2026

Semantic-Reinforced Sustainable Adversarial Attack in Class-Incremental Learning

Xinjing Liu, Zhuzhu Wang, Xianjia Meng, Taifeng Liu, Zhuoran Ma, Yilong Yang, Zhuo Ma

Science China Information Sciences 2026 CCF-A SCI Q1

A semantic reinforcement strategy for sustaining adversarial effectiveness in class-incremental learning settings.

Semantic-Reinforced Sustainable Adversarial Attack in Class-Incremental Learning

Xinjing Liu, Zhuzhu Wang, Xianjia Meng, Taifeng Liu, Zhuoran Ma, Yilong Yang, Zhuo Ma

Science China Information Sciences 2026 CCF-A SCI Q1

A semantic reinforcement strategy for sustaining adversarial effectiveness in class-incremental learning settings.

PROTheft: A Projector-Based Model Extraction Attack in The Physical World

Xinjing Liu, Yilong Yang, Taifeng Liu, Hao Yang, Leo Yu Zhang, Yanjun Zhang, Yang Liu, Zhuo Ma

IEEE Transactions on Information Forensics and Security 2026 CCF-A SCI Q1

A projector-based physical-world model extraction attack that studies how deployed intelligent models can be stolen outside laboratory settings.

PROTheft: A Projector-Based Model Extraction Attack in The Physical World

Xinjing Liu, Yilong Yang, Taifeng Liu, Hao Yang, Leo Yu Zhang, Yanjun Zhang, Yang Liu, Zhuo Ma

IEEE Transactions on Information Forensics and Security 2026 CCF-A SCI Q1

A projector-based physical-world model extraction attack that studies how deployed intelligent models can be stolen outside laboratory settings.

Improving Sustainability of Adversarial Examples in Class-Incremental Learning

Taifeng Liu, Xinjing Liu, Liangqiu Dong, Yang Liu, Yilong Yang, Zhuo Ma

AAAI Conference on Artificial Intelligence (AAAI) 2026 First Author Poster CCF-A

A class-incremental learning attack that strengthens the long-term sustainability of adversarial examples under increasingly difficult continual updates.

Improving Sustainability of Adversarial Examples in Class-Incremental Learning

Taifeng Liu, Xinjing Liu, Liangqiu Dong, Yang Liu, Yilong Yang, Zhuo Ma

AAAI Conference on Artificial Intelligence (AAAI) 2026 First Author Poster CCF-A

A class-incremental learning attack that strengthens the long-term sustainability of adversarial examples under increasingly difficult continual updates.

2025

Backdoor Defense for Graph Neural Networks via Latent Trigger Mining and Forgetting

Xinjing Liu, Yilong Yang, Taifeng Liu, Yang Liu, Hao Yang

China Computer Network and Information Security Conference (CCNIS) 2025 Best Paper Best Presentation

A backdoor defense method for graph neural networks that combines latent trigger mining with forgetting to suppress malicious behaviors.

Backdoor Defense for Graph Neural Networks via Latent Trigger Mining and Forgetting

Xinjing Liu, Yilong Yang, Taifeng Liu, Yang Liu, Hao Yang

China Computer Network and Information Security Conference (CCNIS) 2025 Best Paper Best Presentation

A backdoor defense method for graph neural networks that combines latent trigger mining with forgetting to suppress malicious behaviors.

L-HAWK: A Controllable Physical Adversarial Patch Against a Long-Distance Target

Taifeng Liu, Yang Liu, Zhuo Ma, Tong Yang, Xinjing Liu, Teng Li, Jianfeng Ma

The Network and Distributed System Security Symposium (NDSS) 2025 First Author CCF-A

A controllable long-distance physical adversarial patch that attacks moving targets from over 100 meters away with strong success rates in the physical world.

L-HAWK: A Controllable Physical Adversarial Patch Against a Long-Distance Target

Taifeng Liu, Yang Liu, Zhuo Ma, Tong Yang, Xinjing Liu, Teng Li, Jianfeng Ma

The Network and Distributed System Security Symposium (NDSS) 2025 First Author CCF-A

A controllable long-distance physical adversarial patch that attacks moving targets from over 100 meters away with strong success rates in the physical world.

2024

Model Stealing Detection for IoT Services Based on Multi-Dimensional Features

Xinjing Liu, Taifeng Liu#, Hao Yang, Jiakang Dong, Zuobin Ying, Zhuo Ma (# corresponding author)

IEEE Internet of Things Journal 2024 Corresponding Author CCF-C SCI Q2

A multi-dimensional feature based defense for detecting model stealing attempts against IoT services with low overhead in normal cloud operation.

Model Stealing Detection for IoT Services Based on Multi-Dimensional Features

Xinjing Liu, Taifeng Liu#, Hao Yang, Jiakang Dong, Zuobin Ying, Zhuo Ma (# corresponding author)

IEEE Internet of Things Journal 2024 Corresponding Author CCF-C SCI Q2

A multi-dimensional feature based defense for detecting model stealing attempts against IoT services with low overhead in normal cloud operation.

AttMark: Attention Based Watermarking for Neural Networks

Xinjing Liu, Zhuo Ma, Yang Liu, Taifeng Liu, Hao Yang, Zhan Qin

IEEE Transactions on Dependable and Secure Computing 2024 CCF-A

A neural network watermarking approach that leverages attention mechanisms to improve ownership verification and robustness.

AttMark: Attention Based Watermarking for Neural Networks

Xinjing Liu, Zhuo Ma, Yang Liu, Taifeng Liu, Hao Yang, Zhan Qin

IEEE Transactions on Dependable and Secure Computing 2024 CCF-A

A neural network watermarking approach that leverages attention mechanisms to improve ownership verification and robustness.

2023

RPAU: Fooling the Eyes of UAVs via Physical Adversarial Patches

Taifeng Liu, Chao Yang, Xinjing Liu, Ruidong Han, Jianfeng Ma

IEEE Transactions on Intelligent Transportation Systems 2023 First Author CCF-B SCI Q2

A physical adversarial patch attack that misleads UAV visual perception and demonstrates effective real-world deception against airborne platforms.

RPAU: Fooling the Eyes of UAVs via Physical Adversarial Patches

Taifeng Liu, Chao Yang, Xinjing Liu, Ruidong Han, Jianfeng Ma

IEEE Transactions on Intelligent Transportation Systems 2023 First Author CCF-B SCI Q2

A physical adversarial patch attack that misleads UAV visual perception and demonstrates effective real-world deception against airborne platforms.