| jTrans: jump-aware transformer for binary code similarity detection H Wang*, W Qu*, G Katz, W Zhu, Z Gao, H Qiu, J Zhuge, C Zhang ISSTA 2022, 2022 | 204 | 2022 |
| EncoderMI: Membership inference against pre-trained encoders in contrastive learning H Liu, J Jia, W Qu, NZ Gong CCS 2021, 2021 | 130 | 2021 |
| A comprehensive survey in llm (-agent) full stack safety: Data, training and deployment K Wang, G Zhang, Z Zhou, J Wu, M Yu, S Zhao, C Yin, J Fu, Y Yan, H Luo, ... arXiv preprint arXiv:2504.15585, 2025 | 74 | 2025 |
| Guardreasoner: Towards reasoning-based llm safeguards Y Liu, H Gao, S Zhai, J Xia, T Wu, Z Xue, Y Chen, K Kawaguchi, J Zhang, ... arXiv preprint arXiv:2501.18492, 2025 | 60 | 2025 |
| Provably robust multi-bit watermarking for ai-generated text W Qu, D Yin, Z He, W Zou, T Tao, J Jia, J Zhang USENIX Security 2025, 2024 | 49* | 2024 |
| Mass personalization strategy under Industrial Internet of Things: a case study on furniture production J Ding, M Wang, X Zeng, W Qu*, VS Vassiliadis Advanced Engineering Informatics, 2021 | 31 | 2021 |
| An efficient and extensible zero-knowledge proof framework for neural networks T Lu, H Wang, W Qu, Z Wang, J He, T Tao, W Chen, J Zhang Cryptology ePrint Archive, 2024 | 26 | 2024 |
| Pandora: Detailed llm jailbreaking via collaborated phishing agents with decomposed reasoning Z Chen, Z Zhao, W Qu, Z Wen, Z Han, Z Zhu, J Zhang, H Yao ICLR 2024 Workshop on Secure and Trustworthy Large Language Models, 2024 | 25 | 2024 |
| MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples J Jia*, W Qu*, NZ Gong NIPS 2022, 2022 | 21 | 2022 |
| zkGPT: An Efficient Non-interactive Zero-knowledge Proof Framework for LLM Inference W Qu, Y Sun, X Liu, T Lu, Y Guo, K Chen, J Zhang 34th USENIX Security Symposium, 2025 | 18 | 2025 |
| HyperPianist: Pianist with Linear-Time Prover and Logarithmic Communication Cost C Li, P Zhu, Y Li, C Hong, W Qu, J Zhang 2025 IEEE Symposium on Security and Privacy (SP), 3383-3401, 2025 | 14* | 2025 |
| Prompt Inversion Attack against Collaborative Inference of Large Language Models W Qu, Y Zhou, Y Wu, T Xiao, B Yuan, Y Li, J Zhang S&P 2025, 2025 | 14 | 2025 |
| Lazarus: Resilient and Elastic Training of Mixture-of-Experts Models with Adaptive Expert Placement Y Wu*, W Qu*, T Tao, Z Wang, W Bai, Z Li, Y Tian, J Zhang, M Lentz, ... arXiv preprint arXiv:2407.04656, 2024 | 11 | 2024 |
| Deepfold: Efficient multilinear polynomial commitment from reed-solomon code and its application to zero-knowledge proofs Y Guo, X Liu, K Huang, W Qu, T Tao, J Zhang 34th USENIX Security Symposium, 2024 | 11 | 2024 |
| Memorization and privacy risks in domain-specific large language models X Yang, Z Wen, W Qu, Z Chen, Z Xiang, B Chen, H Yao ICLR Reliable and Responsible Foundation Models Workshop, 2024 | 11 | 2024 |
| REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service W Qu, J Jia, NZ Gong NDSS 2023, 2023 | 9 | 2023 |
| Pre-trained encoders in self-supervised learning improve secure and privacy-preserving supervised learning H Liu*, W Qu*, J Jia, NZ Gong 2024 IEEE Security and Privacy Workshops (SPW), 144-156, 2024 | 6 | 2024 |
| A Certified Radius-Guided Attack Framework to Image Segmentation Models W Qu, Y Li, B Wang EuroSP 2023, 2023 | 6 | 2023 |
| Silent leaks: Implicit knowledge extraction attack on rag systems through benign queries Y Wang, W Qu, S Zhai, Y Jiang, Z Liu, Y Liu, Y Dong, J Zhang arXiv preprint arXiv:2505.15420, 2025 | 5 | 2025 |
| Sparse autoencoder as a zero-shot classifier for concept erasing in text-to-image diffusion models Z Tian, S Nan, M Xu, S Zhai, W Qu, J Liu, R Jia, J Zhang arXiv preprint arXiv:2503.09446, 2025 | 5 | 2025 |
Jiaheng ZhangPresidential Young Professor, National University of Singapore. PhD@UC BerkeleyVerified email at nus.edu.sg
