Faculty
Xiao Zhang is a tenure-track faculty at CISPA Helmholtz Center for Information Security. His research covers topics such as adversarial machine learning, statistical machine learning and optimization. He is particularly intersted in understanding the misbehavior of machine learning models against different adversaries and designing robust systems for various machine learning applications. He received his Ph.D. degree in computer science from University of Virginia, advised by Prof. David Evans in 2022. Prior to that, he obtained his M.S. degree from Department of Statistics at University of Virginia and obtained his B.S. degree in Mathematics from Tsinghua University. He is also a member of the European Laboratory for Learning and Intelligent Systems (ELLIS).
Annual Meeting of the Association for Computational Linguistics (ACL)
IEEE Conference on Secure and Trustworthy Machine Learning (SaTML)
Efficient Semi-Supervised Adversarial Training via Latent Clustering-Based Data Reduction
Conference on Neural Information Processing Systems (NeurIPS)
GASP: Efficient Black-Box Generation of Adversarial Suffixes for Jailbreaking LLMs
IEEE International Conference on Computer Vision (ICCV)
IAP: Invisible Adversarial Patch Attack through Perceptibility-Aware Localization and Perturbation Optimization
ACM Conference on Computer and Communications Security (CCS)
DivTrackee versus DynTracker: Promoting Diversity in Anti-Facial Recognition against Dynamic FR Strategy
Workshop for Research on Agent Language Models at the 63rd Annual Meeting of the Association for Computational Linguistics (ACL)
Safe in Isolation, Dangerous Together: Agent-Driven Multi-Turn Decomposition Jailbreaks on LLMs
International Conference on Machine Learning (ICML)
Provably Cost-Sensitive Adversarial Defense via Randomized Smoothing
ICLR-Workshop (ICLRW)
PREDICTING TIME-VARYING METABOLIC DYNAMICS USING STRUCTURED NEURAL ODE PROCESSES
IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)
DiffPAD: Denoising Diffusion-Based Adversarial Patch Decontamination
Transactions on Machine Learning Research (TMLR) Do Parameters Reveal More than Loss for Membership Inference?