Selected Publications

• Boxin Wang*, Chejian Xu*, Shuohang Wang, Zhe Gan, Yu Cheng, Jianfeng Gao, Ahmed Hassan Awadallah, Bo Li. Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models. (NeurIPS 2021, Oral presentation, 3.3% accepted rate) [Leaderboard] [BibTeX]

  @inproceedings{wang2021adversarial,
  title={Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models},
  author={Wang, Boxin and Xu, Chejian and Wang, Shuohang and Gan, Zhe and Cheng, Yu and Gao, Jianfeng and Awadallah, Ahmed Hassan and Li, Bo},
  booktitle={Advances in Neural Information Processing Systems},
  year={2021}
  }

• Linyi Li, Jiawei Zhang, Tao Xie, Bo Li. Double Sampling Randomized Smoothing. (ICML 2022) [BibTeX]

  @inproceedings{li2022dsrs,
  title={Double Sampling Randomized Smoothing},
  author={Li, Linyi and Zhang, Jiawei and Xie, Tao and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2022}
  }

• Wenda Chu, Linyi Li, Bo Li. TPC: Transformation-Specific Smoothing for Point Cloud Models. (ICML 2022) [BibTeX]

  @inproceedings{li2022tpc,
  title={TPC: Transformation-Specific Smoothing for Point Cloud Models},
  author={Chu, Wenda and Li, Linyi and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2022}
  }

• Xiaojun Xu*, Jacky Zhang*, Evelyn Ma, Hyun Ho Son, Sanmi Koyejo, Bo Li. Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization. (ICML 2022) [BibTeX]

  @inproceedings{Xu2022adv,
  title={Adversarially Robust Models may not Transfer Better: Sufficient Conditions for Domain Transferability from the View of Regularization},
  author={Xu, Xiaojun and Zhang, Jacky and Ma Evelyn and Son, Hyun Ho and Koyejo, Sanmi and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2022}
  }

• Boxin Wang*, Fan Wu*, Yunhui Long*, Luka Rimanic, Ce Zhang, Bo Li. DataLens: Scalable Privacy Preserving Training via Gradient Compression and Aggregation. (CCS 2021) [BibTeX]

  @inproceedings{wang2021datalens,
  title={DataLens: Scalable Privacy Preserving Training via Gradient Compression and Aggregation},
  author={Wang, Boxin and Wu, Fan and Long, Yunhui and Rimanic, Luka and Zhang, Ce and Li, Bo},
  booktitle={Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
  year={2021}
  }

• Zhuolin Yang*, Linyi Li*, Xiaojun Xu*, Shiliang Zuo, Qian Chen, Pan Zhou, Benjamin I. P. Rubinstein, Ce Zhang, Bo Li. TRS: Transferability Reduced Ensemble via Promoting Gradient Diversity and Model Smoothness. (NeurIPS 2021) [BibTeX]

  @inproceedings{yang2021trs,
  title={TRS: Transferability Reduced Ensemble via Promoting Gradient Diversity and Model Smoothness},
  author={Yang, Zhuolin and Li, Linyi and Xu, Xiaojun and Zuo, Shiliang and Chen, Qian and Zhou, Pan and Rubinstein, Benjamin I P and Zhang, Ce and Li, Bo},
  booktitle={Advances in Neural Information Processing Systems},
  year={2021}
  }

• Chulin Xie, Minghao Chen, Pin-Yu Chen, Bo Li. CRFL: Certifiably Robust Federated Learning against Backdoor Attacks. (ICML 2021) [BibTeX]

  @inproceedings{xie2021crfl,
  title={CRFL: Certifiably Robust Federated Learning against Backdoor Attacks},
  author={Xie, Chulin and Chen, Minghao and Chen, Pin-Yu and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2021}
  }

• Linyi Li*, Maurice Weber*, Xiaojun Xu, Luka Rimanic, Bhavya Kailkhura, Tao Xie, Ce Zhang, Bo Li. TSS: Transformation-Specific Smoothing for Robustness Certification. (CCS 2021) [BibTeX]

  @inproceedings{li2021tss,
  title={TSS: Transformation-Specific Smoothing for Robustness Certification},
  author={Li, Linyi and Weber, Maurice and Xu, Xiaojun and Rimanic, Luka and Kailkhura, Bhavya and Xie, Tao and Zhang, Ce and Li, Bo},
  booktitle={Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
  year={2021}
  }

• Fan Wu, Linyi Li, Zijian Huang, Yevgeniy Vorobeychik, Ding Zhao, Bo Li. CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing. (ICLR 2022) [Leaderboard] [BibTeX]

  @inproceedings{wu2022crop,
  title={CROP: Certifying Robust Policies for Reinforcement Learning through Functional Smoothing},
  author={Wu, Fan and Li, Linyi and Huang, Zijian and Vorobeychik, Yevgeniy and Zhao, Ding and Li, Bo},
  booktitle={International Conference on Learning Representations},
  year={2022}
  }

• Nezihe Merve Grel*, Xiangyu Qi*, Luka Rimanic, Ce Zhang, Bo Li. Knowledge-Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks. (ICML 2021) [BibTeX]

  @inproceedings{grel2021knowledge,
  title={Knowledge-Enhanced Machine Learning Pipeline against Diverse Adversarial Attacks},
  author={Grel, Nezihe Merve and Qi, Xiangyu and Rimanic, Luka and Zhang, Ce and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2021}
  }

• Haoxiang Wang, Han Zhao, Bo Li. Bridging Multi-Task Learning and Meta-Learning: Towards Efficient Training and Effective Adaptation. (ICML 2021) [BibTeX]

  @inproceedings{wang2021bridging,
  title={Bridging Multi-Task Learning and Meta-Learning: Towards Efficient Training and Effective Adaptation},
  author={Wang, Haoxiang and Zhao, Han and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2021}
  }

• Fan Wu, Yunhui Long, Ce Zhang, Bo Li. LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis. (IEEE Symposium on Security and Privacy (Oakland), 2022) [BibTeX]

  @inproceedings{wu2022linkteller,
  title={LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis},
  author={Wu, Fan and Long, Yunhui and Zhang, Ce and Li, Bo},
  booktitle={2022 IEEE Symposium on Security and Privacy (SP)},
  year={2022}
  }

• Yunhui Long*, Boxin Wang*, Zhuolin Yang, Bhavya Kailkhura, Aston Zhang, Carl A. Gunter, Bo Li. G-PATE: Scalable Differentially Private Data Generator via Private Aggregation of Teacher Discriminators. (NeurIPS 2021) [BibTeX]

  @inproceedings{long2021g,
  title={G-PATE: Scalable Differentially Private Data Generator via Private Aggregation of Teacher Discriminators},
  author={Long, Yunhui and Wang, Boxin and Yang, Zhuolin and Kailkhura, Bhavya and Zhang, Aston and Gunter, Carl A and Li, Bo},
  booktitle={Advances in Neural Information Processing Systems},
  year={2021}
  }

• Jiawei Zhang*, Linyi Li*, Huichen Li, Xiaolu Zhang, Shuang Yang, Bo Li. Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation. (ICML 2021) [BibTeX]

  @inproceedings{zhang2021progressive,
  title={Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation},
  author={Zhang, Jiawei and Li, Linyi and Li, Huichen and Zhang, Xiaolu and Yang, Shuang and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2021}
  }

• Kaizhao Liang*, Jacky Zhang*, Boxin Wang, Zhuolin Yang, Sanmi Koyejo, Bo Li. Uncovering the Connections Between Adversarial Transferability and Knowledge Transferability. (ICML 2021) [BibTeX]

  @inproceedings{liang2021uncovering,
  title={Uncovering the Connections Between Adversarial Transferability and Knowledge Transferability},
  author={Liang, Kaizhao and Zhang, Jacky and Wang, Boxin and Yang, Zhuolin and Koyejo, Sanmi and Li, Bo},
  booktitle={International Conference on Machine Learning},
  year={2021}
  }

• Yulong Cao, Ningfei Wang, Chaowei Xiao, Dawei Yang, Jin Fang, RuigangYang, Qi Alfred Chen, Mingyan Liu, Bo Li. Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks. (IEEE Symposium on Security and Privacy (Oakland), 2021) [BibTeX]

  @INPROCEEDINGS{cao2021invisible,
              author = {Y. Cao and N. Wang and C. Xiao and D. Yang and J. Fang and R. Yang and Q. Chen and M. Liu and B. Li},
              booktitle = {2021 IEEE Symposium on Security and Privacy (SP)},
              title = {Invisible for both Camera and LiDAR:  Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks},
              year = {2021},
              volume = {},
              issn = {2375-1207},
              pages = {1302-1320},
              keywords = {},
              doi = {10.1109/SP40001.2021.00076},
              url = {https://doi.ieeecomputersociety.org/10.1109/SP40001.2021.00076},
              publisher = {IEEE Computer Society},
              address = {Los Alamitos, CA, USA},
              month = {may}
              }
              

• Xiaojun Xu, Qi Wang, Huichen Li, Nikita Borisov, Carl A. Gunter, Bo Li. Detecting AI Trojans Using Meta Neural Analysis. (IEEE Symposium on Security and Privacy (Oakland, 2020)) [BibTeX]

  @article{xu2019detecting,
    title={Detecting ai trojans using meta neural analysis},
    author={Xu, Xiaojun and Wang, Qi and Li, Huichen and Borisov, Nikita and Gunter, Carl A and Li, Bo},
    journal={arXiv preprint arXiv:1910.03137},
    year={2019}
  }
  

• Chong Xiang, Charles R. Qi, Bo Li. "Generating 3D Adversarial Point Clouds". (CVPR 2019)[BibTeX]

  @inproceedings{xiang2019generating,
    title={Generating 3d adversarial point clouds},
    author={Xiang, Chong and Qi, Charles R and Li, Bo},
    booktitle={Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition},
    pages={9136--9144},
    year={2019}
  }