个人简介

娄坚,副教授,博士生导师。曾于美国埃默里大学(Emory University)从事博士后研究工作,导师为Li Xiong教授(https://www.cs.emory.edu/~lxiong/)。主要研究方向包括可信大模型、大模型安全与隐私保护、数据隐私保护、数据质量评估等。近年来在人工智能、安全与隐私保护、数据库等领域发表论文70余篇,其中NeurIPS、ICML、ACM CCS、IEEE S&P、USENIX Sec、ICCV、CVPR、SIGMOD、VLDB、WWW、IEEE TDSC等CCF-A或中科院一区论文40余篇,获得安全与隐私保护国际顶级会议ACM CCS 2024杰出论文奖(Distinguished Paper Award),澳洲密码年会ACISP 2025最佳论文奖(Best Paper Award),国际会议IEEE/WIC/ACM WI-IAT 2020最佳理论论文奖(Best in Theoretical Paper Award)等,研究成果曾获国际知名科技媒体New Scientist报道。担任人工智能顶会ICML、ICLR领域主席、AAAI高级程序委员,安全与隐私保护顶会ACM CCS程序委员,数据库顶会VLDB程序委员。

常年招收大模型安全与隐私保护方向博士后,常年招收大二、大三有志于科研的本科生,欢迎感兴趣的同学联系!

课题组快讯

  • 2025/09:两篇论文分别获数据挖掘顶刊TKDE、信息安全顶刊TDSC录用

  • 2025/08:一篇论文获信息安全顶会CCS 2025录用

  • 2025/08:获邀担任ICLR 2026领域主席、CCS 2026程序委员
  • 2025/08:指导本科生获全国高校电气电子工程创新大赛一等奖与二等奖
  • 2025/08:两篇论文分别获EMNLP Findings 2025、CIKM 2025录用
  • 2025/07:获澳洲密码年会ACISP最佳论文奖
  • 2025/07:获邀担任AAAI 2026高级程序委员
  • 2025/06:一篇论文获信息安全顶会USENIX Security 2025录用
  • 2025/05:三篇论文获人工智能顶会ICML 2025录用
  • 2025/05:两篇论文分别获人工智能顶会IJCAI 2025、ACL Findings 2025录用

学术服务

  • 领域主席(Area Chair): 人工智能顶会ICLR 2026; ICML 2024-2025
  • 高级程序委员(Senior PC Member): 人工智能顶会AAAI 2025-2026
  • 程序委员(PC Member): 信息安全顶会ACM CCS 2024-2026、2022;IEEE EuroS&P 2025;数据库顶会VLDB 2023-2024
  • 审稿人:NeurIPS、ICLR、KDD、AAAI、IJCAI、TDSC、TKDE等顶会顶刊

研究与招生

招生方向包括但不限于可信大模型、机器学习、数据挖掘、数学建模、数据治理、大模型安全与隐私保护等。课题组为科研表现优异的同学提供多种形式的海内外高校学术交流访问和深造机会,为优秀硕士生提供硕转博衔接培养机会。

  • 欢迎有意来中山大学做博士后的同学与我们联系,招收多名可信大模型方向博士后!
  • 欢迎对科研感兴趣或想体验科研的本科同学联系,参与科研实习、大创、学科竞赛、答疑解惑等形式都可以!

联系方式为邮箱louj5@mail.sysu.edu.cn或翰林1号 B307 线下交流。

代表性论文

(全部列表详见个人主页https://sites.google.com/view/jianlou,其中*代表指导的学生)

2025

  1. [ACISP] Xiaoyu Zhang, Yong Lin, Meixia Miao, Jian LouJin LiXiaofeng Chen, “Zeroth-Order Federated Private Tuning for Pretrained Large Language Models", ACISP'25 (Best Paper Award).
  2. [ACM CCS, CCF-A] with Chenyang Zhang*, Xiaoyu ZhangKai Wu, “PreferCare: Preference Dataset Copyright Protection in LLM Alignment by Watermark Injection and Verification", ACM CCS'25.
  3. [USENIX Sec, CCF-A] with Jiawen Zhang*, Kejia Chen*, Lipeng HeDan LiZunlei FengMingli SongJian Liu, Kui Ren, Xiaohu Yang, “Activation Approximations Can Incur Safety Vulnerabilities in Aligned LLMs: Comprehensive Analysis and Defense"USENIX Sec'25.[arXiv]
  4. [ICML, CCF-A] with Chenyang Zhang*, Xiaoyu ZhangKai WuZilong WangXiaofeng Chen, “PoisonedEye: Knowledge Poisoning Attack on Retrieval-Augmented Generation based Large Vision-Language Models", ICML'25.[Link]
  5. [ICML, CCF-A] with Kejia Chen*, Jiawen Zhang*, Jiacong Hu, Yu Wang, Zunlei FengMingli Song, “Assessing Safety Risks and Quantization-aware Safety Patching for Quantized Large Language Models"ICML'25.[Link]
  6. [ICML, CCF-AYuecheng Li, Lele Fu, Tong Wang, Jian Lou, Bin Chen, Lei Yang, Jian Shen, Zibin ZhengChuan Chen, “Clients Collaborate: Flexible Differentially Private Federated Learning with Guaranteed Improvement of Utility-Privacy Trade-off", ICML'25.[arXiv]
  7. [IJCAI, CCF-AHong kyu Lee, Qiuchen Zhang, Carl Yang, Jian LouLi Xiong,“Contrastive Unlearning: A Contrastive Approach to Machine Unlearning", IJCAI'25.[arXiv]
  8. [CIKMZhuomin Chen*, Dan Li, Jiahui Zhou*, Shunyu Wu*, Haozhen Ye*, Jian LouSee-Kiong Ng, “Activation Approximations Can Incur Safety Vulnerabilities in Aligned LLMs: Comprehensive Analysis and Defense"CIKM'25.
  9. [ACL, CCF-AYukai Zhou, Jian Lou, Zhijie Huang, Zhan Qin, Sibei YangWenjie Wang, “Don't Say No: Jailbreaking LLM by Suppressing Refusal", ACL Findings'25.[arXiv]
  10. [EMNLP, CCF-AFenghua Weng, Jian Lou, Jun Feng, Minlie Huang, Wenjie Wang, “Adversary-Aware DPO: Enhancing Safety Alignment in Vision Language Models via Adversarial Training", EMNLP Findings'25.[arXiv]
  11. [AMIAYifei Ren, Linghui Zeng, Jian LouLi XiongJoyce HoXiaoqian Jiang, Sivasubramanium Bhavani, “Unraveling Complex Temporal Patterns in EHRs via Robust Irregular Tensor Factorization"AMIA Informatics Summit'25.
  12. [TKDE, CCF-A] Zhigang Wang, Yizhen Yu, Mingxin Li, Jian Lou, Ning Wang, Yu Gu, Shen Su, Yuan Liu, Hui Jiang, Zhihong Tian, “FELEMN: Toward Efficient Feature-Level Machine Unlearning for Exact Privacy Protection", IEEE Transactions on Knowledge and Data Engineering, 2025.
  13. [TDSC, CCF-AQiao Xue, Qingqing YeHaibo HuJian LouJin Li, Chengfang Fang, Jie Shi, “LabelDP Leaks Privacy – A Tightened Correlation-aware Privacy Model for Labeled Training Data", IEEE Transactions on Dependable and Secure Computing, 2025.
  14. [TMMXiaoyu Zhang, Yulin Jin, Haoyu Tong, Jian LouKai WuXiaofeng Chen, “Purifier+ : Plug-and-play Backdoor Mitigation for Pre-trained Models via Activation Alignment", IEEE Transactions on Multimedia, 2025.
  15. Congcong Fu*, Hui LiJian LouJiangtao Cui, “Towards Answering Analytical Query over Hierarchical Histogram under Untrusted Servers", Distributed Parallel Databases, 2025.

2024

  1. [ACM CCS, CCF-A] Junxu LiuJian LouLi Xiong, Jinfei Liu, Xiaofeng Meng, “Cross-silo Federated Learning with Record-level Personalized Differential Privacy"ACM CCS'24 (Distinguished Paper Award).
  2. [ACM CCS, CCF-A] with Yuke Hu*, Jiaqi Liu*, Wangze Ni, Feng Lin, Zhan Qin, Kui Ren, “ERASER: Machine Unlearning in MLaaS via an Inference Serving-Aware Approach", ACM CCS'24.
  3. [S&P, CCF-Awith Hongwei Yao*, Zhan Qin, Kui Ren, “PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification", S&P/Oakland'24.
  4. [TDSC, CCF-Awith Xiaoyu Zhang, Chenyang Zhang*, Kai WuZilong WangXiaofeng Chen, “DuplexGuard: Safeguarding Deletion Right in Machine Unlearning via Duplex Watermarking", IEEE Transactions on Dependable and Secure Computing, 2024.
  5. [AAAI, CCF-Awith Wenjie Wang, Pengfei Tang, Yuanming Shao, Lance WallerYi-an KoLi Xiong, “IGAMT: Privacy Preserved Electronic Health Record Synthetic Approach with Heterogeneity and Irregularity", AAAI'24.
  6. [ECAIwith Jiawen Zhang*, Kejia Chen*, Zunlei FengMingli Song, “SecPE: Secure Prompt Ensembling for Private and Robust Large Language Models"ECAI'24.
  7. [NeurIPS, CCF-AKai Wu, Yujian Li, Jian LouXiaoyu Zhang, Handing Wang, Jing Liu, “Rapid Plug-in Defenders", NeurIPS'24.
  8. [SIGMOD, CCF-ACongcong Fu*, Hui LiJian Lou, Huizhen Li, Jiangtao Cui, “DP-starJ: A Differentially Private Scheme towards Analytical Star-Join Queries", SIGMOD'24.
  9. [SIGMOD, CCF-AXiaochen Li, Weiran Liu, Jian LouYuan Hong, Lei Zhang, Zhan Qin, Kui Ren, “Local Differentially Private Heavy Hitter Detection in Data Streams with Bounded Memory", SIGMOD'24.
  10. [CVPR, CCF-AWen Yin, Jian LouPan Zhou, Yulai Xie, Dan Feng, Yuhua Sun, Tailai Zhang, Lichao Sun, “Temperature-based Backdoor Attacks on Thermal Infrared Object Detection", CVPR'24.
  11. [WWW, CCF-AQiuchen Zhang, Hong kyu Lee, Jing Ma, Jian Lou, Carl Yang, Li Xiong,“DPAR: Decoupled Graph Neural Networks with Node-Level Differential Privacy", WWW'24.
  12. [AAAI, CCF-ALanlan Chen, Kai WuJian Lou, Jing Liu, “Signed Graph Neural Ordinary Differential Equation for Modeling Continuous-time Dynamics", AAAI'24.
  13. [ACM MMvHaoyu Tong*, Xiaoyu Zhang, Yulin Jin*, Jian LouKai WuXiaofeng Chen, “Balancing Generalization and Robustness in Adversarial Training via Steering through Clean and Adversarial Gradient Directions", ACM MM'24.
  14. [DBSecFereshteh Razmi, Jian LouLi Xiong, “Does Differential Privacy Prevent Backdoor Attacks in Practice?", DBSec'24.
  15. [ICASSPHongwei Yao*, Jian Lou, Zhan Qin, “PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models", ICASSP'24.
  16. [TDSC, CCF-AYuchen Yang*, Bo Yuan*, Jian Lou, Zhan Qin, “SCRR: Stable Malware Detection under Unknown Deployment Environment Shift by Decoupled Spurious Correlations Filtering", IEEE Transactions on Dependable and Secure Computing, 2024.
  17. [TDSC, CCF-AYuke Hu*, Yang Wang, Jian Lou, Wei Liang, Ruofan Wu, Weiqiang Wang, Xiaochen Li, Jinfei Liu, Zhan Qin, “Privacy Risks of Federated Knowledge Graph Embedding: New Membership Inference Attacks and Personalized Differential Privacy Defense", IEEE Transactions on Dependable and Secure Computing, 2024.
  18. Chenyang Chen, Xiaoyu Zhang, Hongyi Qiu, Jian Lou, Zhengyang Liu, Xiaofeng Chen, “MaskArmor: Confidence Masking-based Defense Mechanism for GNN against MIA", Information Science, 2024.

2023

  1. [ACM CCS, CCF-A] Yiling He*, Jian Lou, Zhan Qin, Kui Ren, “FINER: Enhancing State-of-the-art Classifiers with Feature  Attribution to Facilitate Risk Analysis", ACM CCS'23.
  2. [NeurIPS, CCF-Awith Jiaqi Liu*, Zhan Qin, Kui Ren, “Certified Minimax Unlearning with Generalization Rates and Deletion Capacity", NeurIPS'23.
  3. [ICCV, CCF-Awith Junxu Liu*, Mingsheng Xue*, Xiaoyu ZhangLi Xiong, Zhan Qin, “MUter: Machine Unlearning on Adversarial Training Models", ICCV'23.
  4. [ACM MM, CCF-Awith Yulin Jin*, Xiaoyu ZhangXiaofeng Chen, “ACQ: Few-shot Backdoor Defense via Activation Clipping and Quantizing", ACM MM'23.
  5. [CIKMwith Shuijing Zhang*, Li XiongXiaoyu Zhang, Jing Liu, “Closed-form Machine Unlearning for Matrix Factorization", CIKM'23.
  6. [NeurIPS, CCF-AJinfei Liu, Pengyun Zhu, Long Wen, Feng Xue, Jian Lou, et al., “CAPP-130 : A Dataset of Chinese Application Privacy Policy Summarization and Interpretations", NeurIPS'23 Datasets and Benchmarks Track.
  7. [VLDB, CCF-AHaocheng Xia, Jinfei LiuJian Lou, Zhan Qin, Kui Ren, Yang CaoLi Xiong, “Equitable Data Valuation Meets the Right to be Forgotten in Model Markets", VLDB'23.
  8. [ICCV, CCF-AYulin Jin*, Xiaoyu ZhangJian Lou, Xu Ma, Xiaofeng ChenZilong Wang, “Explaining Adversarial Robustness of Neural Networks from Clustering Effect Perspective", ICCV'23.
  9. [CIKMJunxu LiuJian LouLi XiongXiaofeng Meng, “Personalized Differentially Private Federated Learning without Exposing Privacy Budgets"CIKM'23.
  10. [ECML-PKDDFereshteh Razmi, Jian Lou, Li XiongYuan Hong, “Interpretation Attacks on Interpretable Models with Electronic Health Records", ECML-PKDD'23.
  11. [ML4HYifei Ren*, Jian LouLi XiongJoyce HoXiaoqian Jiang, Sivasubramanium Bhavani, “MULTIPAR: Supervised Irregular Tensor Factorization with Multi-task Learning"ML4H'23.
  12. [TDSC, CCF-AHongwei Yao*, Zheng Li, Kunzhe Huang, Jian Lou, et al., “RemovalNet: DNN Fingerprint Removal Attacks", IEEE Transactions on Dependable and Secure Computing, 2023.

2022

  1. [ACM MM, CCF-Awith Xiaoyu Zhang, Yulin Jin*, Tao Wang, Xiaofeng Chen, “Purifier: Plug-and-play Backdoor Mitigation for Pre-trained Models Via Anomaly Activation Suppression", ACM MM'22.
  2. [ACM MM, CCF-AYuhua Sun, Tailai Zhang, Xingjun MaPan ZhouJian Lou, Zichuan Xu, Xing Di, Yu Cheng, Lichao Sun, “Backdoor Attacks on Crowd Counting", ACM MM'22.
  3. [VLDB, CCF-AJunxu Liu*, Jian LouLi Xiong, Jinfei Liu, Xiaofeng Meng, “Projected Federated Averaging with Heterogeneous Differential Privacy"VLDB'22.
  4. [ICDM] Kaixin Yuan*, Jing Liu, Jian Lou, “Higher-Order Masked Graph Neural Networks for Traffic Flow Prediction", ICDM'22.
  5. [CIKMFarnaz Tahmasebian*, Jian LouLi Xiong, “RobustFed: A Truth Inference Approach for Robust Federated Learning", CIKM'22.
  6. [CIKMCongcong Fu*, Hui LiJian LouJiangtao Cui, “DP-HORUS: Differentially Private Hierarchical Count Histograms under Untrusted Server", CIKM'22.
  7. [TDSC, CCF-APengfei Tang*, Wenjie Wang*, Jian LouLi Xiong, “Generating Adversarial Examples with Distance Constrained Adversarial Imitation Networks"IEEE Transactions on Dependable and Secure Computing, 2022.

2021

  1. [ICCV, CCF-Awith Haowen Lin*, Li XiongCyrus Shahabi, “Integer-arithmetic-only Certified Robustness for Quantized Neural Networks"ICCV'21.
  2. [WWW, CCF-Awith Jing Ma*, Qiuchen Zhang*, Li XiongJoyce Ho, “Communication Efficient Federated Generalized Tensor Factorization for Collaborative Health Data Analytics", WWW'21.
  3. [IJCAI, CCF-Awith Qiuchen Zhang*, Jing Ma*, Li Xiong, “Private Stochastic Non-convex Optimization with Improved Utility Rates", IJCAI'21. 
  4. [NAACLwith Wenjie Wang*, Pengfei Tang*, Li Xiong, “Certified Robustness to Word Substitution Attack with Differential Privacy"NAACL'21.
  5. [TNNLSwith Yiu-ming Cheung, “An Uplink Communication Efficient Approach to Feature-wise Distributed Sparse Optimization with Differential Privacy”, IEEE Transactions on Neural Networks and Learning Systems, 2021.
  6. [VLDB, CCF-AJinfei Liu, Jian LouJunxu LiuLi XiongJian PeiJimeng Sun, “Dealer: An End-to-End Model Marketplace with Differential Privacy"VLDB'21.
  7. [VLDB, CCF-AJinfei Liu, Qiongqiong Lin, Jiayao Zhang, et al., “Demonstration of Dealer: An End-to-End Model Marketplace with Differential Privacy"VLDB'21 Demo Track.
  8. [ICDMJing Ma*, Qiuchen Zhang*, Jian LouLi XiongJoyce Ho, Sivasubramanium Bhavani, “Communication Efficient Tensor Factorization for Decentralized Healthcare Networks"ICDM'21.
  9. [CIKMJing Ma*, Qiuchen Zhang*, Jian LouLi XiongJoyce Ho, “Temporal Network Embedding via Tensor Factorization"CIKM'21.
  10. [WISEYiu-ming CheungJian Lou, Feng Yu, “Vertical Federated Principal Component Analysis on Feature-wise Distributed Data"WISE'21.
  11. [TCYBQiquan Shi, Yiu-ming CheungJian Lou, “Robust Tensor SVD and Recovery with Rank Estimation"IEEE Transactions on Cybernetics, 2021. 

2020

  1. [WI-IATwith Yiu-ming Cheung, “Projection-free Online Empirical Risk Minimization with Privacy-preserving and Privacy Expiration", WI-IAT'20 (Best in Theoretical Paper Award).
  2. [CIKMwith Yifei Ren*, Li XiongJoyce Ho, “Robust Irregular Tensor Factorization and Completion for Temporal Health Data Analysis",CIKM'20.
  3. [TIP, CCF-Awith Yiu-ming Cheung, “Robust Low-rank Tensor Minimization via a New Tensor Spectral k-Support Norm”, IEEE Transactions on Image Processing, 2020.
  4. [BigdataQiuchen Zhang*, Jing Ma*, Yonghui Xiao, Jian LouLi Xiong, “Broadening Differential Privacy for Deep Learning Against Model Inversion Attacks", Bigdata'20.
  5. [BigdataQiuchen Zhang*, Jing Ma*, Jian LouLi XiongXiaoqian Jiang, “Towards Training Robust Private Aggregation of Teacher Ensembles Under Noisy Labels", Bigdata'20.
  6. [TIFS, CCF-AMeng Pang, Yiu-ming CheungBinghui WangJian Lou, “Synergistic Generic Learning for Face Recognition From a Contaminated Single Sample per Person", IEEE Transactions on Information Forensics and Security, 2020.

2019 and before

  1. [CIKMJing Ma*, Qiuchen Zhang*, Jian LouJoyce HoLi XiongXiaoqian Jiang, "Privacy-Preserving Tensor Factorization for Collaborative Health Data Analysis"CIKM'19.
  2. [MICCAIwith Wenwen Li, Shuo Zhou, Haiping Lu, “Sturm: Sparse Tubal-Regularized Multilinear Regression for fMRI"MLMI@MICCAI'19.
  3. [AAAI, CCF-Awith Yiu-ming Cheung, "Uplink Communication Efficient Differentially Private Sparse Optimization With Feature-Wise Distributed Data", AAAI'18.
  4. [TCSVTMeng Pang, Yiu-ming CheungRisheng LiuJian Lou, and Chuang Lin, “Toward efficient image representation: Sparse concept discriminant matrix factorization"IEEE Transactions on Circuits and Systems for Video Technology, 2018.
  5. [MLwith Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Descent for Composite Penalty Regularized Empirical Risk Minimization”, Machine Learning, 2017.
  6. [CIKMwith Yiu-ming Cheung, “Scalable Spectral k-Support Norm Regularization for Robust Low Rank Subspace Learning"CIKM'16.
  7. [IJCAI, CCF-Awith Yiu-ming Cheung, “Efficient Generalized Conditional Gradient with Gradient Sliding for Composite Optimization"IJCAI'15.
  8. [ACMLwith Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Method for Composite Penalty Regularized Empirical Risk Minimization"ACML'15.