainly on the Backdoor Learning)
- Model Security of the Inference Process (mainly on the Adversarial Learning and Robust Machine Learning)
- Data Privacy
The ATT&CK Matrix of AI Security (in Chinese) (It is the first technical report comprehensively covering different kinds of security threats in the full cycle of an AI system.)
- 06/2021: I will work as a research intern at the Ant Security Lab, Alibaba Group, start from June 2021.
- 05/2021: So glad to pass my Ph.D. qualifying exam. I am officially a Ph.D. candidate now.
- 04/2021: Posters, slides, and videos of our ICLRW’21 papers are uploaded. Looking forward to seeing you all in May.
- 04/2021: Posters, slides, and videos of our ICASSP’21 papers are uploaded. Looking forward to seeing you all in June.
- 03/2021: Two papers are accepted by ICLR Workshop 2021. Their codes will be released on Github when we publish their extensions.
- Ph.D. in Computer Science, Tsinghua University, Aug. 2018 - Present
- Exchange Student, University of Wisconsin, Jan. 2017 − May. 2017
- Major in Mathematics and Computer Science
- B.S. in Mathematics and Applied Mathematics (Yangming Innovation Class), Ningbo University, Aug. 2014 - May. 2018
- Supervisor: Prof. Lifeng Xi
- Thesis Topic: Study and Application of Ensemble Learning in Deep Learning (in Chinese) (Outstanding Undergraduate Thesis in Ningbo University)
* indicates equal contribution; ^ indicates corresponding author
Model Security of the Training Process
Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Attack in the Physical World. ICLR Workshop on Robust and Reliable Machine Learning in the Real World, 2021. [arXiv][Poster][Extension]
Yiming Li*, Yanjie Li*, Yalei Lv, Yong Jiang, Shu-Tao Xia. Hidden Backdoor Attack against Semantic Segmentation Models. ICLR Workshop on Security and Safety in Machine Learning Systems, 2021. [arXiv][Poster][Slides][Video]
- Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Learning: A Survey. Under Review, 2020. [arXiv][Github Resources]
- Yuezun Li, Yiming Li, Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu. Backdoor Attack with Sample-Specific Triggers. Under Review, 2020. [arXiv]
Model Security of the Inference Process
Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Semi-supervised Robust Training with Generalized Perturbed Neighborhood. Under Review, 2020. (Best Student Research Award of TBSI-WODS 2019, TOP-1) [Preprint][Code]
Yiming Li, Ziqi Zhang, Jiawang Bai, Baoyuan Wu, Yong Jiang, Shu-Tao Xia. Open-sourced Dataset Protection via Backdoor Watermarking. NeurIPS Workshop on Dataset Curation and Security, 2020. [arXiv][Code][Poster]
- Yiming Li*, Jiawang Bai*, Jiawei Li, Chun Li, Yong Jiang, Xue Yang, Shu-Tao Xia. Multinomial Random Forest: Toward Consistency and Privacy-Preservation. Under Review, 2020. [arXiv]
Yiming Li, Lifeng Xi. Manhattan Property of Geodesic Paths on Self-affine Carpets. Archiv der Mathematik, 2018. [Link]
Yiming Li*, Jiawang Bai*, Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia. Rectified Decision Trees: Exploring the Landscape of Interpretable and Effective Machine Learning. Under Review, 2020. [arXiv]
Technical Reports and Invited Talks
Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li, Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security (in Chinese), 2020/09/18. [Download] [Media1] [Media2] [Media3] [Media4] [Media5] [Media6]…
A Brief Introduction of Backdoor Learning, Southwest Jiaotong University, 2021/04/12. [Slides]
A Brief Introduction of Backdoor Learning, The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), 2020/12/05. [Slides]
How to Improve Model Robustness via Adopting Unlabeled Data, CCF Young Computer Scientists & Engineers Forum, Shenzhen (CCF-YOCSEF-SZ), 2020/08/22. [Slides]
- Research Intern (Talent Program), Ant Security Lab, Alibaba Group, June 2021 - Present
- Working on AI Security
- Visiting Ph.D. Student (online), The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), Dec 2020 - Apr 2021
- Working on Backdoor Learning
- Supervisor: Dr. Baoyuan Wu, Associate Professor
- Research Intern, Tencent AI Lab, Jul 2019 - Oct 2020
- Supported by the Tencent Rhino-bird Elite Training Program, working on AI Security
- Mentor: Dr. Baoyuan Wu, Principle Research Scientist
- Partly involved in the Tencent technical report, The ATT&CK Matrix of AI Security (in Chinese) [Link] [News]. Mainly responsible for backdoor-related sections and report editing.
- Intern, Department of Vision Technology, OPPO, May 2019 - Jun 2019
- Supported by the TBSI Capstone Project, working on human instance segmentation
- Mentor: Haidong Huang, Senior Algorithm Engineer
- Intern, Department of Quantitative Investment, Wukong Investment Management Company, July 2018 - Sept 2018
- Working on ML-based algorithms development in high-frequency trading
- Mentor: Dr. Xinji Liu, Deputy Manager of Quantitative Investment Department
- Spring, 2021. TA in Optimization Theory and Machine Learning, instructed by Prof. Somayeh Sojoudi.
Awards and Honors
- Best Student Research Award of TBSI Workshop on Data Science (TOP-1), 2019.
- Outstanding Undergraduate Thesis Award in Ningbo University (TOP 5%), 2018.
- First Prize of Chinese Mathematics Competition (TOP 3%), 2016.
- First Prize of China Undergraduate Mathematical Contest in Modeling (TOP 1%), 2015.
- Tsinghua ‘Future Scholar’ Ph.D. Scholarship (TOP-2 in TBSI), 2020.
- Tencent Rhino-bird Elite Training Program (TOP 10%), 2020.
- Undergraduate National Scholarship (TOP 1%), 2017.
- Outstanding Graduate of Zhejiang Province (TOP 1%), 2018.
李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 申请号: CN2020101821805, HKS202989-CN)
李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 申请号: CN2020111221249)
- Reviewer, IEEE Transactions on Industrial Informatics (TII), IEEE Transactions on Circuits and Systems for Video Technology (TCSVT), Neurocomputing
- Program Committee Member, NeurIPS, ICML, CVPR, AISTATS, AAAI, IJCAI, ICONIP, ISPA
- Executive Chairman Committee Member, TBSI Workshop on Data Science (TBSI-WODS), 2019
- Lecturer and Consultant (paper writing and submission track), Academic Servicing Center of Tsinghua University, 2021
- Secretary of Masters Thesis Committee, Tsinghua-Berkeley Shenzhen Institute, 2021.