Welcome to my homepage

Biography

I am currently a fourth-year Ph.D. candidate in Data Science and Information Technology from the Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, advised by Professor Yong Jiang and Professor Shu-Tao Xia. Before that, I received my B.S. degree in Mathematics and Applied Mathematics (Yangming Innovation Class) from the Ningbo University in 2018, advised by Professor Lifeng Xi.

I was a research intern at Ant Security Lab (2021), working with Dr. Weifeng Qiu and Dr. Feng Xue; a research intern at Tencent AI Lab (2020, 2019), working with Dr. Baoyuan Wu and Dr. Zhifeng Li (supported by the Tencent Rhino-bird Elite Training Program).

My research mainly focuses on AI security, especially backdoor learning, adversarial learning, and data privacy. My research is supported by the Tsinghua ‘Future Scholar’ Ph.D. Fellowship.

Useful Resources

Github Repo about Backdoor Learning Resources

The ATT&CK Matrix of AI Security (The first technical report comprehensively covering different kinds of security threats in the full cycle of AI systems.)

News

11/2021: One paper is accepted by the IEEE IoT Journal.
09/2021: One paper is accepted by the Pattern Recognition.
08/2021: I am invited as the Senior PC Member of AAAI 2022.
07/2021: One paper is accepted by the ICCV 2021.
07/2021: So glad that our paper ‘Defending against Model Stealing via Verifying Embedded External Features’ is awarded the Best Paper of Adversarial for Good Award by the ICML AdvML Workshop, 2021.

Publications and Preprints

'*' indicates equal contribution

Training Security: Backdoor Learning & Robust Machine Learning

Backdoor Learning: A Survey
Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, Shu-Tao Xia
submitted to Pattern Recognition, 2021
[Github Resources]
Backdoor Attack against Speaker Verification
Tongqing Zhai*, Yiming Li* (corresponding author), Ziqi Zhang, Baoyuan Wu, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code] [Poster] [Slides] [Video]
t-k-means: A Robust and Stable k-means Variant
Yiming Li*, Yang Zhang*, Qingtao Tang, Weipeng Huang, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code][Poster] [Slides] [Video]
Invisible Backdoor Attack with Sample-Specific Triggers
Yuezun Li, Yiming Li, Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu
International Conference on Computer Vision (ICCV), 2021
[Code]
Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits
Jiawang Bai, Baoyuan Wu, Yong Zhang, Yiming Li, Zhifeng Li, Shu-Tao Xia
International Conference on Learning Representations (ICLR), 2021
[Code] [Poster] [Video]
Backdoor Attack in the Physical World
Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia
International Conference on Learning Representations (ICLR) Workshop, 2021
[Poster] [Extension]
Hidden Backdoor Attack against Semantic Segmentation Models
Yiming Li*, Yanjie Li*, Yalei Lv, Yong Jiang, Shu-Tao Xia
International Conference on Learning Representations (ICLR) Workshop, 2021
[Poster] [Slides] [Video]

Inference Security: Adversarial Learning

Semi-supervised Robust Training with Generalized Perturbed Neighborhood
Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia
Pattern Recognition, under minor revision, 2021 (Best Student Research Award of TBSI-WODS, 2019)
[Code]
Targeted Attack for Deep Hashing based Retrieval
Jiawang Bai*, Bin Chen*, Yiming Li*, Dongxian Wu, Weiwei Guo, Shu-Tao Xia, Enhui Yang
European Conference on Computer Vision (ECCV) (oral, TOP 2%), 2020
[Code] [Slides]
Adversarial Defense via Local Flatness Regularization
Jia Xu*, Yiming Li*, Yong Jiang, Shu-Tao Xia
International Conference on Image Processing (ICIP), 2020
[Code] [Slides]
Regional Adversarial Training for Better Robust Generalization
Chuanbiao Song, Yanbo Fan, Yichen Yang, Baoyuan Wu, Yiming Li, Zhifeng Li, Kun He
arXiv preprint 2109.00678

Data Privacy

Multinomial Random Forest
Jiawang Bai*, Yiming Li*, Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia
Pattern Recognition, 2021
[Code]
A Fine-grained Differentially Private Federated Learning against Leakage from Gradients
Linghui Zhu, Xinyi Liu, Yiming Li, Xue Yang, Shu-Tao Xia, Rongxing Lu
IEEE Internet of Things Journal, 2021
Visual Privacy Protection via Mapping Distortion
Yiming Li*, Peidong Liu*, Yong Jiang, Shu-Tao Xia
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021
[Code] [Poster] [Slides] [Video]
Defending against Model Stealing via Verifying Embedded External Features
Linghui Zhu*, Yiming Li* (corresponding author), Xiaojun Jia, Yong Jiang, Shu-Tao Xia, Xiaochun Cao
International Conference on Machine Learning (ICML) Workshop (Best Paper of Adversarial for Good Award), 2021
[Slides]
Open-sourced Dataset Protection via Backdoor Watermarking
Yiming Li, Ziqi Zhang, Jiawang Bai, Baoyuan Wu, Yong Jiang, Shu-Tao Xia^
Neural Information Processing Systems (NeurIPS) Workshop, 2020
[Code] [Poster]

Technical Reports and Patents

Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li, Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security, 2020/09/18. [Download] [Website][Media1] [Media2] [Media3] [Media4] [Media5] [Media6]…
李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 申请号: CN202010182180.5, HKS202989-CN)
李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 申请号: CN202011122124.9)

Invited Talks

A Brief Introduction of Backdoor Attack, TechBeat (online), 2021/09/29. [Slides][Video]
A Brief Introduction of Backdoor Attack in the Low-level Computer Vision, Virginia Tech (online), 2021/08/12. [Slides]
Defending against Model Stealing via Verifying Embedded External Features, ICML Workshop (online), 2021/07/24. [Slides]
A Brief Introduction of Backdoor Learning, Southwest Jiaotong University, 2021/04/12. [Slides]
Backdoor Attack: A New Security Threat towards the Training of DNNs, AI Drive (online), 2021/01/20. [Slides][Video]
A Brief Introduction of Backdoor Learning, The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), 2020/12/05. [Slides]
How to Improve Model Robustness via Adopting Unlabeled Data, CCF Young Computer Scientists & Engineers Forum, Shenzhen (CCF-YOCSEF-SZ), 2020/08/22. [Slides]

Teaching

Spring, 2021. TA in Optimization Theory and Machine Learning, instructed by Prof. Somayeh Sojoudi.

Awards and Honors

Adversarial for Good Award of ICML AdvML Workshop (TOP-1), 2021.
Best Student Research Award of TBSI Workshop on Data Science (TOP-1), 2019.
Top 25% PC Member of AAAI, 2021.
Outstanding Undergraduate Thesis Award in Ningbo University (TOP 5%), 2018.
First Prize of Chinese Mathematics Competition (TOP 3%), 2016.
First Prize of China Undergraduate Mathematical Contest in Modeling (TOP 1%), 2015.
Tsinghua ‘Future Scholar’ Ph.D. Fellowship (TOP-2 in TBSI), 2020.
Tencent Rhino-bird Elite (TOP 10%), 2021.
TBSI Excellence Scholarship (Rank First in our Track, TOP 20%), 2021.
TBSI Dean’s Scholarship, 2020/2021.
Undergraduate National Scholarship (TOP 1%), 2017.
Outstanding Graduate of Zhejiang Province (TOP 1%), 2018.

Services

Reviewer: IEEE Transactions on Dependable and Secure Computing (TDSC), IEEE Transactions on Circuits and Systems for Video Technology (TCSVT), IEEE Transactions on Industrial Informatics (TII), Neurocomputing, Computers & Security
Senior Program Committee Member: AAAI’22
Member of Program Committee Board: IJCAI’22-24
Program Committee Member: NeurIPS, ICML, ICLR, CVPR, AISTATS, AAAI, IJCAI, ICONIP
Executive Chairman Committee Member, TBSI Workshop on Data Science (TBSI-WODS), 2019
Lecturer and Consultant, Academic Servicing Center of Tsinghua University, 2021
Secretary of Master’s Thesis Committee, Tsinghua-Berkeley Shenzhen Institute, 2021.

Yiming Li