Jian Lou

I am now an assistant professor at Sun Yat-sen University, with a lot of help from my former advisor, labmates and friends. I was a Postdoc fortunately and gratefully hosted by Prof. Li Xiong at Emory University from 2019 to 2021. 

I work on privacy-preserving machine learning and data analytics. I have a PhD in Computer Science and a BSc in Mathematics. 

I am recruiting PhD/master students, undergraduate research interns, and Postdoctoral researchers. If you are interested, please send me your CV at jian.lou@hoiying.net

Our department is actively recruiting multiple faculty members at all ranks, including tenure-track assistant/associate professors and tenured associate/full professors. If you're interested, please feel free to drop me a line:)

Publications

* denotes student collaborator.

2025

• with Chenyang Zhang*, Xiaoyu Zhang, Kai Wu, Zilong Wang, Xiaofeng Chen, “PoisonedEye: Knowledge Poisoning Attack on Retrieval-Augmented Generation based Large Vision-Language Models", ICML'25.

• with Kejia Chen*, Jiawen Zhang*, Jiacong Hu, Yu Wang, Mingli Song, Zunlei Feng, “Assessing Safety Risks and Quantization-aware Safety Patching for Quantized Large Language Models", ICML'25.

• Yuecheng Li, Lele Fu, Tong Wang, Jian Lou, Bin Chen, Lei Yang, Jian Shen, Zibin Zheng, Chuan Chen, “Clients Collaborate: Flexible Differentially Private Federated Learning with Guaranteed Improvement of Utility-Privacy Trade-off", ICML'25.

• Yukai Zhou, Jian Lou, Zhijie Huang, Zhan Qin, Sibei Yang, Wenjie Wang, “Don't Say No: Jailbreaking LLM by Suppressing Refusal", ACL Findings'25.

• Hong kyu Lee, Qiuchen Zhang, Carl Yang, Jian Lou, Li Xiong, “Contrastive Unlearning: A Contrastive Approach to Machine Unlearning", IJCAI'25.

• Xiaoyu Zhang, Yong Lin, Meixia Miao, Jian Lou, Jin Li, Xiaofeng Chen, “Zeroth-Order Federated Private Tuning for Pretrained Large Language Models", ACISP'25.

• Xiaoyu Zhang, Yulin Jin, Haoyu Tong, Jian Lou, Kai Wu, Xiaofeng Chen, “Purifier+ : Plug-and-play Backdoor Mitigation for Pre-trained Models via Activation Alignment", IEEE Transactions on Multimedia, 2025.

• Congcong Fu*, Hui Li, Jian Lou, Jiangtao Cui, “Towards Answering Analytical Query over Hierarchical Histogram under Untrusted Servers", Distributed Parallel Databases, 2025.

2024

• with Xiaoyu Zhang, Chenyang Zhang*, Kai Wu, Zilong Wang, Xiaofeng Chen, “DuplexGuard: Safeguarding Deletion Right in Machine Unlearning via Duplex Watermarking", IEEE Transactions on Dependable and Secure Computing, 2024.

• Haoyu Tong*, Xiaoyu Zhang, Yulin Jin*, Jian Lou, Kai Wu, Xiaofeng Chen, “Balancing Generalization and Robustness in Adversarial Training via Steering through Clean and Adversarial Gradient Directions", ACM MM'24.

• with Jiawen Zhang*, Kejia Chen*, Zunlei Feng, Mingli Song, “SecPE: Secure Prompt Ensembling for Private and Robust Large Language Models", ECAI'24.

• Junxu Liu, Jian Lou, Li Xiong, Jinfei Liu, Xiaofeng Meng, “Cross-silo Federated Learning with Record-level Personalized Differential Privacy", ACM CCS'24 (Distinguished Paper Award).

• with Yuke Hu*, Jiaqi Liu*, Wangze Ni, Feng Lin, Zhan Qin, Kui Ren, “ERASER: Machine Unlearning in MLaaS via an Inference Serving-Aware Approach", ACM CCS'24.

• Fereshteh Razmi, Jian Lou, Li Xiong, “Does Differential Privacy Prevent Backdoor Attacks in Practice?", DBSec'24.

• Wen Yin, Jian Lou, Pan Zhou, Yulai Xie, Dan Feng, Yuhua Sun, Tailai Zhang, Lichao Sun, “Temperature-based Backdoor Attacks on Thermal Infrared Object Detection", CVPR'24.

• Qiuchen Zhang, Hong kyu Lee, Jing Ma, Jian Lou, Carl Yang, Li Xiong, “DPAR: Decoupled Graph Neural Networks with Node-Level Differential Privacy", WWW'24.

• Wenjie Wang, Pengfei Tang, Jian Lou, Yuanming Shao, Lance Waller, Yi-an Ko, Li Xiong, “IGAMT: Privacy Preserved Electronic Health Record Synthetic Approach with Heterogeneity and Irregularity", AAAI'24.

• Lanlan Chen, Kai Wu, Jian Lou, Jing Liu, “Signed Graph Neural Ordinary Differential Equation for Modeling Continuous-time Dynamics", AAAI'24.

• with Hongwei Yao*, Zhan Qin, Kui Ren, “PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification", S&P/Oakland'24.

• Hongwei Yao*, Jian Lou, Zhan Qin, “PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models", ICASSP'24.

• Congcong Fu*, Hui Li, Jian Lou, Huizhen Li, Jiangtao Cui, “DP-starJ: A Differentially Private Scheme towards Analytical Star-Join Queries", SIGMOD'24.

• Xiaochen Li, Weiran Liu, Jian Lou, Yuan Hong, Lei Zhang, Zhan Qin, Kui Ren, “Local Differentially Private Heavy Hitter Detection in Data Streams with Bounded Memory", SIGMOD'24.

• Chenyang Chen, Xiaoyu Zhang, Hongyi Qiu, Jian Lou, Zhengyang Liu, Xiaofeng Chen, “MaskArmor: Confidence Masking-based Defense Mechanism for GNN against MIA", Information Science, 2024.

• Congcong Fu*, Hui Li, Jian Lou, Jiangtao Cui, “Towards Answering Analytical Query over Hierarchical Histogram Under Untrusted Servers", Distributed and Parallel Databases, 2024.

• Yuchen Yang*, Bo Yuan*, Jian Lou, Zhan Qin, “SCRR: Stable Malware Detection under Unknown Deployment Environment Shift by Decoupled Spurious Correlations Filtering", IEEE Transactions on Dependable and Secure Computing, 2024.

• Yuke Hu*, Yang Wang, Jian Lou, Wei Liang, Ruofan Wu, Weiqiang Wang, Xiaochen Li, Jinfei Liu, Zhan Qin, “Privacy Risks of Federated Knowledge Graph Embedding: New Membership Inference Attacks and Personalized Differential Privacy Defense", IEEE Transactions on Dependable and Secure Computing, 2024.

2023

• Yifei Ren*, Jian Lou, Li Xiong, Joyce Ho, Xiaoqian Jiang, Sivasubramanium Bhavani, “MULTIPAR: Supervised Irregular Tensor Factorization with Multi-task Learning", ML4H'23.

• with Jiaqi Liu*, Zhan Qin, Kui Ren, “Certified Minimax Unlearning with Generalization Rates and Deletion Capacity", NeurIPS'23.

• Jinfei Liu, Pengyun Zhu, Long Wen, Feng Xue, Jian Lou, et al., “CAPP-130 : A Dataset of Chinese Application Privacy Policy Summarization and Interpretations", NeurIPS'23 Datasets and Benchmarks Track.

• with Shuijing Zhang*, Li Xiong, Xiaoyu Zhang, Jing Liu, “Closed-form Machine Unlearning for Matrix Factorization", CIKM'23.

• Junxu Liu, Jian Lou, Li Xiong, Xiaofeng Meng, “Personalized Differentially Private Federated Learning without Exposing Privacy Budgets", CIKM'23.

• Yulin Jin*, Xiaoyu Zhang, Jian Lou, Xiaofeng Chen, “ACQ: Few-shot Backdoor Defense via Activation Clipping and Quantizing", ACM MM'23.

• with Junxu Liu*, Mingsheng Xue*, Xiaoyu Zhang, Li Xiong, Zhan Qin, “MUter: Machine Unlearning on Adversarial Training Models", ICCV'23.

• Yulin Jin*, Xiaoyu Zhang, Jian Lou, Xu Ma, Xiaofeng Chen, Zilong Wang, “Explaining Adversarial Robustness of Neural Networks from Clustering Effect Perspective", ICCV'23.

• Haocheng Xia, Jinfei Liu, Jian Lou, Zhan Qin, Kui Ren, Yang Cao, Li Xiong, “Equitable Data Valuation Meets the Right to be Forgotten in Model Markets", VLDB'23.

• Fereshteh Razmi, Jian Lou, Li Xiong, Yuan Hong, “Interpretation Attacks on Interpretable Models with Electronic Health Records", ECML-PKDD'23.

• Yiling He*, Jian Lou, Zhan Qin, Kui Ren, “FINER: Enhancing State-of-the-art Classifiers with Feature  Attribution to Facilitate Risk Analysis", ACM CCS'23.

• Hongwei Yao*, Zheng Li, Kunzhe Huang, Jian Lou, et al., “RemovalNet: DNN Fingerprint Removal Attacks", IEEE Transactions on Dependable and Secure Computing, 2023.

2022

• Kaixin Yuan*, Jing Liu, Jian Lou, “Higher-Order Masked Graph Neural Networks for Traffic Flow Prediction", ICDM'22.

• Farnaz Tahmasebian*, Jian Lou, Li Xiong, “RobustFed: A Truth Inference Approach for Robust Federated Learning", CIKM'22.

• Congcong Fu*, Hui Li, Jian Lou, Jiangtao Cui, “DP-HORUS: Differentially Private Hierarchical Count Histograms under Untrusted Server", CIKM'22.

• with Xiaoyu Zhang, Yulin Jin*, Tao Wang, Xiaofeng Chen, “Purifier: Plug-and-play Backdoor Mitigation for Pre-trained Models Via Anomaly Activation Suppression", ACM MM'22.

• Yuhua Sun, Tailai Zhang, Xingjun Ma, Pan Zhou, Jian Lou, Zichuan Xu, Xing Di, Yu Cheng, Lichao Sun, “Backdoor Attacks on Crowd Counting", ACM MM'22.

• Junxu Liu*, Jian Lou, Li Xiong, Jinfei Liu, Xiaofeng Meng, “Projected Federated Averaging with Heterogeneous Differential Privacy", VLDB'22.

• Pengfei Tang*, Wenjie Wang*, Jian Lou, Li Xiong, “Generating Adversarial Examples with Distance Constrained Adversarial Imitation Networks", IEEE Transactions on Dependable and Secure Computing, 2022.

2021

• with Haowen Lin*, Li Xiong, Cyrus Shahabi, “Integer-arithmetic-only Certified Robustness for Quantized Neural Networks", ICCV'21.

• with Qiuchen Zhang*, Jing Ma*, Li Xiong, “Private Stochastic Non-convex Optimization with Improved Utility Rates", IJCAI'21. 

• with Wenjie Wang*, Pengfei Tang*, Li Xiong, “Certified Robustness to Word Substitution Attack with Differential Privacy",  NAACL'21.

• with Jing Ma*, Qiuchen Zhang*, Li Xiong, Joyce Ho, “Communication Efficient Federated Generalized Tensor Factorization for Collaborative Health Data Analytics", WWW'21.

• Jinfei Liu, Jian Lou, Junxu Liu, Li Xiong, Jian Pei, Jimeng Sun, “Dealer: An End-to-End Model Marketplace with Differential Privacy", VLDB'21.

• Yiu-ming Cheung, Jian Lou, Feng Yu, “Vertical Federated Principal Component Analysis on Feature-wise Distributed Data", WISE'21.

• Jing Ma*, Qiuchen Zhang*, Jian Lou, Li Xiong, Joyce Ho, Sivasubramanium Bhavani, “Communication Efficient Tensor Factorization for Decentralized Healthcare Networks", ICDM'21.

• Jing Ma*, Qiuchen Zhang*, Jian Lou, Li Xiong, Joyce Ho, “Temporal Network Embedding via Tensor Factorization", CIKM'21.

• Jinfei Liu, Qiongqiong Lin, Jiayao Zhang, et al., “Demonstration of Dealer: An End-to-End Model Marketplace with Differential Privacy",  VLDB'21 Demo Track.

• with Yiu-ming Cheung, “An Uplink Communication Efficient Approach to Feature-wise Distributed Sparse Optimization with Differential Privacy”, IEEE Transactions on Neural Networks and Learning Systems, 2021.

• Qiquan Shi, Yiu-ming Cheung, Jian Lou, “Robust Tensor SVD and Recovery with Rank Estimation", IEEE Transactions on Cybernetics, 2021. 

2020

• with Yiu-ming Cheung, “Projection-free Online Empirical Risk Minimization with Privacy-preserving and Privacy Expiration", WI-IAT'20 (Best in Theoretical Paper Award).

• with Yifei Ren*, Li Xiong, Joyce Ho, “Robust Irregular Tensor Factorization and Completion for Temporal Health Data Analysis", CIKM'20.

• Qiuchen Zhang*, Jing Ma*, Yonghui Xiao, Jian Lou, Li Xiong, “Broadening Differential Privacy for Deep Learning Against Model Inversion Attacks", Bigdata'20.

• Qiuchen Zhang*, Jing Ma*, Jian Lou, Li Xiong, Xiaoqian Jiang, “Towards Training Robust Private Aggregation of Teacher Ensembles Under Noisy Labels", Bigdata'20.

• with Yiu-ming Cheung, “Robust Low-rank Tensor Minimization via a New Tensor Spectral k-Support Norm”, IEEE Transactions on Image Processing, 2020.

• Meng Pang, Yiu-ming Cheung, Binghui Wang, Jian Lou, “Synergistic Generic Learning for Face Recognition From a Contaminated Single Sample per Person", IEEE Transactions on Information Forensics and Security, 2020.

2019 and before

• Jing Ma*, Qiuchen Zhang*, Jian Lou, Joyce Ho, Li Xiong, Xiaoqian Jiang, "Privacy-Preserving Tensor Factorization for Collaborative Health Data Analysis", CIKM'19.

• with Wenwen Li, Shuo Zhou, Haiping Lu, “Sturm: Sparse Tubal-Regularized Multilinear Regression for fMRI", MLMI@MICCAI'19.

• with Yiu-ming Cheung, "Uplink Communication Efficient Differentially Private Sparse Optimization With Feature-Wise Distributed Data", AAAI'18.

• Meng Pang, Yiu-ming Cheung, Risheng Liu, Jian Lou, and Chuang Lin, “Toward efficient image representation: Sparse concept discriminant matrix factorization", IEEE Transactions on Circuits and Systems for Video Technology, 2018.

• with Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Descent for Composite Penalty Regularized Empirical Risk Minimization”, Machine Learning, 2017.

• with Yiu-ming Cheung, “Scalable Spectral k-Support Norm Regularization for Robust Low Rank Subspace Learning", CIKM'16.

• with Yiu-ming Cheung, “Efficient Generalized Conditional Gradient with Gradient Sliding for Composite Optimization", IJCAI'15.

• with Yiu-ming Cheung, “Proximal Average Approximated Incremental Gradient Method for Composite Penalty Regularized Empirical Risk Minimization", ACML'15.