Guanhong Tao
I am a Ph.D. Student at Purdue University, advised by Prof. Xiangyu Zhang.
I am on the academic job market this year.
"Act as if what you do makes a difference. It does." - William James
Selected Publications [Full List] (* denotes equal contribution)
Preprints
- Opening A Pandora's Box: Things You Should Know in the Era of Custom GPTs
Guanhong Tao, Siyuan Cheng, Zhuo Zhang, Junmin Zhu, Guangyu Shen, Xiangyu Zhang
[arXiv] [bibtex]
- Backdoor Vulnerabilities in Normally Trained Deep Learning Models
Guanhong Tao, Zhenting Wang, Siyuan Cheng, Shiqing Ma, Shengwei An, Yingqi Liu, Guangyu Shen, Zhuo Zhang, Yunshu Mao, Xiangyu Zhang
[arXiv] [bibtex]
- DECK: Model Hardening for Defending Pervasive Backdoors
Guanhong Tao, Yingqi Liu, Siyuan Cheng, Shengwei An, Zhuo Zhang, Qiuling Xu, Guangyu Shen, Xiangyu Zhang
[arXiv] [bibtex]
2024
- Distribution Preserving Backdoor Attack in Self-supervised Learning
Guanhong Tao*, Zhenting Wang*, Shiwei Feng, Guangyu Shen, Shiqing Ma, Xiangyu Zhang
Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
San Francisco, CA, USA, May 2024
[pdf] [code] [bibtex]
- ODSCAN: Backdoor Scanning for Object Detection Models
Siyuan Cheng, Guangyu Shen, Guanhong Tao, Kaiyuan Zhang, Zhuo Zhang, Shengwei An, Xiangzhe Xu, Yingqi Liu, Shiqing Ma, Xiangyu Zhang
Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
San Francisco, CA, USA, May 2024
[pdf] [bibtex]
- On Large Language Models’ Resilience to Coercive Interrogation
Zhuo Zhang, Guangyu Shen, Guanhong Tao, Siyuan Cheng, Xiangyu Zhang
Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
San Francisco, CA, USA, May 2024
[pdf] [bibtex]
- Exploring the Orthogonality and Linearity of Backdoor Attacks
Kaiyuan Zhang, Siyuan Cheng, Guangyu Shen, Guanhong Tao, Shengwei An, Anuran Makur, Shiqing Ma, Xiangyu Zhang
Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
San Francisco, CA, USA, May 2024
[pdf] [bibtex]
- Gradient Shaping: Enhancing Backdoor Attack Against Reverse Engineering
Rui Zhu, Di Tang, Siyuan Tang, Zihao Wang, Guanhong Tao, Shiqing Ma, XiaoFeng Wang, Haixu Tang
Proceedings of the 31st Network and Distributed System Security Symposium (NDSS 2024)
San Diego, CA, USA, February 2024
[pdf] [bibtex]
2023
- Hard-label Black-box Universal Adversarial Patch Attack
Guanhong Tao, Shengwei An, Siyuan Cheng, Guangyu Shen, Xiangyu Zhang
Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)
Anaheim, CA, USA, August 2023
[pdf] [code] [bibtex]
- Backdooring Neural Code Search
Weisong Sun*, Yuchen Chen*, Guanhong Tao*, Chunrong Fang, Xiangyu Zhang, Quanjun Zhang, Bin Luo
Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics (ACL 2023)
Toronto, Canada, July 2023
[pdf] [code] [bibtex]
- PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code Analysis
Zhuo Zhang, Guanhong Tao, Guangyu Shen, Shengwei An, Qiuling Xu, Yingqi Liu, Yapeng Ye, Yaoxuan Wu, Xiangyu Zhang
Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)
Anaheim, CA, USA, August 2023
[pdf] [bibtex]
- BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense
Siyuan Cheng, Guanhong Tao, Yingqi Liu, Shengwei An, Xiangzhe Xu, Shiwei Feng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Shiqing Ma, Xiangyu Zhang
Proceedings of the 30th Network and Distributed System Security Symposium (NDSS 2023)
San Diego, CA, USA, February 2023
[pdf] [bibtex]
- FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning
Kaiyuan Zhang, Guanhong Tao, Qiuling Xu, Siyuan Cheng, Shengwei An, Yingqi Liu, Shiwei Feng, Guangyu Shen, Pin-Yu Chen, Shiqing Ma, Xiangyu Zhang
Proceedings of the Eleventh International Conference on Learning Representations (ICLR 2023)
ECCV 2022 Workshop on Adversarial Robustness in the Real World (AROW 2022) Best Paper Award
Kigali, Rwanda, May 2023
[pdf] [bibtex]
- BIRD: Generalizable Backdoor Detection and Removal for Deep Reinforcement Learning
Xuan Chen, Wenbo Guo, Guanhong Tao, Xiangyu Zhang, Dawn Song
Proceedings of Thirty-seventh Conference on Neural Information Processing Systems (NeurIPS 2023)
New Orleans, LA, USA, December 2023
[pdf] [bibtex]
- Django: Detecting Trojans in Object Detection Models via Gaussian Focus Calibration
Guangyu Shen, Siyuan Cheng, Guanhong Tao, Kaiyuan Zhang, Yingqi Liu, Shengwei An, Shiqing Ma, Xiangyu Zhang
Proceedings of Thirty-seventh Conference on Neural Information Processing Systems (NeurIPS 2023)
New Orleans, LA, USA, December 2023
[pdf] [bibtex]
- ParaFuzz: An Interpretability-Driven Technique for Detecting Poisoned Samples in NLP
Lu Yan, Zhuo Zhang, Guanhong Tao, Kaiyuan Zhang, Xuan Chen, Guangyu Shen, Xiangyu Zhang
Proceedings of Thirty-seventh Conference on Neural Information Processing Systems (NeurIPS 2023)
New Orleans, LA, USA, December 2023
[pdf] [bibtex]
- Remove Model Backdoors via Importance Driven Cloning
Qiuling Xu, Guanhong Tao, Jean Honorio, Yingqi Liu, Shengwei An, Guangyu Shen, Siyuan Cheng, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2023 (CVPR 2023)
Vancouver, Canada, June 2023
[pdf] [bibtex]
- Detecting Backdoors in Pre-trained Encoders
Shiwei Feng, Guanhong Tao, Siyuan Cheng, Guangyu Shen, Xiangzhe Xu, Yingqi Liu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2023 (CVPR 2023)
Vancouver, Canada, June 2023
[pdf] [bibtex]
2022
- Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security
Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, Xiangyu Zhang
Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P 2022)
San Francisco, CA, USA, May 2022
[pdf] [code] [bibtex]
- PICCOLO: Exposing Complex Backdoors in NLP Transformer Models
Yingqi Liu, Guangyu Shen, Guanhong Tao, Shengwei An, Shiqing Ma, Xiangyu Zhang
Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P 2022)
San Francisco, CA, USA, May 2022
[pdf] [bibtex]
- Better Trigger Inversion Optimization in Backdoor Scanning
Guanhong Tao, Guangyu Shen, Yingqi Liu, Shengwei An, Qiuling Xu, Shiqing Ma, Pan Li, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2022 (CVPR 2022 Oral)
New Orleans, LA, USA, June 2022
[pdf] [code] [bibtex]
- Complex Backdoor Detection by Symmetric Feature Differencing
Yingqi Liu, Guangyu Shen, Guanhong Tao, Zhenting Wang, Shiqing Ma, Xiangyu Zhang
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2022 (CVPR 2022)
New Orleans, LA, USA, June 2022
[pdf] [bibtex]
- RULER: Discriminative and Iterative Adversarial Training for Deep Neural Network Fairness
Guanhong Tao*, Weisong Sun*, Tingxu Han*, Chunrong Fang, Xiangyu Zhang
Proceedings of the 2022 ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE 2022)
Singapore, November 2022
[pdf] [code] [bibtex]
- Constrained Optimization with Dynamic Bound-scaling for Effective NLP Backdoor Defense
Guangyu Shen, Yingqi Liu, Guanhong Tao, Qiuling Xu, Zhuo Zhang, Shengwei An, Shiqing Ma, Xiangyu Zhang
Proceedings of Thirty-ninth International Conference on Machine Learning (ICML 2022)
Baltimore, MD, USA, July 2022
[pdf] [bibtex]
2021
- FIRM: Detecting Adversarial Audios by Recursive Filters with Randomization
Guanhong Tao, Xiaowei Chen, Yunhan Jia, Zhenyu Zhong, Shiqing Ma, Xiangyu Zhang
ICLR 2021 Workshop on Security and Safety in Machine Learning Systems
Virtually, May 2021
[pdf] [bibtex]
- Towards Feature Space Adversarial Attack by Style Perturbation
Qiuling Xu, Guanhong Tao, Siyuan Cheng, Xiangyu Zhang
Proceedings of the 35th AAAI Conference on Artificial Intelligence (AAAI 2021)
Virtually, February 2021
[pdf] [bibtex]
- Backdoor Scanning for Deep Neural Networks through K-Arm Optimization
Guangyu Shen, Yingqi Liu, Guanhong Tao, Shengwei An, Qiuling Xu, Siyuan Cheng, Shiqing Ma, Xiangyu Zhang
Proceedings of Thirty-eighth International Conference on Machine Learning (ICML 2021)
Virtually, July 2021
[pdf] [bibtex]
2020
- TRADER: Trace Divergence Analysis and Embedding Regulation for Debugging Recurrent Neural Networks
Guanhong Tao, Shiqing Ma, Yingqi Liu, Qiuling Xu, Xiangyu Zhang
Proceedings of the 42nd International Conference on Software Engineering (ICSE 2020)
Seoul, South Korea, July 2020 (Virtual)
[pdf] [slides] [video] [artifact] [bibtex]
- Correlations Between Deep Neural Network Model Coverage Criteria and Model Quality
Shenao Yan, Guanhong Tao, Xuwei Liu, Juan Zhai, Shiqing Ma, Lei Xu, Xiangyu Zhang
Proceedings of the 2020 ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE 2020)
Sacramento, CA, USA, November 2020
[pdf] [bibtex]
2019
- ABS: Scanning Neural Networks for Back-doors by Artificial Brain Stimulation
Yingqi Liu, Wen-Chuan Lee, Guanhong Tao, Shiqing Ma, Yousra Aafer, Xiangyu Zhang
Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS 2019)
London, UK, November 2019
[pdf] [bibtex]
- NIC: Detecting Adversarial Samples with Neural Network Invariant Checking
Shiqing Ma, Yingqi Liu, Guanhong Tao, Wen-Chuan Lee, Xiangyu Zhang
Proceedings of the 26th Network and Distributed System Security Symposium (NDSS 2019)
San Diego, CA, USA, February 2019
[pdf] [slides] [bibtex]
2018
- Attacks Meet Interpretability: Attribute-steered Detection of Adversarial Samples
Guanhong Tao, Shiqing Ma, Yingqi Liu, Xiangyu Zhang
Proceedings of Thirty-second Conference on Neural Information Processing Systems (NeurIPS 2018 Spotlight)
Palais des Congrès de Montréal, Montréal, Canada, December 2018
[pdf] [slides] [poster] [code] [bibtex]
- Hard-label Black-box Universal Adversarial Patch Attack
Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)
Anaheim, CA, USA, August 2023
[slides]
- RULER: Discriminative and Iterative Adversarial Training for Deep Neural Network Fairness
Proceedings of the 2022 ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE 2022)
Singapore, November 2022 (Virtual)
- Better Trigger Inversion Optimization in Backdoor Scanning
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2022 (CVPR 2022)
New Orleans, LA, USA, June 2022
- Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security
Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P 2022)
San Francisco, CA, USA, May 2022
[slides] [video]
- TRADER: Trace Divergence Analysis and Embedding Regulation for Debugging Recurrent Neural Networks
Proceedings of the 42nd International Conference on Software Engineering (ICSE 2020)
Seoul, South Korea, July 2020 (Virtual)
[slides] [video]
- FIRM: Detecting Adversarial Audios by Recursive Filters with Randomization
Baidu X-Lab
Sunnyvale, CA, USA, Aug. 2019
- Attacks Meet Interpretability: Attribute-steered Detection of Adversarial Samples
Proceedings of Thirty-second Conference on Neural Information Processing Systems (NeurIPS 2018)
Palais des Congrès de Montréal, Montréal, Canada, Dec. 2018
- Guest Lecture, CS 431: Software Engineering, Rutgers University, Spring 2023
-
- Guest Lecture, CS 529: Security Analytics, Purdue University, Fall 2019, Fall 2020, Fall 2022, Fall 2023
-
- Teaching Assistant, CS 240: Programming in C, Purdue University, Spring 2020
-
- Teaching Assistant, CS 590: Program Analysis For Deep Learning, Purdue University, Fall 2019
-
- Program Chair/Organizer
• The 1st ICLR Workshop on Backdoor Attacks and Defenses in Machine Learning (BANDS)
• NDSS 2024 Workshop on AI System with Confidential Computing (AISCC)
- Reviewer/Program Committee
• International Symposium on Research in Attacks, Intrusions and Defenses (RAID): 2024
• ACM Symposium on the Foundations of Software Engineering (FSE) Artifact Evaluation: 2023
• International Conference on Machine Learning (ICML): 2021-2024
• Conference on Neural Information Processing Systems (NeurIPS): 2021-2023
• International Conference on Learning Representations (ICLR): 2022 (Highlighted)-2024
• IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR): 2022-2023
• European Conference on Computer Vision (ECCV): 2022
• International Conference on Computer Vision (ICCV): 2023
• Annual Meeting of the Association for Computational Linguistics (ACL): 2023
• Conference on Empirical Methods in Natural Language Processing (EMNLP): 2023
• Annual AAAI Conference on Artificial Intelligence (AAAI): 2024
• ICLR Workshop on Distributed and Private Machine Learning (DPML): 2021
• IEEE Transactions on Dependable and Secure Computing (TDSC)
• IEEE Transactions on Information Forensics & Security (T-IFS)
• ACM Transactions on Privacy and Security (TOPS)
• Transactions on Machine Learning Research (TMLR)
- Shadow Program Committee
• IEEE Symposium on Security and Privacy (S&P): 2021
- Student Volunteer
• ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA): 2021
Copyright © Guanhong Tao 2017-2023. All Rights Reserved.