Publications

Book Chapters

• Adversarial Learning and Secure AI
  David J. Miller, Zhen Xiang, George Kesidis
  Cambridge University Press, 2023.

Conference Papers

• BadChain: Backdoor Chain-of-Thought Prompting for Large Language Models
  Zhen Xiang, Fengqing Jiang, Zidi Xiong, Bhaskar Ramasubramanian, Radha Poovendran, Bo Li
  International Conference on Learning Representations (ICLR), 2024.

• MMBD: Post-Training Detection of Backdoor Attacks with Arbitrary Backdoor Pattern Types Using a Maximum Margin Statistic
  Hang Wang, Zhen Xiang (co-first author), David J. Miller, George Kesidis
  IEEE Symposium on Security and Privacy (S&P), 2024.

• CBD: A Certified Backdoor Detector Based on Local Dominant Probability
  Zhen Xiang, Zidi Xiong, Bo Li
  Advances in Neural Information Processing Systems (NeurIPS), 2023.

• UMD: Unsupervised Model Detection for X2X Backdoor Attacks
  Zhen Xiang, Zidi Xiong, Bo Li
  IEEE International Conference on Machine Learning (ICML), 2023.

• A BIC-based Mixture Model Defense against Data Poisoning Attacks on Classifiers
  Xi Li, Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Workshop on Machine Learning for Signal Processing (MLSP), 2023.

• Training Set Cleansing of Backdoor Poisoning by Self-Supervised Representation Learning
  Hang Wang, Sahar Karami, Ousmane Dia, Hippolyt Ritter, Ehsan Emamjomeh-Zadeh, Jiahui Chen, Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2023.

• Test-Time Detection of Backdoor Triggers for Poisoned Deep Neural Networks
  Xi Li, Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2022.

• Detecting Backdoor Attacks Against Point Cloud Classifiers
  Zhen Xiang, David J. Miller, Siheng Chen, Xi Li, George Kesidis
  IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2022.

• Post-Training Detection of Backdoor Attacks for Two-Class and Multi-Attack Scenarios
  Zhen Xiang, David J. Miller, George Kesidis
  International Conference on Learning Representations (ICLR), 2022.

• L-red: Efficient post-training detection of imperceptible backdoor attacks without access to the training set
  Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2021.

• A Backdoor Attack against 3D Point Cloud Classifiers
  Zhen Xiang, David J. Miller, Siheng Chen, Xi Li, George Kesidis
  International Conference on Computer Vision (ICCV), 2021.

• A Scalable Mixture Model Based Defense against Data Poisoning Attacks on Classifiers
  Xi Li, David J. Miller, Zhen Xiang, George Kesidis
  International Conference on Dynamic Data Driven Application Systems (DDDAS), 2020.

• Revealing Perceptible Backdoors in DNNs, without the Training Set, via the Maximum Achievable Misclassification Fraction Statistic
  Zhen Xiang, David J. Miller, Hang Wang, George Kesidis
  IEEE International Workshop on Machine Learning for Signal Processing (MLSP), 2020.

• Revealing backdoors, post-training, in DNN classifiers via novel inference on optimized perturbations inducing group misclassification
  Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2020.

• A Benchmark Study of Backdoor Data Poisoning Defenses for Deep Neural Network Classifiers and a Novel Defense
  Zhen Xiang, David J. Miller, George Kesidis
  IEEE International Workshop on Machine Learning for Signal Processing (MLSP), 2019.

• Locally Optimal, Delay-Tolerant Predictive Source Coding
  Zhen Xiang, David J. Miller
  52nd Annual Conference on Information Sciences and Systems (CISS), 2018.

Journal Papers

• BIC-based Mixture Model Defense against Data Poisoning Attacks on Classifiers: A Comprehensive Study
  Xi Li, David J. Miller, Zhen Xiang, George Kesidis
  IEEE Transactions on Knowledge and Data Engineering (TKDE), 2024.

• Reverse Engineering Imperceptible Backdoor Attacks on Deep Neural Networks for Detection and Training Set Cleansing
  Zhen Xiang, David J. Miller, George Kesidis
  Computers & Security, 2021.

• Detecting Scene-Plausible Perceptible Backdoors in Trained DNNs Without Access to the Training Set
  Zhen Xiang, David J. Miller, Hang Wang, George Kesidis
  Neural Computation, 2021.

• Detection of Backdoors in Trained Classifiers Without Access to the Training Set
  Zhen Xiang, David J. Miller, George Kesidis
  IEEE Transactions on Neural Networks and Learning Systems (TNNLS), 2020.

• Adversarial Learning Targeting Deep Neural Network Classification: A Comprehensive Review of Defenses Against Attacks
  David J. Miller, Zhen Xiang, George Kesidis
  Proceedings of the IEEE, 2020.