shengweian_photo

Shengwei An

an93 AT purdue.edu

"Forget what is behind and strain toward what is ahead."

About

I am currently a Ph.D. student in Department of Computer Science at Purdue University, advised by Prof. Xiangyu Zhang. My research focuses on Security, Privacy, and Intellectual Property Protection in Neural Networks. I received my M.S and B.S. degrees in Department of Computer Science and Technology from Nanjng University (NJU), advised by Prof. Xiaoxing Ma.

Publications

  • BAIT: Large Language Model Backdoor Scanning by Inverting Attack Target
  • Guangyu Shen*, Siyuan Cheng*, Kaiyuan Zhang, Guanhong Tao, Shengwei An, Lu Yan, Zhuo Zhang, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the 46th IEEE Symposiums on Security and Privacy (S&P 2025)
  • paper bibtex
  • CENSOR: Defense Against Gradient Inversion via Orthogonal Subspace Bayesian Sampling
  • Kaiyuan Zhang, Siyuan Cheng, Guangyu Shen, Bruno Ribeiro, Shengwei An, Pin-Yu Chen, Xiangyu Zhang, Ninghui Li
  • Proceedings of the 32nd Network and Distributed System Security Symposium (NDSS 2025)
  • paper bibtex code
  • UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening
  • Siyuan Cheng*, Guangyu Shen*, Kaiyuan Zhang, Guanhong Tao, Shengwei An, Hanxi Guo, Shiqing Ma, Xiangyu Zhang
  • The 18th European Conference on Computer Vision (ECCV 2024)
  • paper code
  • Rethinking the Invisible Protection against Unauthorized Image Usage in Stable Diffusion
  • Shengwei An*, Lu Yan*, Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Guanhong Tao, Xiangyu Zhang
  • Proceedings of the 33rd USENIX Security Symposium (USENIX Security 2024)
  • paper bibtex code video
  • LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning
  • Siyuan Cheng, Guanhong Tao, Yingqi Liu, Guangyu Shen, Shengwei An, Shiwei Feng, Xiangzhe Xu, Kaiyuan Zhang, Shiqing Ma, Xiangyu Zhang
  • IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2024)
  • paper bibtex code
  • Elijah: Eliminating Backdoors Injected in Diffusion Models via Distribution Shift
  • Shengwei An, Sheng-Yen Chou, Kaiyuan Zhang, Qiuling Xu, Guanhong Tao, Guangyu Shen, Siyuan Cheng, Shiqing Ma, Pin-Yu Chen, Tsung-Yi Ho, Xiangyu Zhang
  • Proceedings of the 38th AAAI Conference on Artificial Intelligence (AAAI 2024)
  • paper bibtex code
  • Inspecting Prediction Confidence for Detecting Black-box Backdoor Attacks
  • Tong Wang, Yuan Yao, Feng Xu, Miao Xu, Shengwei An, Ting Wang
  • Proceedings of the 38th AAAI Conference on Artificial Intelligence (AAAI 2024)
  • paper bibtex
  • Exploring the Orthogonality and Linearity of Backdoor Attacks
  • Kaiyuan Zhang*, Siyuan Cheng*, Guangyu Shen, Guanhong Tao, Shengwei An, Anuran Makur, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
  • paper bibtex
  • ODSCAN: Backdoor Scanning for Object Detection Models
  • Siyuan Cheng*, Guangyu Shen*, Guanhong Tao, Kaiyuan Zhang, Zhuo Zhang, Shengwei An, Xiangzhe Xu, Yingqi Liu, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P 2024)
  • paper bibtex
  • Django: Detecting Trojans in Object Detection Models via Gaussian Focus Calibration
  • Guangyu Shen*, Siyuan Cheng*, Guanhong Tao, Kaiyuan Zhang, Yingqi Liu, Shengwei An, Shiqing Ma, Xiangyu Zhang
  • Proceedings of 37th Conference on Neural Information Processing Systems (NeurIPS 2023)
  • paper bibtex
  • Remove Model Backdoors via Importance Driven Cloning
  • Qiuling Xu, Guanhong Tao, Jean Honorio, Yingqi Liu, Shengwei An, Guangyu Shen, Siyuan Cheng, Xiangyu Zhang
  • IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2023)
  • paper bibtex
  • ImU: Physical Impersonating Attack for Face Recognition System with Natural Style Changes
  • Shengwei An, Yuan Yao, Qiuling Xu, Shiqing Ma, Guanhong Tao, Siyuan Cheng, Kaiyuan Zhang, Yingqi Liu, Guangyu Shen, Ian Kelk, Xiangyu Zhang
  • Proceedings of the 44rd IEEE Symposiums on Security and Privacy (S&P 2023)
  • paper bibtex code video
  • Hard-label Black-box Universal Adversarial Patch Attack
  • Guanhong Tao, Shengwei An, Siyuan Cheng, Guangyu Shen, Xiangyu Zhang
  • Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)
  • paper bibtex code
  • PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code Analysis
  • Zhuo Zhang, Guanhong Tao, Guangyu Shen, Shengwei An, Qiuling Xu, Yingqi Liu, Yapeng Ye, Yaoxuan Wu, Xiangyu Zhang
  • Proceedings of the 32nd USENIX Security Symposium (USENIX Security 2023)
  • paper bibtex
  • FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning
  • Kaiyuan Zhang, Guanhong Tao, Qiuling Xu, Siyuan Cheng, Shengwei An, Yingqi Liu, Shiwei Feng, Guangyu Shen, Pin-Yu Chen, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the Eleventh International Conference on Learning Representations (ICLR 2023)
  • ECCV 2022 Workshop on Adversarial Robustness in the Real World (AROW 2023) Best Paper Award
  • paper bibtex code
  • BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense
  • Siyuan Cheng, Guanhong Tao, Yingqi Liu, Shengwei An, Xiangzhe Xu, Shiwei Feng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the 30th Network and Distributed System Security Symposium (NDSS 2023)
  • paper bibtex code
  • An Invisible Black-Box Backdoor Attack Through Frequency Domain
  • Tong Wang, Yuan Yao, Feng Xu, Shengwei An, Hanghang Tong and Ting Wang
  • European Conference on Computer Vision (ECCV 2022)
  • paper bibtex code
  • Constrained Optimization with Dynamic Bound-scaling for Effective NLP Backdoor Defense
  • Guangyu Shen, Yingqi Liu, Guanhong Tao, Qiuling Xu, Zhuo Zhang, Shengwei An, Shiqing Ma, Xiangyu Zhang
  • Proceedings of Thirty-ninth International Conference on Machine Learning (ICML 2022)
  • paper bibtex
  • Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security
  • Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, Xiangyu Zhang
  • Proceedings of the 43rd IEEE Symposiums on Security and Privacy (S&P 2022)
  • paper bibtex code
  • PICCOLO: Exposing Complex Backdoors in NLP Transformer Models
  • Yingqi Liu, Guangyu Shen, Guanhong Tao, Shengwei An, Shiqing Ma, Xiangyu Zhang
  • Proceedings of the 43rd IEEE Symposiums on Security and Privacy (S&P 2022)
  • paper bibtex code
  • Better Trigger Inversion Optimization in Backdoor Scanning
  • Guanhong Tao, Guangyu Shen, Yingqi Liu, Shengwei An, Qiuling Xu, Shiqing Ma, Pan Li, Xiangyu Zhang.
  • IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2022)
  • paper bibtex code
  • MIRROR: Model Inversion for Deep Learning Network with High Fidelity
  • Shengwei An, Guanhong Tao, Qiuling Xu, Yingqi Liu, Guangyu Shen, Yuan Yao, Jingwei Xu, Xiangyu Zhang
  • Proceedings of the 29th Network and Distributed System Security Symposium (NDSS 2022)
  • paper appendix bibtex slides project code video
  • Backdoor Scanning for Deep Neural Networks through K-Arm Optimization
  • Guangyu Shen, Yingqi Liu, Guanhong Tao, Shengwei An, Qiuling Xu, Siyuan Cheng, Shiqing Ma, Xiangyu Zhang
  • Proceedings of Thirty-eighth International Conference on Machine Learning (ICML 2021)
  • paper bibtex
  • Augmented Example-based Synthesis using Relational Perturbation Properties
  • Shengwei An, Rishabh Singh, Sasa Misailovic, Roopsha Samanta
  • Proceedings of the ACM on Programming Languages (POPL 2020)
  • paper bibtex video
  • Verifying Distributed Controllers with Local Invariants
  • Yiqun Wang, Shengwei An, Xiaoxing Ma, Chun Cao, Chang Xu
  • IEEE International Conference on Software Quality, Reliability and Security (QRS 2016)
  • paper bibtex
  • An Event-Based Formal Framework for Dynamic Software Update
  • Shengwei An, Xiaoxing Ma, Chun Cao, Ping Xu, Chang Xu
  • IEEE International Conference on Software Quality, Reliability and Security (QRS 2015)
  • paper bibtex

Teaching

  • Guest Lecture, CS546: Computer System Security, Rutgers University (Spring 2023)
  • Teaching Assistant, CS51000: Software Engineering, Purdue University (Spring 2022)
  • Teaching Assistant, CS56000: Reasoning About Programs, Purdue University (Spring 2019)
  • Teaching Assistant, CS18200: Foundations Of Computer Science, Purdue University (Fall 2018)

Services

  • Student Volunteer
    • ISSTA 2021, S&P 2023
  • Reviewer
    • TDSC 2022, AAAI 2023-25, NeurIPS 2023-24, ICLR 2024-2025, CVPR 2024-2025, ICML 2024, AISTATS 2024-2025, RAID 2024
  • Sub-reviewer
    • USENIX Security Symposium
    • International Symposium on Software Testing and Analysis (ISSTA)
    • The ACM Conference on Systems, Programming, Languages, and Applications (OOPSLA)
    • International Conference on Automated Software Engineering (ASE)
    • ACM Conference on Computer and Communications Security (CCS)
    • International Symposium on the Foundations of Software Engineering (FSE)
    • International Conference on Software Engineering (ICSE)
    • International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI)