Haodong Zhao (赵皓东)

I am a second-year Ph.D. candidate in AI Security Lab (Unicorn) at Shanghai Jiao Tong University, supervised by Prof. Gongshen Liu and Dr. Zhuosheng Zhang . I am also supervised by Prof. Bingsheng He in National University of Singapore (NUS). I have joint project with Ant Group from 2022/10 to 2025/4.

I got my bachelor's degree from School of Electronic Information and Electrical Engineering at Shanghai Jiao Tong University in 2021, supervised by Prof. Gongshen Liu.

My general research interest lies in Federated Learning, AI Security(Backdoor attack, Watermark, Privacy) and LLM(Agent).

Email:zhaohaodong(at)sjtu.edu.cn

Prospective collaborators: If you're a Ph.D/master/bachelor student and interested in working with me, feel free to send me an email. 欢迎对我的研究感兴趣的同学邮件联系我合作,尤其欢迎计划选择刘功申教授作为导师的本科生/硕士生。

profile photo
Internship
Tencent Rhino Bird Elite Talent Plan(腾讯犀牛鸟精英人才计划)

Research Intern (WXG, Federated Learning)
from June 2024 - now

Tutorials

  • 参与: Dive into LLMs《动手学大模型》系列教程
  • Publications
    NSmark: Null Space Based Black-box Watermarking Defense Framework for Pre-trained Language Models
    Haodong Zhao, Jinming Hu, Peixuan Li, Fangqi Li, Jinrui Sha, Peixuan Chen, Zhuosheng Zhang, Gongshen Liu
    Under Review, 2024
    arXiv

    Propose NSmark, a task-agnostic, black-box watermarking scheme capable of resisting LL-LFEA attacks using null space verification.

    FedPrompt: Communication-Efficient and Privacy Preserving Prompt Tuning in Federated Learning
    Haodong Zhao, Wei Du, Fangqi Li, Peixuan Li, Gongshen Liu
    ICASSP, 2023
    arXiv

    Propose FedPrompt to use federated prompt tuning on decentralized data in a communication-efficient and privacy preserving way.

    A Universal Identity Backdoor Attack against Speaker Verification based on Siamese Network
    Haodong Zhao, Wei Du, Junjie Guo, Gongshen Liu
    Interspeech, 2022
    arXiv

    Introduce a new backdoor attack method against speaker verification named Universal Identity attack under the open-set scenario.

    Flooding Spread of Manipulated Knowledge in LLM-Based Multi-Agent Communities
    Tianjie Ju, Yiting Wang, Xinbei Ma, Pengzhou Cheng, Haodong Zhao , Yulong Wang, Lifeng Liu, Jian Xie, Zhuosheng Zhang, Gongshen Liu
    arxiv

    Investigate the spread of manipulated knowledge in multi-agent systems.

    Revisiting the Information Capacity of Neural Network Watermarks: Upper Bound Estimation and Beyond
    Fangqi Li, Haodong Zhao , Wei Du, Shilin Wang
    AAAI, 2024
    paper

    Study the information capacity of DNN watermarks.

    UOR: Universal Backdoor Attacks on Pre-trained Language Models
    Wei Du, Peixuan Li, Haodong Zhao, Tianjie Ju, Ge Ren, Gongshen Liu
    ACL findings, 2024
    arXiv

    Propose a new backdoor attacks against PLMs, called UOR, which breaks the bottleneck of the previous approach by turning manual selection into automatic optimization.

    Is Continuous Prompt a Combination of Discrete Prompts? Towards a Novel View for Interpreting Continuous Prompts
    Tianjie Ju, Yubin Zheng, Hanyi Wang, Haodong Zhao , Gongshen Liu
    ACL findings, 2023
    paper

    Present a novel view that interprets continuous prompts as a combination of discrete prompts.

    PLMmark: A Secure and Robust Black-box Watermarking Framework for Pre-trained Language Models
    Peixuan Li, Pengzhou Cheng, Fangqi Li, Wei Du, Haodong Zhao, Gongshen Liu
    AAAI, 2023
    paper

    Propose a secure and robust watermarking scheme to protect the IP of PLMs for the first time.

    NWS: NATURAL TEXTUAL BACKDOOR ATTACKS VIA WORD SUBSTITUTION
    Wei Du, Tongxin Yuan, Haodong Zhao, Gongshen Liu
    ICASSP, 2024
    paper

    Propose a more natural word substitution method to implement covert textual backdoor attacks.

    Backdoor Attacks and Countermeasures in Natural Language Processing Models: A Comprehensive Security Review
    Pengzhou Cheng, Zongru Wu, Wei Du, Haodong Zhao, Wei Lu, Gongshen Liu
    arXiv

    Conduct a timely review of backdoor attacks and countermeasures to sound the red alarm for the NLP security community.

    Bridging the Gap of Dimensions in Distillation: Understanding the knowledge transfer between different-dimensional semantic spaces
    Zhiyuan Ma, Ziyue Song, Haodong Zhao, Kui Meng, Gongshen Liu
    IJCNN, 2021
    paper

    Present a method to transfer knowledge contained in hidden layers between a teacher network and a student network.

    Speaker Verification with Disentangled Self-attention
    Junjie Guo, Zhiyuan Ma, Haodong Zhao, Gongshen Liu, Xiaoyong Li
    ICONIP, 2021
    paper

    Propose the disentangled self-attention network (DSAN) to extract speaker embeddings from utterances.

    Talks

  • 2023/09: Talk "Privacy computing in the era of large models" at Inclusion 2023. [slides]
  • Awards

    The Class of 85 Computer Science Education Development Fund and Yang Yuanqing Education Fund Outstanding Undergraduate Excellence Scholarship. 2021

    Outstanding Graduate of Shanghai. 2021

    Rongchang Leadership Scholarship. 2021,2022,2023

    Outstanding Teaching Assistant of Shanghai Jiaotong University

    Academic Service

    Journal Reviewer: IEEE Transactions on Neural Networks and Learning Systems(TNNLS), Transactions on Knowledge Discovery from Data (TKDD)

    Conference Reviewer: ICLR, NIPS, AAAI, ARR(ACL Rolling Review), KDD, IJCAI, EMNLP, AISTATS, APSIPA ASC, IJCNN

    Teaching Assistant for "Introduction to AI", Fall 2023; "Operating System" , Fall 2022, Spring 2023, Spring 2024; "Principles of Computer Viruses" , Spring 2022; "Computer Programming Practice" , Summer 2022, Summer 2023.

    Services

  • Chair of CCF Student Chapter of Shanghai Jiaotong University.
  • Part-time Counselor in SJTU.




  • Updated at August 2024.
    Thanks Jon Barron for this amazing template.