Lei Yu is a Tenure-Track Assistant Professor in the Department of Computer Science at Rensselaer Polytechnic Institute. Before that, he was a Research Staff Member at IBM Research, IBM Thomas J. Watson Research Center. He received his Ph.D. in Computer Science from Georgia Institute of Technology. His research interests include data privacy and security, trustworthy AI, machine learning systems, and mobile/cloud computing.
About Me
My research interests focus on data privacy, AI security, and the application of machine learning techniques to system security. I aim to identify threats and risks across the entire data lifecycle, analyze the limitations of current privacy protection mechanisms, and develop principled algorithmic and system-level solutions. The goal is to ensure regulatory compliance and effectively safeguard data privacy—while maintaining practical data utility.
During my Ph.D. at Georgia Institute of Technology, I focused on big data privacy and deep learning privacy. After completing my Ph.D., I joined IBM Research, where I worked on privacy identification and protection in diagnostic system data, large-scale log-based anomaly detection, AI-Ops, and machine learning system optimization. Earlier in my academic journey, I worked on wireless sensor networks during my Ph.D. study at Harbin Institute of Technology in China.
, A preprint on Dynamics of Membership Privacy in Deep Learning is now available on arXiv. [PDF]
, Our paper “On the Adversarial Robustness of Graph Neural Networks with Graph Reduction” has been accepted to ESORICS 2025. Congratulations to our undergraduate researcher Kerui Wu! [PDF][Code]
, Our paper “Membership Inference Attacks as Privacy Tools: Reliability, Disparity and Ensemble” has been accepted to CCS 2025. Congratulations to our undergraduate researchers —Zhiqi Wang(1st author), Chengyu Zhang and Yuetian Chen! [PDF][Code]
, Our paper “Privacy and Accuracy-Aware AI/ML Model Deduplication” has been accepted by SIGMOD 2025.[PDF]
, A preprint on Adversarial Robustness of Graph Neural Networks is now available on arXiv. [PDF]
, Our paper “CMASan: Custom Memory Allocator-aware Address Sanitizer” has been accepted by IEEE Symposium on Security and Privacy (S&P) 2025.[PDF][Code]
, Served in the TPC for AsiaCCS 2025.
, Our paper “On the Robustness of Graph Reduction Against GNN Backdoor” has been accepted by 17th ACM Workshop on Artificial Intelligence and Security (AISec 2024). [PDF]
, Our paper “Imperio: Language-Guided Backdoor Attacks for Arbitrary Model Control” has been accepted by IJCAI 2024. [PDF][Code].
, Our survey on privacy in Vertical Federated Learning is now available on arXiv. If you’re interested in VFL privacy research, please check it out [PDF].
, A preprint on LLM for backdoor attacks is now available on arXiv. [PDF][Code].
, Invited to serve as PC member (for Track of Security, Privacy, and Trust in Distributed Systems) for IEEE ICDCS’24.
, We have been awarded AIRC RPI-IBM research grant.
, Our paper “A Comparison of End-to-End Decision Forest Inference Pipelines” has been accepted to ACM SoCC 2023. Thanks to all the co-authors.
, Our paper “Privacy-Preserving Redaction of Diagnosis Data through Source Code Analysis” has been accepted to SSDBM 2023. Many thanks to Lixi, Prof. Jia Zou and Hong Min!
