🚀 Now recruiting — 2027 intake & rolling

I’m joining the School of Artificial Intelligence, Shandong University as a Professor (tenured), and I’m starting a new research group that lies at the intersection of Large Language Models (LLMs), Vision-Language Models (VLMs), AI Agents, and Generative Models (Text-to-Image / Text-to-Video), with a strong emphasis on AI safety, alignment, robustness, and responsible deployment.

Our mission is twofold:

1. Advance fundamental research in trustworthy and safe foundation models.

2. Translate research into real-world impact by solving challenging industrial safety problems.

The group is part of the Inspur AI School at Shandong University, benefiting from a strong academic environment and extensive industry collaborations.

If you like problems that live both in papers and in real systems, I’d love to hear from you 😃.

Open Positions

Research Directions

• LLM Safety — jailbreaks, alignment, red-teaming
• VLM Safety — multimodal & transfer attacks
• Agent Safety — tool-use risks, guardrails
• Text-to-Image Safety — adversarial prompts, defenses
• Video Generation Safety — deepfake provenance
• Open-ended — bring your own idea 💡💡💡 🤩

How to Apply

Send a short email to ayyj.jun@gmail.com including:

1. A short cover email — who you are, what position you want to apply for
2. Your CV (中文 or English)
3. Transcripts (unofficial PDFs are fine at first pass)
4. (Optional) One paragraph on a research idea you’d want to try here

I reply personally, usually within two weeks.

About Me

Education

I received my Ph.D. in Computer Science from
The Chinese University of Hong Kong (CUHK).

Before that, I obtained my M.S. degree in Integrated Circuits from
Tsinghua University, where I developed a strong background in hardware systems and engineering thinking.

I completed my B.Eng. degree in Automation at
Central South University, which provided me with solid foundations in control, optimization, and system-level analysis.

Experience

Before Shandong University, I worked as an AI Safety Scientist at ByteDance, leading safety efforts for Doubao (豆包), and was a postdoctoral fellow at The Chinese University of Hong Kong supervised by Prof. Qiang Xu, where I also completed my PhD. My work has appeared at CVPR, NeurIPS, ICML, AAAI, ECCV, and NDSS.

At SDU I’ll work closely with Prof. Xiuzhen Cheng, Prof. Yue Zhang, and Prof. Xuelong Dai.

The group maintains active collaborations with:

• Industry — Tencent, ByteDance, Meta, Huawei (for industrial-scale problems & internships)
• Academia — CUHK, HKUST/HKUST(GZ), UBC, Tsinghua (for joint supervision & research visits)

News

• 🕘 2025-11-15 Multi-Faceted Attack: Exposing Cross-Model Vulnerabilities in Defense-Equipped Vision-Language Models has been accepted to AAAI2026 CCF-A Oral 👏
• 🕘 2025-11-15 CloudFort: Enhancing Robustness of 3D Point Cloud Classification Against Backdoor Attacks via Spatial Partitioning and Ensemble Prediction has been published in IET Computer Vision CCF-C 😃 Congrats Wenhao! 👏
• 🕘 2024-09-26 GuardT2I: Defending Text-to-Image Models from Adversarial Prompts has been accepted to NeurIPS2024 CCF-A 😃
• 🕘 2024-05-27 I passed my Ph.D oral defense! 👏🌻🌹
• 🕘 2024-05 Be Your Own Neighborhood: Detecting Adversarial Examples by the Neighborhood Relations Built on Self-Supervised Learning has been accepted to ICML2024 CCF-A 👏
• 🕘 2024-02 MMA-Diffusion: MultiModal Attack on Diffusion Models has been accepted to CVPR2024 CCF-A 👏

Publications

📚 Publications

• Multi-Faceted Attack: Exposing Cross-Model Vulnerabilities in Defense-Equipped Vision-Language Models
  Yijun Yang#*, Lichao Wang*, Jianping Zhang, Chi Harold Liu, Lanqing Hong, Qiang Xu#
  AAAI Conference on Artificial Intelligence (AAAI 2026 Oral)

• MMA-Diffusion: MultiModal Attack on Diffusion Models
  Yijun Yang, Ruiyuan Gao, Xiaosen Wang, Tsung-Yi Ho, Nan Xu, Qiang Xu IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2024)

• GuardT2I: Defending Text-to-Image Models from Adversarial Prompts
  Yijun Yang, Ruiyuan Gao, Xiao Yang, Jianyuan Zhong, Qiang Xu
  Conference on Neural Information Processing Systems (NeurIPS 2024)

• Be Your Own Neighborhood: Detecting Adversarial Examples by the Neighborhood Relations Built on Self-Supervised Learning
  Zhiyuan He*, Yijun Yang*, Pin-yu Chen, Qiang Xu, and Tsung-Yi Ho.
  International Conference on Machine Learning (ICML 2024)

• CloudFort: Enhancing Robustness of 3D Point Cloud Classification Against Backdoor Attacks via Spatial Partitioning and Ensemble Prediction
  Wenhao Lan, Yijun Yang#, Haihua Shen, Shan Li
  IET Computer Vision (IET CV)

• Out-of-Distribution Detection with Semantic Mismatch under Masking
  Yijun Yang, Ruiyuan Gao, Qiang Xu
  European Conference on Computer Vision (ECCV 2022)
  code

• Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning
  Zhiyuan He*, Yijun Yang*, Pin-Yu Chen, Qiang Xu, Tsung-Yi Ho
  European Conference on Computer Vision Workshop (ECCV AWOR 2022)

• What You See in Not What the Network Infers: Detecting Adversarial Examples Based on Semantic Contradiction
  Yijun Yang, Ruiyuan Gao, Yu Li, Qiuxia Lai, Qiang Xu
  Network and Distributed System Security Symposium (NDSS 2022) code

• MixDefense: A Defense-in-Depth Framework for Adversarial Example Detection Based on Statistical and Semantic Analysis
  Yijun Yang, Ruiyuan Gao, Yu Li, Qiuxia Lai, Qiang Xu
  The 48th International Symposium on Computer Architecture (ISCA 2021), Secure and Private Systems for Machine Learning Workshop

Services

I serve as a reviewer of conferences/journals: CVPR, NeurIPS, ICLR, ICML, ICLR, TPAMI, TIFS, IJCV,Neurocomputing.

Selected Awards and Honors

🏆 Full Postgraduate Studentship, The Chinese University of Hong Kong.
🏆 Outstanding Master Graduate, Tsinghua University (Top 2%).
🏆 Outstanding Thesis Award, Tsinghua University (Top 3%).
🏆 Guanghua Scholarship for Advancement in Academic Work, Tsinghua University (Top 5%).
🏆 Lam Scholarship for Advancement in Academic Work, Tsinghua University (Top 5%).