Recent News

• package
• package
• [08/2022] I have moved to Madison and joined the University of Wisconsin, Madison as an Assistant Professor.
• [05/2023] One paper at ACL. Congratulations to zhuofeng and jiazhao. We propose an attention-based method to defend against NLP backdoor attacks
• [04/2023] Two papers at ICML. Congratulations to Jiachen and Zhiyuan. We propose the first benchmark for code copyright of code generation models.
• [02/2023] Two papers at CVPR. Congratulations to Yiming and Xiaogeng. Xiaogeng is an intern from my group at ASU.
• [02/2023] I will give a tutorial at CVPR 2023 on the topic of trustworthiness in the era of Foundation Models. Stay tuned!
• [01/2023] Impact Award from Argonne National Laboratory.
• [01/2023] One paper got accepted to USENIX Security 2023.
• [1/2023] Three papers are accepted to ICLR 2023 [a]: We explain why and how to use diffusion model to improve adversarial robustness and design DensePure which leverages the pretrained diffusion model and classifier to provide the state-of-the-art certified robustness. [b]:This is our first attemp on retrieval-based framework and AI for drug discovery. We will recently release more work in this research line. Stay tuned!
• [12/2022] Our team won the ACM Gordon Bell Special Prize for COVID-19 Research.
• [09/2022] One papers got accepted to USENIX Security 2023.
• [09/2022] Two papers got accepted to NeurIPS 2022.
• [09/2022] Our paper RobustTraj has been accepted to CORL for oral presentations. We explore to train a robust Trajectory Prediction Model against adversarial attacks.
More
[08/2022] I have moved to Phoenix and joined ASU as an assistant professor.
[08/2022] I will be giving a talk in virtual seminar series on Challenges and Opportunities for Security & Privacy in Machine Learning.
[07/2022] One survey paper to discuss the challenge and opportunity of machine learning security got accepted to ACM Computing Survey 2022.
[07/2022] Two papers got accepted to ECCV 2022.
[05/2022] Two papers got accepted to ICML 2022. Thanks for all of my collaborators.
[3/2022] I will be giving a talk in AAAI 2022 1st International Workshop on Practical Deep Learning in the Wild.
[3/2022] I will be giving a talk in AAAI 2022 workshop on Adversarial Machine Learning and Beyond.
[2/2022] One paper is accepted to ICLR.

Research Overview

Publications (Selected)

(* represents equal contribution)

[Full List], [Google Scholar]

• [Ethic] CodeIPPrompt: Intellectual Property Infringement Assessment of Code Language Models

  Zhiyuan Yu, Yuhao Wu, Ning Zhang, Chenguang Wang, Yevgeniy Vorobeychik, Chaowei Xiao

  ICML 2023. [pdf] [code]

• [Security] A Critical Revisit of Adversarial Robustness in 3D Point Cloud Recognition with Diffusion-Driven Purification.

  Jiachen Sun, Jiongxiao Wang, Weili Nie, Zhiding Yu, Zhuoqing Mao, Chaowei Xiao

  ICML 2023. [pdf] [code]

• [Security] DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing.

  Jiawei Zhang, , Zhongzhu Chen, Huan Zhang, Chaowei Xiao, Bo Li.

  USENIX Security 2023. [pdf] [code]

• [Security] DensePure: Understanding Diffusion Models towards Adversarial Robustness.

  Chaowei Xiao*, Zhongzhu Chen*, Kun Jin*, Jiongxiao Wang*, Weili Nie, Mingyan Liu, Anima Anandkumar, Bo Li, Dawn Song

  ICLR 2023. [pdf] [code]

• [AI for Social Good] Retrieval-based Controllable Molecule Generation

  Zichao Wang, Weili Nie, Zhuoran Qiao, Chaowei Xiao , Richard Baraniuk, Anima Anandkumar

  ICLR 2023 (spotlight). [pdf] [code]

• [AI for Social Good] GenSLMs: Genome-scale language models reveal SARS-CoV-2 evolutionary dynamics.

  Maxim Zvyagin*, Alexander Brace*, Kyle Hippe*, Yuntian Deng*, Bin Zhang, Cindy Orozco Bohorquez, Austin Clyde, Bharat Kale, Danilo Perez-Rivera, Heng Ma, Carla M. Mann, Michael Irvin, J. Gregory Pauloski, Logan Ward, Valerie Hayot, Murali Emani, Sam Foreman, Zhen Xie, Diangen Lin, Maulik Shukla, Weili Nie, Josh Romero, Christian Dallago, Arash Vahdat, Chaowei Xiao, Thomas Gibbs, Ian Foster, James J. Davis, Michael E. Papka, Thomas Brettin, Rick Stevens, Anima Anandkumar, Venkatram Vishwanath, Arvind Ramanathan.

  ACM Gordon Bell Special Covid Prize[pdf] [code]

• [Robustness] Test-Time Prompt Tuning for Zero-Shot Generalization in Vision-Language Models

  Manli Shu, Weili Nie, De-An Huang, Zhiding Yu, Tom Goldstein, Anima Anandkumar, Chaowei Xiao

  NeurIPS 2022. [pdf] [code]

• [Social Bias] Exploring the Limits of Domain-Adaptive Training for Detoxifying Large-Scale Language Models

  Boxin Wang, Wei Ping, Chaowei Xiao, Peng Xu, Mostofa Patwary, Mohammad Shoeybi, Bo Li, Anima Anandkumar, Bryan Catanzaro.

  NeurIPS 2022[pdf] [code]

• [Security] Robust Trajectory Prediction against Adversarial Attacks

  Yulong Cao, Danfei Xu, Xinshuo Weng, Z. Morley Mao, Anima Anandkuma, Chaowei Xiao, Marco Pavone

  CORL 2022 (Oral)[pdf] [code]

• [Security] Diffusion Models for Adversarial Purification

  Weili Nie, Brandon Guo, Yujia Huang,Chaowei Xiao, Arash Vahdat, Anima Anandkumar.

  ICML 2022[pdf] [code]

• [Robustness] Understanding the robustness in vision transformers.

  Daquan Zhou, Zhiding Yu, Enze Xie,Chaowei Xiao, Anima Anandkumar, Jiashi Feng, Jose M Alvarez.

  ICML 2022[pdf] [code]

• [Security] Taxonomy of Machine Learning Safety: A Survey and Primer

  Sina Mohseni, Zhiding Yu, Chaowei Xiao Jay Yadawa, Haotao Wang and Zhangyang Wang

  ACM Computing Survey 2022[pdf]

• [Security] Adversarially Robust 3D Point Cloud Recognition Using Self-Supervisions.

  Jiachen Sun, Yulong Cao, Christopher Choy, Zhiding Yu, Anima Anandkumar, Z. Morley Mao, Chaowei Xiao.

  NeurIPS 2021

• [Robustness] AugMax: Adversarial Composition of RandomAugmentations for Robust Training.

  Haotao Wang,Chaowei Xiao, Jean Kossaifi, Zhiding Yu, Animashree Anandkumar, Zhangyang Wang.

  NeurIPS 2021

• [Security] Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks.

  Yulong Cao*, Ningfei Wang*,Chaowei Xiao*, Dawei Yang*, Jin Fang, RuigangYang, Qi Alfred Chen, Mingyan Liu, Bo Li.

  IEEE Symposium on Security and Privacy (Oakland) 2021

• [Privacy] Application-Driven Privacy-Preserving Data Publishing with Correlated Attributes.

  Aria Rezaei,Chaowei Xiao, Jie Gao, Bo Li, Sirajum Munir.

  Embedded Wireless Systems and Networks (EWSN 2021)Best Paper Award

• [Security] Robust Deep Reinforcement Learning against Adversarial Perturbations on State Observations

  Huan Zhang*, Hongge Chen*, Chaowei Xiao, Bo Li, Mingyan Liu, Duane Boning, Cho-Jui Hsieh.

  NeurIPS 2020 (spotlight).

• [Security] MeshAdv: Adversarial Meshes for Visual Recognition

  Chaowei Xiao*, Dawei Yang*, Bo Li, Jia Deng, Mingyan Liu

  In IEEE Conference on Computer Vision and Pattern Recognition (CVPR) 2019. (oral) [pdf]

• [Security] Adversarial Sensor Attack on LIDAR-based Perception in Autonomous Driving

  Yulong Cao, Chaowei Xiao, Benjamin Cyr, Yimeng Zhou, Won Park, Sara Rampazzi, Qi Alfred Chen, Kevin Fu, Z. Morely Map

  In the 26th ACM Conference on Computer and Communications Security (CCS'19) [pdf]

• [Security] Spatially Transformed Adversarial Examples

  Chaowei Xiao*, Jun-Yan Zhu*, Bo Li, Warren He, Mingyan Liu and Dawn Song

  In International Conference on Learning Representations (ICLR), 2018 [pdf]

• [Security] Generating Adversarial Examples with Adversarial Networks

  Chaowei Xiao, Bo Li, Jun-Yan Zhu, Warren He, Mingyan Liu and Dawn Song

  In International Joint Conference on Artificial Intelligence (IJCAI), 2018. [pdf]

• [Security] Robust Physical-World Attacks on Machine Learning Models

  Kevin Eykholt*, Ivan Evtimov*, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno and Dawn Song

  In IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018 [pdf]