Xiao Yang   Ph.D. Room 1-509, FIT Building Dept. of Computer Science and Technology Tsinghua University Beijing, China, 100084 Email: yangxiao19@mails.tsinghua.edu.cn Github: ShawnXYang [Google Scholar]

Biography

I received my Ph.D. degree from TSAIL Group in the Department of Computer Science and Technology, Tsinghua University in June, 2023, advised by Prof. Jun Zhu.

I was a research intern from June, 2018 to April, 2019 at Tencent AI Lab, collaborating with Dr. Zhifeng Li and Dr. Wenhan Luo.

My research interests include deep learning and adversarial robustness in machine learning.

Competitions

• Our project AI Adversarial Glasses completed all challenges on commercial face recognition APIs, and got into G-TOP Annual Geek List ( < 1%) in the GeekPwn competition (October 24th, 2021). [video]
• Our team (Xiao Yang, Yichi Zhang, Shilong Liu) won the second place (2 / 1599) in the CVPR 2021 Security AI Challenger Unrestricted Adversarial Attacks on ImageNet (June, 2021).
• Our team (Xiao Yang, Dingcheng Yang, Shilong Liu, Zihao Xiao, Yinpeng Dong) won the first place in the GeekPwn DeepFake competition (October 24th, 2020).
• Our team (Shuyu Cheng, Dingcheng Yang, Xiao Yang, Yinpeng Dong) won the first place in the GeekPwn CAAD CTF competition (October 24th, 2019).
• Our team (Xiao Yang, Zihao Xiao, Yinpeng Dong) won the first place in the GeekPwn CAAD Adversarial Patch competition (October 24th, 2019).

Publications

• Robust Classification via a Single Diffusion Model
  Huanran Chen, Yinpeng Dong, Zhengyi Wang, Xiao Yang, Chengqi Duan, Hang Su, and Jun Zhu
  International Conference on Machine Learning (ICML), Vienna, Austria, 2024
  
• Efficient Black-box Adversarial Attacks via Bayesian Optimization Guided by a Function Prior
  Shuyu Cheng, Yibo Miao, Yinpeng Dong, Xiao Yang, Xiao-Shan Gao, and Jun Zhu
  International Conference on Machine Learning (ICML), Vienna, Austria, 2024
  
• Towards Transferable Targeted 3D Adversarial Attack in the Physical World
  Yao Huang, Yinpeng Dong, Shouwei Ruan, Xiao Yang, Hang Su, and Xingxing Wei
  IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Seattle, USA, 2024
  
• Embodied Active Defense: Leveraging Recurrent Feedback to Counter Adversarial Patches
  Lingxuan Wu, Xiao Yang^#, Yinpeng Dong, Liuwei Xie, Hang Su, and Jun Zhu
  International Conference on Learning Representations (ICLR), Vienna, Austria, 2024
  
• Rethinking Model Ensemble in Transfer-based Adversarial Attacks
  Huanran Chen, Yichi Zhang, Yinpeng Dong, Xiao Yang, Hang Su, and Jun Zhu
  International Conference on Learning Representations (ICLR), Vienna, Austria, 2024
  
• Adversarial Attacks on Face Recognition
  Xiao Yang and Jun Zhu
  Handbook of Face Recognition, 387-404, 2023
  
• On Evaluating Adversarial Robustness of Large Vision-Language Models
  Yunqing Zhao*, Tianyu Pang*, Chao Du, Xiao Yang, Chongxuan Li, Ngai-Man Cheung, Min Lin
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2023
  [code] [arXiv]
• Root Pose Decomposition Towards Generic Non-rigid 3D Reconstruction with Monocular Videos
  Yikai Wang, Yinpeng Dong, Fuchun Sun, and Xiao Yang
  International Conference on Computer Vision (ICCV), Paris, France, 2023
  [arXiv]
• Towards Effective Adversarial Textured 3D Meshes on Physical Face Recognition (Highlight, top 2.5%)
  Xiao Yang, Chang Liu, Longlong Xu, Yikai Wang, Yinpeng Dong, Ning Chen, Hang Su, and Jun Zhu
  IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Vancouver, Canada, 2023
  [arXiv] [appendix] [code]
• Benchmarking Robustness of 3D Object Detection to Common Corruptions in Autonomous Driving
  Yinpeng Dong, Caixin Kang, Jinlai Zhang, Zijian Zhu, Yikai Wang, Xiao Yang, Hang Su, Xingxing Wei, and Jun Zhu
  IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Vancouver, Canada, 2023
  [code]
• Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks
  Xiao Yang, Yinpeng Dong, Tianyu Pang, Hang Su, and Jun Zhu
  Advances in European Conference on Computer Vision (ECCV), Online, 2022
  [code] [appendix]
• Robustness and Accuracy Could Be Reconcilable by (Proper) Definition
  Tianyu Pang, Min Lin, Xiao Yang, Jun Zhu, and Shuicheng Yan
  International Conference on Machine Learning (ICML), Baltimore, USA, 2022
  [code] [appendix]
• DAB-DETR: Dynamic Anchor Boxes are Better Queries for DETR
  Shilong Liu, Feng Li, Hao Zhang, Xiao Yang, Xianbiao Qi, Hang Su, Jun Zhu, and Lei Zhang
  International Conference on Learning Representations (ICLR), Online, 2022
  [code]
• Exploring Memorization in Adversarial Training
  Yinpeng Dong, Ke Xu, Xiao Yang, Tianyu Pang, Zhijie Deng, Hang Su, and Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2022
  
• Accumulative Poisoning Attacks on Real-time Data
  Tianyu Pang*, Xiao Yang*, Yinpeng Dong, Hang Su, and Jun Zhu (* indicates equal contribution)
  Advances in Neural Information Processing Systems (NeurIPS), Online, 2021
  [code] [appendix]
• Towards Face Encryption by Generating Adversarial Identity Masks
  Xiao Yang, Yinpeng Dong, Tianyu Pang, Jun Zhu, and Hang Su
  International Conference on Computer Vision (ICCV), Online, 2021
  [code] [appendix]
• Black-box Detection of Backdoor Attacks with Limited Information and Data
  Yinpeng Dong, Xiao Yang, Zhijie Deng, Tianyu Pang, Zihao Xiao, Hang Su, and Jun Zhu
  International Conference on Computer Vision (ICCV), Online, 2021
  
• Adversarial Semantic Contour for Object Detection
  Yichi Zhang, Zijian Zhu, Xiao Yang, and Jun Zhu
  ICML 2021 Workshop on A Blessing in Disguise: The Prospects and Perils of Adversarial Machine Learning
  
• LiBRe: A Practical Bayesian Approach to Adversarial Detection
  Zhijie Deng, Xiao Yang, Shizhen Xu, Hang Su, and Jun Zhu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Online, 2021
  [code]
• Unsupervised Part Segmentation through Disentangling Appearance and Shape
  Shilong Liu, Lei Zhang, Xiao Yang, Hang Su, and Jun Zhu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Online, 2021
  
• Bag of Tricks for Adversarial Training
  Tianyu Pang, Xiao Yang, Yinpeng Dong, Hang Su, and Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2021
  [code] [appendix]
• Boosting Adversarial Training with Hypersphere Embedding
  Tianyu Pang*, Xiao Yang*, Yinpeng Dong, Kun Xu, Hang Su, and Jun Zhu (* indicates equal contribution)
  Advances in Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2020
  
• Benchmarking Adversarial Robustness on Image Classification (Oral)
  Yinpeng Dong, Qi-An Fu, Xiao Yang, Tianyu Pang, Hang Su, Zihao Xiao, and Jun Zhu
  Advances in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Seattle, USA, 2020
  [arXiv] [appendix] [code]
• Design and Interpretation of Universal Adversarial Patches in Face Detection
  Xiao Yang*, Fangyun Wei*, Hongyang Zhang*, and Jun Zhu
  Advances in European Conference on Computer Vision (ECCV), Online, 2020
  
• Face Anti-spoofing: Model Matters, So Does Data
  Xiao Yang*, Wenhan Luo*, Linchao Bao, Yuan Gao, Dihong Gong, Shibao Zheng, Zhifeng Li, and Wei Liu
  Advances in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Long Beach, USA, 2019
  
• Recognizing minimal facial sketch by generating photorealistic faces with the guidance of descriptive attributes
  Xiao Yang, Hang Su, Qin Zhou, Xinzhe Li, and Shibao Zheng
  Advances in IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Calgary, Canada, 2018
  

Preprints

• Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition
  Xiao Yang, Yinpeng Dong, Tianyu Pang, Zihao Xiao, Hang Su, and Jun Zhu
  arXiv preprint
  
• Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness
  Xiao Yang*, Yinpeng Dong*, Wenzhao Xiang, Tianyu Pang, Hang Su, and Jun Zhu
  arXiv preprint
  
• RobFR: Benchmarking Adversarial Robustness on Face Recognition
  Xiao Yang, Dingcheng Yang, Yinpeng Dong, Hang Su, Wenjian Yu, and Jun Zhu
  arXiv preprint
  [code]

Services

Co-organizing for:
AAAI 2022 Workshop on Adversarial Machine Learning and Beyond
Adversarial Robustness Competition on Data-Centric Robust Learning on ML Models
Conference reviewer:
NeurIPS 2023; ICML 2023; IJCAI 2023; CVPR 2023; AAAI 2023; ICML 2022; CVPR 2022; AAAI 2022; NeurIPS 2021; CVPR 2021; ECCV 2020; CVPR 2020
Journal reviewer:
IJCV 2023; TPAMI 2022; TPAMI 2021; TIP 2021

Honors & Awards

• Tsinghua Outstanding Doctoral Dissertation Award, 2023.06
• Tsinghua Outstanding Graduates, 2023.06
• Qihang Award, Tsinghua University, 2023.06
• Huawei-Tsinghua Scholarship, 2022.10
• Longhu Scholarship, 2022.09
• Zhong Shimo Scholarship, Tsinghua University, 2021.12
  The highest award in the Department of CST. Only 3 students (including master and Ph.D. students) are awarded each year.
• '84' Future Innovation Scholarship, 2021.12
• Huawei-Tsinghua Scholarship, 2021.06

Teaching

2021 spring, TA in Statistical Machine Learning, instructed by Prof. Jun Zhu
2023 by Xiao Yang