avatar

Zihan Wang

Ph.D. Student
School of EECS,
The University of Queensland
zihan.wang[at]uq[dot]edu[dot]au


About Me

I am a PhD student at the University of Queensland, working under the supervision of A/Prof. Guangdong Bai and Dr. Jason Xue. I’m currently serving as the HDR representative for the CSS discipline. My research is generously supported by the RTP Scholarship and CSIRO’s Data61 Top-up Scholarship. I am also honored with the Google PhD Fellowship, 2024.

Research Interests

My research interests are to tackle real-world security & privacy issues of ML systems in a formally verifiable manner. I also work closely with my colleague Zhongkui Ma on neural network verification (NNV). Some of my recent projects include:

AI Model Usage Control

ML Privacy Compliance

Efficient Machine Learning

News

Older news (2022–2023)
  • [Dec. 2023] Our paper on deep data hiding has been accepted to IEEE TCSS.
  • [Oct. 2023] Our paper on knowledge distillation has been accepted to WACV’24.
  • [Aug. 2023] Our paper on formalizing LMs perturbation has been accepted to ICFEM’23.
  • [Dec. 2022] Graduated with a B.CS (Adv.) from the University of Adelaide (2020–22).
  • [Nov. 2022] Presented at my first conference, NeurIPS, in New Orleans!
  • [Sep. 2022] Our paper on multi-modal model MIA has been accepted to NeurIPS’22.

Selected Publications

  1. WWW'25
    AI Model Modulation with Logits Redistribution
    Zihan Wang, Zhongkui Ma, Xinguo Feng, Zhiyang Mei, Zhiyong Ma, Derui Wang, Minhui Xue, Guangdong Bai.
    The Web Conference (WWW), Apr. 2025.
    PDF
    BibTeX 
    @inproceedings{wang2025aim,
  title={AI Model Modulation with Logits Redistribution},
  author={Wang, Zihan and Ma, Zhongkui and Feng, Xinguo and Mei, Zhiyang and Ma, Zhiyong and Wang, Derui and Wang, Hu and Xue, Minhui and Bai, Guangdong.},
  year = {2025},
  publisher = {Association for Computing Machinery},
  address = {New York, NY, USA},
  url = {https://doi.org/10.1145/3696410.3714737},
  doi = {10.1145/3696410.3714737},
  booktitle = {Proceedings of the ACM Web Conference 2025},
  location = {Sydney, Australia},
  series = {WWW'25}
}
  2. OOPSLA'25
    Convex Hull Approximation for Activation Functions
    Zhongkui Ma, Zihan Wang, Guangdong Bai.
    The ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), Oct. 2025.
    PDF
    BibTeX 
    @inproceedings{}
  3. S&P'24
    CoreLocker: Neuron-level Usage Control
    Zihan Wang, Zhongkui Ma, Xinguo Feng, Ruoxi Sun, Hu Wang, Minhui Xue, Guangdong Bai.
    IEEE Symposium on Security and Privacy (S&P), Mar. 2024.
    PDF Website
    BibTeX 
    @inproceedings{wang2024corelocker,
  title={CoreLocker: Neuron-level Usage Control},
  author={Wang, Zihan and Ma, Zhongkui and Feng, Xinguo and Sun, Ruoxi and Wang, Hu and Xue, Minhui and Bai, Guangdong.},
  booktitle={IEEE Symposium on Security and Privacy (S\&P)},
  doi = {10.1109/SP54263.2024.00182},
  url = {https://doi.ieeecomputersociety.org/10.1109/SP54263.2024.00182},
  pages={2497--2514},
  year={2024}
}
  4. TCSS
    Data Hiding With Deep Learning: A Survey Unifying Digital Watermarking and Steganography
    Zihan Wang, Olivia Byrnes, Hu Wang, Ruoxi Sun, Congbo Ma, Huaming Chen, Qi Wu, Minhui Xue.
    IEEE Transactions on Computational Social Systems (TCSS), Dec. 2023.
    PDF
    BibTeX 
    @article{wang2023data,
  title={Data hiding with deep learning: a survey unifying digital watermarking and steganography},
  author={Wang, Zihan and Byrnes, Olivia and Wang, Hu and Sun, Ruoxi and Ma, Congbo and Chen, Huaming and Wu, Qi and Xue, Minhui},
  journal={IEEE Transactions on Computational Social Systems},
  year={2023},
  publisher={IEEE}
}
  5. USENIX'24
    Being Transparent is Merely the Beginning: Enforcing Purpose Limitation with Polynomial Approximation
    Shuofeng Liu, Zihan Wang, Minhui Xue, Long Wang, Yuanchao Zhang, Guangdong Bai.
    USENIX Security, Feb. 2024.
    PDF
    BibTeX 
    @inproceedings{liu2024purpose,
  title={Being Transparent is Merely the Beginning: Enforcing Purpose Limitation with Polynomial Approximation},
  author={Liu, Shuofeng and Wang, Zihan and Xue, Minhui and Wang, Long and Zhang, Yuanchao and Bai, Guangdong.},
  journal={USENIX Security},
  year={2024}
}
  6. CCS'24
    Uncovering Gradient Inversion Risks in Practical Language Model Training
    Xinguo Feng, Zhongkui Ma, Zihan Wang, Chegne Eu Joe, Mengyao Ma, Alsharif Abuadbba, Guangdong Bai.
    ACM Computer and Communications Security Conference (CCS), Aug. 2024.
    PDF
    BibTeX 
    @inproceedings{
}
  7. NeurIPS'22
    M4I: Multi-modal Models Membership Inference
    Pingyi Hu, Zihan Wang, Ruoxi Sun, Hu Wang, Minhui Xue.
    Neural Information Processing Systems (NeurIPS), Sep. 2022.
    PDF
    BibTeX 
    @inproceedings{hu2022m,
  title={M $\^{} 4$ I: Multi-modal Models Membership Inference},
  author={Hu, Pingyi and Wang, Zihan and Sun, Ruoxi and Wang, Hu and Xue, Minhui},
  journal={Advances in Neural Information Processing Systems},
  volume={35},
  pages={1867--1882},
  year={2022}
}
  8. WACV'24
    BPKD: Boundary Privileged Knowledge Distillation For Semantic Segmentation
    Liyang Liu, Zihan Wang, Minh Hieu Phan, Bowen Zhang, Jinchao Ge, Yifan Liu.
    IEEE/CVF Winter Conference on Applications of Computer Vision (WACV), Oct. 2023.
    PDF
    BibTeX 
    @inproceedings{liu2024bpkd,
  title={BPKD: Boundary Privileged Knowledge Distillation For Semantic Segmentation},
  author={Liu, Liyang and Wang, Zihan and Phan, Minh Hieu and Zhang, Bowen and Ge, Jinchao and Liu, Yifan},
  booktitle={Proceedings of the IEEE/CVF Winter Conference on Applications of Computer Vision},
  pages={1062--1072},
  year={2024}
}