Jiakai Wang

大人不华,君子务实

I am now a Research Scientist, Associate researcher(副研究员), in Zhongguancun Laboratory, Beijing, China. I received the Ph.D. degree in 2022 from Beihang University (Summa Cum Laude), supervised by Prof. Wei Li and Prof. Xianglong Liu. Before that, I obtained my BSc degree in 2018 from Beihang University (Summa Cum Laude).

My research interest is Trustworthy AI in Multimodal (Computer Vision mainly), which consists of the physical adversarial examples generation, adversarial defense and evaluation . I hold the review that physical adversarial attacks and defenses can powerfully promote the development of secure and robust artificial intelligence, leading to a healthier future society.

[Prospective students] Our group has positions for PhD students (Joint Education Programs with Beihang University), and visiting students. If you are interested, please send me an email with your CV and publications (if any).

News

Apr 20, 2025	I serve as the Organizer of the 4th Workshop on Practical Deep Learning (Practical-DL 2025)! Please submit your papers!
Apr 09, 2025	I an invited as the Area Chair of NeurIPS! A new, exciting experience for me😊!
Mar 01, 2025	I serve as the Organizer of The 5th Workshop of Adversarial Machine Learning on Computer Vision: Foundation Models + X! Please submit your papers and participate the challenge to win prizes!!
Mar 01, 2025	Two papers are accepted by the IEEE TMM and IEEE TIFS.
Jan 01, 2025	Two papers are accepted by the ICLR 2025 and The Web Conference(WWW) 2025 (Oral).
Jan 01, 2025	Our textbook 人工智能安全导论 (Introduction to AI Security) has been published. Available on JD and Taobao.
Dec 01, 2024	Two papers are accepted by the IJCV and ICASSP 2025.
Oct 01, 2024	I was invited as an Editorial Board Member of Computing and Artificial Intelligence (CAI), I will try my best to contribute to this publication.
Sep 01, 2024	One paper is accepted by the Annual Conference on Neural Information Processing Systems (NeurIPS 2024).
Aug 01, 2024	One paper is accepted by Transactions on Information Forensics & Security (TIFS).
Apr 01, 2024	Two papers are accepted by IJCAI 2024 and IJCV.
Apr 01, 2024	I organize the special issue about ‘‘Trustworthy Deep Learning in Practice’’ on Electronics.
Mar 01, 2024	One paper is accepted by IEEE TIP.
Feb 01, 2024	One paper is accepted by CVPR 2024.
Jan 01, 2024	Three papers are accepted by 计算机研究与发展(Journal of Computer Research and Development), IEEE TMM, and ICLR 2024.
Dec 01, 2023	One paper is accepted by 网络空间安全科学学报.
Oct 01, 2023	One paper is accepted by IEEE Symposium on Security and Privacy (IEEE S&P).
Jun 01, 2023	Two papers are accepted by IJCAI-2023 GLOW and 人工智能(AI-View).
Apr 01, 2023	One paper is accepted by IEEE TPAMI.

Selected publications

CVPR 2021(Oral)

Dual Attention Suppression Attack: Generate Adversarial Camouflage in Physical World

Jiakai Wang, Aishan Liu, Zixin Yin, and 3 more authors

In IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2021, virtual, June 19-25, 2021, 2021

DOI Bib

@inproceedings{DBLP:conf/cvpr/WangLYLTL21,
  author = {Wang, Jiakai and Liu, Aishan and Yin, Zixin and Liu, Shunchang and Tang, Shiyu and Liu, Xianglong},
  title = {Dual Attention Suppression Attack: Generate Adversarial Camouflage
                    in Physical World},
  booktitle = {{IEEE} Conference on Computer Vision and Pattern Recognition, {CVPR}
                    2021, virtual, June 19-25, 2021},
  pages = {8565--8574},
  publisher = {Computer Vision Foundation / {IEEE}},
  year = {2021},
  url = {https://openaccess.thecvf.com/content/CVPR2021/html/Wang\_Dual\_Attention\_Suppression\_Attack\_Generate\_Adversarial\_Camouflage\_in\_Physical\_World\_CVPR\_2021\_paper.html},
  doi = {10.1109/CVPR46437.2021.00846},
  timestamp = {Wed, 19 Oct 2022 13:34:34 +0200},
  biburl = {https://dblp.org/rec/conf/cvpr/WangLYLTL21.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

IJCAI 2021 DC

Adversarial Examples in Physical World

Jiakai Wang

In Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI 2021, Virtual Event / Montreal, Canada, 19-27 August 2021, 2021

DOI Bib

@inproceedings{DBLP:conf/ijcai/Wang21,
  author = {Wang, Jiakai},
  editor = {Zhou, Zhi{-}Hua},
  title = {Adversarial Examples in Physical World},
  booktitle = {Proceedings of the Thirtieth International Joint Conference on Artificial
                    Intelligence, {IJCAI} 2021, Virtual Event / Montreal, Canada, 19-27
                    August 2021},
  pages = {4925--4926},
  publisher = {ijcai.org},
  year = {2021},
  url = {https://doi.org/10.24963/ijcai.2021/694},
  doi = {10.24963/IJCAI.2021/694},
  timestamp = {Tue, 15 Oct 2024 16:43:28 +0200},
  biburl = {https://dblp.org/rec/conf/ijcai/Wang21.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

ACM MM 2022

Generating Transferable Adversarial Examples against Vision Transformers

Yuxuan Wang, Jiakai Wang^*, Zixin Yin, and 4 more authors

In MM ’22: The 30th ACM International Conference on Multimedia, Lisboa, Portugal, October 10 - 14, 2022, 2022

DOI Bib

@inproceedings{DBLP:conf/mm/WangWYGWLL22,
  author = {Wang, Yuxuan and Wang, Jiakai and Yin, Zixin and Gong, Ruihao and Wang, Jingyi and Liu, Aishan and Liu, Xianglong},
  editor = {Magalh{\~{a}}es, Jo{\~{a}}o and Bimbo, Alberto Del and Satoh, Shin'ichi and Sebe, Nicu and Alameda{-}Pineda, Xavier and Jin, Qin and Oria, Vincent and Toni, Laura},
  title = {Generating Transferable Adversarial Examples against Vision Transformers},
  booktitle = {{MM} '22: The 30th {ACM} International Conference on Multimedia, Lisboa,
                    Portugal, October 10 - 14, 2022},
  pages = {5181--5190},
  publisher = {{ACM}},
  year = {2022},
  url = {https://doi.org/10.1145/3503161.3547989},
  doi = {10.1145/3503161.3547989},
  timestamp = {Sun, 19 Jan 2025 13:23:07 +0100},
  biburl = {https://dblp.org/rec/conf/mm/WangWYGWLL22.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

IEEE TIP

Universal Adversarial Patch Attack for Automatic Checkout Using Perceptual and Attentional Bias

Jiakai Wang, Aishan Liu, Xiao Bai, and 1 more author

IEEE Trans. Image Process., 2022

DOI Bib

@article{DBLP:journals/tip/WangLBL22,
  author = {Wang, Jiakai and Liu, Aishan and Bai, Xiao and Liu, Xianglong},
  title = {Universal Adversarial Patch Attack for Automatic Checkout Using Perceptual
                    and Attentional Bias},
  journal = {{IEEE} Trans. Image Process.},
  volume = {31},
  pages = {598--611},
  year = {2022},
  url = {https://doi.org/10.1109/TIP.2021.3127849},
  doi = {10.1109/TIP.2021.3127849},
  timestamp = {Wed, 19 Oct 2022 13:34:35 +0200},
  biburl = {https://dblp.org/rec/journals/tip/WangLBL22.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

CVPR 2022

Defensive Patches for Robust Recognition in the Physical World

Jiakai Wang, Zixin Yin, Pengfei Hu, and 5 more authors

In IEEE/CVF Conference on Computer Vision and Pattern Recognition, CVPR 2022, New Orleans, LA, USA, June 18-24, 2022, 2022

DOI Bib

@inproceedings{DBLP:conf/cvpr/WangYHLTQLT22,
  author = {Wang, Jiakai and Yin, Zixin and Hu, Pengfei and Liu, Aishan and Tao, Renshuai and Qin, Haotong and Liu, Xianglong and Tao, Dacheng},
  title = {Defensive Patches for Robust Recognition in the Physical World},
  booktitle = {{IEEE/CVF} Conference on Computer Vision and Pattern Recognition,
                    {CVPR} 2022, New Orleans, LA, USA, June 18-24, 2022},
  pages = {2446--2455},
  publisher = {{IEEE}},
  year = {2022},
  url = {https://doi.org/10.1109/CVPR52688.2022.00249},
  doi = {10.1109/CVPR52688.2022.00249},
  timestamp = {Sun, 19 Jan 2025 13:39:04 +0100},
  biburl = {https://dblp.org/rec/conf/cvpr/WangYHLTQLT22.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

ACM CCS 2022

Harnessing Perceptual Adversarial Patches for Crowd Counting

Shunchang Liu^†, Jiakai Wang^†, Aishan Liu, and 4 more authors

In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, 2022

DOI Bib

@inproceedings{DBLP:conf/ccs/LiuWLLG0T22,
  author = {Liu, Shunchang and Wang, Jiakai and Liu, Aishan and Li, Yingwei and Gao, Yijie and Liu, Xianglong and Tao, Dacheng},
  editor = {Yin, Heng and Stavrou, Angelos and Cremers, Cas and Shi, Elaine},
  title = {Harnessing Perceptual Adversarial Patches for Crowd Counting},
  booktitle = {Proceedings of the 2022 {ACM} {SIGSAC} Conference on Computer and
                    Communications Security, {CCS} 2022, Los Angeles, CA, USA, November
                    7-11, 2022},
  pages = {2055--2069},
  publisher = {{ACM}},
  year = {2022},
  url = {https://doi.org/10.1145/3548606.3560566},
  doi = {10.1145/3548606.3560566},
  timestamp = {Sat, 17 Dec 2022 01:15:29 +0100},
  biburl = {https://dblp.org/rec/conf/ccs/LiuWLLG0T22.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

Arxiv 2023

Adversarial Examples in the Physical World: A Survey

Jiakai Wang, Donghua Wang, Jin Hu, and 5 more authors

CoRR, 2023

DOI Bib

@article{DBLP:journals/corr/abs-2311-01473,
  author = {Wang, Jiakai and Wang, Donghua and Hu, Jin and Wu, Siyang and Jiang, Tingsong and Yao, Wen and Liu, Aishan and Liu, Xianglong},
  title = {Adversarial Examples in the Physical World: {A} Survey},
  journal = {CoRR},
  volume = {abs/2311.01473},
  year = {2023},
  url = {https://doi.org/10.48550/arXiv.2311.01473},
  doi = {10.48550/ARXIV.2311.01473},
  eprinttype = {arXiv},
  eprint = {2311.01473},
  timestamp = {Tue, 07 Nov 2023 18:17:14 +0100},
  biburl = {https://dblp.org/rec/journals/corr/abs-2311-01473.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

IEEE TIFS

Adversarial Examples Against WiFi Fingerprint-Based Localization in the Physical World

Jiakai Wang^†, Ye Tao^†, Yichi Zhang, and 5 more authors

IEEE Trans. Inf. Forensics Secur., 2024

DOI Bib

@article{DBLP:journals/tifs/WangTZLKTYL24,
  author = {Wang, Jiakai and Tao, Ye and Zhang, Yichi and Liu, Wanting and Kong, Yusheng and Tan, Shaolin and Yan, Rongen and Liu, Xianglong},
  title = {Adversarial Examples Against WiFi Fingerprint-Based Localization in
                    the Physical World},
  journal = {{IEEE} Trans. Inf. Forensics Secur.},
  volume = {19},
  pages = {8457--8471},
  year = {2024},
  url = {https://doi.org/10.1109/TIFS.2024.3453041},
  doi = {10.1109/TIFS.2024.3453041},
  timestamp = {Mon, 03 Mar 2025 22:25:02 +0100},
  biburl = {https://dblp.org/rec/journals/tifs/WangTZLKTYL24.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

IJCAI 2024

Vision-fused Attack: Advancing Aggressive and Stealthy Adversarial Text against Neural Machine Translation

Yanni Xue, Haojie Hao, Jiakai Wang^*, and 5 more authors

In Proceedings of the Thirty-Third International Joint Conference on Artificial Intelligence, IJCAI 2024, Jeju, South Korea, August 3-9, 2024, 2024

Bib

@inproceedings{DBLP:conf/ijcai/XueHWSTLF024,
  author = {Xue, Yanni and Hao, Haojie and Wang, Jiakai and Sheng, Qiang and Tao, Renshuai and Liang, Yu and Feng, Pu and Liu, Xianglong},
  title = {Vision-fused Attack: Advancing Aggressive and Stealthy Adversarial
                    Text against Neural Machine Translation},
  booktitle = {Proceedings of the Thirty-Third International Joint Conference on
                    Artificial Intelligence, {IJCAI} 2024, Jeju, South Korea, August 3-9,
                    2024},
  pages = {6606--6614},
  publisher = {ijcai.org},
  year = {2024},
  url = {https://www.ijcai.org/proceedings/2024/730},
  timestamp = {Mon, 21 Oct 2024 07:58:43 +0200},
  biburl = {https://dblp.org/rec/conf/ijcai/XueHWSTLF024.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

CVPR 2024

NAPGuard: Towards Detecting Naturalistic Adversarial Patches

Siyang Wu, Jiakai Wang^*, Jiejie Zhao, and 2 more authors

In IEEE/CVF Conference on Computer Vision and Pattern Recognition, CVPR 2024, Seattle, WA, USA, June 16-22, 2024, 2024

DOI Bib

@inproceedings{DBLP:conf/cvpr/WuWZW024,
  author = {Wu, Siyang and Wang, Jiakai and Zhao, Jiejie and Wang, Yazhe and Liu, Xianglong},
  title = {NAPGuard: Towards Detecting Naturalistic Adversarial Patches},
  booktitle = {{IEEE/CVF} Conference on Computer Vision and Pattern Recognition,
                    {CVPR} 2024, Seattle, WA, USA, June 16-22, 2024},
  pages = {24367--24376},
  publisher = {{IEEE}},
  year = {2024},
  url = {https://doi.org/10.1109/CVPR52733.2024.02300},
  doi = {10.1109/CVPR52733.2024.02300},
  timestamp = {Sun, 19 Jan 2025 13:39:05 +0100},
  biburl = {https://dblp.org/rec/conf/cvpr/WuWZW024.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

S&P 2024

Transferable Multimodal Attack on Vision-Language Pre-training Models

Haodi Wang, Kai Dong^*, Zhilei Zhu, and 5 more authors

In IEEE Symposium on Security and Privacy, SP 2024, San Francisco, CA, USA, May 19-23, 2024, 2024

DOI Bib

@inproceedings{DBLP:conf/sp/WangDZQLFWL24,
  author = {Wang, Haodi and Dong, Kai and Zhu, Zhilei and Qin, Haotong and Liu, Aishan and Fang, Xiaolin and Wang, Jiakai and Liu, Xianglong},
  title = {Transferable Multimodal Attack on Vision-Language Pre-training Models},
  booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2024, San Francisco,
                    CA, USA, May 19-23, 2024},
  pages = {1722--1740},
  publisher = {{IEEE}},
  year = {2024},
  url = {https://doi.org/10.1109/SP54263.2024.00102},
  doi = {10.1109/SP54263.2024.00102},
  timestamp = {Fri, 27 Sep 2024 16:24:56 +0200},
  biburl = {https://dblp.org/rec/conf/sp/WangDZQLFWL24.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

IJCV

Generate Transferable Adversarial Physical Camouflages via Triplet Attention Suppression

Jiakai Wang, Xianglong Liu, Zixin Yin, and 5 more authors

Int. J. Comput. Vis., 2024

DOI Bib

@article{DBLP:journals/ijcv/WangLYWGQWL24,
  author = {Wang, Jiakai and Liu, Xianglong and Yin, Zixin and Wang, Yuxuan and Guo, Jun and Qin, Haotong and Wu, Qingtao and Liu, Aishan},
  title = {Generate Transferable Adversarial Physical Camouflages via Triplet
                    Attention Suppression},
  journal = {Int. J. Comput. Vis.},
  volume = {132},
  number = {11},
  pages = {5084--5100},
  year = {2024},
  url = {https://doi.org/10.1007/s11263-024-02098-4},
  doi = {10.1007/S11263-024-02098-4},
  timestamp = {Mon, 03 Mar 2025 21:40:41 +0100},
  biburl = {https://dblp.org/rec/journals/ijcv/WangLYWGQWL24.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  selected = true,
}

WWW 2025(Oral)

Dual Intention Escape: Jailbreak Attack against Large Language Models

Xue Yanni, Wang Jiakai^*, Yin Zixin, and 4 more authors

In THE WEB CONFERENCE 2025, 2025

Bib

@inproceedings{xue2025dual,
  title = {Dual Intention Escape: Jailbreak Attack against Large Language Models},
  author = {Yanni, Xue and Jiakai, Wang and Zixin, Yin and Yuqing, Ma and Haotong, Qin and Renshuai, Tao and Xianglong, Liu},
  booktitle = {THE WEB CONFERENCE 2025},
  year = {2025},
  selected = true,
}

ICASSP 2025

Generating Targeted Universal Adversarial Perturbation against Automatic Speech Recognition via Phoneme Tailoring

Zhang Yujun, Chen Yanqu, Wang Jiakai^*, and 3 more authors

In ICASSP 2025-2025 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2025

Bib

@inproceedings{zhang2025generating,
  title = {Generating Targeted Universal Adversarial Perturbation against Automatic Speech Recognition via Phoneme Tailoring},
  author = {Yujun, Zhang and Yanqu, Chen and Jiakai, Wang and Jin, Hu and Renshuai, Tao and Xianglong, Liu},
  booktitle = {ICASSP 2025-2025 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)},
  pages = {1--5},
  year = {2025},
  organization = {IEEE},
  selected = true,
}