Tianyu Pang   Senior Research Scientist Sea AI Lab 1 Fusionopolis Place, #16 Galaxis, Singapore 138522 Email: tianyupang@sea.com; tianyupang3@gmail.com Github: P2333 [Google Scholar] [Twitter]

Biography

I am a Senior Research Scientist at Sea AI Lab (SAIL). In 2022, I received my Ph.D. degree from TSAIL Group in the Department of Computer Science and Technology, Tsinghua University, advised by Prof. Jun Zhu. Before that, I received my B.S. degree of Mathematics and Physics from Tsinghua University in 2017. I collaborated with Prof. Stefano Ermon from February, 2020 to June, 2020 (online) in the Computer Science Department, Stanford University. I was a visiting student from July, 2016 to September, 2016 in the Computational Biology Department, Carnegie Mellon University, advised by Prof. Wei Wu.

My research interests span the areas of machine learning, including trustworthy machine learning and deep generative models. My research was supported by MSRA Fellowship and Baidu Scholarship.

My PhD Thesis (in Chinese) has been selected as CAAI Outstanding Doctoral Dissertation Award.

We are currently hiring Research Interns working on Trustworthy AI for Large Models. Please do not hesitate to contact me if you are interested and meet the minimum Requirements.

Publications

(* indicates equal contribution)

• Cheating Automatic LLM Benchmarks: Null Models Achieve High Win Rates (Oral)
  Xiaosen Zheng*, Tianyu Pang*, Chao Du, Qian Liu, Jing Jiang, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• When Attention Sink Emerges in Language Models: An Empirical View (Spotlight)
  Xiangming Gu, Tianyu Pang, Chao Du, Qian Liu, Fengzhuo Zhang, Cunxiao Du, Ye Wang, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• A Closer Look at Machine Unlearning for Large Language Models
  Xiaojian Yuan, Tianyu Pang, Chao Du, Kejiang Chen, Weiming Zhang, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• Improved Techniques for Optimization-Based Jailbreaking on Large Language Models
  Xiaojun Jia, Tianyu Pang, Chao Du, Yihao Huang, Jindong Gu, Yang Liu, Xiaochun Cao, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• Improving Long-Text Alignment for Text-to-Image Diffusion Models
  Luping Liu, Chao Du, Tianyu Pang, Zehan Wang, Chongxuan Li, Dong Xu
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• Bootstrapping Language Models with DPO Implicit Rewards
  Changyu Chen, Zichen Liu, Chao Du, Tianyu Pang, Qian Liu, Arunesh Sinha, Pradeep Varakantham, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• Scaling up Masked Diffusion Models on Text
  Shen Nie, Fengqi Zhu, Chao Du, Tianyu Pang, Qian Liu, Guangtao Zeng, Min Lin, Chongxuan Li
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• RegMix: Data Mixture as Regression for Language Model Pre-training (Spotlight)
  Qian Liu, Xiaosen Zheng, Niklas Muennighoff, Guangtao Zeng, Longxu Dou, Tianyu Pang, Jing Jiang, Min Lin
  International Conference on Learning Representations (ICLR), Singapore, 2025
  [code] [arxiv]
• When Precision Meets Position: BFloat16 Breaks Down RoPE in Long-Context Training
  Haonan Wang, Qian Liu, Chao Du, Tongyao Zhu, Cunxiao Du, Kenji Kawaguchi, Tianyu Pang
  Transactions on Machine Learning Research (TMLR), 2025
  [code] [arxiv]
• On Memorization in Diffusion Models
  Xiangming Gu, Chao Du, Tianyu Pang, Chongxuan Li, Min Lin, Ye Wang
  Transactions on Machine Learning Research (TMLR), 2025
  [code] [arxiv]
• Revisiting Backdoor Attacks against Large Vision-Language Models from Domain Shift
  Siyuan Liang, Jiawei Liang, Tianyu Pang, Chao Du, Aishan Liu, Mingli Zhu, Xiaochun Cao, Dacheng Tao
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Nashville, USA, 2025
  
• Improved Few-Shot Jailbreaking Can Circumvent Aligned Language Models and Their Defenses
  Xiaosen Zheng, Tianyu Pang, Chao Du, Qian Liu, Jing Jiang, Min Lin
  Annual Conference on Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2024
  [code] [arxiv]
• Chain of Preference Optimization: Improving Chain-of-Thought Reasoning in LLMs
  Xuan Zhang, Chao Du, Tianyu Pang, Qian Liu, Wei Gao, Min Lin
  Annual Conference on Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2024
  [code] [arxiv]
• Graph Diffusion Policy Optimization
  Yijing Liu, Chao Du, Tianyu Pang, Chongxuan Li, Wei Chen, Min Lin
  Annual Conference on Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2024
  [code] [arxiv]
• Agent Smith: A Single Image Can Jailbreak One Million Multimodal LLM Agents Exponentially Fast
  Xiangming Gu*, Xiaosen Zheng*, Tianyu Pang*, Chao Du, Qian Liu, Ye Wang, Jing Jiang, Min Lin
  International Conference on Machine Learning (ICML), Vienna, Austria, 2024
  [code] [arxiv]
• Self-Distillation Bridges Distribution Gap in Language Model Fine-Tuning
  Zhaorui Yang, Tianyu Pang, Haozhe Feng, Han Wang, Wei Chen, Minfeng Zhu, Qian Liu
  Annual Meeting of the Association for Computational Linguistics (ACL), Bangkok, Thailand, 2024
  [code] [arxiv]
• Finetuning Text-to-Image Diffusion Models for Fairness (Oral)
  Xudong Shen, Chao Du, Tianyu Pang, Min Lin, Yongkang Wong, Mohan Kankanhalli
  International Conference on Learning Representations (ICLR), Vienna, Austria, 2024
  [code] [arxiv]
• Intriguing Properties of Data Attribution on Diffusion Models
  Xiaosen Zheng, Tianyu Pang, Chao Du, Jing Jiang, Min Lin
  International Conference on Learning Representations (ICLR), Vienna, Austria, 2024
  [code] [arxiv]
• LoraHub: Efficient Cross-Task Generalization via Dynamic LoRA Composition
  Chengsong Huang, Qian Liu, Bill Yuchen Lin, Tianyu Pang, Chao Du, Min Lin
  Conference on Language Modeling (COLM), Philadelphia, USA, 2024
  [code] [arxiv]
• BAFFLE: A Baseline of Backpropagation-Free Federated Learning
  Haozhe Feng, Tianyu Pang, Chao Du, Wei Chen, Shuicheng Yan, Min Lin
  European Conference on Computer Vision (ECCV), Milano, Italy, 2024
  [code] [arxiv]
• Face3DAdv: Exploiting Robust Adversarial 3D Patches on Physical Face Recognition
  Xiao Yang, Longlong Xu, Tianyu Pang, Yinpeng Dong, Yikai Wang, Hang Su, Jun Zhu
  International Journal of Computer Vision (IJCV), 2024
  
• On Calibrating Diffusion Probabilistic Models
  Tianyu Pang, Cheng Lu, Chao Du, Min Lin, Shuicheng Yan, Zhijie Deng
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2023
  [code] [arxiv]
• On Evaluating Adversarial Robustness of Large Vision-Language Models
  Yunqing Zhao*, Tianyu Pang*, Chao Du, Xiao Yang, Chongxuan Li, Ngai-Man Cheung, Min Lin
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2023
  [code] [arxiv]
• Efficient Diffusion Policies for Offline Reinforcement Learning
  Bingyi Kang, Xiao Ma, Chao Du, Tianyu Pang, Shuicheng Yan
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2023
  
• Gaussian Mixture Denoising Diffusion Probabilistic Models
  Hanzhong Guo, Cheng Lu, Fan Bao, Tianyu Pang, Shuicheng Yan, Chao Du, Chongxuan Li
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2023
  
• Better Diffusion Models Further Improve Adversarial Training
  Zekai Wang*, Tianyu Pang*, Chao Du, Min Lin, Weiwei Liu, Shuicheng Yan
  International Conference on Machine Learning (ICML), Hawaii, USA, 2023
  [code] [poster] [arxiv]
• Bag of Tricks for Training Data Extraction from Language Models
  Weichen Yu, Tianyu Pang, Qian Liu, Chao Du, Bingyi Kang, Yan Huang, Min Lin, Shuicheng Yan
  International Conference on Machine Learning (ICML), Hawaii, USA, 2023
  [code] [poster] [arxiv]
• Nonparametric Generative Modeling with Conditional Sliced-Wasserstein Flows
  Chao Du, Tianbo Li, Tianyu Pang, Shuicheng Yan, Min Lin
  International Conference on Machine Learning (ICML), Hawaii, USA, 2023
  
• Improving Adversarial Robustness of Deep Equilibrium Models with Explicit Regulations Along the Neural Dynamics
  Zonghan Yang, Peng Li, Tianyu Pang, Yang Liu
  International Conference on Machine Learning (ICML), Hawaii, USA, 2023
  
• Exploring Incompatible Knowledge Transfer in Few-shot Image Generation
  Yunqing Zhao, Chao Du, Milad Abdollahzadeh, Tianyu Pang, Min Lin, Shuicheng Yan, Ngai-Man Cheung
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Vancouver, Canada, 2023
  
• A Closer Look at the Adversarial Robustness of Deep Equilibrium Models
  Zonghan Yang, Tianyu Pang, Yang Liu
  Annual Conference on Neural Information Processing Systems (NeurIPS), New Orleans, USA, 2022
  
• Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks
  Xiao Yang, Yinpeng Dong, Tianyu Pang, Hang Su, Jun Zhu
  European Conference on Computer Vision (ECCV), Tel Aviv, Israel, 2022
  
• Robustness and Accuracy Could Be Reconcilable by (Proper) Definition
  Tianyu Pang, Min Lin, Xiao Yang, Jun Zhu, Shuicheng Yan
  International Conference on Machine Learning (ICML), Baltimore, USA, 2022
  [code] [poster] [video] [arxiv]
• Two Coupled Rejection Metrics Can Tell Adversarial Examples Apart
  Tianyu Pang, Huishuai Zhang, Di He, Yinpeng Dong, Hang Su, Wei Chen, Jun Zhu, Tie-Yan Liu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), New Orleans, USA, 2022
  [code] [poster] [arxiv]
• Exploring Memorization in Adversarial Training
  Yinpeng Dong, Ke Xu, Xiao Yang, Tianyu Pang, Zhijie Deng, Hang Su, Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2022
  
• Accumulative Poisoning Attacks on Real-time Data
  Tianyu Pang*, Xiao Yang*, Yinpeng Dong, Hang Su, Jun Zhu
  Annual Conference on Neural Information Processing Systems (NeurIPS), Online, 2021
  [code] [slide] [arxiv]
• Towards Face Encryption by Generating Adversarial Identity Masks
  Xiao Yang, Yinpeng Dong, Tianyu Pang, Jun Zhu, Hang Su
  International Conference on Computer Vision (ICCV), Online, 2021
  
• Black-box Detection of Backdoor Attacks with Limited Information and Data
  Yinpeng Dong, Xiao Yang, Zhijie Deng, Tianyu Pang, Zihao Xiao, Hang Su, and Jun Zhu
  International Conference on Computer Vision (ICCV), Online, 2021
  
• Bag of Tricks for Adversarial Training
  Tianyu Pang, Xiao Yang, Yinpeng Dong, Hang Su, Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2021
  [code] [poster] [arxiv]
• Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior
  Yinpeng Dong, Shuyu Cheng, Tianyu Pang, Hang Su, and Jun Zhu
  IEEE Transaction on Pattern Analysis and Machine Intelligence (TPAMI), 2021
  
• Efficient Learning of Generative Models via Finite-Difference Score Matching
  Tianyu Pang*, Kun Xu*, Chongxuan Li, Yang Song, Stefano Ermon, Jun Zhu
  Annual Conference on Neural Information Processing Systems (NeurIPS), Online, 2020
  [code] [video] [poster] [arxiv]
• Boosting Adversarial Training with Hypersphere Embedding
  Tianyu Pang*, Xiao Yang*, Yinpeng Dong, Kun Xu, Jun Zhu, Hang Su
  Annual Conference on Neural Information Processing Systems (NeurIPS), Online, 2020
  [code] [video] [poster] [arxiv]
• Adversarial Distributional Training for Robust Deep Learning
  Zhijie Deng, Yinpeng Dong, Tianyu Pang, Hang Su, Jun Zhu
  Annual Conference on Neural Information Processing Systems (NeurIPS), Online, 2020
  
• Benchmarking Adversarial Robustness on Image Classification (Oral)
  Yinpeng Dong, Qi-An Fu, Xiao Yang, Tianyu Pang, Hang Su, Zihao Xiao, Jun Zhu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Online, 2020
  [platform] [slide]
• Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness
  Tianyu Pang, Kun Xu, Yinpeng Dong, Chao Du, Ning Chen, Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2020
  [code] [video] [slide] [arxiv]
• Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks
  Tianyu Pang*, Kun Xu*, Jun Zhu
  International Conference on Learning Representations (ICLR), Online, 2020
  [code] [video] [slide] [arxiv]
• Improving Black-box Adversarial Attacks with a Transfer-based Prior
  Shuyu Cheng, Yinpeng Dong, Tianyu Pang, Hang Su, Jun Zhu
  Annual Conference on Neural Information Processing Systems (NeurIPS), Vancouver, Canada, 2019
  
• Improving Adversarial Robustness via Promoting Ensemble Diversity
  Tianyu Pang, Kun Xu, Chao Du, Ning Chen, Jun Zhu
  International Conference on Machine Learning (ICML), Long Beach, USA, 2019
  [code] [poster] [slide] [arxiv]
• Evading Defenses to Transferable Adversarial Examples by Translation-Invariant Attacks (Oral)
  Yinpeng Dong, Tianyu Pang, Hang Su, Jun Zhu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Long Beach, USA, 2019
  [code] [video] [poster]
• Towards Robust Detection of Adversarial Examples (Spotlight)
  Tianyu Pang, Chao Du, Yinpeng Dong, Jun Zhu
  Annual Conference on Neural Information Processing Systems (NeurIPS), Montreal, Canada, 2018
  [code] [poster] [slide] [arxiv] [video] [press release]
• Max-Mahalanobis Linear Discriminant Analysis Networks
  Tianyu Pang, Chao Du, Jun Zhu
  International Conference on Machine Learning (ICML), Stockholm, Sweden, 2018
  [code] [poster] [slide] [arxiv]
• Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser
  Fangzhou Liao, Ming Liang, Yinpeng Dong, Tianyu Pang, Jun Zhu, Xiaolin Hu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Salt Lake City, USA, 2018
  
• Boosting Adversarial Attacks with Momentum (Spotlight)
  Yinpeng Dong, Fangzhou Liao, Tianyu Pang, Hang Su, Xiaolin Hu, Jianguo Li, Jun Zhu
  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Salt Lake City, USA, 2018
  

Honors & Awards

• World's Top 2% Scientists, 2024.09
• WAIC Rising Star Award, 2023.07
• CAAI Outstanding Doctoral Dissertation Award, 2023.02
• Beijing Outstanding Graduates, 2022.06
• Yang Huiyan Scholarship, 2021.10
• Baidu Scholarship, 2020.12
• Microsoft Research Asia (MSRA) Fellowship, 2020.11
• Zhong Shimo Scholarship, 2020.11
• AI Chinese New Stars, 2020.11
• Shenzhen Stock Exchange Scholarship, 2020.10
• '84' Future Innovation Scholarship, 2019.12
• China National Scholarship, 2019.10
• NVIDIA Pioneering Research Award, 2018.12
• Schlumberger Scholarship, 2018.10

Competitions

• 2023.01 --
  IEEE SaTML 2023 Competition:
  Training Data Extraction Challenge, 2nd place
  
• 2020.10 --
  Inclusion | A-tech Contest:
  Part One, Part Two, 1st place of AI track
  
• 2018.8 --
  GeekPwn 2018 The Worldwide Cyber Security Contest:
  CAAD CTF Las Vegas, 1st place
  CAAD CTF Shanghai, 3rd place
  CAAD Non-targeted Adversarial Attacks Track, 3rd place
  CAAD Targeted Adversarial Attacks Track, 2nd place
  CAAD Defense Against Adversarial Attack Track, 2nd place
• 2017.10 --
  NeurIPS 2017 Adversarial Attacks and Defense Competition:
  Non-targeted Adversarial Attacks Track, 1st place
  Targeted Adversarial Attacks, 1st place
  Defense Against Adversarial Attack, 1st place

Services

I was an organizer of:
AAAI 2022 Workshop (Adversarial Machine Learning and Beyond) [link]
ICML 2021 Workshop (A Blessing in Disguise: The Prospects and Perils of Adversarial Machine Learning) [link]
ICCV 2021 Workshop (Adversarial Robustness in the Real World) [link]

I was an Area Chair of conferences:
NeurIPS 2025

I was a reviewer / PC member of conferences:
ICML 2019, 2020, 2021, 2022, 2023, 2024, 2025
ICLR 2020, 2021, 2022, 2023, 2024, 2025
NeurIPS 2019, 2020, 2021, 2022, 2023, 2024
AISTATS 2020, 2022, 2023, 2024
CVPR 2019, 2020, 2021, 2022, 2023, 2024, 2025
ICCV 2019, 2021, 2023, 2025
ECCV 2020, 2022, 2024
AAAI 2020

I was a reviewer of journals:
TPAMI, IJCV, TNNLS, TKDD, TIFS, ACM TOPS, SPL, MLJ, Neurocomputing

Invited Talks

• Industry Talks, SSNLP, 2024.11 [website]
• AI SIG Meetup, AiSP, 2024.8 [website]
• Technical Sharing Session, IMDA, 2024.6 [website][slides]
• CFAR Rising Star Seminar, A*STAR, 2023.12 [website][slides]
• Deep Learning and Optimization Seminar, Westlake University, 2023.11 [website][video][slides]
• VALSE Webinar, 2023.3 [video][slides]
• Xia Peisu Forum, ICT CAS, 2022.12 [slides]
• TechBeat, JiangMen, 2022.8 [video]
• TrustML Young Scientist Seminars, RIKEN, 2022.3 [website][video][slides]
• Alibaba Security, 2021.3 [video][slides]
• VALSE Webinar, 2020.12 [video][slides]
• RealCourse, RealAI, 2020.5 [video][slides]
• Graduate Research Seminars, Tsinghua University, 2019.12 [slides]
• CAAD CTF, DEFCON, 2018.8 [slides]

Teaching

2019 Fall, TA in Machine Learning, instructed by Prof. Jun Zhu

© 2025 Tianyu Pang