Jian Lou

I am now an assistant professor at Sun Yat-sen University, with a lot of help from my former advisor, labmates, and friends. I was a Postdoc fortunately and gratefully hosted by Prof. Li Xiong at Emory University from 2019 to 2021. 

I work on privacy-preserving machine learning and data analytics. I have a PhD in Computer Science and a BSc in Mathematics. 

Official webpage at SYSU (in Chinese): [Link] 

Publications

* denotes student collaborator.

2026

• [DASFAA] Shunyu Wu*, Tianyue Li*, Yixuan Leng*, Jingyi Suo*, Jian Lou, Dan Li, See-Kiong Ng, “Lightweight Time Series Data Valuation on Time Series Foundation Models via In-Context Finetuning", DASFAA'26.[arXiv]

• [ICLR] Shunyu Wu*, Dan Li, Wenjie Feng, Haozheng Ye*, Jian Lou, See-Kiong Ng, “Rating Quality of Diverse Time Series Data by Meta-learning from LLM Judgment", ICLR'26.[arXiv]

• [ICLR] Tianyu Chen, Jian Lou, Wenjie Wang, “Safeguarding Multimodal Knowledge Copyright in the RAG-as-a-Service Environment", ICLR'26.[arXiv]

• [ICLR] Jiawen Zhang*, Lipeng He, Kejia Chen*, Jian Lou, Jian Liu, Xiaohu Yang, Ruoxi Jia, “Safety at One Shot: Patching Fine-Tuned LLMs with A Single Instance", ICLR'26.[arXiv]

• [AAAI] Yulin Jin, Xiaoyu Zhang, Haoyu Tong, Jian Lou, Kai Wu, Haibo Hu, Xiaofeng Chen, “Stochastic Universal Adversarial Perturbations with Fixed Optimization Constraint and Ensured High-probability Transferability", AAAI'26.

• [TAI] Xinyi Shang, Gang Huang, Yang Lu, Jian Lou, Bo Han, Yiu-ming Cheung, Hanzi Wang, “Federated Semi-Supervised Learning with Annotation Heterogeneity”, IEEE Transactions on Artificial Intelligence, 2026.

• Richa Hu, Dan Li, Jian Lou, Ruibing Jin, Bingxin, Lin, Wenzhong Li, See-Kiong Ng, Zibin Zheng, “Restoring Missing Gaps and Intervals via Global Consistency and Local Coherence", Expert Systems with Applications, 2026.

2025

• [ACISP] Xiaoyu Zhang, Yong Lin, Meixia Miao, Jian Lou, Jin Li, Xiaofeng Chen, “Zeroth-Order Federated Private Tuning for Pretrained Large Language Models", ACISP'25 (Best Paper Award).

• [PHM-AP] Shunyu Wu*, Zhuomin Chen*, Bingxin Lin, Haozheng Ye*, Jiahui Zhou*, Dan Li, Jian Lou, “Shared Representation Learning for Generalizable SOH Estimation Across Multiple Battery Configurations", PHM-AP'25 (Best Paper Award).

• [ACM CCS] with Chenyang Zhang*, Xiaoyu Zhang, Kai Wu, “PreferCare: Preference Dataset Copyright Protection in LLM Alignment by Watermark Injection and Verification", ACM CCS'25.

• [USENIX Sec] with Jiawen Zhang*, Kejia Chen*, Lipeng He, Dan Li, Zunlei Feng, Mingli Song, Jian Liu, Kui Ren, Xiaohu Yang, “Activation Approximations Can Incur Safety Vulnerabilities in Aligned LLMs: Comprehensive Analysis and Defense", USENIX Sec'25.[arXiv]

• [ICML] with Chenyang Zhang*, Xiaoyu Zhang, Kai Wu, Zilong Wang, Xiaofeng Chen, “PoisonedEye: Knowledge Poisoning Attack on Retrieval-Augmented Generation based Large Vision-Language Models", ICML'25.[Link]

• [ICML] with Kejia Chen*, Jiawen Zhang*, Jiacong Hu, Yu Wang, Zunlei Feng, Mingli Song, “Assessing Safety Risks and Quantization-aware Safety Patching for Quantized Large Language Models", ICML'25.[Link]

• [ICML] Yuecheng Li, Lele Fu, Tong Wang, Jian Lou, Bin Chen, Lei Yang, Jian Shen, Zibin Zheng, Chuan Chen, “Clients Collaborate: Flexible Differentially Private Federated Learning with Guaranteed Improvement of Utility-Privacy Trade-off", ICML'25.[arXiv]

• [IJCAI] Hong kyu Lee, Qiuchen Zhang, Carl Yang, Jian Lou, Li Xiong, “Contrastive Unlearning: A Contrastive Approach to Machine Unlearning", IJCAI'25.[arXiv]

• [CIKM] Zhuomin Chen*, Dan Li, Jiahui Zhou*, Shunyu Wu*, Haozhen Ye*, Jian Lou, See-Kiong Ng, “Integrating Time Series into LLMs via Multi-layer Steerable Embedding Fusion for Enhanced Forecasting", CIKM'25.

• [ACL] Yukai Zhou, Jian Lou, Zhijie Huang, Zhan Qin, Sibei Yang, Wenjie Wang, “Don't Say No: Jailbreaking LLM by Suppressing Refusal", ACL Findings'25.[arXiv]

• [EMNLP] Fenghua Weng, Jian Lou, Jun Feng, Minlie Huang, Wenjie Wang, “Adversary-Aware DPO: Enhancing Safety Alignment in Vision Language Models via Adversarial Training", EMNLP Findings'25.[arXiv]

• [AMIA] Yifei Ren, Linghui Zeng, Jian Lou, Li Xiong, Joyce Ho, Xiaoqian Jiang, Sivasubramanium Bhavani, “Unraveling Complex Temporal Patterns in EHRs via Robust Irregular Tensor Factorization", AMIA Informatics Summit'25.

• [TKDE] Zhigang Wang, Yizhen Yu, Mingxin Li, Jian Lou, Ning Wang, Yu Gu, Shen Su, Yuan Liu, Hui Jiang, Zhihong Tian, “FELEMN: Toward Efficient Feature-Level Machine Unlearning for Exact Privacy Protection", IEEE Transactions on Knowledge and Data Engineering, 2025.

• [TDSC] Qiao Xue, Qingqing Ye, Haibo Hu, Jian Lou, Jin Li, Chengfang Fang, Jie Shi, “LabelDP Leaks Privacy – A Tightened Correlation-aware Privacy Model for Labeled Training Data", IEEE Transactions on Dependable and Secure Computing, 2025.

• [TMM] Xiaoyu Zhang, Yulin Jin, Haoyu Tong, Jian Lou, Kai Wu, Xiaofeng Chen, “Purifier+ : Plug-and-play Backdoor Mitigation for Pre-trained Models via Activation Alignment", IEEE Transactions on Multimedia, 2025.

• Congcong Fu*, Hui Li, Jian Lou, Jiangtao Cui, “Towards Answering Analytical Query over Hierarchical Histogram under Untrusted Servers", Distributed Parallel Databases, 2025.

2024

• [ACM CCS] Junxu Liu, Jian Lou, Li Xiong, Jinfei Liu, Xiaofeng Meng, “Cross-silo Federated Learning with Record-level Personalized Differential Privacy", ACM CCS'24 (Distinguished Paper Award).

• [ACM CCS] with Yuke Hu*, Jiaqi Liu*, Wangze Ni, Feng Lin, Zhan Qin, Kui Ren, “ERASER: Machine Unlearning in MLaaS via an Inference Serving-Aware Approach", ACM CCS'24.

• [S&P] with Hongwei Yao*, Zhan Qin, Kui Ren, “PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification", S&P/Oakland'24.

• [TDSC] with Xiaoyu Zhang, Chenyang Zhang*, Kai Wu, Zilong Wang, Xiaofeng Chen, “DuplexGuard: Safeguarding Deletion Right in Machine Unlearning via Duplex Watermarking", IEEE Transactions on Dependable and Secure Computing, 2024.

• [AAAI] with Wenjie Wang, Pengfei Tang, Yuanming Shao, Lance Waller, Yi-an Ko, Li Xiong, “IGAMT: Privacy Preserved Electronic Health Record Synthetic Approach with Heterogeneity and Irregularity", AAAI'24.

• [ECAI] with Jiawen Zhang*, Kejia Chen*, Zunlei Feng, Mingli Song, “SecPE: Secure Prompt Ensembling for Private and Robust Large Language Models", ECAI'24.

• [NeurIPS] Kai Wu, Yujian Li, Jian Lou, Xiaoyu Zhang, Handing Wang, Jing Liu, “Rapid Plug-in Defenders", NeurIPS'24.

• [SIGMOD] Congcong Fu*, Hui Li, Jian Lou, Huizhen Li, Jiangtao Cui, “DP-starJ: A Differentially Private Scheme towards Analytical Star-Join Queries", SIGMOD'24.

• [SIGMOD] Xiaochen Li, Weiran Liu, Jian Lou, Yuan Hong, Lei Zhang, Zhan Qin, Kui Ren, “Local Differentially Private Heavy Hitter Detection in Data Streams with Bounded Memory", SIGMOD'24.

• [CVPR] Wen Yin, Jian Lou, Pan Zhou, Yulai Xie, Dan Feng, Yuhua Sun, Tailai Zhang, Lichao Sun, “Temperature-based Backdoor Attacks on Thermal Infrared Object Detection", CVPR'24.

• [WWW] Qiuchen Zhang, Hong kyu Lee, Jing Ma, Jian Lou, Carl Yang, Li Xiong, “DPAR: Decoupled Graph Neural Networks with Node-Level Differential Privacy", WWW'24.

• [AAAI] Lanlan Chen, Kai Wu, Jian Lou, Jing Liu, “Signed Graph Neural Ordinary Differential Equation for Modeling Continuous-time Dynamics", AAAI'24.

• [ACM MM] Haoyu Tong*, Xiaoyu Zhang, Yulin Jin*, Jian Lou, Kai Wu, Xiaofeng Chen, “Balancing Generalization and Robustness in Adversarial Training via Steering through Clean and Adversarial Gradient Directions", ACM MM'24.

• [DBSec] Fereshteh Razmi, Jian Lou, Li Xiong, “Does Differential Privacy Prevent Backdoor Attacks in Practice?", DBSec'24.

• [ICASSP] Hongwei Yao*, Jian Lou, Zhan Qin, “PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models", ICASSP'24.

• [TDSC] Yuchen Yang*, Bo Yuan*, Jian Lou, Zhan Qin, “SCRR: Stable Malware Detection under Unknown Deployment Environment Shift by Decoupled Spurious Correlations Filtering", IEEE Transactions on Dependable and Secure Computing, 2024.

• [TDSC] Yuke Hu*, Yang Wang, Jian Lou, Wei Liang, Ruofan Wu, Weiqiang Wang, Xiaochen Li, Jinfei Liu, Zhan Qin, “Privacy Risks of Federated Knowledge Graph Embedding: New Membership Inference Attacks and Personalized Differential Privacy Defense", IEEE Transactions on Dependable and Secure Computing, 2024.

• Chenyang Chen, Xiaoyu Zhang, Hongyi Qiu, Jian Lou, Zhengyang Liu, Xiaofeng Chen, “MaskArmor: Confidence Masking-based Defense Mechanism for GNN against MIA", Information Science, 2024.

2023

• [ACM CCS] Yiling He*, Jian Lou, Zhan Qin, Kui Ren, “FINER: Enhancing State-of-the-art Classifiers with Feature  Attribution to Facilitate Risk Analysis", ACM CCS'23.

• [NeurIPS] with Jiaqi Liu*, Zhan Qin, Kui Ren, “Certified Minimax Unlearning with Generalization Rates and Deletion Capacity", NeurIPS'23.

• [ICCV] with Junxu Liu*, Mingsheng Xue*, Xiaoyu Zhang, Li Xiong, Zhan Qin, “MUter: Machine Unlearning on Adversarial Training Models", ICCV'23.

• [ACM MM] with Yulin Jin*, Xiaoyu Zhang, Xiaofeng Chen, “ACQ: Few-shot Backdoor Defense via Activation Clipping and Quantizing", ACM MM'23.

• [CIKM] with Shuijing Zhang*, Li Xiong, Xiaoyu Zhang, Jing Liu, “Closed-form Machine Unlearning for Matrix Factorization", CIKM'23.

• [NeurIPS] Jinfei Liu, Pengyun Zhu, Long Wen, Feng Xue, Jian Lou, et al., “CAPP-130 : A Dataset of Chinese Application Privacy Policy Summarization and Interpretations", NeurIPS'23 Datasets and Benchmarks Track.

• [VLDB] Haocheng Xia, Jinfei Liu, Jian Lou, Zhan Qin, Kui Ren, Yang Cao, Li Xiong, “Equitable Data Valuation Meets the Right to be Forgotten in Model Markets", VLDB'23.

• [ICCV] Yulin Jin*, Xiaoyu Zhang, Jian Lou, Xu Ma, Xiaofeng Chen, Zilong Wang, “Explaining Adversarial Robustness of Neural Networks from Clustering Effect Perspective", ICCV'23.

• [CIKM] Junxu Liu, Jian Lou, Li Xiong, Xiaofeng Meng, “Personalized Differentially Private Federated Learning without Exposing Privacy Budgets", CIKM'23.

• [ECML-PKDD] Fereshteh Razmi, Jian Lou, Li Xiong, Yuan Hong, “Interpretation Attacks on Interpretable Models with Electronic Health Records", ECML-PKDD'23.

• [ML4H] Yifei Ren*, Jian Lou, Li Xiong, Joyce Ho, Xiaoqian Jiang, Sivasubramanium Bhavani, “MULTIPAR: Supervised Irregular Tensor Factorization with Multi-task Learning", ML4H'23.

• [TDSC] Hongwei Yao*, Zheng Li, Kunzhe Huang, Jian Lou, et al., “RemovalNet: DNN Fingerprint Removal Attacks", IEEE Transactions on Dependable and Secure Computing, 2023.

2022

• [ACM MM] with Xiaoyu Zhang, Yulin Jin*, Tao Wang, Xiaofeng Chen, “Purifier: Plug-and-play Backdoor Mitigation for Pre-trained Models Via Anomaly Activation Suppression", ACM MM'22.

• [ACM MM] Yuhua Sun, Tailai Zhang, Xingjun Ma, Pan Zhou, Jian Lou, Zichuan Xu, Xing Di, Yu Cheng, Lichao Sun, “Backdoor Attacks on Crowd Counting", ACM MM'22.

• [VLDB] Junxu Liu*, Jian Lou, Li Xiong, Jinfei Liu, Xiaofeng Meng, “Projected Federated Averaging with Heterogeneous Differential Privacy", VLDB'22.

• [ICDM] Kaixin Yuan*, Jing Liu, Jian Lou, “Higher-Order Masked Graph Neural Networks for Traffic Flow Prediction", ICDM'22.

• [CIKM] Farnaz Tahmasebian*, Jian Lou, Li Xiong, “RobustFed: A Truth Inference Approach for Robust Federated Learning", CIKM'22.

• [CIKM] Congcong Fu*, Hui Li, Jian Lou, Jiangtao Cui, “DP-HORUS: Differentially Private Hierarchical Count Histograms under Untrusted Server", CIKM'22.

• [TDSC] Pengfei Tang*, Wenjie Wang*, Jian Lou, Li Xiong, “Generating Adversarial Examples with Distance Constrained Adversarial Imitation Networks", IEEE Transactions on Dependable and Secure Computing, 2022.

2021

• [ICCV] with Haowen Lin*, Li Xiong, Cyrus Shahabi, “Integer-arithmetic-only Certified Robustness for Quantized Neural Networks", ICCV'21.

• [WWW] with Jing Ma*, Qiuchen Zhang*, Li Xiong, Joyce Ho, “Communication Efficient Federated Generalized Tensor Factorization for Collaborative Health Data Analytics", WWW'21.

• [IJCAI] with Qiuchen Zhang*, Jing Ma*, Li Xiong, “Private Stochastic Non-convex Optimization with Improved Utility Rates", IJCAI'21. 

• [NAACL] with Wenjie Wang*, Pengfei Tang*, Li Xiong, “Certified Robustness to Word Substitution Attack with Differential Privacy",  NAACL'21.

• [TNNLS] with Yiu-ming Cheung, “An Uplink Communication Efficient Approach to Feature-wise Distributed Sparse Optimization with Differential Privacy”, IEEE Transactions on Neural Networks and Learning Systems, 2021.

• [VLDB] Jinfei Liu, Jian Lou, Junxu Liu, Li Xiong, Jian Pei, Jimeng Sun, “Dealer: An End-to-End Model Marketplace with Differential Privacy", VLDB'21.

• [VLDB] Jinfei Liu, Qiongqiong Lin, Jiayao Zhang, et al., “Demonstration of Dealer: An End-to-End Model Marketplace with Differential Privacy",  VLDB'21 Demo Track.

• [ICDM] Jing Ma*, Qiuchen Zhang*, Jian Lou, Li Xiong, Joyce Ho, Sivasubramanium Bhavani, “Communication Efficient Tensor Factorization for Decentralized Healthcare Networks", ICDM'21.

• [CIKM] Jing Ma*, Qiuchen Zhang*, Jian Lou, Li Xiong, Joyce Ho, “Temporal Network Embedding via Tensor Factorization", CIKM'21.

• [WISE] Yiu-ming Cheung, Jian Lou, Feng Yu, “Vertical Federated Principal Component Analysis on Feature-wise Distributed Data", WISE'21.

• [TCYB] Qiquan Shi, Yiu-ming Cheung, Jian Lou, “Robust Tensor SVD and Recovery with Rank Estimation", IEEE Transactions on Cybernetics, 2021. 

2020

• [WI-IAT] with Yiu-ming Cheung, “Projection-free Online Empirical Risk Minimization with Privacy-preserving and Privacy Expiration", WI-IAT'20 (Best in Theoretical Paper Award).

• [CIKM] with Yifei Ren*, Li Xiong, Joyce Ho, “Robust Irregular Tensor Factorization and Completion for Temporal Health Data Analysis", CIKM'20.

• [TIP] with Yiu-ming Cheung, “Robust Low-rank Tensor Minimization via a New Tensor Spectral k-Support Norm”, IEEE Transactions on Image Processing, 2020.

• [Bigdata] Qiuchen Zhang*, Jing Ma*, Yonghui Xiao, Jian Lou, Li Xiong, “Broadening Differential Privacy for Deep Learning Against Model Inversion Attacks", Bigdata'20.

• [Bigdata] Qiuchen Zhang*, Jing Ma*, Jian Lou, Li Xiong, Xiaoqian Jiang, “Towards Training Robust Private Aggregation of Teacher Ensembles Under Noisy Labels", Bigdata'20.

• [TIFS] Meng Pang, Yiu-ming Cheung, Binghui Wang, Jian Lou, “Synergistic Generic Learning for Face Recognition From a Contaminated Single Sample per Person", IEEE Transactions on Information Forensics and Security, 2020.

2019 and before

• [CIKM] Jing Ma*, Qiuchen Zhang*, Jian Lou, Joyce Ho, Li Xiong, Xiaoqian Jiang, "Privacy-Preserving Tensor Factorization for Collaborative Health Data Analysis", CIKM'19.

• [MICCAI] with Wenwen Li, Shuo Zhou, Haiping Lu, “Sturm: Sparse Tubal-Regularized Multilinear Regression for fMRI", MLMI@MICCAI'19.

• [AAAI] with Yiu-ming Cheung, "Uplink Communication Efficient Differentially Private Sparse Optimization With Feature-Wise Distributed Data", AAAI'18.

• [TCSVT] Meng Pang, Yiu-ming Cheung, Risheng Liu, Jian Lou, and Chuang Lin, “Toward efficient image representation: Sparse concept discriminant matrix factorization", IEEE Transactions on Circuits and Systems for Video Technology, 2018.

• [ML] with Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Descent for Composite Penalty Regularized Empirical Risk Minimization”, Machine Learning, 2017.

• [CIKM] with Yiu-ming Cheung, “Scalable Spectral k-Support Norm Regularization for Robust Low Rank Subspace Learning", CIKM'16.

• [IJCAI] with Yiu-ming Cheung, “Efficient Generalized Conditional Gradient with Gradient Sliding for Composite Optimization", IJCAI'15.

• [ACML] with Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Method for Composite Penalty Regularized Empirical Risk Minimization", ACML'15.