Zhuoran Liu

Assistant Professor
Parallel Computing Systems (PCS)
University of Amsterdam

Room L5.42, Lab 42, Amsterdam, 1098 XH

Zhuoran Liu

I am an Assistant Professor in the Parallel Computing Systems (PCS) group at the University of Amsterdam (UvA). Previously, I was a postdoc in the Digital Security group at Radboud University, advised by Prof. Lejla Batina, and in the Systems and Security group at Leiden University, advised by Prof. Nele Mentens. Before that, I was a PhD student in the Data Science group at Radboud University, advised by Prof. Martha Larson.

My research interests are at the intersection of AI and security/privacy. I conduct research on adversarial machine learning and hardware security, with a particular focus on side-channel analysis and fault injection.

Main Publications

Triggering Stealthy Feature Map Backdoors via Physical Fault Injection in Embedded Neural Networks

Steyn Hommes, Vincent Dankbaar, Tanguy Stekke, Xiaomeng Wang, Lisanne Weidmann, Senna van Hoek, Durba Chatterjee, Lejla Batina, Zhuoran Liu

2026

MIMIR: Masked Image Modeling for Mutual Information-based Adversarial Robustness

Xiaoyun Xu, Shujian Yu, Zhuoran Liu, Stjepan Picek

Network and Distributed System Security Symposium (NDSS), 2026

Focus Session: Exploring Semantic Leakage in Edge FPGA Implementations of Neural Networks

Zhuoran Liu, Konstantina Miteloudi, Durba Chatterjee, Lejla Batina

Design, Automation and Test in Europe Conference (DATE), 2026

Generative AI and the Threat to Thinking

Martha Larson, Zhuoran Liu

IEEE Security & Privacy, 2025

Towards Backdoor Stealthiness in Model Parameter Space

Xiaoyun Xu, Zhuoran Liu, Stefanos Koffas, Stjepan Picek

ACM Conference on Computer and Communications Security (CCS), 2025

Resisting Bag-based Attribute Profiling by Adding Adversarial Items to Existing Media Profiles

Zhuoran Liu, Zhengyu Zhao, Martha Larson

IEEE Transactions on Information Forensics and Security (TIFS), 2025

BAN: Detecting Backdoors Activated by Adversarial Neuron Noise

Xiaoyun Xu, Zhuoran Liu, Stefanos Koffas, Shujian Yu, Stjepan Picek

Advances in Neural Information Processing Systems (NeurIPS), 2024

SoK: Neural Network Extraction Through Physical Side Channels

Péter Horváth, Dirk Lauret, Zhuoran Liu, Lejla Batina

USENIX Security Symposium, 2024

Is Adversarial Training Really a Silver Bullet for Mitigating Data Poisoning?

Rui Wen, Zhengyu Zhao, Zhuoran Liu, Michael Backes, Tianhao Wang, Yang Zhang

International Conference on Learning Representations (ICLR), Spotlight, 2023

Beyond Neural-on-Neural Approaches to Speaker Gender Protection

Loes van Bemmel, Zhuoran Liu, Nik Vaessen, Martha Larson

IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2023

Textual Concept Expansion with Commonsense Knowledge to Improve Dual-Stream Image-Text Matching

Mingliang Liang, Zhuoran Liu, Martha Larson

International Conference on Multimedia Modeling (MMM), 2023

Generative Poisoning Using Random Discriminators

Dirren van Vlijmen, Alex Kolmus, Zhuoran Liu, Zhengyu Zhao, Martha Larson

Responsible Computer Vision Workshop at European Conference on Computer Vision (ECCV), 2022

On Success and Simplicity: A Second Look at Transferable Targeted Attacks

Zhengyu Zhao, Zhuoran Liu, Martha Larson

Advances in Neural Information Processing Systems (NeurIPS), 2021

Towards Large yet Imperceptible Adversarial Image Perturbations with Perceptual Color Distance

Zhengyu Zhao, Zhuoran Liu, Martha Larson

IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2020

Other Publications

Joaquín Figueira, Rob Van Gastel, Giacomo D’Amicantonio, Zhuoran Liu, Ioan Gabriel Bucur, Faysal Boughorbel, Egor Bondarev. AOI-SSL: Self-Supervised Framework for Efficient Segmentation of Wire-bonded Semiconductors in Optical Inspection. arXiv, 2026.
Lizzy Grootjen, Zhuoran Liu, Ileana Buhan. MIDSCAN: Investigating the Portability Problem for Cross-Device DL-SCA. International Workshop on Lightweight Cryptography for Security and Privacy (LightSec), 2025.
Zhuoran Liu, Zhengyu Zhao, Martha Larson, Laurent Amsaleg. Exploring Quality Camouflage for Social Images. MediaEval Workshop, 2020.
Zhuoran Liu, Zhengyu Zhao, Martha Larson. Pixel Privacy 2019: Protecting Sensitive Scene Information in Images. MediaEval Workshop, 2019.
Zhengyu Zhao, Zhuoran Liu, Martha Larson, Ahmet Iscen, Naoko Nitta. Reproducible Experiments on Adaptive Discriminative Region Discovery for Scene Recognition. Reproducibility@ACM MM, 2019. [Code]
Martha Larson, Zhuoran Liu, Simon Brugman, Zhengyu Zhao. Pixel Privacy: Increasing Image Appeal while Blocking Automatic Inference of Sensitive Scene Information. MediaEval Workshop, 2018. [Slides]

Service

Program committee / reviewer: AAAI, AISTATS, CHES, CVPR, DAC, ECCV, FAccT, ICCV, ICML, ICLR, NeurIPS, TIFS, TDSC, TPAMI, USENIX Security, etc.

External reviewer: IEEE S&P, NDSS

Other: Top Reviewer, NeurIPS 2024

Organizing committee: Pixel Privacy Task @ MediaEval, ACM Multimedia