Xiao Zhang

Tenure-Track Faculty

CISPA Helmholtz Center for Information Security

Bio: I am currently a tenure-track faculty at CISPA Helmholtz Center for Information Security. Prior to that, I obtained my Ph.D. degree in the department of computer science at University of Virginia advised by Prof. David Evans in 2022. I received my M.S. degree from Department of Statistics at University of Virginia and my B.S. degree in Mathematics at Tsinghua University in 2017 and 2015, respectively. I am also a member of the European Laboratory for Learning and Intelligent Systems.

Research Interests: My research covers various topics in machine learning and security, including trustworthy machine learning, statistical machine learning, convex/non-convex optimization and deep learning. Recently, I focus on understanding the misbehavior of machine learning models against different adversaries and designing robust systems for various machine learning applications.

Open Positions: I am looking for self-motivated students who are interested in trustworthy machine learning, including PhD students, research assistants, intern and visiting students. Check Open Positions for more details.

Featured Publications

Fnu Suya, Xiao Zhang, Yuan Tian, David Evans

November 2023 NeurIPS 2023

What Distributions are Robust to Indiscriminate Poisoning Attacks for Linear Learners?

Understand the inherent vulnerabilities to indiscriminate data poisoning attacks for linear learners by studying the optimal poisoning strategy from the perspective of data distribution.

Xiao Zhang, David Evans

May 2022 ICLR 2022

Understanding Intrinsic Robustness using Label Uncertainty

Built upon on a novel definition of label uncertainty, we develop an empirical method to estimate a more realistic intirnsic robustness limit for image classification tasks.

Saeed Mahloujifar, Xiao Zhang, Mohammad Mahmoody, David Evans

December 2019 NeurIPS 2019 (Spotlight)

Empirically Measuring Concentration: Fundamental Limits to Intrinsic Robustness

We develop a method to measure the concentration of image benchmarks using empirical samples and show that concentration of measure does not prohibit the existence of adversarially robust classifiers.

Xiao Zhang, David Evans

May 2019 ICLR 2019

Cost-Sensitive Robustness against Adversarial Examples

We propose a notion of cost-sensitive robustness for measuring classifier’s performance when adversarial transformations are not equally important, and provide a certified robust training method to optimize for it.

Xiao Zhang, Simon Du, Quanquan Gu

July 2018 ICML 2018

Fast and Sample Efficient Inductive Matrix Completion via Multi-Phase Procrustes Flow

We present a new gradient-based optimization algorithm for inductive matrix completion, which achieves both linear rate of convengence and sample complexities linearly depending on the feature dimension.

Publications

Quickly discover relevant content by filtering publications.

Somrita Ghosh, Yuelin Xu, Xiao Zhang (2024). Improving the Efficiency of Self-Supervised Adversarial Training through Latent Clustering-based Selection. ICML 2024 NextGenAISafety Workshop.

PDF Cite OpenReview

Anshuman Suri, Xiao Zhang, David Evans (2024). Do Parameters Reveal More than Loss for Membership Inference?. ICML 2024 HiLD Workshop.

PDF Cite OpenReview

Yuelin Xu, Xiao Zhang (2024). Understanding Adversarially Robust Generalization via Weight-Curvature Index. ICML 2024 HiLD Workshop.

PDF Cite OpenReview

Wenshu Fan, Hongwei Li, Wenbo Jiang, Meng Hao, Shui Yu, Xiao Zhang (2024). Stealthy Targeted Backdoor Attacks against Image Captioning. TIFS 2024.

PDF Cite Link ArXiv

Yifan Zeng, Yiran Wu, Xiao Zhang, Huazheng Wang, Qingyun Wu (2024). AutoDefense: Multi-Agent LLM Defense against Jailbreak Attacks. ArXiv.

PDF Cite Code ArXiv

Fnu Suya, Xiao Zhang, Yuan Tian, David Evans (2023). What Distributions are Robust to Indiscriminate Poisoning Attacks for Linear Learners?. NeurIPS 2023.

PDF Cite ArXiv

See all publications

Contact

xiao.zhang@cispa.de
+49 681 87083 2342
Im oberen Werk 1, St. Ingbert, Saarland 66386
My office is Room 0.28 at CISPA D2 building