I am a faculty member at CISPA Helmholtz Center for Information Security. I sometimes also chime in iDRAMA Lab for the memes. From 2019 to 2020, I was a research group leader at CISPA. From 2017 to 2018, I was a postdoc at CISPA. I obtained my Ph.D. degree from the University of Luxembourg in 2016. I obtained my bachelor (2009) and master (2012) degrees from Shandong University.

Research Areas

  • Trustworthy Machine Learning
  • Social Network Analysis
  • Misinformation, Hate Speech, and Memes

I’m always looking for motivated students to join my group. If you are interested, please write me an email (zhang@cispa.de).

Awards

  • Best paper award honorable mention at CCS 2022
  • Busy Beaver teaching award nomination for advanced lecture “Machine Learning Privacy” at Saarland University (2022 Summer)
  • Busy Beaver teaching award for seminar “Privacy of Machine Learning” at Saarland University (2021 Winter)
  • Distinguished reviewer award at TrustML Workshop 2020 (co-located with ICLR 2020)
  • Distinguished paper award at NDSS 2019
  • Best paper award at ARES 2014

What’s New

  • [November 2022] One paper titled “On the Evolution of (Hateful) Memes by Means of Multimodal Contrastive Learning” got accepted in Oakland 2023!
  • [November 2022] One paper titled “Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network” got accepted in AAAI 2023!
  • [November 2022] Our paper “Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots” got best paper award honorable mention at CCS 2022!
  • [November 2022] Junjie Chu and Yukun Jiang joined the team to start their PhD!
  • [October 2022] Our advanced lecture “Machine Learning Privacy” (2022 Summer) got nominated for Busy Beaver teaching award in Saarland University!
  • [September 2022] One paper titled “Amplifying Membership Exposure via Data Poisoning” got accepted in NeurIPS 2022!
  • [September 2022] One paper titled “UnGANable: Defending Against GAN-based Face Manipulation” got accepted in USENIX Security 2023!
  • [September 2022] One paper titled “PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Model” got accepted in USENIX Security 2023!
  • [September 2022] I will join the TPC of WWW 2023!
  • [August 2022] One paper titled “Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbot” got accepted in CCS 2022!
  • [August 2022] One paper titled “On the Privacy Risks of Cell-Based NAS Architectures” got accepted in CCS 2022!
  • [August 2022] One paper titled “Membership Inference Attacks by Exploiting Loss Trajectory” got accepted in CCS 2022!
  • [July 2022] One paper titled “Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning” got accepted in ECCV 2022!
  • [May 2022] One talk titled “All Your GNN Models and Data Belong to Me” got accepted in Black HAT USA 2022!
  • [May 2022] One paper titled “Teacher Model Fingerprinting Attacks Against Transfer Learning” got accepted in USENIX Security 2022!
  • [April 2022] One paper titled “Auditing Membership Leakages of Multi-Exit Networks” got accepted in CCS 2022!
  • [April 2022] One paper titled “Graph Unlearning” got accepted in CCS 2022!
  • [April 2022] One paper titled “SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders” got accepted in CCS 2022!
  • [April 2022] One paper titled “Finding MNEMON: Reviving Memories of Node Embeddings” got accepted in CCS 2022!
  • [April 2022] I will join the TPC of NDSS 2023!
  • [March 2022] Xinlei got The Norton Labs Graduate Fellowship 2022!
  • [March 2022] One paper titled “On Xing Tian and the Perseverance of Anti-China Sentiment Online” got accepted in ICWSM 2022!
  • [February 2022] I will join the TPC of Oakland 2023!
  • [December 2021] I will join the TPC of CCS 2022 and KDD 2022!
  • [December 2021] One paper titled “Model Stealing Attacks Against Inductive Graph Neural Networks” got accepted in Oakland 2022!
  • [December 2021] Edward Boyang Zhang joined the team to start their PhD!
  • [November 2021] Hai Huang, Yiting Qu, and Raymond Si joined the team to start their PhD!
  • [October 2021] One paper titled “Get a Model! Model Hijacking Attack Against Machine Learning Models” got accepted in NDSS 2022!
  • [October 2021] One paper titled “Property Inference Attacks Against GANs” got accepted in NDSS 2022!
  • [October 2021] Zeyang Sha, Yixin Wu, and Ziqing Yang joined the team to start their PhD!