I am currently a research fellow at the School of Computing, National University of Singapore. I obtained my Ph.D. in 2023, graduating from the State Key Laboratory of the Institute of Information Engineering, Chinese Academy of Sciences, under the tutelage of Professor Xiaochun Cao. I received my bachelor’s degree in 2018 from the Innovation Class at the School of Software Engineering, Sichuan University.

My research interests span machine learning and computer vision, including trustworthy machine learning and security for deep object detection. In addition, I maintain a strong interest in the security of multimodal foundational models.

📝 Publications

———–2025———–

• Revisiting Backdoor Attacks against Large Vision-Language Models from Domain Shift
  Siyuan Liang, Jiawei Liang, Tianyu Pang, Chao Du, Aishan Liu, Mingli Zhu, Xiaochun Cao, Dacheng Tao, CVPR 2025 Copy BibTeX

• Interpreting Object-level Foundation Models via Visual Precision Search
  Ruoyu Chen, Siyuan Liang, Jingzhi Li, Shiming Liu, Maosen Li, Zheng Huang, Hua Zhang, Xiaochun Cao, CVPR 2025 Copy BibTeX

• VL-Trojan: Multimodal Instruction Backdoor Attacks against Autoregressive Visual Language Models
  Jiawei Liang, Siyuan Liang†, Aishan Liu, Xiaochun Cao, IJCV 2025 Copy BibTeX

• Pre-trained Trojan Attacks for Visual Recognition
  Aishan Liu, Xinwei Zhang, Yisong Xiao, Yuguang Zhou, Siyuan Liang, Jiakai Wang, Xianglong Liu, Xiaochun Cao, Dacheng Tao, IJCV 2025 Copy BibTeX

• NoVo: Norm Voting off Hallucinations with Attention Heads in Large Language Models
  Zheng Yi Ho, Siyuan Liang†, Sen Zhang, Yibing Zhan, Dacheng Tao, ICLR 2025 Copy BibTeX

• Compromising LLM Driven Embodied Agents with Contextual Backdoor Attacks Aishan Liu, Yuguang Zhou, Xianglong Liu, Tianyuan Zhang, Siyuan Liang , Jiakai Wang, Yanjun Pu, Tianlin Li, Junqi Zhang, Wenbo Zhou, Qing Guo, Dacheng Tao, TIFs2025 Copy BibTeX

• Fairness Mediator: Neutralize Stereotype Associations to Mitigate Bias in Large Language Models
  Yisong Xiao, Aishan Liu, Siyuan Liang, Xianglong Liu, Dacheng Tao, ISSTA 2025

———–2024———–

• BDefects4NN: A Backdoor Defect Database for Controlled Localization Studies in Neural Networks
  Yisong Xiao, Aishan Liu, Xinwei Zhang, Tianyuan Zhang, Tianlin Li, Siyuan Liang, Xianglong Liu, Yi Liu, Dacheng Tao, ICSE 2024 Copy BibTeX

• Patch is Enough: Naturalistic Adversarial Patch against Vision-Language Pre-training Models
  Dehong Kong, Siyuan Liang, Xiaopeng Zhu, Yuansheng Zhong, Wenqi Ren, Visual Intelligence 2024 Copy BibTeX

• Breaking the False Sense of Security in Backdoor Defense through Re-Activation Attack
  Mingli Zhu, Siyuan Liang, Baoyuan Wu, NeurIPS 2024 Copy BibTeX

• End-to-End Multi-perspective Multimodal Posts Relevance Score Reasoning Prediction
  Xiaoxu Guo, Han Cao, Siyuan Liang, Information Sciences 2024 Copy BibTeX

• Multimodal Unlearnable Examples: Protecting Data against Multimodal Contrastive Learning
  Xinwei Liu, Xiaojun Jia, Yuan Xun, Siyuan Liang, Xiaochun Cao, ACMMM 2024 Copy BibTeX

• Towards Robust Physical-world Backdoor Attacks on Lane Detection
  Xinwei Zhang, Aishan Liu, Tianyuan Zhang, Siyuan Liang, Xianglong Liu, ACMMM 2024 Copy BibTeX

• LanEvil: Benchmarking the Robustness of Lane Detection to Environmental Illusions
  Tianyuan Zhang, Lu Wang, Hainan Li, Yisong Xiao, Siyuan Liang, Aishan Liu, Xianglong Liu, Dacheng Tao, ACMMM 2024 Copy BibTeX

• Hide in Thicket: Generating Imperceptible and Rational Adversarial Perturbations on 3D Point Clouds
  Tianrui Lou, Xiaojun Jia, Jindong Gu, Li Liu, Siyuan Liang, Bangyan He, Xiaochun Cao, CVPR 2024 Copy BibTeX

• Less is More: Fewer Interpretable Region via Submodular Subset Selection (Oral)
  Ruoyu Chen, Hua Zhang, Siyuan Liang, Jingzhi Li, Xiaochun Cao, ICLR 2024 Copy BibTeX

• Towards Robust Object Detection: Identifying and Removing Backdoors via Module Inconsistency Analysis
  Xianda Zhang, Siyuan Liang†, Chengyang Li, ICPR 2024 Copy BibTeX

• BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning (Highlight)
  Siyuan Liang, Mingli Zhu, Aishan Liu, Baoyuan Wu, Xiaochun Cao, Ee-Chien Chang, CVPR 2024 Copy BibTeX

• Poisoned Forgery Face: Towards Backdoor Attacks on Face Forgery Detection (Spotlight)
  Jiawei Liang, Siyuan Liang†, Aishan Liu, Xiaojun Jia, Junhao Kuang, Xiaochun Cao, ICLR 2024 Copy BibTeX

• Learning to Optimize Permutation Flow Shop Scheduling via Graph-based Imitation Learning,
  Longkang Li, Siyuan Liang, Zihao Zhu, Chris Ding, Hongyuan Zha, Baoyuan Wu, AAAI 2024 Copy BibTeX

• Correlation Matching Transformation Transformers for UHD Image Restoration,
  Cong Wang, Jinshan Pan, Wei Wang, Gang Fu, Siyuan Liang, Mengzhu Wang, Xiao-Ming Wu, Jun Liu, AAAI 2024 Copy BibTeX

• Does Few-shot Learning Suffer from Backdoor Attacks?,
  Xinwei Liu, Xiaojun jia, Jingdong gu, Yuan Xun, Siyuan Liang, Xiaochun Cao, AAAI 2024

———–2023———–

• X-adv: Physical adversarial object attacks against x-ray prohibited item detection,
  Aishan Liu, Jun Guo, Jiakai Wang, Siyuan Liang, Renshuai Tao, Wenbo Zhou, Cong Liu, Xianglong Liu, Dacheng Tao, Usenix Security 2023 Copy BibTeX

• Improving Robust Fairness via Balance Adversarial Training,
  Chunyu Sun, Chenye Xu, Chengyuan Yao, Siyuan Liang, Yichao Wu, Ding Liang, XiangLong Liu, Aishan Liu, AAAI 2023 Copy BibTeX

• Generating Transferable 3D Adversarial Point Cloud via Random Perturbation Factorization, Bangyan He, Jian Liu, Yiming Li, Siyuan Liang, Jingzhi Li, Xiaojun Jia, Xiaochun Cao, AAAI 2023

• Exploring the relationship between architecture and adversarially robust generalization,
  Aishan Liu, Shiyu Tang, Siyuan Liang(joint first author), Ruihao Gong, Boxi Wu, Xianglong Liu, Dacheng Tao, CVPR 2023 Copy BibTeX

• Universal Watermark Vaccine: Universal Adversarial Perturbations for Watermark Protection,
  Jianbo Chen, Xinwei Liu, Siyuan Liang, Xiaojun Jia, Yuan Xun, CVPR 2023 Workshop Copy BibTeX

• Privacy-Enhancing Face Obfuscation Guided by Semantic-Aware Attribution Maps,
  Jingzhi Li, Hua Zhang, Siyuan Liang, Pengwen Dai, Xiaochun Cao, TIFs 2023 Copy BibTeX

• Face Encryption via Frequency-Restricted Identity-Agnostic Attacks,
  Xin Dong, Rui Wang, Siyuan Liang, Aishan Liu, Lihua Jing, ACMMM 2023 Copy BibTeX

• Exploring Inconsistent Knowledge Distillation for Object Detection with Data Augmentation,
  Jiawei Liang, Siyuan Liang(corresponding author), Aishan Liu, Ke Ma, Jingzhi Li, Xiaochun Cao, ACMMM 2023 Copy BibTeX

• Face Encryption via Frequency-Restricted Identity-Agnostic Attacks,
  Xin Dong, Rui Wang, Siyuan Liang, Aishan Liu, Lihua Jing, ACMMM 2023

———–2022———–

• A Large-scale Multiple-objective Method for Black-box Attack against Object Detection,
  Siyuan Liang, Longkang Li, Yanbo Fan, Xiaojun Jia, Jingzhi Li, Baoyuan Wu, Xiaochun Cao, ECCV 2022 Copy BibTeX

• Imitated Detectors: Stealing Knowledge of Black-box Object Detectors,
  Siyuan Liang, Aishan Liu, Jiawei Liang, Longkang Li, Yang Bai, Xiaochun Cao, ACMMM 2022 Siyuan Liang, Aishan Liu, Jiawei Liang, Longkang Li, Yang Bai, Xiaochun Cao, ACM MM 2022 Copy BibTeX

———–2021———–

• Parallel rectangle flip attack: A query-based black-box attack against object detection,
  Siyuan Liang, Baoyuan Wu, Yanbo Fan, Xingxing Wei, Xiaochun Cao, ICCV 2021 Copy BibTeX

• Generate more imperceptible adversarial examples for object detection,
  Siyuan Liang, Xingxing Wei, Xiaochun Cao, ICML 2021 Workshop

———–2020———–

• Efficient adversarial attacks for visual object tracking,
  Siyuan Liang, Xingxing Wei, Siyuan Yao, Xiaochun Cao, ECCV 2020 Siyuan Liang, Xingxing Wei, Siyuan Yao, Xiaochun Cao, ECCV 2020 Copy BibTeX

———–2019———–

• Transferable adversarial attacks for image and video object detection,
  Xingxing Wei, Siyuan Liang(joint first author), Ning Chen, Xiaochun Cao, IJCAI 2019 Copy BibTeX

📖 Educations

• August 2023 - Now ,
  School of Computing, National University of Singapore, Research Fellow.
• August 2018 - July 2023 ,
  University of Chinese Academy of Sciences, School of Cyberspace Security, Computer Application Technology, Ph.D.
• August 2014 - June 2018,
  SICHUAN UNIVERSITY, College of Software Engineering, Engineering Software Engineering, Bachelor.

💬 Professional Service

• Reviewer: TPAMI, NeurIPS, AAAI, CVPR, IJCAI, ECCV, IEEE TCSVT, IEEE TMM, ICCV, ICLR, ICML, Pattern Recognition
• Program Committee of Workshop:
  Practical Deep Learning in the Wild, AAAI workshop 2023
  The Art of Robustness: Devil and Angel in Adversarial Machine Learning, CVPR workshop 2022

💻 Internships

• Jun 2021 - Jun 2022, Tencent, AI Lab & Data Platform, ShenZhen China.
• Sep 2022 - June 2023, Huawei, Trustworthiness Theory, Technology & Engineering Lab, ShenZhen China.

👩🏻‍🏫 Teaching

2019, 2020 Spring, TA in Discrete Mathematics, instructed by Prof. Xiaochun Cao

📝 PrePrints

• Adaptive Perturbation Generation for Multiple Backdoors Detection,
  Yuhang Wang, Huafeng Shi, Rui Min, Ruijia Wu, Siyuan Liang, Yichao Wu, Ding Liang, Aishan Liu

• BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning,
  Siyuan Liang, Mingli Zhu, Aishan Liu, Baoyuan Wu, Xiaochun Cao, Ee-Chien Chang