Chang Liu
Postdoc
University of California, Berkeley

Curriculum Vitae

Office: 723, Soda Hall, UC Berkeley
E-mail: liuchang at eecs dot berkeley dot edu

Biography

I am now a Postdoctoral scholar at UC Berkeley, working with Prof. Dawn Song. I obtained my PhD from University of Maryland, College Park, in Summar, 2016, under the supervision of Prof. Elaine Shi, and Prof. Michael Hicks .

Research Interests: Deep Learning, Security, Programming Languages

I am on the job market this year. Find my research statement and teaching statement.

Updates

[Apr, 2018] Our paper "Curriculum Adversarial Training" with Qi-Zhi Cai, Min Du, and Dawn Song has been accepted to IJCAI 2018!

[Feb, 2018] Our paper "Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning" with Matthew Jagielski, Alina Oprea, Battista Biggio, Cristina Nita-Rotaru, and Bo Li has been accepted to Oakland 2018!

[Feb, 2018] Our paper "Fooling Vision and Language Models Despite Localization and Attention Mechanism" with Xiaojun Xu, et al. has been accepted to CVPR 2018!

[Jan, 2018] Our paper "A Machine Learning Approach To Prevent Malicious Calls Over Telephony Networks" with Huichen Li, et al. has been conditionally accepted to Oakland 2018!

[Jan, 2018] Our paper "Tree-to-tree Neural Networks for Program Translation" with Xinyun Chen and Dawn Song has been accepted to ICLR Workshop 2018!

[Jan, 2018] Our paper "Towards Synthesizing Complex Programs From Input-Output Examples" with Xinyun Chen and Dawn Song has been accepted ICLR 2018!

[Dec, 2018] I am co-chairing Machine Learning and Security workshop accompanying NIPS 2017.

[Dec, 2018] I am chairing Deep Learning and Security Workshop Research Forum 2017.

Selected Publications (full list can be found here)

    Security of Machine Learning Systems

    • Nicholas Carlini, Chang Liu, Jernej Kos, Úlfar Erlingsson, Dawn Song, The Secret Sharer: Measuring Unintended Neural Network Memorization & Extracting Secrets [arXiv]
      Preprint
      Media coverage: [The Register][Schneier on Security]

    • Xinyun Chen, Chang Liu, Bo Li, Kimberly Lu, and Dawn Song, Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning [arXiv]
      Preprint
      Media coverage: [Motherboard][The Register]

    • Matthew Jagielski, Alina Oprea, Battista Biggio, Chang Liu, Cristina Nita-Rotaru, and Bo Li, Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning [arXiv]
      to appear in Proceedings of the 39th IEEE Symposium on Security and Privacy (Oakland '18), San Francisco, CA, USA

    • Xiaojun Xu, Xinyun Chen, Chang Liu, Anna Rohrbach, Trevor Darell, and Dawn Song, Fooling Vision and Language Models Despite Localization and Attention Mechanism
      to appear in Proceedings of the Thirtieth IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2018), Salt Lake City, Utah, USA
      (originally available on arXiv under name "Can you fool AI with adversarial examples on a visual Turing test?")

    • Chang Liu, Bo Li, Yevgeniy Vorobeychik, and Alina Oprea, Robust Linear Regression Against Training Data Poisoning [PDF]
      in Proceedings of 10th ACM Workshop on Artificial Intelligence and Security (AISec 17), Dallas, TX, USA
      (Best Paper Award)

    • Yanpei Liu, Xinyun Chen, Chang Liu, and Dawn Song, Delving into Transferable Adversarial Examples and Black-box Attacks [arXiv]
      in Proceedings of 5th International Conference on Learning Representations (ICLR '17), France

    Deep Learning and Programming Languages

    • Xiaojun Xu, Chang Liu, and Dawn Song, SQLNet: Generating Structured Queries From Natural Language Without Reinforcement Learning [arXiv][Github]
      Preprint
      at the top of WikiSQL Leader Board

    • Xinyun Chen, Chang Liu, and Dawn Song, Tree-to-tree Neural Networks for Program Translation [OpenReview]
      to appear in Proceedings of 6th International Conference on Learning Representations Workshop (ICLR Workshop '18), Vancouver, CANADA

    • Xinyun Chen, Chang Liu, and Dawn Song, Towards Synthesizing Complex Programs From Input-Output Examples [OpenReview][arXiv]
      to appear in Proceedings of 6th International Conference on Learning Representations (ICLR '18), Vancouver, CANADA

    • Xiaojun Xu, Chang Liu, Qian Feng, Heng Yin, Dawn Song, and Le Song, Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection [arXiv][PPTX]
      in Proceedings of 24th ACM Conference on Computer and Communications Security (CCS '17), Dallas, TX, USA

    • Xinyun Chen, Chang Liu, Richard Shin, Dawn Song, and Mingcheng Chen, Latent Attention For If-Then Program Synthesis [PDF][Supplementary Material]
      in Proceedings of the 29th Advances in Neural Information Processing Systems (NIPS '16), Barcelona, Spain

    Programming Languages and Security (Trace Oblivious Computation)

Talks

  • Opening Remarks at Deep Learning and Security Workshop Research Forum 2017, Singapore Dec 14, 2017 [PPTX]
  • Robust Linear Regression Against Training Data Poisoning, at AISec 2017, Nov 3, 2017
  • Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection, at CCS 2017, Oct 30, 2017
  • Synergy Between Deep Learning and Security, Google Cloud AI, Sep 28, 2017
  • Synergy Among Deep Learning, Security, and Programming Languages, MSR, Redmond Jun 29, 2017
  • Toward building Secure applications using Programming Language and Deep Learning, Google Brain, Jun 2, 2017
  • Adversarial Deep Learning, at Deep Learning Security Workshop, Singapore, Feb 19, 2017
  • Exploring New Attack Space on Adversarial Deep Learning at GeekPwn, Palo Alto, Oct 23, 2016 [PPTX]
  • Oblivious Network RAM and Leveraging Parallelism to Achieve Obliviousness at ASIACRYPT 15, Dec 2, 2015
  • ObliVM: A Programming Framework for Secure Computation at CSAW 15, Nov 13, 2015 [PDF]
  • Trace Oblivious Program Execution: A Programming Language Approach in Security, at SPLASH Doctoral Symposium, Oct 27, 2015 [PPTX]
  • ObliVM + Obliv-C week presenter, Sep, 22-25, 2015, at Cornell
  • ObliVM: A Programming Framework for Secure Computation at Oakland 2015, May 19, 2015 [PPT]
  • ObliVM: A Programming Framework for Secure Computation at DCAPS 2015, May 4, 2015 [PPT]
  • Memory Trace Oblivious Program Execution for Cloud Computing at HotSoS 2015 (Invited talk), April 21, 2015 [PPT]
  • GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation at ASPLOS 2015, March 16, 2015 [PPT]
  • Automating Distributed Partial Aggregation at SoCC 2014, Nov 3, 2014 [PPTX]
  • Memory Trace Oblivious Program Execution at DCAPS, May 23, 2014
  • Automating Efficient RAM-Model Secure Computation at Oakland 2014, May 21, 2014 [PPT]
  • SAC: Semantic Adaptive Caching for Spatial Mobile Applications at SIGGIS 2013, Nov 7, 2013
  • Memory Trace Oblivious Program Execution at LOLA 2013, June 29, 2013
  • Memory Trace Oblivious Program Execution at CSF 2013, June 26, 2013 [PPT]
  • Large Scale Fuzzy pD* Reasoning using MapReduce at ISWC 2011, Oct 25, 2011 [PPT]
  • Fuzzy Reasoning over RDF Data Using OWL Vocabulary at WI 2011, Aug 24, 2011

Services

    Program Committee

    • ICML 2018
    • NDSS 2018
    • Machine Learning and Computer Security Workshop 2017, co-located with NIPS 2017 (Program Chair)
    • The 1st Singapore CyberSecurity Consortium (SGCSC), Feb 2017 (General Chair)
    • The 2nd Singapore CyberSecurity Consortium (SGCSC) Research Forum, Dec 2017 (Program Chair)
    • Oakland 2016 (Student PC)

    Conference Reviewer

    • Oakland 2016, 2018
    • NDSS 2018
    • NIPS 2016
    • CCS 2016
    • POPL 2016
    • CSF 2014, 2015
    • ESWC 2011, 2014
    • SUM 2012

    Journal Reviewer

    • TKDE 2013
    • The Journal of Web Semantics 2011
Updated on December 2015 by Chang Liu