* indicates co-first authors

Conference Papers

• FedProphet: Memory-Efficient Federated Adversarial Training via Theoretic-Robustness and Low-Inconsistency Cascade Learning
  Minxue Tang*, Yitu Wang*, Jingyang Zhang, Louis DiValentin, Aolin Ding, Amin Hass, Yiran Chen, Hai Li
  The 8th Annual Conference on Machine Learning and Systems (MLSys 2025)
  Santa Clara, CA, May 2025 (Acceptance Rate: N/A)

• Proactive Privacy Amnesia for Large Language Models: Safeguarding PII with Negligible Impact on Model Utility
  Martin Kuo, Jingyang Zhang, Jianyi Zhang, Minxue Tang, Louis DiValentin, Aolin Ding, Jingwei Sun, William Chen, Amin Hass, Tianlong Chen, Yiran Chen, Hai Li
  The 13th International Conference on Learning Representations (ICLR 2025)
  Singapore EXPO, Apr 2025 (Acceptance Rate: 31.7%)

• An Empirical DNN Pruning Approach against Membership Inference Attacks
  Matthew Chan*, Aolin Ding*, Amin Hass, Saman Zonouz
  The 7th International Conference on Attacks and Defenses for Internet-of-Things (ADIoT 2024)
  Hangzhou, China, Dec 2024 (Acceptance Rate: N/A)

• Leaking Through the Physics: Covert Cyber-Physical Data Exfiltration Through Unobserved Physics
  Matthew Chan, Luis Garcia, Nathaniel Snyder, Marcus Lucas, Aolin Ding, Amin Hass, Oleg Sokolsky, James Weimer, Paulo Tabuada, Saman Zonouz, Mani Srivastava
  The 2nd EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP 2024)
  New Orleans, LA, Nov 2024 (Acceptance Rate: N/A)

• ModelGuard: Information-Theoretic Defense Against Model Extraction Attacks
  Artifact Available, Functional, Reproduced
  Minxue Tang, Anna Dai, Louis DiValentin, Aolin Ding, Amin Hass, Yiran Chen, Neil Zhenqiang Gong, Hai “Helen” Li
  The 33rd USENIX Security Symposium (USENIX Security 2024)
  Philadelphia, PA, Aug 2024 (Acceptance Rate: 19.0%)

• Virtual Keymysteries Unveiled: Detecting Keystrokes in VR with External Side-Channels
  Hossein Khalili, Alexander Chen, Theodoros Papaiakovou, Timothy Jacques, Hao-Jen Chien, Changwei Liu, Aolin Ding, Amin Hass, Saman Zonouz, Nader Sehatbakhsh
  The 8th IEEE/ACM Workshop on the Internet of Safe Things (SafeThings 2024)
  San Francisco, CA, May 2024 (Acceptance Rate: 59.0%)

• Build a Computationally Efficient Strong Defense against Adversarial Example Attacks
  Changwei Liu, Louis DiValentin, Aolin Ding, Malek Ben Salem
  The 10th International Conference on Information Systems Security and Privacy (ICISSP 2024)
  Rome, Italy, Feb 2024 (Acceptance Rate: 36.0% - Short Paper)

• Resource-aware DNN Partitioning for Privacy-sensitive Edge-Cloud Systems
  Aolin Ding, Amin Hass, Matthew Chan, Nader Sehatbakhsh, Saman Zonouz
  The 30th International Conference on Neural Information Processing (ICONIP 2023)
  Changsha, China, Nov 2023 (Acceptance Rate: 20.1% - Full Paper)

• Get Your Cyber-Physical Tests Done! Data-Driven Vulnerability Assessment of Robotic Aerial Vehicles
  Aolin Ding, Matthew Chan, Amin Hass, Nils Ole Tippenhauer, Shiqing Ma, Saman Zonouz
  The 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network (DSN 2023)
  Porto, Portugal, Jun 2023 (Acceptance Rate: 20.0%)

• Reverse Engineering and Retrofitting Robotic Aerial Vehicle Control Firmware using DisPatch
  Taegyu Kim, Aolin Ding, Sriharsha Etigowni, Pengfei Sun, Jizhou Chen, Luis Garcia, Saman Zonouz, Dongyan Xu, Dave (Jing) Tian
  The 20th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2022)
  Portland, OR, Jun 2022 (Acceptance Rate: 21.6%)

• Enhancement of Attack Detection Technology using AI with Synthetic-Log Generation
  Takumi Yamamoto, Tsunato Nakai, Ruri Otsuka, Ye Wang, Kyeong Jin Kim, Toshiaki Koike-Akino, Iván Sanz Gorrachategui, Aolin Ding, Mamoru Abe, Ayako Yoshimura, Kiyoto Kawauchi
  The 39th Symposium on Cryptography and Information Security (SCIS 2022)
  Osaka, Japan, Jan 2022 (Acceptance Rate: N/A)

• Mini-me, You Complete Me! Data-driven Drone Security via DNN-based Approximate Computing
  Aolin Ding, Praveen Murthy, Luis Garcia, Pengfei Sun, Matthew Chan, Saman Zonouz
  The 24th ACM International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2021)
  San Sebastian, Spain, Oct 2021 (Acceptance Rate: 23.2%)

Preprints

• H-CoT: Hijacking the Chain-of-Thought Safety Reasoning Mechanism to Jailbreak Large Reasoning Models, Including OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking
  Martin Kuo*, Jianyi Zhang*, Aolin Ding, Qinsi Wang, Louis DiValentin, Yujia Bao, Wei Wei, Da-Cheng Juan, Hai Li, and Yiran Chen
  arXiv preprint - arXiv:2502.12893 (2025)

• FADE: Enabling Large-Scale Federated Adversarial Training on Resource-Constrained Edge Device
  Minxue Tang, Jianyi Zhang, Mingyuan Ma, Louis DiValentin, Aolin Ding, Amin Hass, Hai Li, Yiran Chen
  arXiv preprint - arXiv:2209.03839 (2022)

Posters

• Protect Controller Software Using Approximate Computing and Semantic Matching-based Binary Patching
  Aolin Ding, Pengfei Sun, Saman Zonouz
  Cyber Resilient Energy Delivery Consortium (CREDC) Annual Industrial Workshop, Houston, TX, Feb 2020

• PLC Code Verification and Neural Network Approximation
  Aolin Ding, Sriharsha Etigowni, Saman Zonouz
  Cyber Resilient Energy Delivery Consortium (CREDC) Annual Industrial Workshop, Tempe, AZ, Mar 2017

Patents

• Systems and Methods for Defending an Artificial Intelligence Model Against Adversarial Input
  Louis Divalentin, Changwei Liu, Aolin Ding, Malek Ben Salem
  US Patent App. 18/199,360, 2024

• Automated Cybersecurity Vulnerability Prioritization
  Aolin Ding, Hodaya Binyamini, Gal Engelberg, Louis William Divalentin, Benjamin Glen Mccarty, Dan Klein, Amin Hass
  US Patent App. 18/409,916, 2024

• Privacy-preserving Machine Learning Training Based on Homomorphic Encryption using Executable File Packages in an Untrusted Environment
  Amin Hassanzadeh, Neil Hayden Liberman, Aolin Ding, Malek Ben Salem
  US Patent App. 17/383,314, 2023

• Privacy Preserving Cooperative Learning in Untrusted Environments
  Aolin Ding, Amin Hassanzadeh
  US Patent App. 17/695,820, 2022

• Privacy-preserving Collaborative Machine Learning Training using Distributed Executable File Packages in an Untrusted Environment
  Amin Hassanzadeh, Neil Hayden Liberman, Aolin Ding, Malek Ben Salem
  US Patent App. 17/356,447, 2022