Hao Yu (于灏)

Hao Yu (于灏)

PhD Candidate, College of Computer Science and Technology, National University of Defense Technology

Mr. Hao Yu is a Ph.D. candidate in Computer Science and Technology at the National University of Defense Technology, where he has been supervised by Prof. Xinwang Liu since 2023. He received his M.S. degree in Cyberspace Science and Technology from the Beijing Institute of Technology in 2022 under the guidance of Prof. Meng Shen, and his B.S. degree in Computer Science and Technology from Inner Mongolia University in 2019, where he worked with Prof. Yan Wang. His research interests lie in the security and robustness of intelligent systems, with an emphasis on trustworthy machine learning and adversarial learning. His work has been published in leading international venues, including NDSS, ICML, ACM MM, IEEE Transactions on Information Forensics and Security (TIFS), IEEE Transactions on Knowledge and Data Engineering (TKDE), and IEEE Transactions on Dependable and Secure Computing (TDSC).

πŸ”₯ Recent Highlights

  • 2026.01: Two papers are accepted by IEEE TIFS and TKDE, respectively.
  • 2025.11: One paper is accepted by IEEE TIFS.
  • 2025.11: Two papers are accepted by AAAI 2026.
  • 2025.10: One paper is accepted by NeurIPS 2025.
  • 2025.08: One paper is accepted by NDSS 2026.
  • 2025.06: One paper is accepted by IEEE TNNLS.
  • 2025.05: Two papers are accepted by ICML'25.
  • 2024.12: I have been invited as Meta Reviewer for IJCNN 2025.
  • 2024.10: One paper titled "GZOO: Black-box Node Injection Attack on Graph Neural Networks via Zeroth-order Optimization" is accepted by IEEE TKDE.
  • 2024.09: One paper titled "DShield: Defending against Backdoor Attacks on Graph Neural Networks via Discrepancy Learning" is accepted by NDSS 2025.

πŸ’» Research

I am currently conducting research on the security and robustness of artificial intelligence systems, with a particular focus on understanding, analyzing, and mitigating vulnerabilities in learning-based models under adversarial and unreliable environments. My work aims to enhance the trustworthiness, reliability, and real-world deployment safety of intelligent systems by studying attacks, defenses, and robustness evaluation methodologies.

  • Security of Graph Neural Networks: Investigating adversarial attacks, backdoor threats, data poisoning, and robustness enhancement techniques for graph-structured data, including social networks, recommendation systems, and molecular graphs.
  • Security of Vision Recognition Systems: Studying adversarial examples, physical-world attacks, model robustness, and defense strategies for image and video recognition systems in safety-critical applications such as autonomous driving and surveillance.
  • Security of Clustering Methods: Exploring the vulnerability of unsupervised and semi-supervised clustering algorithms to malicious perturbations, outliers, and data manipulation, as well as developing robust clustering and anomaly detection techniques.

πŸŽ‰ Honor

  • Chinese National Scholarship. Nov. 2024
  • Excellent Student of National University of Defense Technology. Nov. 2024

Latest update in Mar. 2025.