I am a tenure-track professor of artificial intelligence at Fudan University and a member of Fudan Vision and Learning (FVL) Lab. I am also an honorary fellow at The University of Melbourne. My main research area is Trustworthy AI, aiming to develop secure, robust, explainable, privacy-preserving, and fair learning algorithms and models for AI applications. I am also deeply passionate about leveraging AI to deepen our understanding of the mind and the universe.
I received my Ph.D. degree from The University of Melbourne and spent another 2 wonderful years as a postdoctoral research fellow. I worked for 1.5 years at Deakin University as a lecturer before joining Fudan. I obtained my bachelor's and master's degrees from Jilin University and Tsinghua University, respectively.
"Everything should be as simple as possible, but not simpler."
Email / Google Scholar / GitHub
Introducing OpenTAI: Advancing Trustworthy AI Through Open Collaboration Over the past two years, I’ve dedicated significant effort to building OpenTAI, an open platform designed to accelerate collaborative research in Trustworthy AI (TAI). Today, I’m thrilled to officially launch this initiative.
Our Mission
OpenTAI aims to develop large-scale, practical, and open-source benchmarks, tools, and datasets—bridging the gap between TAI research and real-world applications. We’ve seeded the platform with foundational projects from our own work, but this is just the beginning.Call for Collaboration
OpenTAI is community-driven. We invite researchers and practitioners to:- Submit high-impact projects for curation (free and open to all)
- Collaborate on expanding our resource library
What’s Next?
Stay tuned for a pipeline of cutting-edge benchmarks and tools in the coming year—all designed to make AI more transparent, robust, and accountable.Join us in shaping the future of Trustworthy AI!
Books
We are looking for motivated master/phd students, postdocs, and interns in the field of Trustworthy AI, MLLMs/VLMs, Generative AI, Reinforcement Learning, and Embodied AI to join our team. Drop me an email if you are interested.
Latest News
- [03/2025] The preprint of our long survey paper Safety at Scale: A Comprehensive Survey of Large Model Safety is available on arXiv. Many thanks to all collaborators!
- [02/2025] Our works on Million-scale Adversarial Robustness Evalution, Test-time Adversarial Prompt Tuning, and AnyAttack are accepted by CVPR 2025.
- [01/2025] Our works on RL-based jailbreak defense for VLMs and backdoor sample detection in CLIP are accepted by ICLR 2025.
- [12/2024] I will serve as an Area Chair for ICML 2025.
- [12/2024] Our works on targeted transferable adversarial attack, defense against model extraction attacks, and RL-based LLM auditing are accepted by AAAI 2025.
- [09/2024] I will serve as an Area Chair for ICLR 2025.
- [09/2024] One paper on unlearnable examples for segmentation models is accepted to NeurIPS, 2024.
- [07/2024] Our works on model lock , detecting query-based adversarial attacks , and multimodal jailbreak attacks on VLMs are accepted by MM'24.
- [07/2024] Our work on adversarial prompt tuning is accepted by ECCV'24.
- [04/2024] Our work on intrinsic motivation for RL is accepted by IJCAI'24.
- [03/2024] Our work on adversarial policy learning in RL is accepted by DSN'24.
- [03/2024] Our work on safety alignment of LLMs is accepted by NAACL'24.
- [03/2024] Our work on machine unlearning is accepted by TDSC.
- [01/2024] Our work on self-supervised learning is accepted by ICLR'24.
Research Interests
- Trustworthy AI
- Adversarial/jailbreak attacks and defenses
- Backdoor attacks and defenses
- Reinforcement learning, safety alignment
- Data privacy, data/model extraction
- Memorization, data attribution, unlearning
- Multimodal and Generative AI
- Multimodal learning, vision-language models
- Diffuson models, Text2Image generation, Text2Video generation
- World model, embodied AI
Professional Activities
- Program Committee Member
- ICLR (2019-2025), ICML (2019-2025), NeurIPS (2019-2024), CVPR (2020-2025), ICCV (2021-2023), ECCV (2020), AAAI (2020-2022), IJCAI (2020-2021), KDD (2019,2021), ICDM (2021), SDM (2021), AICAI (2021)
- Journal Reviewer
- Nature Communications, Pattern Recognition, TPAMI, TIP, IJCV, JAIR, TNNLS, TKDE, TIFS, TOMM, KAIS