Bio: I am a faculty member at CISPA Helmholtz Center for Information Security, where I lead the AIR-ML Lab. Prior to this, I earned my PhD in Computer Science at the University of Virginia, where I was advised by Prof. David Evans. I also hold an MS degree in Statistics from the University of Virginia and a BS degree in Mathematics and Applied Mathematics from Tsinghua University. I am a member of the European Laboratory for Learning and Intelligent Systems, affiliated with ELLIS Unit Saarbrücken.
Research Interest: My research spans a broad range of topics in machine learning (ML), with a primary focus on trustworthy AI, encompassing robustness, safety, privacy, bias, and interpretability. I’m also interested in deep learning theory, generative modeling, and optimization. Ultimately, my goal is to develop principled adversarial ML approaches to tackle the fundamental challenges in building reliable and trustworthy AI systems.
I am always looking for self-motivated students interested in machine learning research, including PhD students, HiWis, intern and visiting students. Check my recent publications and our lab website to learn more about the current focus and available positions.
We introduce Generative Adversarial Suffix Prompter (GASP), a novel framework that combines human-readable prompt generation with Latent Bayesian Optimization (LBO) to improve adversarial suffix creation in a fully black-box setting.
We highlight the importance of using dynamic FR strategies to evaluate AFR methods, and propose DivTrackee as a promising countermeasure.
We show how prior claims about black-box access sufficing for optimal membership inference do not hold for most useful settings such as SGD, and validate our findings with a new white-box inference attack.