Selected Publications and Preprints
Please refer to the Google Scholar for my full paper list.
Selected Preprints
- MOVE: Effective and Harmless Ownership Verification via Embedded External Features
Yiming Li, Linghui Zhu, Xiaojun Jia, Yang Bai, Yong Jiang, Shu-Tao Xia, Xiaochun Cao.
Under Review by IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2022. (The journal extension of our AAAI’22 conference paper)
[Code]
Selected Conference and Workshop Papers
BackdoorBox: A Python Toolbox for Backdoor Learning
Yiming Li, Mengxi Ya, Yang Bai, Yong Jiang, Shu-Tao Xia.
ICLR BANDS Workshop, 2023.
[Code]SCALE-UP: An Efficient Black-box Input-level Backdoor Detection via Analyzing Scaled Prediction Consistency
Junfeng Guo, Yiming Li (co-first author), Xun Chen, Hanqing Guo, Lichao Sun, Cong Liu.
International Conference on Learning Representations (ICLR), 2023.
[Code]Revisiting the Assumption of Latent Separability for Backdoor Defenses
Xiangyu Qi, Tinghao Xie, Yiming Li (corresponding author), Saeed Mahloujifar, Prateek Mittal.
International Conference on Learning Representations (ICLR), 2023.
[Code]Poisoning-based Backdoor Attacks in Computer Vision
Yiming Li.
AAAI Conference on Artificial Intelligence (AAAI), 2023. (Doctoral Consortium)
[Slides]Generating Transferable 3D Adversarial Point Cloud via Random Perturbation Factorization
Bangyan He, Jian Liu, Yiming Li, Siyuan Liang, Jingzhi Li, Xiaojun Jia, Xiaochun Cao.
AAAI Conference on Artificial Intelligence (AAAI), 2023. (To Appear)
[Code]Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection
Yiming Li, Yang Bai, Yong Jiang, Yong Yang, Shu-Tao Xia, Bo Li.
Annual Conference on Neural Information Processing Systems (NeurIPS), 2022. (Oral, TOP 2%)
[Code] [Poster] [Slides] [Video]Few-Shot Backdoor Attacks on Visual Object Tracking
Yiming Li, Haoxiang Zhong, Xingjun Ma, Yong Jiang, Shu-Tao Xia.
International Conference on Learning Representations (ICLR), 2022.
[Code] [Poster] [Slides] [Video]Backdoor Defense via Decoupling the Training Process
Kunzhe Huang, Yiming Li (co-first author), Baoyuan Wu, Zhan Qin, Kui Ren.
International Conference on Learning Representations (ICLR), 2022.
[Code] [Poster] [Slides] [Video]Defending against Model Stealing via Verifying Embedded External Features
Yiming Li, Linghui Zhu, Xiaojun Jia, Yong Jiang, Shu-Tao Xia, Xiaochun Cao.
AAAI Conference on Artificial Intelligence (AAAI), 2022. (Best Paper of Adversarial for Good Award, ICML’21 AdvML Workshop)
[Code] [Poster] [Slides] [Video] [Workshop Version]Backdoor Attack against Speaker Verification
Tongqing Zhai, Yiming Li (co-first author, corresponding author), Ziqi Zhang, Baoyuan Wu, Yong Jiang, Shu-Tao Xia.
International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021.
[Code] [Poster] [Slides] [Video]Backdoor Attack in the Physical World
Yiming Li, Tongqing Zhai, Yong Jiang, Zhifeng Li, Shu-Tao Xia.
ICLR RobustML Workshop, 2021.
[Code]Invisible Backdoor Attack with Sample-Specific Triggers
Yuezun Li, Yiming Li (first student author), Baoyuan Wu, Longkang Li, Ran He, Siwei Lyu.
International Conference on Computer Vision (ICCV), 2021.
[Code]Targeted Attack against Deep Neural Networks via Flipping Limited Weight Bits
Jiawang Bai, Baoyuan Wu, Yong Zhang, Yiming Li, Zhifeng Li, Shu-Tao Xia.
International Conference on Learning Representations (ICLR), 2021.
[Code] [Poster] [Video]Targeted Attack for Deep Hashing based Retrieval
Jiawang Bai, Bin Chen, Yiming Li (co-first author), Dongxian Wu, Weiwei Guo, Shu-Tao Xia, Enhui Yang.
European Conference on Computer Vision (ECCV), 2020. (Oral, TOP 2%)
[Code] [Slides]
Selected Journal Papers
Black-box Dataset Ownership Verification via Backdoor Watermarking
Yiming Li, Mingyan Zhu, Xue Yang, Yong Jiang, Tao Wei, Shu-Tao Xia.
IEEE Transactions on Information Forensics and Security (TIFS), 2023.
[Code] [Workshop Version]Not All Samples Are Born Equal: Towards Effective Clean-Label Backdoor Attacks
Yinghua Gao, Yiming Li (co-first author, corresponding author), Linghui Zhu, Dongxian Wu, Yong Jiang, Shu-Tao Xia.
Pattern Recognition, 2023.Backdoor Learning: A Survey
Yiming Li (corresponding author), Yong Jiang, Zhifeng Li, Shu-Tao Xia.
IEEE Transactions on Neural Networks and Learning Systems (TNNLS), 2022.
[Github Resources]Semi-supervised Robust Training with Generalized Perturbed Neighborhood
Yiming Li, Baoyuan Wu, Yan Feng, Yanbo Fan, Yong Jiang, Zhifeng Li, Shu-Tao Xia.
Pattern Recognition, 2022. (Best Student Research Award, TBSI-WODS’19)
[Code]Multinomial Random Forest
Jiawang Bai, Yiming Li (co-first author), Jiawei Li, Xue Yang, Yong Jiang, Shu-Tao Xia.
Pattern Recognition, 2022.
[Code]A Fine-grained Differentially Private Federated Learning against Leakage from Gradients
Linghui Zhu, Xinyi Liu, Yiming Li, Xue Yang, Shu-Tao Xia, Rongxing Lu.
IEEE Internet of Things Journal (IoT Journal), 2022.
[Code]
Books and Technical Reports
Chapter 4: The Robust and Harmless Model Watermarking
Yiming Li, Linghui Zhu, Yang Bai, Yong Jiang, Shu-Tao Xia.
Digital Watermarking for Machine Learning Models. Springer, 2022. (To Appear)Tencent AI Lab (Baoyuan Wu, Yanbo Fan, Yong Zhang, Yiming Li (first and only student author), Zhifeng Li, Wei Liu), Tencent Zhuque Lab (viking, jifengzhu, allenszch, ucasjh, dylan, xunsu). The ATT&CK Matrix of AI Security, 2020/09/18. [Download] [Website][Media1] [Media2] [Media3] [Media4] [Media5] [Media6]…
Patents
- 李一鸣, 刘焱, 翁海琴, 江勇, 夏树涛. 一种模型的所有权验证方法、装置、存储介质及电子设备. (发明专利,已公开,CN202211146432.4)
- 李一鸣, 刘焱, 钟昊翔, 翁海琴, 江勇, 夏树涛. 一种模型所有权验证方法、装置、存储介质及设备. (发明专利,已公开,CN202211145984.3)
- 李一鸣, 刘焱, 朱玲慧, 翁海琴, 江勇, 夏树涛. 一种模型的所有权验证方法、装置、存储介质及设备. (发明专利,已公开,CN202211146420.1)
- 李一鸣, 白杨, 杨勇, 江勇, 夏树涛. 一种数据处理方法、装置、设备及可读取存储介质. (发明专利,已受理,CN202211102363.7)
- 李一鸣, 白杨, 杨勇, 江勇, 夏树涛. 分类模型的训练方法、数据分类方法、装置、设备及介质. (发明专利,已受理,CN202211138734.7)
- 李一鸣, 邱伟峰, 薛峰, 江勇, 夏树涛. 针对模型解释工具的评测方法和装置. (发明专利, 已授权, CN202111600136.2)
- 李一鸣, 朱玲慧, 邱伟峰, 江勇, 夏树涛. 基于外源特征进行模型所有权验证的方法和装置. (发明专利, 已进入实质审查, CN202111417245.0)
- 李一鸣, 张子琪, 邱伟峰, 江勇, 夏树涛. 用于数据集的所有权验证方法和装置. (发明专利, 已进入实质审查, CN202111407783.1)
- 李一鸣, 刘沛东, 邱伟峰, 江勇, 夏树涛. 用于保护图像样本集的隐私信息的方法和装置. (发明专利, 已进入实质审查, CN202111415199.0)
- 李一鸣, 吴保元, 张勇, 樊艳波, 李志锋, 刘威, 冯岩, 江勇, 夏树涛. 一种图像识别模型的训练方法、图像识别的方法及装置. (发明专利, 已进入实质审查, CN202010182180.5, HKS202989-CN)
- 李一鸣, 吴保元, 江勇, 李志锋, 夏树涛, 刘威. 图像分类模型后门攻击的防御方法、装置、设备及介质. (发明专利, 已进入实质审查, CN202011122124.9)
- 林佳滢, 李一鸣, 翁海琴. 用于图像保护的主动防御方法和装置. (发明专利, 已进入实质审查, CN202111583667.5)