Welcome to my homepage

Biography

I am currently a third year Ph.D. candidate from the Tsinghua-Berkeley Shenzhen Institute (TBSI), Tsinghua Shenzhen International Graduate School (SIGS) at Tsinghua University, China. Before that, I received my B.S. degree in Mathematics and Applied Mathematics from Ningbo University, China, in 2018. My research mainly focus on the AI security, including

Model Security of the Training Process (mainly on the Backdoor Learning)
Model Security of the Inference Process (mainly on the Adversarial Learning and Robust Machine Learning)
Data Privacy

Github Repo about Backdoor Learning Resources

The ATT&CK Matrix of AI Security (in Chinese) (It is the first technical report comprehensively covering different kinds of security threats in the full cycle of an AI system.)

News

06/2021: One paper is accepted by ICML Workshop 2021. Its codes will be released on Github when we publish its extension.
06/2021: I will work as a research intern at the Ant Security Lab, Alibaba Group, start from June 2021.
05/2021: So glad to pass my Ph.D. qualifying exam. I am officially a Ph.D. candidate now.
04/2021: Posters, slides, and videos of our ICASSP’21 papers are uploaded. Looking forward to seeing you all in June.
03/2021: Two papers are accepted by ICLR Workshop 2021. Their codes will be released on Github when we publish their extensions.

Education

Ph.D. in Computer Science, Tsinghua University, Aug. 2018 - Present
- Supervisor: Prof. Shu-Tao Xia and Prof. Yong Jiang
Exchange Student, University of Wisconsin, Jan. 2017 − May. 2017
- Major in Mathematics and Computer Science
B.S. in Mathematics and Applied Mathematics (Yangming Innovation Class), Ningbo University, Aug. 2014 - May. 2018
- Supervisor: Prof. Lifeng Xi
- Thesis Topic: Study and Application of Ensemble Learning in Deep Learning (in Chinese) (Outstanding Undergraduate Thesis in Ningbo University)

Research

* indicates equal contribution; ^ indicates corresponding author

Model Security of the Training Process

Tongqing Zhai*, Yiming Li*^, Ziqi Zhang, Baoyuan Wu, Yong Jiang, Shu-Tao Xia. Backdoor Attack against Speaker Verification. ICASSP, 2021.[arXiv][Code][Poster][Slides][Video]
Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Attack in the Physical World. ICLR Workshop, 2021. [arXiv][Poster][Extension]
Yiming Li*, Yanjie Li*, Yalei Lv, Yong Jiang, Shu-Tao Xia. Hidden Backdoor Attack against Semantic Segmentation Models. ICLR Workshop, 2021. [arXiv][Poster][Slides][Video]
Jiawang Bai, Baoyuan Wu, Yong Zhang, Yiming Li, Zhifeng Li, Shu-Tao Xia. Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits. ICLR, 2021. [arXiv][Code][Poster][Video]

Yiming Li, Baoyuan Wu, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Backdoor Learning: A Survey. Under Review, 2020. [arXiv][Github Resources]

Yuezun Li, Yiming Li, Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu. Backdoor Attack with Sample-Specific Triggers. Under Review, 2020. [arXiv]

Model Security of the Inference Process

Jiawang Bai*, Bin Chen*, Yiming Li*, Dongxian Wu, Weiwei Guo, Shu-Tao Xia, Enhui Yang. Targeted Attack for Deep Hashing based Retrieval. ECCV (oral, TOP 2%), 2020. [arXiv][Code][Slides]
Yiming Li*, Yang Zhang*, Qingtao Tang, Weipeng Huang, Yong Jiang, Shu-Tao Xia. t-k-means: A Robust and Stable k-means Variant. ICASSP, 2021. [arXiv][Code][Poster][Slides][Video]
Jia Xu*, Yiming Li*, Yong Jiang, Shu-Tao Xia. Adversarial Defense via Local Flatness Regularization. ICIP, 2020. [arXiv][Code][Slides]
Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia. Semi-supervised Robust Training with Generalized Perturbed Neighborhood. Under Review, 2020. (Best Student Research Award of TBSI-WODS 2019, TOP-1) [Preprint][Code]

Data Privacy

Yiming Li*, Peidong Liu*, Yong Jiang, Shu-Tao Xia. Visual Privacy Protection via Mapping Distortion. ICASSP, 2021. [arXiv][Code][Poster][Slides][Video]
Linghui Zhu*, Yiming Li*^, Xiaojun Jia, Yong Jiang, Shu-Tao Xia, Xiaochun Cao. Defending against Model Stealing Attacks via Verifying Embedded External Features. ICML Workshop (oral, TOP 10%), 2021.[Link]
Yiming Li, Ziqi Zhang, Jiawang Bai, Baoyuan Wu, Yong Jiang, Shu-Tao Xia. Open-sourced Dataset Protection via Backdoor Watermarking. NeurIPS Workshop, 2020. [arXiv][Code][Poster]
Yiming Li*, Jiawang Bai*, Jiawei Li, Chun Li, Yong Jiang, Xue Yang, Shu-Tao Xia. Multinomial Random Forest: Toward Consistency and Privacy-Preservation. Under Review, 2020. [arXiv][Code]

Technical Reports and Invited Talks

Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li, Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security (in Chinese), 2020/09/18. [Download] [Media1] [Media2] [Media3] [Media4] [Media5] [Media6]…
A Brief Introduction of Backdoor Learning, Southwest Jiaotong University, 2021/04/12. [Slides]
Backdoor Attack: A New Security Threat towards the Training of DNNs, AI Drive (online), 2021/01/20. [Slides][Video]
A Brief Introduction of Backdoor Learning, The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), 2020/12/05. [Slides]
How to Improve Model Robustness via Adopting Unlabeled Data, CCF Young Computer Scientists & Engineers Forum, Shenzhen (CCF-YOCSEF-SZ), 2020/08/22. [Slides]

Work Experiences

Research Intern (Talent Program), Ant Security Lab, Alibaba Group, June 2021 - Present
- Working on AI Security
Visiting Ph.D. Student (online), The Chinese University of Hong Kong, Shenzhen (CUHK-SZ), Dec 2020 - Apr 2021
- Working on Backdoor Learning
- Supervisor: Dr. Baoyuan Wu, Associate Professor
Research Intern, Tencent AI Lab, Jul 2019 - Oct 2020
- Supported by the Tencent Rhino-bird Elite Training Program, working on AI Security
- Mentor: Dr. Baoyuan Wu, Principle Research Scientist
- Partly involved in the Tencent technical report, The ATT&CK Matrix of AI Security (in Chinese) [Link] [News]. Mainly responsible for backdoor-related sections and report editing.
Intern, Department of Vision Technology, OPPO, May 2019 - Jun 2019
- Supported by the TBSI Capstone Project, working on human instance segmentation
- Mentor: Haidong Huang, Senior Algorithm Engineer
Intern, Department of Quantitative Investment, Wukong Investment Management Company, July 2018 - Sept 2018
- Working on ML-based algorithms development in high-frequency trading
- Mentor: Dr. Xinji Liu, Deputy Manager of Quantitative Investment Department

Teaching

Spring, 2021. TA in Optimization Theory and Machine Learning, instructed by Prof. Somayeh Sojoudi.

Awards and Honors

Best Student Research Award of TBSI Workshop on Data Science (TOP-1), 2019.
Outstanding Undergraduate Thesis Award in Ningbo University (TOP 5%), 2018.
First Prize of Chinese Mathematics Competition (TOP 3%), 2016.
First Prize of China Undergraduate Mathematical Contest in Modeling (TOP 1%), 2015.
Tsinghua ‘Future Scholar’ Ph.D. Scholarship (TOP-2 in TBSI), 2020.
Tencent Rhino-bird Elite Training Program (TOP 10%), 2020.
Undergraduate National Scholarship (TOP 1%), 2017.
Outstanding Graduate of Zhejiang Province (TOP 1%), 2018.

Patents

李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 申请号: CN2020101821805, HKS202989-CN)
李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 申请号: CN2020111221249)

Services

Reviewer, IEEE Transactions on Industrial Informatics (TII), IEEE Transactions on Circuits and Systems for Video Technology (TCSVT), Neurocomputing
Program Committee Member, NeurIPS, ICML, CVPR, AISTATS, AAAI, IJCAI, ICONIP, ISPA
Executive Chairman Committee Member, TBSI Workshop on Data Science (TBSI-WODS), 2019
Lecturer and Consultant (paper writing and submission track), Academic Servicing Center of Tsinghua University, 2021
Secretary of Masters Thesis Committee, Tsinghua-Berkeley Shenzhen Institute, 2021.

Yiming Li