I am currently a Research Scientist at A*STAR Centre for Frontier AI Research (CFAR), working with Prof. Qing Guo and Prof. Ivor Tsang. Before that, I was a Research Fellow at Nanyang Technological University, working with Prof. Tianwei Zhang and Prof. Yang Liu. Besides, I worked with Prof. Florian Kerschbaum (from University of Waterloo). I received my Ph.D. degree with honors in School of Cyber Science and Technology from University of Science and Technology of China (USTC) in 2022, advised by Prof. Nenghai Yu, Prof. Weiming Zhang, and Prof. Huamin Feng. I also very luckily collaborated closely with Dr. Dongdong Chen (at Microsoft GenAI) and Prof. Jing Liao (at City University of Hong Kong) during my Ph.D. journey.

My research interest includes:

🔥 News

  • 2024.09:  🎉🎉 One paper is accepted to NeurIPS 2024. Congrats to Guanlin Li!
  • 2024.09:  🎉🎉 One paper is accepted to USENIX Security 2025. Congrats to Junqi Zhang!
  • 2024.09:  🎉🎉 One paper is accepted to S&P 2025. Congrats to Boheng Li!
  • 2024.08:  🎉🎉 I join the CFAR, A*STAR as a research scientist. Thanks a lot to Prof. Tianwei Zhang for the support at NTU!
  • 2024.07:  🎉🎉 One paper is accepted to NDSS 2025. Congrats to Yutong Wu!
  • 2024.07:  🎉🎉 Two papers are accepted to ACM MM 2024. Congrats to Yanghao Su and Ruiqi Wang!
  • 2024.07:  🎉🎉 One paper is accepted to ECCV 2024. Congrats to Runyi Hu!
  • 2024.05:  🎉🎉 Two papers are accepted to ICML 2024. Congrats to Kui Zhang and Weitao Feng!
  • 2024.04:  🎉🎉 One paper is accepted to IJCAI 2024. Congrats to Hanlin Gu!
  • 2024.04:  🎉🎉 One paper is accepted to CCS 2024. Congrats to Kunsheng Tang!
  • 2024.03:  🎉🎉 One paper is accepted to TPAMI. Congrats to myself, Fighting!
  • 2023.12:  🎉🎉 Three papers are accepted to AAAI 2024. Congrats to Yi Xie, Yihao Huang, and Xiaojian Yuan!
  • 2023.12:  🎉🎉 One paper is accepted to ICASSP 2024. Congrats to Prof. Wenbo Zhou!
  • 2023.11:  🎉🎉 One paper is accepted to NDSS 2024. Congrats to Chang Liu!

📝 Publications

NeurIPS 2024
sym

ART: Automatic Red-teaming for Text-to-Image Models to Protect Benign Users

Guanlin Li, Kangjie Chen, Shudong Zhang, Jie Zhang, Tianwei Zhang

USENIX Security 2025
sym

The Ghost Navigator: Revisiting the Hidden Vulnerability of Localization in Autonomous Driving

Junqi Zhang, Shaoyin Cheng, Linqing Hu, Jie Zhang, Chengyu Shi, Xingshuo Han, Tianwei Zhang, Yueqiang Cheng, Weiming Zhang

S&P 2025
sym

Towards Reliable Verification of Unauthorized Data Usage in Personalized Text-to-Image Diffusion Models

Boheng Li, Yanhao Wei, Yankai Fu, Zhenting Wang, Yiming Li, Jie Zhang [Corresponding Author], Run Wang, Tianwei Zhang

NDSS 2025
sym

THEMIS: Regulating Textual Inversion for Personalized Concept Censorship

Yutong Wu, Jie Zhang [Corresponding Author], Florian Kerschbaum, and Tianwei Zhang

[Code]

MM 2024
sym

Model X-ray : Detecting Backdoored Models via Decision Boundary

Yanghao Su, Jie Zhang [Corresponding Author], Ting Xu, Tianwei Zhang, Weiming Zhang, and Nenghai Yu

[Code-TBD]

MM 2024
sym

FacialPulse: An Efficient RNN-based Depression Detection via Temporal Facial Landmarks

Ruiqi Wang, Jinyang Huang, Jie Zhang [Corresponding Author], Xin Liu, Xiang Zhang, Zhi Liu, Peng Zhao, Sigui Chen, and Xiao Sun

[Code-TBD] [Oral (3.97%)]

ECCV 2024
sym

Robust-Wide: Robust Watermarking against Instruction-driven Image Editing

Runyi Hu, Jie Zhang [Corresponding Author], Ting Xu, Tianwei Zhang, and Jiwei Li

[Code]

ICML 2024
sym

AquaLoRA: Toward White-box Protection for Customized Stable Diffusion Models via Watermark LoRA

Weitao Feng, Wenbo Zhou, Jiyan He, Jie Zhang [Corresponding Author], Tianyi Wei, Guanlin Li, Tianwei Zhang, Weiming Zhang, and Nenghai Yu

[Code]

ICML 2024
sym
IJCAI 2024
sym

Unlearning during Learning: An Streamlined Federated Machine Unlearning Method

Hanlin Gu, Gongxi Zhu, Jie Zhang, Yuxing Han, Lixin Fan, Qiang Yang

[Code]

CCS 2024
sym

GenderCARE: A Comprehensive Framework for Assessing and Reducing Gender Bias in Large Language Models

Kunsheng Tang, Wenbo Zhou, Jie Zhang [Corresponding Author], Aishan Liu, Gelei Deng, Shuai Li, Peigui Qi, Weiming Zhang, Tianwei Zhang, Nenghai Yu

[Code]

TPAMI 2024
sym

Robust Model Watermarking for Image Processing Networks via Structure Consistency

Jie Zhang, Dongdong Chen, Jing Liao, Zehua Ma, Han Fang, Weiming Zhang, Hua Gang, Nenghai Yu

AAAI 2024
sym

SAME: Sample Reconstruction Against Model Extraction Attacks

Yi Xie, Jie Zhang, Shiqian Zhao, Tianwei Zhang, Xiaofeng Chen

AAAI 2024
sym

Personalization as a Shortcut for Few-Shot Backdoor Attack against Text-to-Image Diffusion Models

Yihao Huang, Felix Juefei-Xu, Qing Guo, Jie Zhang, Yutong Wu, Ming Hu, Tianlin Li, Geguang Pu, Yang Liu

[Code]

AAAI 2024
sym

Data-Free Hard-Label Robustness Stealing Attack

Xiaojian Yuan, Kejiang Chen, Wen Huang, Jie Zhang, Weiming Zhang, Nenghai Yu

[Code]

ICASSP 2024
sym

Attribute-Aware Head Swapping Guided by 3d Modeling

Wenbo Zhou, Dongdong Chen, Jing Liao, Jie Zhang, Kejiang Chen, Weiming Zhang, Nenghai Yu

NDSS 2024
sym

Detecting Voice Cloning Attacks via Timbre Watermarking

Chang Liu, Jie Zhang [Corresponding Author], Tianwei Zhang, Xi Yang, Weiming Zhang, Nenghai Yu

[Project]

TKDE 2023
sym

A Robust Database Watermarking Scheme That Preserves Statistical Characteristics

Zhiwen Ren, Han Fang, Jie Zhang, Zehua Ma, Ronghao Lin, Weiming Zhang, Nenghai Yu

MM 2023
sym

ProTegO: Protect Text Content against OCR Extraction Attack

Yanru He, Kejiang Chen, Guoqiang Chen, Zehua Ma, Kui Zhang, Jie Zhang, Huanyu Bian, Han Fang, Weiming Zhang, Nenghai Yu

[Code]

MM 2023
sym

Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion

Kui Zhang, Hang Zhou, Jie Zhang, Qidong Huang, Weiming Zhang, and Nenghai Yu

[Code]

TAI 2023
sym

Model Access Control Based on Hidden Adversarial Examples for Automatic Speech Recognition

Haozhe Chen, Jie Zhang [Corresponding Author], Kejiang Chen, Weiming Zhang, Nenghai Yu

AAAI 2023
sym

AutoStegaFont: Synthesizing Vector Fonts for Hiding Information in Documents

Xi Yang, Jie Zhang [equal contribution], Han Fang, Zehua Ma, Chang Liu, Weiming Zhang, Nenghai Yu

[Demo]

AAAI 2023
sym

DeAR: A Deep-learning-based Audio Re-cording Resilient Watermarking

Chang Liu, Jie Zhang [equal contribution], Han Fang, Zehua Ma, Weiming Zhang, Nenghai Yu

AAAI 2023
sym

Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network

Xiaojian Yuan, Kejiang Chen, Wen Huang, Jie Zhang, Weiming Zhang, Nenghai Yu

[Code]

AAAI 2022
sym

Tracing Text Provenance via Context-Aware Lexical Substitution

Xi Yang, Jie Zhang [Corresponding Author], Kejiang Chen, Weiming Zhang, Zehua Ma, Feng Wang, Nenghai Yu

TIP 2022
sym

Poison Ink: Robust and Invisible Backdoor Attack

Jie Zhang, Dongdong Chen, Jing Liao, Qidong Huang, Hua Gang, Weiming Zhang, Nenghai Yu

[Code]

TPAMI 2021
sym

Deep Model Intellectual Property Protection via Deep Watermarking

Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Hua Gang, Huamin Feng, Nenghai Yu

[Code]

AAAI 2021
sym

Initiative defense against facial manipulation

Qidong Huang, Jie Zhang [equal contribution], Wenbo Zhou, Weiming Zhang, Nenghai Yu

[Code]

MM 2020
sym

Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication

Xiquan Guan, Huamin Feng, Weiming Zhang, Hang Zhou, Jie Zhang, Nenghai Yu

NeurIPS 2020
sym

Passport-aware Normalization for Deep Model Protection

Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Hua Gang, Nenghai Yu

[Code]

AAAI 2020
sym

Model Watermarking for Image Processing Networks

Jie Zhang, Dongdong Chen, Jing Liao, Han Fang, Weiming Zhang, Wenbo Zhou, Hao Cui, Nenghai Yu

[Code]

🎖 Honors and Awards

  • 2021.12 National Scholarship for Doctoral Students, China.
  • 2020.12 Cyberspace Science Scholarship (funded by Academician Xiaomo Wang), China.

📖 Educations

  • 2017.06 - 2022.06, PhD of Cyber Science, University of Science and Technology of China.
  • 2013.09 - 2017.06, Bachelor of Electrical Engineering and Automation, China University of Geosciences (Beijing).

💬 Invited Talks

  • 2024.08, Trustworthy Generative AI, at CFAR, A*STAR | [slide]
  • 2024.04, AIGC Security, at Nanyang Technological University | [slide]
  • 2023.11, IP Protection on Deep Models and Data, at Shanghai Jiao Tong University | [poster]
  • 2023.09, Model IP Protection, at University of Science and Technology of China | [slide]

💻 Internships