I am currently a Research Fellow at the College of Computing and Data Science, Nanyang Technological University, working under the guidance of Professor Dacheng Tao. Prior to this, I was a Research Fellow at the School of Computing, National University of Singapore, supervised by Professor Ee-Chien Chang. I obtained my Ph.D. in 2023 from the State Key Laboratory of the Institute of Information Engineering, Chinese Academy of Sciences, under the supervision of Professor Xiaochun Cao, and received my B.Eng. in 2018 from the Innovation Class at the School of Software Engineering, Sichuan University.

My research interests span machine learning and computer vision, with a focus on trustworthy machine learning, security for deep object detection, and the security of multimodal foundational models.

📝 Publications

———–2025———–

• Manipulating Multimodal Agents via Cross-Modal Prompt Injection Le Wang, Zonghao Ying, Tianyuan Zhang, Siyuan Liang, Shengshan Hu, Mingchuan Zhang, Aishan Liu, Xianglong Liu, ACM MM 2025 Copy BibTeX

• MetAdv: A Unified and Interactive Adversarial Testing Platform for Autonomous Driving Aishan Liu, Jiakai Wang, Tianyuan Zhang, Hainan Li, Jiangfan Liu, Siyuan Liang, Yilong Ren, Xianglong Liu, Dacheng Tao, ACM MM 2025 Copy BibTeX

• Jailbreak Vision Language Models via Bi-Modal Adversarial Prompt Zonghao Ying, Aishan Liu, Tianyuan Zhang, Zhengmin Yu, Siyuan Liang, Xianglong Liu, Dacheng Tao, TIFS 2025 Copy BibTeX

• CopyrightShield: Enhancing Diffusion Model Security against Copyright Infringement Attacks Zhixiang Guo, Siyuan Liang†, Aishan Liu, Dacheng Tao, ICCV 2025 Copy BibTeX

• 3D Gaussian Splatting Driven Multi-View Robust Physical Adversarial Camouflage Generation Tianrui Lou, Xiaojun Jia, Siyuan Liang, Jiawei Liang, Ming Zhang, Yanjun Xiao, Xiaochun Cao, ICCV 2025 Copy BibTeX

• Physical Adversarial Camouflage through Gradient Calibration and Regularization Jiawei Liang, Siyuan Liang, Jianjie Huang, Chenxi Si, Ming Zhang, Xiaochun Cao, IJCAI 2025

• Gradient-Reweighted Adversarial Camouflage for Physical Object Detection Evasion Jiawei Liang, Siyuan Liang, Tianrui Lou, Ming Zhang, liwenjin, Dunqiu Fan, Xiaochun Cao, ICCV 2025

• Towards a 3D Transfer-based Black-box Attack via Critical Feature Guidance Shuchao Pang, Zhenghan Chen, Shen Zhang, Liming Lu, Siyuan Liang, Anan Du, Yongbin Zhou, ICCV 2025

• FOADA: Toward Robust Open-World Mobile App Fingerprinting Jiajun Gong, Guotao Meng, Wei Cai, Siyuan Liang†, Tao Wang, Ee-Chien Chang, TIFs 2025

• ICLShield: Exploring and Mitigating In-Context Learning Backdoor Attacks Zhiyao Ren, Siyuan Liang†, Aishan Liu, Dacheng Tao, ICML 2025 Copy BibTeX

• AGENTSAFE: Benchmarking the Safety of Embodied Agents on Hazardous Instructions Aishan Liu, Zonghao Ying, Le Wang, Junjie Mu, Jinyang Guo, Jiakai Wang, Yuqing Ma, Siyuan Liang, Mingchuan Zhang, Xianglong Liu, Dacheng Tao, ICML Workshop 2025 distinguished paper Copy BibTeX

• ELBA-Bench: An Efficient Learning Backdoor Attacks Benchmark for Large Language Models Xuxu Liu, Siyuan Liang†, Mengya Han, Yong Luo, Aishan Liu, Xiantao Cai, Zheng He, Dacheng Tao, ACL 2025 Copy BibTeX

• Compromising LLM Driven Embodied Agents with Contextual Backdoor Attacks Aishan Liu, Yuguang Zhou, Xianglong Liu, Tianyuan Zhang, Siyuan Liang, Jiakai Wang, Yanjun Pu, Tianlin Li, Junqi Zhang, Wenbo Zhou, Qing Guo, Dacheng Tao, TIFS 2025 Copy BibTeX

• Fairness Mediator: Neutralize Stereotype Associations to Mitigate Bias in Large Language Models Yisong Xiao, Aishan Liu, Siyuan Liang, Dacheng Tao, Xianglong Liu, ISSTA 2025 Copy BibTeX

• Revisiting Backdoor Attacks against Large Vision-Language Models from Domain Shift
  Siyuan Liang, Jiawei Liang, Tianyu Pang, Chao Du, Aishan Liu, Mingli Zhu, Xiaochun Cao, Dacheng Tao, CVPR 2025 Copy BibTeX

• Interpreting Object-level Foundation Models via Visual Precision Search
  Ruoyu Chen, Siyuan Liang, Jingzhi Li, Shiming Liu, Maosen Li, Zheng Huang, Hua Zhang, Xiaochun Cao, CVPR 2025 Highlight Copy BibTeX

• VL-Trojan: Multimodal Instruction Backdoor Attacks against Autoregressive Visual Language Models
  Jiawei Liang, Siyuan Liang†, Aishan Liu, Xiaochun Cao, IJCV 2025 Copy BibTeX

• Pre-trained Trojan Attacks for Visual Recognition
  Aishan Liu, Xinwei Zhang, Yisong Xiao, Yuguang Zhou, Siyuan Liang, Jiakai Wang, Xianglong Liu, Xiaochun Cao, Dacheng Tao, IJCV 2025 Copy BibTeX

• NoVo: Norm Voting off Hallucinations with Attention Heads in Large Language Models
  Zheng Yi Ho, Siyuan Liang†, Sen Zhang, Yibing Zhan, Dacheng Tao, ICLR 2025 Copy BibTeX

———–2024———–

• BDefects4NN: A Backdoor Defect Database for Controlled Localization Studies in Neural Networks
  Yisong Xiao, Aishan Liu, Xinwei Zhang, Tianyuan Zhang, Tianlin Li, Siyuan Liang, Xianglong Liu, Yi Liu, Dacheng Tao, ICSE 2024 Copy BibTeX

• Patch is Enough: Naturalistic Adversarial Patch against Vision-Language Pre-training Models
  Dehong Kong, Siyuan Liang, Xiaopeng Zhu, Yuansheng Zhong, Wenqi Ren, Visual Intelligence 2024 Copy BibTeX

• Breaking the False Sense of Security in Backdoor Defense through Re-Activation Attack
  Mingli Zhu, Siyuan Liang, Baoyuan Wu, NeurIPS 2024 Copy BibTeX

• End-to-End Multi-perspective Multimodal Posts Relevance Score Reasoning Prediction
  Xiaoxu Guo, Han Cao, Siyuan Liang, Information Sciences 2024 Copy BibTeX

• Multimodal Unlearnable Examples: Protecting Data against Multimodal Contrastive Learning
  Xinwei Liu, Xiaojun Jia, Yuan Xun, Siyuan Liang, Xiaochun Cao, ACMMM 2024 Copy BibTeX

• Towards Robust Physical-world Backdoor Attacks on Lane Detection
  Xinwei Zhang, Aishan Liu, Tianyuan Zhang, Siyuan Liang, Xianglong Liu, ACMMM 2024 Copy BibTeX

• LanEvil: Benchmarking the Robustness of Lane Detection to Environmental Illusions
  Tianyuan Zhang, Lu Wang, Hainan Li, Yisong Xiao, Siyuan Liang, Aishan Liu, Xianglong Liu, Dacheng Tao, ACMMM 2024 Copy BibTeX

• Hide in Thicket: Generating Imperceptible and Rational Adversarial Perturbations on 3D Point Clouds
  Tianrui Lou, Xiaojun Jia, Jindong Gu, Li Liu, Siyuan Liang, Bangyan He, Xiaochun Cao, CVPR 2024 Copy BibTeX

• Less is More: Fewer Interpretable Region via Submodular Subset Selection (Oral)
  Ruoyu Chen, Hua Zhang, Siyuan Liang, Jingzhi Li, Xiaochun Cao, ICLR 2024 Copy BibTeX

• Towards Robust Object Detection: Identifying and Removing Backdoors via Module Inconsistency Analysis
  Xianda Zhang, Siyuan Liang†, Chengyang Li, ICPR 2024 Copy BibTeX

• BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning (Highlight)
  Siyuan Liang, Mingli Zhu, Aishan Liu, Baoyuan Wu, Xiaochun Cao, Ee-Chien Chang, CVPR 2024 Copy BibTeX

• Poisoned Forgery Face: Towards Backdoor Attacks on Face Forgery Detection (Spotlight)
  Jiawei Liang, Siyuan Liang†, Aishan Liu, Xiaojun Jia, Junhao Kuang, Xiaochun Cao, ICLR 2024 Copy BibTeX

• Unlearning backdoor threats: Enhancing backdoor defense in multimodal contrastive learning via local token unlearning Siyuan Liang, Kuanrong Liu, Jiajun Gong, Jiawei Liang, Yuan Xun, Ee-Chien Chang, Xiaochun Cao, CVPR Workshop 2024 distinguished paper

• Learning to Optimize Permutation Flow Shop Scheduling via Graph-based Imitation Learning,
  Longkang Li, Siyuan Liang, Zihao Zhu, Chris Ding, Hongyuan Zha, Baoyuan Wu, AAAI 2024 Copy BibTeX

• Correlation Matching Transformation Transformers for UHD Image Restoration,
  Cong Wang, Jinshan Pan, Wei Wang, Gang Fu, Siyuan Liang, Mengzhu Wang, Xiao-Ming Wu, Jun Liu, AAAI 2024 Copy BibTeX

• Does Few-shot Learning Suffer from Backdoor Attacks?,
  Xinwei Liu, Xiaojun jia, Jingdong gu, Yuan Xun, Siyuan Liang, Xiaochun Cao, AAAI 2024

———–2023———–

• X-adv: Physical adversarial object attacks against x-ray prohibited item detection,
  Aishan Liu, Jun Guo, Jiakai Wang, Siyuan Liang, Renshuai Tao, Wenbo Zhou, Cong Liu, Xianglong Liu, Dacheng Tao, Usenix Security 2023 Copy BibTeX

• Improving Robust Fairness via Balance Adversarial Training,
  Chunyu Sun, Chenye Xu, Chengyuan Yao, Siyuan Liang, Yichao Wu, Ding Liang, XiangLong Liu, Aishan Liu, AAAI 2023 Copy BibTeX

• Generating Transferable 3D Adversarial Point Cloud via Random Perturbation Factorization, Bangyan He, Jian Liu, Yiming Li, Siyuan Liang, Jingzhi Li, Xiaojun Jia, Xiaochun Cao, AAAI 2023

• Exploring the relationship between architecture and adversarially robust generalization,
  Aishan Liu, Shiyu Tang, Siyuan Liang(joint first author), Ruihao Gong, Boxi Wu, Xianglong Liu, Dacheng Tao, CVPR 2023 Copy BibTeX

• Universal Watermark Vaccine: Universal Adversarial Perturbations for Watermark Protection,
  Jianbo Chen, Xinwei Liu, Siyuan Liang, Xiaojun Jia, Yuan Xun, CVPR 2023 Workshop Copy BibTeX

• Privacy-Enhancing Face Obfuscation Guided by Semantic-Aware Attribution Maps,
  Jingzhi Li, Hua Zhang, Siyuan Liang, Pengwen Dai, Xiaochun Cao, TIFs 2023 Copy BibTeX

• Face Encryption via Frequency-Restricted Identity-Agnostic Attacks,
  Xin Dong, Rui Wang, Siyuan Liang, Aishan Liu, Lihua Jing, ACMMM 2023 Copy BibTeX

• Exploring Inconsistent Knowledge Distillation for Object Detection with Data Augmentation,
  Jiawei Liang, Siyuan Liang†, Aishan Liu, Ke Ma, Jingzhi Li, Xiaochun Cao, ACMMM 2023 Oral Copy BibTeX

• Face Encryption via Frequency-Restricted Identity-Agnostic Attacks,
  Xin Dong, Rui Wang, Siyuan Liang, Aishan Liu, Lihua Jing, ACMMM 2023

———–2022———–

• A Large-scale Multiple-objective Method for Black-box Attack against Object Detection,
  Siyuan Liang, Longkang Li, Yanbo Fan, Xiaojun Jia, Jingzhi Li, Baoyuan Wu, Xiaochun Cao, ECCV 2022 Copy BibTeX

• Imitated Detectors: Stealing Knowledge of Black-box Object Detectors,
  Siyuan Liang, Aishan Liu, Jiawei Liang, Longkang Li, Yang Bai, Xiaochun Cao, ACMMM 2022 Copy BibTeX

———–2021———–

• Parallel rectangle flip attack: A query-based black-box attack against object detection,
  Siyuan Liang, Baoyuan Wu, Yanbo Fan, Xingxing Wei, Xiaochun Cao, ICCV 2021 Copy BibTeX

• Generate more imperceptible adversarial examples for object detection,
  Siyuan Liang, Xingxing Wei, Xiaochun Cao, ICML 2021 Workshop

———–2020———–

• Efficient adversarial attacks for visual object tracking,
  Siyuan Liang, Xingxing Wei, Siyuan Yao, Xiaochun Cao, ECCV 2020 Siyuan Liang, Xingxing Wei, Siyuan Yao, Xiaochun Cao, ECCV 2020 Copy BibTeX

———–2019———–

• Transferable adversarial attacks for image and video object detection,
  Xingxing Wei, Siyuan Liang(joint first author), Ning Chen, Xiaochun Cao, IJCAI 2019 Oral Copy BibTeX

📖 Educations

• May 2025 - Now, College of Computing and Data Science, Nanyang Technological University, Research Fellow.
• August 2023 - May 2025,
  School of Computing, National University of Singapore, Research Fellow.
• August 2018 - July 2023 ,
  University of Chinese Academy of Sciences, School of Cyberspace Security, Computer Application Technology, Ph.D.
• August 2014 - June 2018,
  SICHUAN UNIVERSITY, College of Software Engineering, Engineering Software Engineering, Bachelor.

💬 Professional Service

• Reviewer: TPAMI, NeurIPS, AAAI, CVPR, IJCAI, ECCV, IEEE TCSVT, IEEE TMM, ICCV, ICLR, ICML, Pattern Recognition
• Program Committee of Workshop:
  Practical Deep Learning in the Wild, AAAI workshop 2023
  The Art of Robustness: Devil and Angel in Adversarial Machine Learning, CVPR workshop 2022

💻 Internships

• Jun 2021 - Jun 2022, Tencent, AI Lab & Data Platform, ShenZhen China.
• Sep 2022 - June 2023, Huawei, Trustworthiness Theory, Technology & Engineering Lab, ShenZhen China.

👩🏻‍🏫 Teaching

2019, 2020 Spring, TA in Discrete Mathematics, instructed by Prof. Xiaochun Cao