伟德国际(betvlctor·1946)始于英国-Macau Bellwether

您当前所在的位置：首页 > 团队队伍 > 教师名录

团队队伍

人才招聘

教师名录

贺超翔

助理研究员

邮箱：hechaoxiang@sjtu.edu.cn

地址：电信群楼3号楼314

所在研究所：信息安全与密码学研究所

个人简介

博士，1946伟德国际源自英国（网络空间安全公司）助理研究员，硕士生导师。2024年10月加入1946伟德国际源自英国网络空间安全公司密码与计算机安全（LoCCS）实验室，主要研究方向为可信人工智能和人工智能模型的安全与隐私保护，包括深度学习应用的安全性评估及云环境下人工智能模型安全等领域。在人工智能安全方面，在包括S&P、ACM CCS、NDSS、CVPR、ICML在内的信息安全、人工智能等领域知名学术会议和期刊上发表十余篇论文，其中以第一作者/通讯身份发表8篇。担任IEEE TIFS、IEEE TDSC、IJCAI、ACM MM、计算机学报等知名会议与期刊的审稿人。主持国自然青年科学基金项目(C类)、上海市自然科学基金青年项目等项目3项，参与国家重点研发计划、长三角科技创新共同体联合攻关专项和国家自然基金重点项目等国家省部级项目/课题。共同带队斩获2024全球AI大模型攻防挑战赛大模型生图安全疫苗注入赛道季军及杰出方案奖（全球唯二）。研究成果入选“一带一路”十大人工智能应用场景，全国颠覆性技术，以及“全球人工智能赋能可持续发展十大卓越案例”。目前团队致力于面向重要应用场景构筑安全、可信和可验证的人工智能模型，欢迎感兴趣的老师和同学们联系交流！

教授课程

NIS4301 信息内容安全的理论与应用 2025 Spring

论文发表

#表示共同作者，*表示通信作者

[1] Chaoxiang He, Bin Benjamin Zhu, Xiaojing Ma, Hai Jin, Shengshan Hu. Feature-Indistinguishable Attack to Circumvent Trapdoor-Enabled Defense. ACM CCS 2021 (CCF-A, 安全四大).

[2] Chaoxiang He, Xiaojing Ma, Bin Benjamin Zhu, Yimiao Zeng, Xiaofan Bai, Hai Jin, Dongmei Zhang. DorPatch: Distributed and Occlusion-Robust Adversarial Patch to Evade Certifiable Defenses. NDSS 2024 (CCF-A, 安全四大).

[3] Feiyue Xu^#(共同指导的博士生), Hongsheng Hu^#, Chaoxiang He*, Sheng Hang, Hanqing Hu, Xiuming Liu, Yubo Zhao, Zhengyan Zhou, Bin Benjamin Zhu, Shi-Feng Sun, Dawu Gu, Shuo Wang*. SoK: Robustness in Large Language Models against Jailbreak Attacks. S&P 2026 (CCF-A, 安全四大).

[4] Shixin Li^#, Chaoxiang He^#, Xiaojing Ma, Bin Benjamin Zhu, Shuo Wang, Hongsheng Hu, Dongmei Zhang, Linchen Yu. Enhancing Adversarial Transferability with Checkpoints of a Single Model’s Training. CVPR 2025 (CCF-A, 计算机视觉顶会).

[5] Xiaofan Bai^#, Chaoxiang He^#, Xiaojing Ma, Bin Benjamin Zhu, Hai Jin. Intersecting-boundary-sensitive fingerprinting for tampering detection of DNN models. ICML 2024 (CCF-A, 机器学习顶会).

[6] Chaoxiang He, Xiaofan Bai, Xiaojing Ma, Bin Benjamin Zhu, Pingyi Hu, Jiayun Fu, Hai Jin, Dongmei Zhang. Towards Stricter Black-box Integrity Verification of Deep Neural Network Models. MM 2024 (CCF-A, 多媒体顶会).

[7] Chaoxiang He, Yimiao Zeng, Xiaojing Ma, Bin Benjamin Zhu, Zewei Li, Shixin Li, Hai Jin. MysticMask: Adversarial Mask for Impersonation Attack Against Face Recognition Systems. IEEE ICME 2024 (CCF-B, 多媒体顶会).

[8] Xinlei He, Guowen Xu, Xingshuo Han, Qian Wang, Lingchen Zhao, Chao Shen, Chenhao Lin, Zhengyu Zhao, Qian Li, Le Yang, Shouling Ji, Shaofeng Li, Haojin Zhu, Zhibo Wang, Rui Zheng, Tianging Zhu, Qi Li, Chaoxiang He, Qifan Wang, Hongsheng Hu, Shuo Wang, Shi-Feng Sun, Hongwei Yao, Zhan Qin, Kai Chen, Yue Zhao, Hongwei Li, Xinyi Huang, Dengguo Feng. Artifcial intelligence security and privacy: a survey. SCIENCE CHINA Information Sciences. (CCF-A, 信息类高质量期刊).

[9] Hongyi Lyu, Xuyun Zhang, Hongsheng Hu, Shuo Wang, Chaoxiang He, Lianyong Qi. Fine-Grained and Efficient Self-Unlearning with Layered Iteration. IJCAI 2025 (CCF-A, 人工智能顶会).

[10] Bingguang Lu, Hongsheng Hu, Yuantian Miao, Shaleeza Sohail, Chaoxiang He, Shuo Wang, Xiao Chen. BadFU: Backdoor Federated Learning Through Adversarial Machine Unlearning. RAID 2025 (CCF-B, 安全顶会) .

[11] Pingyi Hu, Xiaofan Bai, Xiaojing Ma*, Chaoxiang He*, Dongmei Zhang, Bin Benjamin Zhu. RESF: Regularized-Entropy-Sensitive Fingerprinting for Black-Box Tamper Detection of Large Language Models. EMNLP 2025 (CCF-B, 自然语言处理顶会).