Lei Yu is a Tenure-Track Assistant Professor in the Department of Computer Science at Rensselaer Polytechnic Institute. Prior to joining RPI, he was a Research Staff Member at IBM Research. He received his Ph.D. in Computer Science from the Georgia Institute of Technology. His research focuses on data privacy and security, trustworthy AI, machine learning systems, and mobile/cloud computing.
About Me
My research interests focus on data privacy, AI security, and applying machine learning to system security. For data privacy, I aim to identify threats and risks throughout the data lifecycle, analyze limitations of existing privacy protection mechanisms, and develop principled algorithmic and system-level solutions. The goal is to ensure regulatory compliance and effectively safeguard data privacy while maintaining practical data utility.
During my Ph.D. at Georgia Institute of Technology, I focused on big data privacy and deep learning privacy. After that, I joined IBM Research, IBM Thomas J. Watson Research Center, where I worked on privacy identification and protection in diagnostic system data, large-scale log-based anomaly detection, AI-Ops, and machine learning system optimization. Earlier in my academic journey, I worked on wireless sensor networks during my Ph.D. study at Harbin Institute of Technology in China.
, A preprint on Selective Homomorphic Encryption for Joint Federated Learning in Cross-Device Scenarios is now available on arXiv. [PDF]
, A preprint on Dynamics of Membership Privacy in Deep Learning is now available on arXiv. [PDF]
, Our paper “On the Adversarial Robustness of Graph Neural Networks with Graph Reduction” has been accepted to ESORICS 2025. Congratulations to our undergraduate researcher Kerui Wu! [PDF][Code]
, Our paper “Membership Inference Attacks as Privacy Tools: Reliability, Disparity and Ensemble” has been accepted to CCS 2025. Congratulations to our undergraduate researchers —Zhiqi Wang(1st author), Chengyu Zhang and Yuetian Chen! [PDF][Code]
, Our paper “Privacy and Accuracy-Aware AI/ML Model Deduplication” has been accepted by SIGMOD 2025.[PDF]
, A preprint on Adversarial Robustness of Graph Neural Networks is now available on arXiv. [PDF]
, Our paper “CMASan: Custom Memory Allocator-aware Address Sanitizer” has been accepted by IEEE Symposium on Security and Privacy (S&P) 2025.[PDF][Code]
, Served in the TPC for AsiaCCS 2025.
, Our paper “On the Robustness of Graph Reduction Against GNN Backdoor” has been accepted by 17th ACM Workshop on Artificial Intelligence and Security (AISec 2024). [PDF]
, Our paper “Imperio: Language-Guided Backdoor Attacks for Arbitrary Model Control” has been accepted by IJCAI 2024. [PDF][Code].
, Our survey on privacy in Vertical Federated Learning is now available on arXiv. If you’re interested in VFL privacy research, please check it out [PDF].
, A preprint on LLM for backdoor attacks is now available on arXiv. [PDF][Code].
, Invited to serve as PC member (for Track of Security, Privacy, and Trust in Distributed Systems) for IEEE ICDCS’24.
, We have been awarded AIRC RPI-IBM research grant.
, Our paper “A Comparison of End-to-End Decision Forest Inference Pipelines” has been accepted to ACM SoCC 2023. Thanks to all the co-authors.
, Our paper “Privacy-Preserving Redaction of Diagnosis Data through Source Code Analysis” has been accepted to SSDBM 2023. Many thanks to Lixi, Prof. Jia Zou and Hong Min!
