About

I am currently a research scientist at Microsoft Security Research working on applying large language model (LLM) in security scenarios.

I completed my PhD Study at Department of Computer Science at Purdue University. My advisor is Professor Xiangyu Zhang.

My research interest lies at adversarial machine learning especially backdoor/trojan attacks on deep neural networks. I have also done work on debugging AI models and program auto tunning and atomization.

I have been working on TrojAI competition. This competition is a multi-year and multi-round deep neural networks backdoor scanning competition organized by IARPA. So far rounds 1 to 4 is on computer vision task and rounds 5 to 9 is on natural langauage processing task. In each round, a large number of models of different structures are trojaned with various kinds of triggers, and mixed with clean models. Performers are supposed to identify the trojaned models.

Our team Perspecta-PurdueRutgers ranks the first in the rounds 1 to 4 and rounds 6 to 9. The past leaderboard can be found at here.

Publications

Adversarial Machine Learning

PICCOLO: Exposing Complex Backdoors in NLP Transformer Models
Yingqi Liu*, Guangyu Shen*, Guanhong Tao, Shengwei An, Shiqing Ma, Xiangyu Zhang
Proceedings of the 43rd IEEE Symposiums on Security and Privacy (S and P 2022)

Complex Backdoor Detection by Symmetric Feature Differencing
Yingqi Liu*, Guangyu Shen*, Guanhong Tao, Zhenting Wang, Shiqing Ma, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2022 (CVPR 2022)

ABS: Scanning neural networks for back-doors by artificial brain stimulation
Yingqi Liu, Wen-Chuan Lee, Guanhong Tao, Shiqing Ma, Yousra Aafer, Xiangyu Zhang
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS 2019)

Trojaning attack on neural networks
Yingqi Liu, Shiqing Ma, Yousra Aafer, Wen-Chuan Lee, Juan Zhai, Weihang Wang, Xiangyu Zhang
Proceedings of the 25th Network and Distributed System Security Symposium (NDSS 2018)

Constrained Optimization with Dynamic Bound-scaling for Effective NLP Backdoor Defense
Guangyu Shen*, Yingqi Liu*, Guanhong Tao, Qiuling Xu, Zhuo Zhang, Shengwei An, Shiqing Ma, Xiangyu Zhang
Proceedings of Thirty-ninth International Conference on Machine Learning (ICML 2022)

Backdoor Scanning for Deep Neural Networks through K-Arm Optimization
Guangyu Shen*, Yingqi Liu*, Guanhong Tao, Shengwei An, Qiuling Xu, Siyuan Cheng, Shiqing Ma, Xiangyu Zhang
Proceedings of the 38th International Conference on Machine Learning (ICML 2021)

Remove Model Backdoors via Importance Driven Cloning
Qiuling Xu, Guanhong Tao, Jean Honorio, Yingqi Liu, Shengwei An, Guangyu Shen, Siyuan Cheng, Xiangyu Zhang IEEE/CVF Conference on Computer Vision and Pattern Recognition 2023 (CVPR 2023)

Detecting Backdoors in Pre-trained Encoders
Zhuo Zhang, Guanhong Tao, Guangyu Shen, Shengwei An, Qiuling Xu, Yingqi Liu, Yapeng Ye, Yaoxuan Wu, Xiangyu Zhang IEEE/CVF Conference on Computer Vision and Pattern Recognition 2023 (CVPR 2023)

PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code Analysis
Shiwei Feng, Guanhong Tao, Siyuan Cheng, Guangyu Shen, Xiangzhe Xu, Yingqi Liu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang Proceedings of the 32nd USENIX Security Symposium (Security 2023)

FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning
Kaiyuan Zhang, Guanhong Tao, Qiuling Xu, Siyuan Cheng, Shengwei An, Yingqi Liu, Shiwei Feng, Guangyu Shen, Pin-Yu Chen, Shiqing Ma, Xiangyu Zhang Proceedings of the Eleventh International Conference on Learning Representations (ICLR 2023) ECCV 2022 Workshop on Adversarial Robustness in the Real World (AROW 2022) Best Paper Award

BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense
Siyuan Cheng, Guanhong Tao, Yingqi Liu, Shengwei An, Xiangzhe Xu, Shiwei Feng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Shiqing Ma, Xiangyu Zhang Proceedings of the 30th Network and Distributed System Security Symposium (NDSS 2023)

Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security
Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, Xiangyu Zhang
Proceedings of the 43rd IEEE Symposiums on Security and Privacy (S and P 2022)

Better Trigger Inversion Optimization in Backdoor Scanning
Guanhong Tao, Guangyu Shen, Yingqi Liu, Shengwei An, Qiuling Xu, Shiqing Ma, Pan Li, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2022 (CVPR 2022)

Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification
Siyuan Cheng, Yingqi Liu, Shiqing Ma, Xiangyu Zhang
Proceedings of The 35th AAAI Conference on Artificial Intelligence (AAAI-21)

NIC: Detecting Adversarial Samples with Neural Network Invariant Checking
Shiqing Ma, Yingqi Liu, Guanhong Tao, Wen-Chuan Lee, Xiangyu Zhang
Proceedings of the 25th Network and Distributed System Security Symposium (NDSS 2019)

Attacks Meet Interpretability: Attribute-steered Detection of Adversarial Samples
Guanhong Tao, Shiqing Ma, Yingqi Liu, Xiangyu Zhang
Proceedings of Thirty-second Conference on Neural Information Processing Systems (NeurIPS 2018 Spotlight)

Composite Backdoor Attack for Deep Neural Network by Mixing Existing Benign Features
Junyu Lin, Lei Xu, Yingqi Liu, Xiangyu Zhang
Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS 2020)

Black-box adversarial sample generation based on differential evolution
Junyu Lin, Lei Xu, Yingqi Liu, Xiangyu Zhang Journal of Systems and Software, 2020

Debugging AI models

TRADER: Trace Divergence Analysis and Embedding Regulation for Debugging Recurrent Neural Networks
Guanhong Tao, Shiqing Ma, Yingqi Liu, Qiuling Xu, Xiangyu Zhang
Proceedings of the 42nd International Conference on Software Engineering (ICSE 2020)

MODE: automated neural network model debugging via state differential analysis and input selection
Shiqing Ma, Yingqi Liu, Wen-Chuan Lee, Xiangyu Zhang, Ananth Grama
Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE 2018)

LAMP: data provenance for graph based machine learning algorithms through derivative computation
Shiqing Ma, Yousra Aafer, Zhaogui Xu, Wen-Chuan Lee, Juan Zhai, Yingqi Liu, Xiangyu Zhang
Proceedings of the 2018 25th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE 2017)

Program Tuning and Atomization

Programming support for autonomizing software
Wen-Chuan Lee, Peng Liu, Yingqi Liu, Shiqing Ma, Xiangyu Zhang
Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2019)

White-box program tuning
Wen-Chuan Lee, Yingqi Liu, Peng Liu, Shiqing Ma, Hongjun Choi, Xiangyu Zhang, Rajiv Gupta
Proceedings of the 2019 IEEE/ACM International Symposium on Code Generation and Optimization (CGO 2019)

Experience

Security research intern at JD Security Research Center Silicon Valley. May 2019 - Aug 2019

Research assistant working with Prof. Xiangyu Zhang at Purdue CS. Aug 2015 - Present

Talks

Trojaning attack on neural networks at NDSS 2018

Services

Reviewer

International Conference on Learning Representations (ICLR 2023)

IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2022 2023)

European Conference on Computer Vision (ECCV 2022)

International Journal of Computer Vision (IJCV)

IEEE Transactions on Information Forensics and Security (TIFS)

IEEE Transactions on Dependable and Secure Computing (TDSC)

IEEE Transactions on Evolutionary Computation (TEVC)

Journal of Software: Evolution and Process

Concurrency and Computation: Practice and Experience

IEEE Access