I am currently a Research Scientist at A*STAR Centre for Frontier AI Research (CFAR), working with Prof. Qing Guo and Prof. Ivor Tsang. Before that, I was a Research Fellow at Nanyang Technological University, working with Prof. Tianwei Zhang and Prof. Yang Liu. Besides, I worked with Prof. Florian Kerschbaum (from University of Waterloo). I received my Ph.D. degree with honors in School of Cyber Science and Technology from University of Science and Technology of China (USTC) in 2022, advised by Prof. Nenghai Yu, Prof. Weiming Zhang, and Prof. Huamin Feng. I also very luckily collaborated closely with Dr. Dongdong Chen (at Microsoft GenAI) and Prof. Jing Liao (at City University of Hong Kong) during my Ph.D. journey.
My research interest includes:
-
AIGC protection and regulation: [AAAI 2022], [NDSS 2024], [AAAI 2024], [CCS 2024], [ICML 2024], [ECCV 2024], [NDSS 2025], [S&P 2025], [NeurIPS 2024]
-
Trustworty AI: [AAAI 2021], [TIP 2022], [AAAI 2023], [MM 2023], [MM 2023], [AAAI 2024], [AAAI 2024], [IJCAI 2024], [ICML 2024], [MM 2024], [USENIX Security 2025]
-
IP protection for AI models: [AAAI 2020], [NeurIPS 2020], [MM 2020], [TPAMI 2021], [TAI 2023], [Springer Book], [TPAMI 2024]
-
IP protection for different modalities: [AAAI 2023], [AAAI 2023], [TKDE 2023]
-
Affective Computing: [MM 2024]
🔥 News
- 2024.10: 🎉🎉 GenderCARE is awarded the Distinguished Artifact Award in CCS 2024. Congrats!
- 2024.09: 🎉🎉 One paper is accepted to NeurIPS 2024. Congrats to Guanlin Li!
- 2024.09: 🎉🎉 One paper is accepted to USENIX Security 2025. Congrats to Junqi Zhang!
- 2024.09: 🎉🎉 One paper is accepted to S&P 2025. Congrats to Boheng Li!
- 2024.08: 🎉🎉 I join the CFAR, A*STAR as a research scientist. Thanks a lot to Prof. Tianwei Zhang for the support at NTU!
- 2024.07: 🎉🎉 One paper is accepted to NDSS 2025. Congrats to Yutong Wu!
- 2024.07: 🎉🎉 Two papers are accepted to ACM MM 2024. Congrats to Yanghao Su and Ruiqi Wang!
- 2024.07: 🎉🎉 One paper is accepted to ECCV 2024. Congrats to Runyi Hu!
- 2024.05: 🎉🎉 Two papers are accepted to ICML 2024. Congrats to Kui Zhang and Weitao Feng!
- 2024.04: 🎉🎉 One paper is accepted to IJCAI 2024. Congrats to Hanlin Gu!
- 2024.04: 🎉🎉 One paper is accepted to CCS 2024. Congrats to Kunsheng Tang!
- 2024.03: 🎉🎉 One paper is accepted to TPAMI. Congrats to myself, Fighting!
- 2023.12: 🎉🎉 Three papers are accepted to AAAI 2024. Congrats to Yi Xie, Yihao Huang, and Xiaojian Yuan!
- 2023.12: 🎉🎉 One paper is accepted to ICASSP 2024. Congrats to Prof. Wenbo Zhou!
- 2023.11: 🎉🎉 One paper is accepted to NDSS 2024. Congrats to Chang Liu!
📝 Publications
ART: Automatic Red-teaming for Text-to-Image Models to Protect Benign Users
Guanlin Li, Kangjie Chen, Shudong Zhang, Jie Zhang, Tianwei Zhang
The Ghost Navigator: Revisiting the Hidden Vulnerability of Localization in Autonomous Driving
Junqi Zhang, Shaoyin Cheng, Linqing Hu, Jie Zhang, Chengyu Shi, Xingshuo Han, Tianwei Zhang, Yueqiang Cheng, Weiming Zhang
Boheng Li, Yanhao Wei, Yankai Fu, Zhenting Wang, Yiming Li, Jie Zhang [Corresponding Author], Run Wang, Tianwei Zhang
THEMIS: Regulating Textual Inversion for Personalized Concept Censorship
Yutong Wu, Jie Zhang [Corresponding Author], Florian Kerschbaum, and Tianwei Zhang
Model X-ray : Detecting Backdoored Models via Decision Boundary
Yanghao Su, Jie Zhang [Corresponding Author], Ting Xu, Tianwei Zhang, Weiming Zhang, and Nenghai Yu
FacialPulse: An Efficient RNN-based Depression Detection via Temporal Facial Landmarks
Ruiqi Wang, Jinyang Huang, Jie Zhang [Corresponding Author], Xin Liu, Xiang Zhang, Zhi Liu, Peng Zhao, Sigui Chen, and Xiao Sun
[Code-TBD] [Oral (3.97%)]
Robust-Wide: Robust Watermarking against Instruction-driven Image Editing
Runyi Hu, Jie Zhang [Corresponding Author], Ting Xu, Tianwei Zhang, and Jiwei Li
AquaLoRA: Toward White-box Protection for Customized Stable Diffusion Models via Watermark LoRA
Weitao Feng, Wenbo Zhou, Jiyan He, Jie Zhang [Corresponding Author], Tianyi Wei, Guanlin Li, Tianwei Zhang, Weiming Zhang, and Nenghai Yu
Kui Zhang, Hang Zhou, Jie Zhang, Wenbo Zhou, Weiming Zhang, Nenghai Yu
Unlearning during Learning: An Streamlined Federated Machine Unlearning Method
Hanlin Gu, Gongxi Zhu, Jie Zhang, Yuxing Han, Lixin Fan, Qiang Yang
Kunsheng Tang, Wenbo Zhou, Jie Zhang [Corresponding Author], Aishan Liu, Gelei Deng, Shuai Li, Peigui Qi, Weiming Zhang, Tianwei Zhang, Nenghai Yu
Robust Model Watermarking for Image Processing Networks via Structure Consistency
Jie Zhang, Dongdong Chen, Jing Liao, Zehua Ma, Han Fang, Weiming Zhang, Hua Gang, Nenghai Yu
SAME: Sample Reconstruction Against Model Extraction Attacks
Yi Xie, Jie Zhang, Shiqian Zhao, Tianwei Zhang, Xiaofeng Chen
Personalization as a Shortcut for Few-Shot Backdoor Attack against Text-to-Image Diffusion Models
Yihao Huang, Felix Juefei-Xu, Qing Guo, Jie Zhang, Yutong Wu, Ming Hu, Tianlin Li, Geguang Pu, Yang Liu
Data-Free Hard-Label Robustness Stealing Attack
Xiaojian Yuan, Kejiang Chen, Wen Huang, Jie Zhang, Weiming Zhang, Nenghai Yu
Attribute-Aware Head Swapping Guided by 3d Modeling
Wenbo Zhou, Dongdong Chen, Jing Liao, Jie Zhang, Kejiang Chen, Weiming Zhang, Nenghai Yu
Detecting Voice Cloning Attacks via Timbre Watermarking
Chang Liu, Jie Zhang [Corresponding Author], Tianwei Zhang, Xi Yang, Weiming Zhang, Nenghai Yu
Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Nenghai Yu
A Robust Database Watermarking Scheme That Preserves Statistical Characteristics
Zhiwen Ren, Han Fang, Jie Zhang, Zehua Ma, Ronghao Lin, Weiming Zhang, Nenghai Yu
ProTegO: Protect Text Content against OCR Extraction Attack
Yanru He, Kejiang Chen, Guoqiang Chen, Zehua Ma, Kui Zhang, Jie Zhang, Huanyu Bian, Han Fang, Weiming Zhang, Nenghai Yu
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion
Kui Zhang, Hang Zhou, Jie Zhang, Qidong Huang, Weiming Zhang, and Nenghai Yu
Model Access Control Based on Hidden Adversarial Examples for Automatic Speech Recognition
Haozhe Chen, Jie Zhang [Corresponding Author], Kejiang Chen, Weiming Zhang, Nenghai Yu
AutoStegaFont: Synthesizing Vector Fonts for Hiding Information in Documents
Xi Yang, Jie Zhang [equal contribution], Han Fang, Zehua Ma, Chang Liu, Weiming Zhang, Nenghai Yu
DeAR: A Deep-learning-based Audio Re-cording Resilient Watermarking
Chang Liu, Jie Zhang [equal contribution], Han Fang, Zehua Ma, Weiming Zhang, Nenghai Yu
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network
Xiaojian Yuan, Kejiang Chen, Wen Huang, Jie Zhang, Weiming Zhang, Nenghai Yu
Tracing Text Provenance via Context-Aware Lexical Substitution
Xi Yang, Jie Zhang [Corresponding Author], Kejiang Chen, Weiming Zhang, Zehua Ma, Feng Wang, Nenghai Yu
Poison Ink: Robust and Invisible Backdoor Attack
Jie Zhang, Dongdong Chen, Jing Liao, Qidong Huang, Hua Gang, Weiming Zhang, Nenghai Yu
Deep Model Intellectual Property Protection via Deep Watermarking
Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Hua Gang, Huamin Feng, Nenghai Yu
Initiative defense against facial manipulation
Qidong Huang, Jie Zhang [equal contribution], Wenbo Zhou, Weiming Zhang, Nenghai Yu
Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication
Xiquan Guan, Huamin Feng, Weiming Zhang, Hang Zhou, Jie Zhang, Nenghai Yu
Passport-aware Normalization for Deep Model Protection
Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Hua Gang, Nenghai Yu
Model Watermarking for Image Processing Networks
Jie Zhang, Dongdong Chen, Jing Liao, Han Fang, Weiming Zhang, Wenbo Zhou, Hao Cui, Nenghai Yu
🎖 Honors and Awards
- 2024.10 Distinguished Artifact Award, CCS, 2024
- 2021.12 National Scholarship for Doctoral Students, China.
- 2020.12 Cyberspace Science Scholarship (funded by Academician Xiaomo Wang), China.
📖 Educations
- 2017.06 - 2022.06, PhD of Cyber Science, University of Science and Technology of China.
- 2013.09 - 2017.06, Bachelor of Electrical Engineering and Automation, China University of Geosciences (Beijing).
💬 Invited Talks
- 2024.08, Trustworthy Generative AI, at CFAR, A*STAR | [slide]
- 2024.04, AIGC Security, at Nanyang Technological University | [slide]
- 2023.11, IP Protection on Deep Models and Data, at Shanghai Jiao Tong University | [poster]
- 2023.09, Model IP Protection, at University of Science and Technology of China | [slide]
💻 Internships
- 2019.06 - 2019.08, Pvmed Research, China.