Hi, I'm Huy Phan, Applied Scientist at Amazon

Dr. Huy Phan is an currently an Applied Scientist at Amazon Worldwide Returns, ReCommerce & Sustainability (WWRR&S), where he focuses on applying AI to enhance customer return experience.

Huy earned dual Bachelor of Science degrees in Computer Science and Electrical and Computer Engineering from Rutgers University in 2018. He continued his academic journey at Rutgers, earning an M.Sc. in Electrical and Computer Engineering in 2020 and completing his Ph.D. in 2024 under the guidance of Prof. Bo Yuan. His doctoral research centered on Efficient and Secure Deep Learning Systems for Resource-Constrained Environments.

Professionally, Huy gained valuable experience as an Applied Scientist Intern at Amazon in 2023 and as a Machine Learning Intern at MoMo in 2021. His research expertise spans a wide range of cutting-edge topics, including:

• Applications of Large Language Models (LLMs).

• Deep Learning Adversarial Robustness (adversarial attacks and defenses).

• Deep Learning Backdoor Security (backdoor attacks and defenses).

• Model Compression through low-rank tensor decomposition, pruning, and quantization.

• On-device Computer Vision, including efficient DNNs for edge devices and TinyML.

Huy is passionate about driving innovation at the intersection of AI efficiency and security, with a focus on creating impactful solutions for real-world challenges.

• [07 - 2024] Joined Amazon Worldwide Returns, ReCommerce & Sustainability (WWRR&S) as an Applied Scientist in Bellevue, WA, USA.

• [05 - 2024] Graduated from Rutgers University with a PhD in Computer Engineering. PhD Dissertation: Efficient and Secure Deep Learning Systems for Resource-Constrained Environments.

• [06  - 2023] Joined Amazon Alexa as an Applied Scientist Intern in Sunnyvale, CA,  USA. Internship project: Latent Diffusion Shield - Mitigating Malicious Use of Diffusion Models through Latent Space Adversarial Perturbations (published at WACV 2025).

• [06 - 2021] Joined MoMo as a Machine Learning Intern in HCMC, Vietnam.

• [09 - 2020] Began pursuing a PhD in Electrical and Computer Engineering at Rutgers University.

• [05 - 2020] Graduated from Rutgers University with a Master’s in Computer Engineering. Master’s Thesis:  CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator.

• [09 - 2018] Started a Master’s program in Electrical and Computer Engineering at Rutgers University.

• [05 - 2018] Graduated from Rutgers University with a dual degree: Bachelor of Science in Computer Science and a Bachelor of Science in Electrical & Computer Engineering.

• [09 - 2016] Transferred to Rutgers University, NJ, USA, School of Engineering, to pursue a major in Electrical and Computer Engineering.

• [09 - 2014] Enrolled at International University - Vietnam National University HCMC, majoring in Computer Science and Engineering. Received a full scholarship in recognition of exceptional performance in the National Entrance Exam 2014.

• #19 [05 - 2025] [TMLR] A paper titled "DisDet: Exploring Detectability of Backdoor Attack on Diffusion Models" was accepted  at Transactions on Machine Learning Research (TMLR).

• #18  [03 - 2025] [WACV] A first-author paper titled "Latent Diffusion Shield - Mitigating Malicious Use of Diffusion Models through Latent Space Adversarial Perturbations" was accepted at  Winter Conference on Applications of Computer Vision Workshop.

• #17 [01 - 2025] [arXiv] A paper titled "ELRT: Efficient Low-Rank Training for Compact Convolutional Neural Networks" was published at arXiv.

• #16 [12 - 2024] [TMC] A paper titled "RF Domain Backdoor Attack on Signal Classification Via Stealthy Trigger" was accepted at IEEE Transactions on Mobile Computing.

• #15 [11  - 2024] [MobiCom] A paper titled "Inaudible Backdoor Attack via Stealthy Frequency Trigger Injection in Audio Spectrogram" was accepted at Annual International Conference On Mobile Computing And Networking.

• #14 [10 - 2024] [ECCV] A first-author paper titled "Clean & Compact: Efficient Data-Free Backdoor Defense with Model Compactness" was accepted at European Conference on Computer Vision.

• #13 [01 - 2024] [Production Engineering] A paper titled "Multimodal data-driven machine learning for the prediction of surface topography in end milling" was accepted at Production Engineering Research and Development

• #12 [07 - 2023] [ICCCN] A paper titled "Stealthy Backdoor Attack on RF Signal Classification" was accepted at International Conference on Computer Communications and Networks.

• #11 [06 - 2023] [MMSys] A paper titled "Security-Preserving Live 3D Video Surveillance" was accepted at ACM Multimedia Systems Conference.

• #10 [02 - 2023] [AAAI] [ORAL] A first-author paper titled "CSTAR: Towards Compact and Structured Deep Neural Networks with Adversarial Robustness" was accepted at AAAI Conference on Artificial Intelligence.

• #09 [10 - 2022] [ECCV] A first-author paper titled "RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN" was accepted at European Conference on Computer Vision.

• #08 [10 - 2022] [MobiCom] A paper titled "Audio-domain Backdoor Attack via Unnoticeable Triggers" was accepted at Annual International Conference On Mobile Computing And Networking.

• #07 [07 - 2022] [ISVLSI] A paper titled "Towards Yield Improvement for AI Accelerators: Analysis and Exploration" was accepted at IEEE Computer Society Annual Symposium on VLSI.

• #06 [05 - 2022] [MMSys] A paper titled "Visual Privacy Protection in Mobile Image Recognition Using Protective Perturbation" was accepted at ACM Multimedia Systems Conference.

• #05 [02 - 2022] [AAAI] A paper titled "BATUDE: Budget-aware Neural Network Compression Based on Tucker Decomposition" was accepted at the Proceedings of the AAAI Conference on Artificial Intelligence.

• #04 [01 - 2022] [ICASSP] A first-author paper titled "Invisible and Efficient Backdoor Attacks for Compressed Deep Neural Networks" was accepted at IEEE International Conference on Acoustics, Speech and Signal Processing.

• #03 [12 - 2021] [NeurIPS] A paper titled "CHIP: CHannel Independence-based Pruning for Compact Neural Networks" was accepted at the Advances in Neural Information Processing Systems.

• #02 [10 - 2020] [MMSys] A paper titled "VVSec: Securing Volumetric Video Streaming via Benign Use of Adversarial Perturbation" was accepted at the ACM International Conference on Multimedia.

• #01 [02 - 2020] [AAAI] A first-author paper titled "CAG: A Real-time Low-cost Enhanced-robustness High-transferability Content-aware Adversarial Attack Generator" was accepted at the AAAI Conference on Artificial Intelligence.