Me
Ziqi ZHOU
Huazhong University of Science and Technology
PhD candidate

About

I am currently a third-year Ph.D student advised by Prof. Shengshan Hu, Leo Yu Zhang and Dezhong Yao in School of Computer Science and Technology at Huazhong University of Science and Technology (HUST) and affiliated with Creativity, Greatness, Communication, and Love (CGCL) Lab, Trustworthy Artificial Intelligence (T-AI) Group. I am greatly honored to have been selected for the Ant Group Top AI Talent Program, ANT Star.

I am an enthusiastic researcher with a passion for exploring new ideas and pushing the boundaries of knowledge. In addition to my academic pursuits, I am also an avid debater and enjoy participating in debate competitions. I find great satisfaction in the process of thinking critically and exchanging ideas with others, and I believe that this skillset has been invaluable in my pursuit of academic excellence. I am committed to pursuing research that not only advances our understanding of the world around us, but also has the potential to positively impact society at large.

I'm seeking a faculty or postdoc position, set to graduate with my Ph.D. in June 2026.

Interests

As a researcher in the field of artificial intelligence (AI), my primary interest lies in the area of AI security. Specifically, I am interested in the study of Adversarial Examples and Backdoor Attacks, with a recent focus on the security of pre-trained large models (PLMs) and the vulnerability of Image Segmentation and Object Detection to adversarial attacks. My research aims to develop robust and secure AI systems that can withstand various types of attacks and ensure the safety and reliability of AI applications. Through my work, I hope to contribute to the advancement of AI security and establish a more secure and trustworthy AI ecosystem. If you’d like to discuss potential research opportunities or simply connect, please don’t hesitate to reach out to me at zhouziqi@hust.edu.cn.

News

  • [Pinned] Honored to be selected for Ant Group's Top AI Talent Program — ANT Star (with an annual salary exceeding RMB one million).
  • One paper on adversarial examples for segmentation models accepted to TMM 2025.
  • One paper on backdoor attacks accepted to TIFS 2025.
  • One paper on backdoor detection has been accepted to the CVPR 2025.
  • Proud to lead my team to win the National Championship in the 1st China Adversarial Algorithm Challenge.
  • One paper on jailbreak attacks in the physical-world for embodied intelligence accepted to the ICLR 2025.
  • Three paper on adversarial examples for object detectors, unlearnable example detection, and physical-world adversarial attacks accepted to AAAI 2025, with one selected for Oral presentation.
  • Two papers on adversarial examples for SAM and unlearnable examples accepted to NeurIPS 2024.
  • One paper on physical-world backdoor attacks against object detection accepted to the IJCAI 2024.
  • One paper on adversarial training accepted to the IEEE S&P 2024 (BIG4).
  • One paper on multimodal adversarial examples accepted to ACM Multimedia 2023.
  • One paper on adversarial examples accepted to the ICCV 2023.

Publications ( / )

DarkHash: A Data-Free Backdoor Attack Against Deep Hashing
Ziqi Zhou, Menghao Deng, Yufei Song, Hangtao Zhang, Wei Wan, Shengshan Hu, Minghui Li, Leo Yu Zhang, and Dezhong Yao
TIFS 2025
[Paper] [Code]
NumbOD: A Spatial-Frequency Fusion Attack Against Object Detectors
Ziqi Zhou, Bowen Li, Yufei Song, Zhifei Yu, Shengshan Hu, Wei Wan, Leo Yu Zhang, Dezhong Yao, Hai Jin
AAAI 2025
[Paper] [Code]
DarkSAM: Fooling Segment Anything Model to Segment Nothing
Ziqi Zhou, Yufei Song, Minghui Li, Shengshan Hu, Xianlong Wang, Leo Yu Zhang, Dezhong Yao, Hai Jin
NeurIPS 2024
[Paper] [Code]
Securely Fine-tuning Pre-trained Encoders Against Adversarial Examples
Ziqi Zhou, Minghui Li, Wei Liu, Shengshan Hu, Yechao Zhang, Wei Wan, Lulu Xue, Leo Yu Zhang, Dezhong Yao, Hai Jin
IEEE S&P 2024
[Paper] [Code]
AdvCLIP: Downstream-agnostic Adversarial Examples in Multimodal Contrastive Learning
Ziqi Zhou, Shengshan Hu, Minghui Li, Hangtao Zhang, Yechao Zhang, Hai Jin
ACM MM 2023
[Paper] [Code]
Downstream-agnostic Adversarial Examples
Ziqi Zhou, Shengshan Hu, Ruizhi Zhao, Qian Wang, Leo Yu Zhang, Junhui Hou, Hai Jin
ICCV 2023
[Paper] [Code]
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label
Shengshan Hu, Ziqi Zhou, Yechao Zhang, Leo Yu Zhang, Yifeng Zheng, Yuanyuan He, Hai Jin (Student first author)
ACM MM 2022
[Paper] [Code]
SegTrans: Transferable Adversarial Examples for Segmentation Models
Yufei Song, Ziqi Zhou*, Qi Lu, Hangtao Zhang, Yifan Hu, Lulu Xue, Shengshan Hu, Minghui Li, Leo Yu Zhang
TMM 2025
[Paper] [Code]
Test-Time Backdoor Detection for Object Detection Models
Hangtao Zhang, Yichen Wang, Shihui Yan, Chenyu Zhu, Ziqi Zhou, Linshan Hou, Shengshan Hu, Minghui Li, Yanjun Zhang, Leo Yu Zhang
CVPR 2025
[Paper] [Code]
BadRobot: Manipulating Embodied LLMs in the Physical World
Hangtao Zhang, Chengyu Zhu, Xianlong Wang, Ziqi Zhou, Shengshan Hu, Leo Yu Zhang
ICLR 2025
[Paper] [Code]
PB-UAP: Hybrid Universal Adversarial Attack For Image Segmentation
Yufei Song, Ziqi Zhou*, Minghui Li, Xianlong Wang, Menghao Deng, Wei Wan, Shengshan Hu, Leo Yu Zhang
ICASSP 2025
[Paper] [Code]
Breaking Barriers in Physical-World Adversarial Examples: Improving Robustness and Transferability via Robust Feature
Yichen Wang, Yuxuan Chou, Ziqi Zhou, Hangtao Zhang, Wei Wan, Shengshan Hu, Minghui Li
AAAI 2025
[Paper] [Code]
Detecting and Corrupting Convolution-based Unlearnable Examples
Minghui Li, Xianlong Wang, Zhifei Yu, Shengshan Hu, Ziqi Zhou, Longling Zhang, Leo Yu Zhang
AAAI 2025
[Paper] [Code]
TrojanRobot: Backdoor Attacks Against Robotic Manipulation in the Physical World
Xianlong Wang, Hewen Pan, Hangtao Zhang, Minghui Li, Shengshan Hu, Ziqi Zhou, Lulu Xue, Peijin Guo, Yichen Wang, Wei Wan, Aishan Liu, Leo Yu Zhang
arXiv 2024
[Paper] [Code]
Class-wise Transformation Is All You Need
Xianlong Wang, Minghui Li, Wei Liu, Hangtao Zhang, Shengshan Hu, Yechao Zhang, Ziqi Zhou, Hai Jin
NeurIPS 2024
[Paper] [Code]
Transferable Adversarial Facial Images for Privacy Protection
Minghui Li, Jiangxiong Wang, Hao Zhang, Ziqi Zhou*, Shengshan Hu, Xiaobing Pei
ACM MM 2024
[Paper] [Code]
ECLIPSE: Expunging Clean-label Indiscriminate Poisons via Sparse Diffusion Purification
Xianlong Wang, Shengshan Hu, Yechao Zhang, Ziqi Zhou, Leo Yu Zhang, Peng Xu, Wei Wan, Hai Jin
ESORICS 2024
[Paper] [Code]
Detector Collapse: Backdooring Object Detection to Catastrophic Overload or Blindness
Hangtao Zhang, Shengshan Hu, Yichen Wang, Leo Yu Zhang, Ziqi Zhou, Xianlong Wang, Yanjun Zhang, Chao Chen
IJCAI 2024
[Paper] [Code]
Generalisation Robustness Enhancement for Federal Learning in Highly Data Heterogeneous Scenarios
Wei Wan, Shengshan Hu, Jianrong Lu, Minghui Li, Ziqi Zhou, Hai Jin
SCIENTIA SINICA Informationis 2023
[Paper] [Code]

Selected Honors & Awards

  • [2024] National Scholarship for Phd Students.
  • [2024] Best Paper Award at the Academic Conference of the School of Computer Science and Technology.
  • [2023] Outstanding Graduate Student Communist Party Member Model Award.
  • [2022] National Artificial Intelligence Security Competition, Excellence Award.
  • [2022] National Scholarship for Graduate Students.
  • [2022] Outstanding Graduate Student Award.
  • [2022] AAAI 2022 Data-Centric Robust Learning on ML Models, Twelfth Place Award.
  • [2021] Outstanding Student Award.
  • [2021] Second-Rank Academic Scholarship.
  • [2021] Research and Innovation Scholarship.
  • [2020] First-Rank Outstanding Student Scholarship.

Academic Services

Area Chair:
The 28th ACM SIGCHI Conference on Computer-Supported Cooperative Work & Social Computing (CSCW, CCF A)
Conference Reviewer/Program Committee Member:
The CVF/IEEE International Conference on Computer Vision 2025 (ICCV, CCF A)
The Annual Conference on Neural Information Processing Systems 2024/2025 (NeurIPS, CCF A)
The International Conference on Machine Learning 2025 (ICML, CCF A)
IEEE/CVF Conference on Computer Vision and Pattern Recognition 2025 (CVPR, CCF A)
International Conference on Learning Representations 2025/2026 (ICLR, CAAI A)
The Fortieth AAAI Conference on Artificial Intelligence 2026 (AAAI, CCF A)
The International Joint Conference on Artificial Intelligence 2025 (IJCAI, CCF A)
ACM Multimedia 2023/2024/2025 (ACM MM, CCF A)
IEEE Virtual Reality 2024 (VR, CCF A)
ACM Conference on Human Factors in Computing Systems 2025 (CHI, CCF A)
The 28th European Conference on Artificial Intelligence (ECAI, CCF B)
IEEE International Conference on Acoustics, Speech and Signal Processing 2025 (ICASSP, CCF B)
Conference on Empirical Methods in Natural Language Processing 2024 (EMNLP, CCF B)
The International AAAI Conference on Web and Social Media 2025 (ICWSM, CCF B)
ACM International Conference on Intelligent User Interfaces 2025/2026 (IUI, CCF B)
International Conference on Pattern Recognition 2024 (ICPR, CCF C)
International Conference on Artificial Intelligence and Statistics 2025 (AISTATS, CCF C)
The International Joint Conference on Neural Networks 2025 (IJCNN, CCF C)
The 18th International Conference on Green, Pervasive, and Cloud Computing (GPC)
The 16th International Conference on Creative Content Technologies (CONTENT)
The 16th International Conference on Advances in Multimedia (MMEDIA)
The 18th International Conference on Advances in Semantic Processing (SEMAPRO)
Journal Reviewer:
IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI, CCF A)
IEEE Transactions on Dependable and Secure Computing (TDSC, CCF A)
IEEE Transactions on Information Systems (TOIS, CCF A)
IEEE Transactions on Multimedia (TMM, CCF B)
IEEE Transactions on Neural Networks and Learning Systems (TNNLS, CCF B)
IEEE Transactions on Circuits and Systems for Video Technology (TCSVT, CCF B)
Computer Vision and Image Understanding (CVIU, CCF B)
Transactions on Intelligent Systems and Technology (TIST)
Neural Networks (NEUNET, CCF B)
IET Computer Vision (IET-CVI, CCF C)
Applied Intelligence (APIN, CCF C)
PLOS ONE
IEEE Signal Processing Letters (SPL)
Top