Bio

I am a career-track assistant professor at Vrije Universiteit Amsterdam, also a faculty member of the VUSec Group. I am passionate to make AI systems more reliable. Prior to join VU, I got my Ph.D. from CISPA Helmholtz Center for Information Security (Saarbrücken, Germany), supervised by Prof. Michael Backes. I have two year industrial experience of working as an Operating System Engineer at 2012 Labs@Huawei (Hangzhou, China). I got my master’s degree from Zhejiang University and bachelor’s degree from Lanzhou University.

Research Interests

• Trustworthy AI: Privacy, Security, Safety, Auditing, and Accountability

• Privacy-Preserving Machine Learning: Synthetic Data Generation, Differential Privacy

• AI for CyberSecurity: AI-Driven Automatic Vulnerability Discovery

Job Openings

I have two PhD positions vacancies which could start immediately, if you would like to apply for a position, please fill out this Form to schedule a meeting. I am always looking for self-motivated students to work with me, if you are interested, feel free to drop me an e-mail with your CV.

What’s New

• [01/2025] ArtistAuditor got accepted by WWW 2025, looking forward to visiting Sydney.

• [10/2024] Our work “SoK: Dataset Copyright Auditing in Machine Learning Systems” got accepted in IEEE S&P 2025, looking forward to visiting San Francisco!

• [Fall 2024] I moved to Amsterdam and started my new position as an assistant professor at Vrije University Amsterdam!

• [08/2024] I joined the TPC of AsiaCCS 2025.

• [05/2024] I joined the TPC of PoPETs 2025.

• [05/2024] I passed my Ph.D. defense at CISPA Helmholtz Center for Information Security.

Talks

• [06/2024] Give a talk at Central South University, Changsha, China.

• [01/2024] Give a talk at ETH Postdoctal Symposium, online.

• [02/2024] Attend NDSS 2024 at San Diego, CA, USA, and host a session on “ML Attacks (2)”!

• [08.2023] Give a talk at INSAIT, Sofia, Bulgaria.

• [02.2023] Give a talk at Huawei AI4Sec Research Team, online.

• [11.2022] Give a talk about “Graph Unlearning” at CCS 2022, Los Angeles, USA.

• [08.2022] Give a talk about “Inference Attacks Against Graph Embedding” at USENIX Security 2022, Boston, USA.

• [11.2021] Give a talk about “When Machine Unlearning Jeopardize Privacy” at CCS 2021, Online.