I’m currently a Ph.D candidate at the College of Computer Science and Technology, Zhejiang University (ZJU), under the supervision of Prof. Zhan Qin. My research interests include Trustworthy AI, LLM Security and Safety. My recent work is mainly about LLM watermarking and privacy protection of LLM.

🔥 News

• 2024.03: 🔥 We release AIcert Platform，Media
• 2023.12: 🎉 Our paper PoisonPrompt is accepted by IEEE ICASSP 2024
• 2023.10: 🎉 Our paper PromptCARE is accepted by IEEE S&P 2024
• 2023.09: 🔥 Our work is promoted by New Scientist
• 2024.09: 🔥 Our paper RemovalNet is accepted by IEEE TDSC 2023

📝 Publications

🎙 LLM

IEEE S&P 2024

PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification
Hongwei Yao, Jian Lou, Zhan Qin, Kui Ren, [Code]

• In this paper, we propose PromptCARE, the first framework for prompt copyright protection through watermark injection and verification.
• Academic Impact: Our work are promoted by media and forums, such as New Scientist、GOSSIP、隐者联盟、安全内参.

IEEE ICASSP 2024

PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models
Hongwei Yao, Jian Lou, Zhan Qin, [Code]

• In this paper, we present PoisonPrompt, a novel backdoor attack capable of successfully compromising both hard and soft prompt-based LLMs. We evaluate the effectiveness, fidelity, and robustness of PoisonPrompt through extensive experiments on three popular prompt methods, using six datasets and three widely used LLMs.

• arxiv 2024 FDINet: Protecting against DNN Model Extraction via Feature Distortion Index, Hongwei Yao, Zheng Li, Haiqin Weng, Feng Xue, Zhan Qin, Kui Ren
• arxiv 2024 Explanation as a Watermark: Harmless and Multi-bit Model Ownership Verification via Watermarking Feature Attribution, Shuo Shao, Yiming Li, Hongwei Yao, Yiling He, Zhan Qin, Kui Ren
• IEEE S&P 2024 PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification, Hongwei Yao, Jian Lou, Zhan Qin, Kui Ren
• IEEE ICASSP 2024 PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models, Hongwei Yao, Jian Lou, Zhan Qin, Kui Ren
• IEEE TDSC 2023 RemovalNet: DNN Fingerprint Removal Attacks, Hongwei Yao, Zheng Li, Kunzhe Huang, Jian Lou, Zhan Qin, Kui Ren, IEEE Transactions on Dependable and Secure Computing, 2023
• Elsevier VCIR 2022 Classifying Between Computer Generated and Natural Images: An Empirical Study from RAW to JPEG Format, Tong Qiao, Xiangyang Luo, Hongwei Yao, Elsevier Journal of Visual Communication and Image Representation, 2022
• Sensors 2020 Image Forgery Detection and Localization via a Reliability Fusion Map, Hongwei Yao, Ming Xu, Tong Qiao, Ling Zheng, MDPI Sensors, 2020
• IEEE Access 2018 Robust Multi-classifier for Camera Model Identification based on Convolution Neural Network, Hongwei Yao, Tong Qiao, Ming Xu, Ling Zheng, IEEE Access, 2018

🔏 Patents

• 姚宏伟，娄坚，秦湛，任奎. 一种大模型提示词版权验证方法及装置（发明专利，已进入实质审查，CN202311744252.0）
• 姚宏伟，秦湛，任奎. 一种深度神经网络模型指纹鲁棒性评估方法（发明专利，已进入实质审查，CN202311144816.7）
• 姚宏伟，任奎，秦湛，王志波，屠春来，牛文杰. 一种基于特征失真指数的模型窃取防御方法及装（发明专利，已进入实质审查，CN202211524887.5）

📚 Books and Technical Reports

• 《人工智能安全白皮书（2020）》 Media1/Media2/Media3
• 《人工智能安全》

📖 Educations

• 2020.09 - 2024.06, Ph.D, Zhejiang University, Hangzhou.
• 2017.09 - 2020.04, Master, Hangzhou Dianzi University, Hangzhou.
• 2012.09 - 2016.06, Bachelor, Hangzhou Dianzi University, Hangzhou.

🎖 Honors and Awards

• [2024] Outstanding Graduate of Zhejiang University, by Zhejiang University
• [2023] Award of Honor for Graduate, by Zhejiang University
• [2022] Outstanding Graduate Student, by Zhejiang University
• [2021] Award of Honor for Graduate, by Zhejiang University
• [2021] Graduate of Merit, by Zhejiang University
• [2020] Ph.D Freshman Scholarship, by Zhejiang University
• [2020] Outstanding Graduate of Hangzhou Dianzi University, by Hangzhou Dianzi University
• [2019] Zhejiang Province 16th “The Challenge Cup” College Students Science and Technology Competition, (First Prize), by Zhejiang Province
• [2018] China Internet Development Foundation Cyberspace Security Scholarship, by China Internet Development Foundation
• [2018] Huawei Scholarship, by Huawei
• [2018] Hack {China} Hackathon Competition, (First Prize), by Hangzhou Dianzi University
• [2018] Unique Hackathon Competition, (First Prize), by Huazhong University

💬 Invited Talks

• 2023.11, Deep Copyright Protection

🧑‍🎨 Services

• Reviewer of IEEE Transactions on Dependable and Secure Computing (TDSC), IEEE Access, ACM Multimedia Systems, The Journal of Supercomputing.