Research interests include:
- Artificial Intelligence Security: Robust/Secure/Private AI systems, including training set poisoning; backdoor in the training set; adversarial examples; model theft; recovery of sensitive training data.
- Hardware Security: Hardware Trojan detection.
- Intellectual Properties Protection of Deep Learning Models.
I have published more than 50 papers in security related journals and international conferences, including IEEE Transactions on Dependable and Secure Computing (CCF A), IEEE Transactions on Emerging Topics in Computing, IEEE Transactions on Artificial Intelligence，IEEE Transactions on Vehicular Technolgy，ACM Transactions on Multimedia Computing Communications and Applications，Computers & Security (CCF B), Journal of Information Security and Applications (CCF C), Security and Communication Networks (CCF C), Applied Intelligence，Peer-to-Peer Networking and Applications (CCF C), IET Computers & Digital Techniques, IEEE Access, Chinese Journal of Computers (CCF Chinese A), Acta Electronica Sinica (CCF Chinese A), and so on. In addition, over 10 papers are under review/arXiv.
Best Paper Award of ICCCS 2015.
IET High-Impact Paper.
IET CDT Editor's Choice Award.
I have also published 1 Book, 10 Patents, and
4 Software Copyrights.
1. One-to-N & N-to-One: Two Advanced Backdoor Attacks against Deep Learning Models. IEEE Transactions on Dependable and Secure Computing. 2020, SCI, CCF A, IF 7.329
2. Intellectual Property Protection for Deep Learning
Models: Taxonomy, Methods, Attacks, and
Evaluations. IEEE Transactions on Artificial Intelligence, 2021.
3. Use the Spear as a Shield: An Adversarial Example based Privacy-Preserving Technique against Membership Inference Attacks. IEEE Transactions on Emerging Topics in Computing，2022，SCI, IF 7.691
4. PRNU-based Image Forgery Localization With Deep Multi-Scale Fusion. ACM Transactions on Multimedia Computing Communications and Applications, 2022, SCI
5. Detection of Recolored Image by Texture Features in Chrominance Components. ACM Transactions on Multimedia Computing, Communications, and Applications. 2022, https://doi.org/10.1145/3571076，SCI
6. LOPA: A Linear Offset Based Poisoning Attack Method Against Adaptive Fingerprint Authentication System. Computers & Security. 99, 2020, 102046, pp.1-13. SCI, CCF B, IF 4.438
7. PTB: Robust Physical Backdoor Attacks against Deep Neural Networks in Real World. Computers & Security, 2022. SCI, CCF B, IF 4.438
8. Dataset Authorization Control: Protect the Intellectual Property of Dataset via Reversible Feature Space Adversarial Examples. Applied Intelligence. 2022. SCI, IF 5.086.
9. Active Intellectual Property Protection for Deep Neural Networks through Stealthy Backdoor and Users' Identities Authentication. Applied Intelligence, 2022. SCI, IF 5.086
10. NaturalAE: Natural and robust physical adversarial examples for object detectors. Journal of Information Security and Applications. 57 (2021) 102694, 1-12. SCI, CCF C, IF 3.872
11. Backdoors Hidden in Facial Features: A Novel Invisible Backdoor Attack against Face Recognition Systems. Peer-to-Peer Networking and Applications. Peer-to-Peer Networking and Applications. 2021, 14:1458–1474. SCI, CCF C, IF 3.307
12. SocialGuard: An Adversarial Example Based Privacy-Preserving Technique for Social Images. Journal of Information Security and Applications. 2021. SCI, CCF C, IF 3.872
13. Ten years of hardware Trojans: a survey from the attacker's perspective. IET Computers & Digital Techniques. 2020, Vol. 14, Iss. 6, pp. 231-246. SCI
14. DPAEG: A Dependency Parse Based Adversarial Examples Generation Method for Intelligent Q&A Robots. Security and Communication Networks. 2020, Volume 2020, Article ID 5890820:1-15. SCI, CCF C
15. Machine Learning Security: Threats, Countermeasures, and Evaluations. IEEE Access, 2020, Vol 8, pp. 74720-74742. SCI
16. Active DNN IP Protection: A Novel User Fingerprint Management and DNN Authorization Control Technique. The 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), 2020. EI, CCF C
17. DNN Intellectual Property Protection: Taxonomy, Attacks and Evaluations (Invited Paper). In Proceedings of the Great Lakes Symposium on VLSI 2021 (GLSVLSI '21), accepted. EI, CCF C, Session invited presentation and Invited Paper
18. Robust Backdoor Attacks against Deep Neural Networks in Real Physical World. The 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2021). EI, CCF C
19. Detect and Remove Watermark in Deep Neural Networks via Generative Adversarial Networks. 24th Information Security Conference (ISC) 2021. EI, CCF C, Accept rate 24%.
20. Sample-Specific Backdoor based Active Intellectual Property Protection for Deep Neural Networks. AICAS， 2022. EI， Special Session Invited talk and invited paper.
21. Embedding Backdoors as the Facial Features: Invisible Backdoor Attacks Against Face Recognition Systems. ACM TURC'20: Proceedings of the ACM Turing Celebration Conference - China. May 2020, Pages 231–235. EI, Selected for extension to journals.
22. ActiveGuard: Active Intellectual Property Protection for Deep Neural Networks via Adversarial Examples based User Fingerprinting. AAAI 2022 workshop, International Workshop on Practical Deep Learning in the Wild. EI
ArXiv (Preprint)/Under review, 2020-2022:
1. 3D Invisible Cloak. (2020)
2. AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption (2021)
3. Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations (2021)
4. Compression-Resistant Backdoor Attack against Deep Neural Networks
5. Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks
6. Adaptive 3D Mesh Steganography Based on Feature-Preserving Distortion (2021)
and so on.
2019 and earlier:
Please refer to
Google Scholar, and so on.
- 2014/5 – now, College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Faculty
- 2011/7 - 2012/7, School of electrical and electronic engineering, Nanyang Technological University, Singapore, Research intern, Supvisor: Prof. Chang Chip-Hong, IEEE Fellow
- 2010/9 - 2014/4, Information and Communication Engineering (Information security), Southeast University, Ph.D, Supvisor: Prof. Hu Aiqun
- 2008/9 - 2010/7, Information and Communication Engineering (Information security), Southeast University, Master, Supvisor: Prof. Hu Aiqun
- 2004/9 - 2008/7, Electronic and Information Engineering, Southwest Jiaotong University, Bachelor
(Special Grade Scholarship for 4 times)
Principal Investigator of Projects/Fundings:
- National Natural Science Foundation of China;
- CCF - NSFOCUS Kunpeng research plan funding (2021, Only 14 people won that award);
- CCF - VENUSTECH Hongyan research plan funding (2016, Only 16 people won that award);
- CCF - NSFOCUS Kunpeng research plan funding (2017, Only 11 people won that award);
- Natural Science Foundation of Jiangsu Province;
- Project of Institute of Chinese Aerospace 503;
- Chinese Postdoctoral Science Foundation;
- Jiangsu Province Postdoctoral Science Foundation;
- Project of CETC 30;
- Open Project Foundation of Information Technology Research Base of Civil Aviation Administration of China;
- The Fundamental Research Funds for the Central Universities;
- Three Teaching Projects;
14-15. Two National Natural Science Foundation of China Projects;
17. One Teaching Project;
- Committee member of the Chinese Artificial Intelligence and Security Professional Committee;
- Executive Committee Member of ACM Nanjing branch;
- Committee Member of the Digital Media Forensics and Security Committee of the China Society of Image and Graphics;
- China Artificial Intelligence Society Youth Working Committee Member;
- Committee member of Computer network and distributed computing Specialized Committee of Jiangsu Province;
- Publishing Chair of ChinaMFS 2022;
- Program Chair of the 3rd Chinese Symposium on Hardware Security;
- Committee member of Intelligence and Security Committee of Jiangsu Artificial Intelligence Society;
- Committee member of Data Security Special Committee of Jiangsu Cyberspace Security Society;
- IEEE Senior Member, CCF Senior Member, ACM member, CAAI member, CSIG member;
Technical Program Committee (TPC)
- 2015: ICCCS2015；CBD2015;
- 2016: CBD2016;
- 2017: IEEE GLOBECOM2017;
- 2018: IEEE GLOBECOM2018；CBD2018；IEEE COMNETSAT2018；全国硬件安全论坛;
- 2019: IEEE GLOBECOM2019；IEEE COMNETSAT2019；IEEE GCC2019；IEEE MENACOMM'19；SSCC-2019；3ICT'19；CFTC2019；ICCCN2019-BDMLS workshop；CBD 2019；SSCC-CIS-2019；
- 2020: ICCCN-BDMLS workshop2020；CCF CTC2020；CBD2020；ACM TURC 2020；3ICT2020；Globecom2020； ATS 2020
- 2021: ACM TURC 2021；AITS 2021；SIoTEC 2021；ATS 2021；Globecom2021 CISS；CBD2021
- 2022: Globecom2022 CISS TPC；AITS2022；ATS2022；CBD2022；
- IEEE Transactions on Information Forensics & Security;
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems;
IEEE Transactions on Circuits and Systems I: Regular Papers.
IEEE Transactions on Circuits and Systems II: Express Briefs.
IEEE Transactions on Emerging Topics in Computing;
IEEE Transactions on Artificial Intelligence;
- IEEE Transactions on Software Engineering;
ACM Transactions on Design Automation of Electronic Systems;
- IEEE Embedded Systems Letters;
- IEEE Access;
ACM Journal on Emerging Technologies in Computing Systems;
IET Computers & Digital Techniques;
IET Cyber-Physical Systems: Theory & Applications;
Computers and Security;
Journal of Information Security and Applications;
Future Generation Computer Systems;
Integration, the VLSI Journal；
Peer-to-Peer Networking and Applications；
Security and Communication Networks；
- Computer Modeling in Engineering and Sciences；
Wireless Communications and Mobile Computing；
International Journal of Distributed Sensor Networks;
- Journal of Intelligent & Fuzzy Systems;
- ICT Express;
Microprocessors and Microsystems;
EURASIP Journal on Wireless Communications and Networking；
Journal of Semiconductors;
Journal of King Saud University - Computer and Information Sciences；
Journal of Sensors ；
IETE Journal of Research;
Information Security Journal: A Global Perspective；
International Journal of Automation and Computing；
Software: Practice and Experience；
Recent Patents on Computer Science;
Recent Patents on Engineering;
Recent Advances in Computer Science and Communications;
Journal of Current Science and Technology；
Review applications for the Estonian Research Council（评审爱沙尼亚研究委员会基金）
- 计算机科学（CCF中文 B 类）；
- 2013: IEEE WCNC;
- 2015: ICCCS2015, CBD2015;
- 2016: CHES2016, CBD2016;
- 2017: IEEE ISCAS2017, IEEE MWSCAS2017, IEEE ASAP2017, ISPACS2017, CBD2017,IEEE GLOBECOM2017;
- 2018: IEEE GLOBECOM2018, IEEE MWSCAS2018, CBD2018;
- 2019: IEEE ISCAS2019； ISVLSI 2019； IEEE MWSCAS 2019； CFTC2019； IEEE MENACOMM'19； ICCCN2019-BDMLS workshop； MLICOM 2019； IEEE Globecom2019； IEEE COMNETSAT 2019； CBD 2019； 3ICT'19；SSCC-2019；
- 2020: ISCAS2020； ICCCN-BDMLS workshop2020； ACM TURC 2020； CCF CTC2020； Globecom2020； CBD2020； AJCAI2020； 3ICT2020；ATS 2020；
- 2021: AITS 2021； SIoTEC 2021； ATS 2021； Globecom2021 CISS；CBD2021；
- 2022: ISCAS 2022；Globecom2022 CISS； CVPR 2022； ECCV 2022; ATS 2022； CBD2022； 3rd CSIG ChinaMFS 2022；
- 2023: CVPR 2023 ；