Recent News

• [09/2022] One papers got accepted to at USENIX Security 2023.
• [09/2022] Two papers got accepted to at NeurIPS 2022.
• [09/2022] Our paper RobustTraj has been accepted to CORL for oral presentations. We explore to train a robust Trajectory Prediction Model against adversarial attacks.
• [08/2022] I have moved to Phoenix and joined ASU as an assistant professor. I plan to get 2-3 PhD students for Fall 2023. Please send me an email with you CV if you are interested.
• [08/2022] I will be giving a talk in virtual seminar series on Challenges and Opportunities for Security & Privacy in Machine Learning.
• [07/2022] One papers got accepted to ACM Computing Survey 2022.
• [07/2022] Two papers got accepted to ECCV 2022.
• [05/2022] Two papers got accepted to ICML 2022. Thanks for all of my collaborators.
• [3/2022] I will be giving a talk in AAAI 2022 1st International Workshop on Practical Deep Learning in the Wild.
• [3/2022] I will be giving a talk in AAAI 2022 workshop on Adversarial Machine Learning and Beyond.
• [2/2022] One paper is accepted to ICLR.
• [12/2021] One paper on exploring the robustness of RL got accepted to AAMAS after a long journey.
• [11/2021] One paper got accepted to INFOCOM.
• [09/2021] Three papers got accepted to NeurIPS. Thanks for all of my collaborators.
• [08/2021] I gave a talk at Tsinghua University
• [07/2021] One paper is accepted to ICCV.
• [07/2021] I am serving as an Area Chair for AAAI 2022.
• [06/2021] I gave a talk in CVPR 2021 Tutorial on Adversarial Machine Learning in Computer Vision.
• [04/2021] One paper is accepted to IEEE S&P.
• [03/2021] Best Paper Award at ESWN 2021
More
[11/2020]: One paper is accepted to NeurIPS’20 .
[11/2020]: One paper is accepted to NeurIPS’20 .
[06/2020]: One paper is accepted to ECCV’20 .
[12/2019]: One paper is accepted to ICLR’20 .
[08/2019]: Our generated physical adversarial Stop Sign used in our CVPR’18 is on display at Science Museum in London.
[07/2019]: One paper is accepted to ICDM 2019.
[03/2019]: Our paper "MeshAdv: Adversarial Meshes for Visual Recognition" is accepted to CVPR 2019 as oral presentation.
[03/2019]: We will organize the workshop on Adversarial Machine Learning in Real-World Computer Vision Systems at CVPR 2019. Please submit your papers.

Events

• [Workshop@ICLR2022] I am organizing the Workshop on Socially Responsible Machine Learning in ICLR 2022.
• [Call For Paper] I am serving as the Guest Editor of Frontiers in Big Data: Trustworthy Machine Learning.
• [Workshop@ICCV2021] I am co-organizing the Workshop on Neural Architectures: Past, Present and Future in ICCV 2021.
• [Workshop@ICML2021] I co-organized the Workshop on Socially Responsible Machine Learning in ICML 2021.
• [Workshop@ACMMM2021] I co-organized the Workshop on 1st International Workshop on Adversarial Learning for Multimedia in ACM-MM 2021.
• [Workshop@CVPR2019] I co-organized the Workshop on Adversarial Machine Learning in Real-World Computer Vision Systems. in CVPR 2019.

Publications

(* represents equal contribution)

2022

• Semantically Meaningful Adversarial Audio Attack

  Zhiyuan Yu, Yuanhaur Chang, Ning Zhang Chaowei Xiao

  USENIX Security 2023. [pdf] [code]

• Test-Time Prompt Tuning for Zero-Shot Generalization in Vision-Language Models

  Manli Shu, Weili Nie, De-An Huang, Zhiding Yu, Tom Goldstein, Anima Anandkumar, Chaowei Xiao

  NeurIPS 2022. [pdf] [code]

• Exploring the Limits of Domain-Adaptive Training for Detoxifying Large-Scale Language Models

  Boxin Wang, Wei Ping, Chaowei Xiao, Peng Xu, Mostofa Patwary, Mohammad Shoeybi, Bo Li, Anima Anandkumar, Bryan Catanzaro.

  NeurIPS 2022[pdf] [code]

• Robust Trajectory Prediction against Adversarial Attacks

  Yulong Cao, Danfei Xu, Xinshuo Weng, Z. Morley Mao, Anima Anandkuma, Chaowei Xiao, Marco Pavone

  CORL 2022 (Oral)[pdf] [code]

• Diffusion Models for Adversarial Purification

  Weili Nie, Brandon Guo, Yujia Huang,Chaowei Xiao, Arash Vahdat, Anima Anandkumar.

  ICML 2022[pdf] [code]

• Understanding the robustness in vision transformers.

  Daquan Zhou, Zhiding Yu, Enze Xie,Chaowei Xiao, Anima Anandkumar, Jiashi Feng, Jose M Alvarez.

  ICML 2022[pdf] [code]

• AdvDO: Realistic Adversarial Attacks for Trajectory Prediction

  Yulong Cao,Chaowei Xiao, Anima Anandkumar, Danfei Xu, Marco Pavone.

  ECCV 2022[pdf] [code]

• SecretGen: Privacy Recovery on Pre-trained Models

  Zhuowen Yuan, Fan Wu, Yunhui Long,Chaowei Xiao, Bo Li

  ECCV 2022[pdf] [code]

• Taxonomy of Machine Learning Safety: A Survey and Primer

  Sina Mohseni, Zhiding Yu, Chaowei Xiao Jay Yadawa, Haotao Wang and Zhangyang Wang

  ACM Computing Survey 2022[pdf]

• RelViT: Concept-guided Vision Transformer for Visual Relational Reasoning

  Xiaojian Ma, Weili Nie, Zhiding Yu, Huaizu Jiang,Chaowei Xiao, Yuke Zhu, Song-Chun Zhu, Anima Anandkumar

  ICLR 2022[pdf] [code]

• Characterizing Attacks on Deep Reinforcement Learning.

  Xinlei Pan*,Chaowei Xiao*, Warren He, Shuang Yang, Peng Jian, Mingjie Sun, Mingyan Liu, Bo Li, Dawn Song.

  AAMAS 2022 [pdf]

2021

• Adversarially Robust 3D Point Cloud Recognition Using Self-Supervisions.

  Jiachen Sun, Yulong Cao, Christopher Choy, Zhiding Yu, Anima Anandkumar, Z. Morley Mao, Chaowei Xiao.

  NeurIPS 2021

• AugMax: Adversarial Composition of RandomAugmentations for Robust Training.

  Haotao Wang,Chaowei Xiao, Jean Kossaifi, Zhiding Yu, Animashree Anandkumar, Zhangyang Wang.

  NeurIPS 2021

• Efficient Transformers for Language and Vision.

  Chen Zhu, Wei Ping,Chaowei Xiao, Mohammad Shoeybi, Tom Goldstein, Anima Anandkumar, Bryan Catanzaro.

  NeurIPS 2021 (84.1% Top-1 accuracy solely trained on ImageNet-1K)

• Can Shape Structure Features Improve Model Robustness?

  Mingjie Sun*, Zichao Li*,Chaowei Xiao*, Haonan Qiu, Bhavya Kailkhura, MingyanLiu, Bo Li.

  ICCV 2021

• Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks.

  Yulong Cao*, Ningfei Wang*,Chaowei Xiao*, Dawei Yang*, Jin Fang, RuigangYang, Qi Alfred Chen, Mingyan Liu, Bo Li.

  IEEE Symposium on Security and Privacy (Oakland) 2021

• Application-Driven Privacy-Preserving Data Publishing with Correlated Attributes.

  Aria Rezaei,Chaowei Xiao, Jie Gao, Bo Li, Sirajum Munir.

  Embedded Wireless Systems and Networks (EWSN 2021)Best Paper Award

• Behavior Privacy Perserving in RF Sensing.

  Jianwie Liu,Chaowei Xiao, Kaiyan Cui, Jinsong Han, Xian Xu, Kui Ren.

  IEEE Transcations on Dependable and Secure Computing. [pdf]

2020

• SemanticAdv: Generating Adversarial Examples via Attribute-conditional Image Editing

  Haonan Qiu*, Chaowei Xiao*, Lei Yang*, Xinchen Yan, Honglak Lee, Bo Li.

  ECCV 2020

• Robust Deep Reinforcement Learning against Adversarial Perturbations on State Observations

  Huan Zhang*, Hongge Chen*, Chaowei Xiao, Bo Li, Mingyan Liu, Duane Boning, Cho-Jui Hsieh.

  NeurIPS 2020 (Spotlight).

• Towards Stable and Efficient Training of Verifiably Robust Neural Networks

  Huan Zhang, Hongge Chen, Chaowei Xiao, Sven Gowal, Robert Stanforth, Bo Li, Duane Boning, Cho-Jui Hsieh.

  ICLR 2020.

2019

• AdvIT: Adversarial Frames Identifier Based on Temporal Consistency In Videos

  Chaowei Xiao, Ruizhi Deng, Bo Li, Taesung Lee, Jinfeng Yi, Ian Molloy, Mingyan Liu, Dawn Song

  In International Conference on Computer Vision (ICCV) 2019.

• MeshAdv: Adversarial Meshes for Visual Recognition

  Chaowei Xiao*, Dawei Yang*, Bo Li, Jia Deng, Mingyan Liu

  In IEEE Conference on Computer Vision and Pattern Recognition (CVPR) 2019. (Oral presentation) [pdf]

• Performing Co-Membership Attack Against Deep Generative Model

  Kin Sum Liu, Chaowie Xiao , Bo Li, Jie Gao

  In IEEE International Conference on Data Mining (ICDM) 2019

• Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features

  Liang Tong, Bo Li, Chen Hajaj, Chaowei Xiao, Ning Zhang, Yevgeniy Vorobeychik.

  In USENIX Security 2019.

• Adversarial Sensor Attack on LIDAR-based Perception in Autonomous Driving

  Yulong Cao, Chaowei Xiao, Benjamin Cyr, Yimeng Zhou, Won Park, Sara Rampazzi, Qi Alfred Chen, Kevin Fu, Z. Morely Map

  In the 26th ACM Conference on Computer and Communications Security (CCS'19) [pdf]

2018

• Characterizing Adversarial Examples Based on Spatial Consistency Information for Semantic Segmentation

  Chaowei Xiao, Duizhi Deng, Bo Li, Fisher Yu, Mingyan Liu and Dawn Song

  In European Conference on Computer Vision (ECCV), 2018 [pdf][supplementary material]

• Spatially Transformed Adversarial Examples

  Chaowei Xiao*, Jun-Yan Zhu*, Bo Li, Warren He, Mingyan Liu and Dawn Song

  In International Conference on Learning Representations (ICLR), 2018 [pdf]

• Generating Adversarial Examples with Adversarial Networks

  Chaowei Xiao, Bo Li, Jun-Yan Zhu, Warren He, Mingyan Liu and Dawn Song

  In International Joint Conference on Artificial Intelligence (IJCAI), 2018. [pdf]

• From Behavior Similarity to Symptom Similarity: Using Community Detection for Early Discovery of Software Exploits

  Chaowei Xiao, Armin Sarabi,Yang Liu , Bo Li, Mingyan Liu and Tudor Dumitras

  In USENIX Security Symposium (USENIX Security), 2018 [pdf]

• Robust Physical-World Attacks on Machine Learning Models

  Kevin Eykholt*, Ivan Evtimov*, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno and Dawn Song

  In IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018 [pdf]

Before 2018

• Static Power of Mobile Devices: Self-updating Radio Maps for Wireless Indoor Localization

  Chenshu Wu, Zheng Yang, Chaowei Xiao, Chaofan Yang, Yunhao Liu and Mingyan Liu

  In IEEE International Conference on Computer Communications (INFOCOM), 2015

• Tagoram: Real-time Tracking of Mobile RFID Tags to High Precision Using COTS Devices.

  Lei Yang, Yekui Chen, Xiangyang Li, Chaowei Xiao, Mo Li and Yunhao Liu

  In International Conference on Mobile Computing and Networking (MobiCom), 2014. Best Paper Award