I am an assistant professor in the College of Information Sciences and Technology at Penn State. I obtained my Ph.D. degree in the Department of Computer Science from the University of California, Los Angeles under the supervision of Prof. Cho-Jui Hsieh. Before joining Penn State, I was an assistant professor of Computer Science & Engineering at HKUST. My research interest is broadly on machine learning with a focus on trustworthy machine learning and AutoML.
News
- [July 2024] We initiate TurningPoint AI, a AIGC Research Collaboration group across different institutes. Check our recent amazing progress!
- [Janaury 2024] I’m always looking for highly motivated students to join my group. Please email me if you are interested.
- [Janaury 2024] I will join College of Information Sciences and Technology at Penn State University in Spring 2024.
- [August 2021] I joined Department of Computer Science and Engineering at Hong Kong Unverisity of Science and Technology (HKUST) in Winter 2022.
- [April 2021] Our paper on Rethinking Architecture Selection in Differentiable NAS won the outstanding paper award at ICLR 2021.
- [March 2021] I have passed my PhD defense: On the Robustness of Neural Network: Attacks and Defenses
Education
- Ph.D. in Computer Science, Univerisity of California, Los Angeles, 2021
- B.Eng. in Computer Science, Univerisity of Electronic Science and Technology of China, 2015
Work experience
- 2022.1-2023.12: Assistant Professor, HKUST, Hong Kong
- Summer 2020: Research Intern, Microsoft, Redmond, WA
- Summer 2019: Research Intern, IBM Research, Yorktown Heights, NY
- Summer 2017: Research Intern, Rakuten Slice, San Mateo, CA
Award
- ICLR 2021 Outstanding Paper Award
Talks
- LLM security
- Towards Trustworthy Machine Learning: Training-time and Test-time Integrity
- Introduction on ChatGPT
Teaching
- [Fall 2024] CYBER 362: Cybersecurity Analytics Studio
- [Spring 2024] CYBER 362: Cybersecurity Analytics Studio
- [Fall 2023] COMP 5212: Machine Learning
- [Spring 2023] COMP 6211I: Trustworthy Machine Learning
- [Fall 2022] COMP 5212: Machine Learning
Current Students
- Zhimeng Guo (PhD @ Penn State IST, Spring 2024 - Present)
- Zeyu Qin (PhD @ HKUST CSE, Fall 2022 - Present)
- Rui Min ( PhD @ HKUST CSE, Spring 2023 - Present)
- Kuan Li (PhD @ HKUST CSE, Fall 2023 - Present)
Alumni
- Sen Li (MPhil @ HKUST CSE, Fall 2022 - Summer 2024)
- Yize Cheng (UG @ HKUST, Fall 2022 - Winter 2023, Now PhD student @ University of Maryland)
- Wenbin Hu (UG @ HKUST, Fall 2022 - Winter 2023)
- Yihan Bai (UG @ HKUST, Summer 2023 - Summer 2024)
- Liaoyaqi Wang (Research Intern, Summer 2023 - Spring 2024, Now Master student @ Johns Hopkins University)
- Liying Li (Research Intern, Summer 2023 - Spring 2024, Now MPhil student @ Hong Kong Polytechnic University (PolyU))
- Jaechual Roh (UG @ HKUST, Winter 2022 - Spring 2022, Now PhD student @ UMass Amherst)
Publications
* denote equal contribution
Uncovering, Explaining, and Mitigating the Superficial Safety of Backdoor Defense, Rui Min*, Zeyu Qin*, Nevin L. Zhang, Li Shen, Minhao Cheng. To appear in Advances in Neural Information Processing Systems (NeurIPS), 2024. (Spotlight) [PDF] [CODE]
DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLMs Jailbreakers, Xirui Li, Ruochen Wang, Minhao Cheng, Tianyi Zhou, Cho-Jui Hsieh. To appear in Conference on Empirical Methods in Natural Language Processing Findings (EMNLP-Findings) , 2024. [PDF] [CODE]
GuardEmb: Dynamic Watermark for Safeguarding Large Language Model Embedding Service Against Model Stealing Attack, Liaoyaqi Wang, Minhao Cheng. To appear in Conference on Empirical Methods in Natural Language Processing Findings (EMNLP-Findings) , 2024. [PDF] [CODE]
Where Am I From? Identifying Origin of LLM-generated Content, Liying Li, Yihan Bai, Minhao Cheng. To appear in Conference on Empirical Methods in Natural Language Processing (EMNLP), 2024. [PDF] [CODE]
Exploring Robustness of GNN against Universal Injection Attack From a Worst-case Perspective, Dandan Ni, Sheng Zhang, Cong Deng, Han Liu, Gang Chen, Minhao Cheng and Hongyang Chen. To appear in 33rd ACM International Conference on Information and Knowledge Management (CIKM), 2024.
A Watermark-Conditioned Diffusion Model for IP Protection, Rui Min, Sen Li, Hongyang Chen, Minhao Cheng. In European Conference on Computer Vision (ECCV), 2024. [PDF] [CODE]
When and How do negative prompts take effect?, Yuanhao Ban, Ruochen Wang, Tianyi Zhou, Minhao Cheng, Boqing Gong, Cho-Jui Hsieh. In European Conference on Computer Vision (ECCV), 2024. [PDF] [CODE]
Unsupervised Heterogeneous Graph Rewriting Attack via Node Clustering, Haosen Wang, Can Xu, Chenglong Shi, PengFei Zheng, Shiming Zhang, Minhao Cheng, Hongyang Chen. In ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), 2024. [PDF]
One Prompt is not Enough: Automated Construction of a Mixture-of-Expert Prompts, Ruochen Wang*, Sohyun An*, Minhao Cheng, Tianyi Zhou, Sung Ju Hwang, Cho-jui Hsieh. To appear in International Conference on Machine Learning (ICML), 2024. [PDF] [CODE]
Boosting the Adversarial Robustness of Graph Neural Networks: An OOD Perspective, Kuan Li, Yiwen Chen, Yang Liu, Jin Wang, Qing He, Minhao Cheng, Xiang Ao. In International Conference on Learning Representations (ICLR), 2024. [PDF] [CODE]
CurvAGN: Curvature-based Adaptive Graph Neural Networks for Predicting Protein-Ligand Binding Affinity, Jianqiu Wu, Hongyang Chen, Minhao Cheng, Haoyi Xiong. In BMC Bioinformatics 24. [PDF]
PTP: Boosting Stability and Performance of Prompt Tuning with Perturbation-Based Regularizer, Lichang Chen, Heng Huang, Minhao Cheng. In Conference on Empirical Methods in Natural Language Processing (EMNLP), 2023. [PDF]
Stable Backdoor Purification with Feature Shift Tuning, Rui Min*, Zeyu Qin*, Li Shen, Minhao Cheng, In Neural Information Processing Systems (NeurIPS), 2023. [PDF] [Code]
Revisiting Personalized Federated Learning: Robustness Against Backdoor Attacks, Zeyu Qin, Liuyi Yao, Daoyuan Chen, Yaliang Li, Boling Ding, Minhao Cheng, In ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), 2023. [PDF] [Code]
Identification of the Adversary from a Single Adversarial Example, Minhao Cheng, Rui Min, Haochen Sun, Pin-Yu Chen, In International Conference on Machine Learning (ICML), 2023. (A short version appears in NeurIPS Workshop on Machine Learning Safety, 2022) [PDF] [Code]
Boosting Accuracy and Robustness of Student Models via Adaptive Adversarial Distillation, Bo Huang, Mingyang Chen, Yi Wang, Junda Lu, Minhao Cheng, Wei Wang, In IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2023. [PDF]
FedDM: Iterative Distribution Matching for Communication-Efficient Federated Learning, Yuanhao Xiong*, Ruochen Wang*, Minhao Cheng, Felix Yu, Cho-Jui Hsieh, In IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2023. [PDF]
Trusted Aggregation (TAG): Model Filtering Backdoor Defense In Federated Learning, Joseph Lavond, Minhao Cheng, Yao Li, In NeurIPS Workshop on Federated Learning: Recent Advances and New Challenges, 2022.
Defend Against Textual Backdoor Attacks By Token Substitution, Xingling Li, Yao Li, Minhao Cheng In NeurIPS Workshop on Robustness in Sequence Modeling, 2022.
Random Sharpness-Aware Minimization, Yong Liu, Siqi Mai, Minhao Cheng, Xiangning Chen, Cho-Jui Hsieh, Yang You, In Advances in Neural Information Processing Systems (NeurIPS), 2022. [PDF]
Efficient Non-Parametric Optimizer Search for Diverse Tasks, Ruochen Wang, Yuanhao Xiong, Minhao Cheng, Cho-Jui Hsieh, In Advances in Neural Information Processing Systems (NeurIPS), 2022. [PDF]
CAT: Customized Adversarial Training for Improved Robustness, Minhao Cheng, Qi Lei, Pin-Yu Chen, Inderjit Dhillon, Cho-Jui Hsieh, In International Joint Conference on Artificial Intelligence (IJCAI), 2022. [PDF]
Concurrent Adversarial Learning for Large-Batch Training, Yong Liu, Xiangning Chen, Minhao Cheng, Cho-Jui Hsieh, Yang You, In International Conference on Learning Representations (ICLR), 2022. [PDF]
Foreseeing private car transfer between urban regions with multiple graph-based generative adversarial networks, Chenxi Liu, Zhu Xiao, Dong Wang, Minhao Cheng, Hongyang Chen, Jiawei Cai. In World Wide Web Journal, 2022. [PDF]
A Review of Adversarial Attack and Defense for Classification Methods, Yao Li, Minhao Cheng, Cho-Jui Hsieh, Thomas Lee, In The American Statistician, 2021. [PDF]
RANK-NOSH: Efficient Predictor-Based NAS via Non-Uniform Successive Halving, Ruochen Wang, Xiangning Chen, Minhao Cheng, Xiaocheng Tang, Cho-Jui Hsieh, In International Conference on Computer Vision (ICCV), 2021. [PDF]
On the Robustness of Neural Network: Attacks and Defenses, Minhao Cheng, PhD Dissertation [PDF]
Rethinking Architecture Selection in Differentiable NAS, Ruochen Wang, Minhao Cheng, Xiangning Chen, Xiaocheng Tang, Cho-Jui Hsieh, In International Conference on Learning Representations (ICLR), 2021. (Outstanding Paper Award) [PDF] [Code]
DrNAS: Dirichlet Neural Architecture Search, Xiangning Chen*, Ruochen Wang*, Minhao Cheng*, Xiaocheng Tang, Cho-Jui Hsieh, In International Conference on Learning Representations (ICLR), 2021. [PDF] [Code]
Self-Progressing Robust Training, Minhao Cheng, Pin-Yu Chen, Sijia Liu, Shiyu Chang, Cho-Jui Hsieh, Payel Das, In AAAI Conference on Artificial Intelligence (AAAI), 2021. [PDF] [Code]
Evaluating and enhancing the robustness of neural network-based dependency parsing models with adversarial examples, Xiaoqing Zheng, Jiehang Zeng, Yi Zhou, Cho-Jui Hsieh, Minhao Cheng, Xuanjing Huang, In Proceedings of Association for Computational Linguistics (ACL), 2020. [PDF]
Sign-OPT: A Query-Efficient Hard-label Adversarial Attack, Minhao Cheng*, Simranjit Singh*, Patrick H. Chen, Pin-Yu Chen, Sijia Liu, Cho-Jui Hsieh, In International Conference on Learning Representations (ICLR), 2020. [PDF] [Code]
Seq2Sick: Evaluating the Robustness of Sequence-to-Sequence Models with Adversarial Examples, Minhao Cheng, Jinfeng Yi, Pin-Yu Chen, Huan Zhang, Cho-Jui Hsieh, In AAAI Conference on Artificial Intelligence (AAAI), 2020. [PDF] [Code]
On the Robustness of Self-Attentive Models, Yu-Lun Hsieh, Minhao Cheng, Da-Cheng Juan, Wei Wei, Wen-Lian Hsu, Cho-Jui Hsieh, In Proceedings of Association for Computational Linguistics (ACL), 2019. [PDF]
Evaluating and Enhancing the Robustness of Dialogue Systems: A Case Study on a Negotiation Agent, Minhao Cheng, Wei Wei, Cho-Jui Hsieh, In Annual Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies (NAACL-HLT), 2019. [PDF] [Code]
Query-Efficient Hard-label Black-box Attack:An Optimization-based Approach, Minhao Cheng, Thong Le, Pin-Yu Chen, Jinfeng Yi, Huan Zhang, Cho-Jui Hsieh, In International Conference on Learning Representations (ICLR), 2019. [PDF] [Code]
Fast Training for Large-Scale One-versus-All Linear Classifiers using Tree-Structured Initialization, Huang Fang, Minhao Cheng, Cho-Jui Hsieh, Michael Friedlander, In SIAM International Conference on Data Mining (SDM), 2019. [PDF]
Learning from Group Comparisons: Exploiting Higher Order Interactions, Yao Li, Minhao Cheng, Kevin Fujii, Fushing Hsieh, Cho-Jui Hsieh, In Advances in Neural Information Processing Systems (NeurIPS), 2018. [PDF]
Towards Robust Neural Networks via Random Self-ensemble, Xuanqing Liu, Minhao Cheng, Huan Zhang, Cho-Jui Hsieh, In European Conference on Computer Vision (ECCV), 2018. [PDF]
Distributed Primal-Dual Optimization for Non-uniformly Distributed Data, Minhao Cheng, Cho-Jui Hsieh, In International Joint Conference on Artificial Intelligence (IJCAI), 2018. [PDF]
Extreme Learning to Rank via Low Rank Assumption, Minhao Cheng, Ian Davidson, Cho-Jui Hsieh, In International Conference on Machine Learning (ICML), 2018. [PDF]
A Hyperplane-based Algorithm for Semi-supervised Dimension Reduction, Huang Fang, Minhao Cheng, Cho-Jui Hsieh, In IEEE International Conference on Data Mining (ICDM), 2017. [PDF]
Preprints
Attacking by Aligning: Clean-Label Backdoor Attacks on Object Detection, Yize Cheng, Wenbin Hu, Minhao Cheng. [arXiv]
Backdoor Learning on Sequence to Sequence Models, Lichang Chen, Minhao Cheng, Heng Huang. [arXiv]
Class-wise Visual Explanations for Deep Neural Networks, Minhao Cheng, Zeyu Qin.
Voting based ensemble improves robustness of defensive models, Devvrit, Minhao Cheng, Cho-Jui Hsieh, Inderjit Dhillon, [arXiv]
Adversarial Masking: Towards Understanding Robustness Trade-off for Generalization, Minhao Cheng, Zhe Gan, Yu Cheng, Shuohang Wang, Cho-Jui Hsieh, Jingjing Liu, [Link]
Fake Node Attacks on Graph Convolutional Networks, Xiaoyun Wang, Minhao Cheng, Joe Eaton, Cho-Jui Hsieh, S.Felix Wu [arXiv]
Enhancing Certifiable Robustness via a Deep Model Ensemble, Huan Zhang, Minhao Cheng, Cho-Jui Hsieh [arXiv]
Stochastic Zeroth-order Optimization via Variance Reduction method, Liu Liu, Minhao Cheng, Cho-Jui Hsieh, Dacheng Tao [arXiv]