个人简介
研究生招生学科:计算机科学与技术、网络空间安全、电子信息。
在信息安全相关期刊和国际会议发表论文46篇,其中18篇SCI,如:IEEE Transactions on Dependable and Secure Computing(CCF A),IEEE Transactions on Artificial Intelligence,IEEE Transactions on Vehicular Technology, Computers & Security (CCF B类),Journal of Information Security and Applications (CCF C类), Peer-to-Peer Networking and Applications (CCF C类),Applied Intelligence(2区),Security and Communication Networks(CCF C类),IET Computers & Digital Techniques,IEEE Access(2区),计算机学报(CCF中文A类),电子学报(CCF中文A类),等等。 另有10篇在审/ArXiv。
获最佳论文奖1项;
获IET CDT Editor's Choice Award。
出版译著1部,参与编写专著一部。发明专利9项,前4项已授权。软件著作权4项。
ArXiv (Preprint)/Under review, 2020-2022:
1. 3D Invisible Cloak (2020)
2. Use the Spear as a Shield: A Novel Adversarial Example based Privacy-Preserving Technique against Membership Inference Attacks (2020)
3. AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption (2021)
4. Detecting Backdoor in Deep Neural Networks via Intentional Adversarial Perturbations (2021)
5. Compression-Resistant Backdoor Attack against Deep Neural Networks (2021)
6. Imperceptible and Multi-channel Backdoor Attack against Deep Neural Networks (2021)
7. Protect the Intellectual Property of Dataset against Unauthorized Use (2021)
8. Adaptive 3D Mesh Steganography Based on Feature-Preserving Distortion (2021)
教育经历:
2014/5 – 至今, 南京航空航天大学,计算机科学与技术学院,先后讲师、副教授
2011/7 - 2012/7,新加坡南洋理工大学,公派留学联合培养,导师:Prof. Chang Chip-Hong, IEEE Fellow
2010/9 - 2014/4,东南大学,信息与通信工程(信息安全),博士,导师:胡爱群教授
2008/9 - 2010/7,东南大学,信息与通信工程(信息安全),硕士(保博),导师:胡爱群教授
2004/9 - 2008/7,西南交通大学,电子信息工程,学士(四次获特等奖学金,保研)
主持的科研项目:
国家自然科学基金青年基金 (国家级项目) ;
国家中央JW科技委 XXXX创新特区 (国家级项目,原国防 863 ) ;
CCF-绿盟科技鲲鹏科研基金项目 (2021中国计算机大会颁奖,全国共14人);
CCF-启明星辰鸿雁科研计划 ( 2016 中国计算机大会颁奖,全国共 16 人) ;
CCF-绿盟科技鲲鹏科研基金项目 ( 2017 中国计算机大会颁奖,全国共 11 人) ;
江苏省自然科学基金青年基金 (省部级项目) ;
中国博士后科学基金面上资助(省部级项目);
江苏省博士后基金科研资助(省部级项目);
中国空间技术研究院(航天科技五院)503所项目;
中国民航信息技术科研基地开放基金课题;
中央高校基本科研业务费专项资金;
三个教改项目;
参与的项目:
13. 1个JWKJW项目;
14-15. 2个国家自然科学基金项目;
16. 1个教改项目。
国际会议:
2013: IEEE WCNC;
2015: ICCCS2015, CBD2015;
2016: CHES2016, CBD2016;
2017: IEEE ISCAS2017, IEEE MWSCAS2017, IEEE ASAP2017, ISPACS2017, CBD2017,IEEE GLOBECOM2017;
2018: IEEE GLOBECOM2018, IEEE MWSCAS2018, CBD2018;
2019: IEEE ISCAS2019; ISVLSI 2019; IEEE MWSCAS 2019; CFTC2019; IEEE MENACOMM'19; ICCCN2019-BDMLS workshop; MLICOM 2019; IEEE Globecom2019; IEEE COMNETSAT 2019; CBD 2019; 3ICT'19;SSCC-2019;
2020: ISCAS2020; ICCCN-BDMLS workshop2020; ACM TURC 2020; CCF CTC2020; Globecom2020; CBD2020; AJCAI2020; 3ICT2020; ATS 2020;
2021: AITS 2021; SIoTEC 2021; ATS 2021; Globecom2021 CISS;CBD2021;
2022: ISCAS 2022 ; CVPR 2022;ECCV 2022;
部分研究生风采:
1. 卞荣臻,已毕业:1)以一作或二作发表2篇SCI,3篇EI,1项专利;2)获研究生一等奖学金;3)三好研究生;4)科研创新个人奖。
2. 袁成翔,已毕业:1)获校优秀硕士学位论文;2)以一作或二作发表4篇SCI,1篇EI,1项专利,另有1篇SCI在审;3)获研究生二等奖学金。
3. 何灿,已毕业:1)获校优秀硕士学位论文;2)以1作或2作或3作发表5篇SCI(1篇CCF A类,2篇CCF B类,2篇CCF C类),3篇会议(2篇CCF C类,1篇ACM会议),另有2篇SCI在审;3)研究生一等奖学金;4)三好研究生;5)科研创新个人奖;6)硕士学位论文送审得分为95、93分.
部分本科生风采:
1. 吴至禹,已毕业:2项发明专利;1篇CCF C类论文,1篇SCI论文,3篇参与的SCI论文在审;保送浙江大学研究生;
2. 王谢燕,已毕业:1项发明专利;科创结题优秀,获学院科创二等奖;保送中国科学技术大学研究生。
工作经历
2014.5 -- 至今南京航空航天大学
科研项目
[1]基于机器学习的Golden chips-free硬件木马检测方法研究
[2]硬件木马检测方法研究
[3]硬件木马评估技术研究
[4]基于优化学习的免参考芯片硬件木马检测方法研究
[5]免于参考芯片的指纹自认证硬件木马检测方法研究
[6]硬件安全与可信研究
[7]面向民航信息系统数据分发的隐私保护技术
[8]硬件安全与保护研究
[9]大制造变异下基于一致性认证的硬件木马检测方法研究
[10]硬件安全与保护研究
授课信息
计算机病毒及防治 /2020-2021 /春学期 /40课时 /0.0学分 /162K0050.02
计算机病毒与防治技术 /2020-2021 /春学期 /40课时 /0.0学分 /16204050.05
计算机病毒与防治技术 /2020-2021 /春学期 /40课时 /0.0学分 /16204050.01
计算机病毒与防治技术 /2020-2021 /春学期 /40课时 /0.0学分 /16204050
研究领域
1.人工智能安全:1)鲁棒/安全/隐私的人工智能系统,包括五类攻防:训练集中毒、训练集后门、对抗样本、模型窃取、泄露敏感数据;2)人工智能在网络空间安全攻防中的应用。
2. 硬件安全、硬件木马检测:硬件控制着具有极高价值的电子信息系统,然而硬件的安全性却往往被忽视,硬件木马的出现严重威胁着硬件和关键信息系统的安全性。
3.深度学习模型的版权保护。
硬件安全、硬件木马检测:硬件控制着具有极高价值的电子信息系统,然而硬件的安全性却往往被忽视,硬件木马的出现严重威胁着硬件和关键信息系统的安全性。
人工智能安全:1)鲁棒/安全/隐私的人工智能系统,包括五类攻防:训练集中毒、训练集后门、对抗样本、模型窃取、泄露敏感数据;2)人工智能在网络空间安全攻防中的应用。
物联网安全,智能物联网(AIoT)安全;
近期论文
查看导师新发文章
(温馨提示:请注意重名现象,建议点开原文通过作者单位确认)
1. One-to-N & N-to-One: Two Advanced Backdoor Attacks against Deep Learning Models. IEEE Transactions on Dependable and Secure Computing. 2020, Early access. DOI:10.1109/TDSC.2020.3028448. SCI, CCF A, IF 7.329
2. Intellectual Property Protection for Deep Learning Models: Taxonomy, Methods, Attacks, and Evaluations. IEEE Transactions on Artificial Intelligence, Early access, 2021.
3. LOPA: A Linear Offset Based Poisoning Attack Method Against Adaptive Fingerprint Authentication System. Computers & Security. 99, 2020, 102046, pp.1-13. SCI, CCF B, IF 4.438
4. PTB: Robust Physical Backdoor Attacks against Deep Neural Networks in Real World. Computers & Security, 2022. SCI,CCF B,IF 4.438.
5. NaturalAE: Natural and robust physical adversarial examples for object detectors. Journal of Information Security and Applications. 57 (2021) 102694, 1-12. SCI, CCF C, IF 3.872
6. Backdoors Hidden in Facial Features: A Novel Invisible Backdoor Attack against Face Recognition Systems. Peer-to-Peer Networking and Applications. Peer-to-Peer Networking and Applications. 2021, 14:1458–1474. SCI, CCF C, IF 3.307
7. SocialGuard: An Adversarial Example Based Privacy-Preserving Technique for Social Images. Journal of Information Security and Applications. 2021. SCI, CCF C, IF 3.872
8. Ten years of hardware Trojans: a survey from the attacker's perspective. IET Computers & Digital Techniques. 2020, Vol. 14, Iss. 6, pp. 231-246. SCI
9. DPAEG: A Dependency Parse Based Adversarial Examples Generation Method for Intelligent Q&A Robots. Security and Communication Networks. 2020, Volume 2020, Article ID 5890820:1-15. SCI, CCF C
10. Active Intellectual Property Protection for Deep Neural Networks through Stealthy Backdoor and Users' Identities Authentication. Applied Intelligence, 2022. SCI, 中科院升级版2区,IF 5.086
11. Machine Learning Security: Threats, Countermeasures, and Evaluations. IEEE Access, 2020, Vol 8, pp. 74720-74742. SCI
12. Active DNN IP Protection: A Novel User Fingerprint Management and DNN Authorization Control Technique. The 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), 2020. EI, CCF C
13. DNN Intellectual Property Protection: Taxonomy, Attacks and Evaluations (Invited Paper). In Proceedings of the Great Lakes Symposium on VLSI 2021 (GLSVLSI ’21), accepted. EI, CCF C, Session邀请报告和Invited Paper
14. Robust Backdoor Attacks against Deep Neural Networks in Real Physical World. The 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2021). EI, CCF C
15. Detect and Remove Watermark in Deep Neural Networks via Generative Adversarial Networks. 24th Information Security Conference (ISC) 2021. EI, CCF C,录用率 24%.
16. Sample-Specific Backdoor based Active Intellectual Property Protection for Deep Neural Networks. AICAS,2022. EI,Session 邀请报告和邀请论文.
17. Embedding Backdoors as the Facial Features: Invisible Backdoor Attacks Against Face Recognition Systems. ACM TURC'20: Proceedings of the ACM Turing Celebration Conference - China. May 2020, Pages 231–235. EI, 被推荐扩展到期刊.
18. ActiveGuard: Active Intellectual Property Protection for Deep Neural Networks via Adversarial Examples based User Fingerprinting. AAAI 2022 workshop, International Workshop on Practical Deep Learning in the Wild. EI
[1] 薛明富,薛明富,薛明富等.Robustness Analysis on Natural Language Processing Based AI Q&A Robots.MLICOM 2019, LNICST,2019
学术兼职
中国人工智能学会人工智能与安全专业委员会委员;
ACM南京分会执行委员会委员;
中国图象图形学学会数字媒体取证与安全专委会委员;
江苏省计算机学会网络与分布计算专业委员会委员;
第三届全国硬件安全论坛程序主席;
江苏省人工智能学会智能与安全专委会;
CCF Senior Member;IEEE会员;ACM会员;CAAI会员;CSIG会员;
程序委员会委员(TPC):
2015: ICCCS2015;CBD2015;
2016: CBD2016;
2017: IEEE GLOBECOM2017;
2018: IEEE GLOBECOM2018;CBD2018;IEEE COMNETSAT2018;全国硬件安全论坛;
2019: IEEE GLOBECOM2019;IEEE COMNETSAT2019;IEEE GCC2019;IEEE MENACOMM'19;SSCC-2019;3ICT'19;CFTC2019;ICCCN2019-BDMLS workshop;CBD 2019;SSCC-CIS-2019;
2020: ICCCN-BDMLS workshop2020;CCF CTC2020;CBD2020;ACM TURC 2020;3ICT2020;Globecom2020; ATS 2020
2021: ACM TURC 2021;AITS 2021;SIoTEC 2021;ATS 2021;Globecom2021 CISS;CBD2021
2022: Globecom2022 CISS TPC;AITS2022
审稿人:
期刊:
IEEE Transactions on Information Forensics & Security;
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems;
IEEE Transactions on Circuits and Systems I: Regular Papers.
EEE Transactions on Circuits and Systems II: Express Briefs.
IEEE Transactions on Emerging Topics in Computing;
IEEE Transactions on Artificial Intelligence;
IEEE Access;
ACM Journal on Emerging Technologies in Computing Systems;
IET Computers & Digital Techniques;
IET Cyber-Physical Systems: Theory & Applications;
Electronics Letters, IET;
Computers and Security;
Journal of Information Security and Applications;
Future Generation Computer Systems;
Integration, the VLSI Journal ;
Peer-to-Peer Networking and Applications ;
China Communications;
Security and Communication Networks;
Applied Intelligence;
Computer;
Wireless Communications and Mobile Computing;
International Journal of Distributed Sensor Networks;
ICT Express;
Microprocessors and Microsystems;
Journal of Semiconductors;
IETE Journal of Research;
Information Security Journal: A Global Perspective ;
International Journal of Automation and Computing ;
Software: Practice and Experience ;
国家自然科学基金 ( 面上、青年 ) ;
教育部学位中心学位论文评审;
Invitation to review applications for the Estonian Research Council(评审爱沙尼亚研究委员会基金)
计算机学报(CCF中文A类);
计算机研究与发展(CCF中文A类);
京公网安备 11010802027423号