Yuguang Yao

I am a Senior Research Scientist at Intuit AI Research (Dec 2024 – present). I received my Ph.D. in Computer Science and Engineering from Michigan State University, advised by Prof. Sijia Liu. Before that, I obtained my B.S. in Automation from Tsinghua University.

My research focuses on LLM Agents, Adversarial Machine Learning, Model Pruning, Prompt Learning, and Optimization (black-box, zeroth-order, bi-level).

Email: tony.yuguang.yao@gmail.com  |  CV  |  Google Scholar  |  GitHub  |  LinkedIn

Education

  • Ph.D. in CSE, Michigan State University, Jan 2021 – May 2025. Advisor: Sijia Liu
  • Ph.D. Student in CSE, Tsinghua / MSU, Aug 2018 – Dec 2020. Advisors: Zhichao Cao, Yunhao Liu
  • B.S. in Automation, Tsinghua University, Aug 2014 – Jul 2018. Advisor: Hong Wang
  • Exchange, École Polytechnique Fédérale de Lausanne (EPFL), Aug 2016 – Feb 2017

Experience

  • Senior Research Scientist, Intuit AI Research, Dec 2024 – Present
  • Research Intern, Cisco Research, Feb 2023 – Jun 2024. Advisor: Gaowen Liu
  • Research Intern, MIT-IBM Watson AI Lab, May 2021 – Aug 2021. Advisor: Quanfu Fan
  • Research Intern, DiDi AI Lab, Nov 2017 – Feb 2018. Advisor: Yashu Liu
  • Research Intern, HKUST, Jun 2017 – Sep 2017. Advisor: Pan Hui

Selected Publications

  1. Y. Yao*, Y. Chen*, et al., Safety Mirage: How Spurious Correlations Undermine VLM Safety Fine-Tuning, ICLR 2026.
  2. K. Chen, Z. Lin, …, Y. Yao, et al., R2I-Bench: Benchmarking Reasoning-Driven Text-to-Image Generation, ACL 2025.
  3. Y. Yao*, J. Liu*, et al., Can Adversarial Examples Be Parsed to Reveal Victim Model Information?, WACV 2025.
  4. Y. Yao*, Z. Pan*, et al., From Trojan Horses to Castle Walls: Unveiling Bilateral Backdoor Effects in Diffusion Models, NeurIPS 2024.
  5. Y. Yao, G. Xiao, et al., Reverse Engineering of Deceptions on Machine- and Human-Centric Attacks, Foundations and Trends in Privacy and Security 2024.
  6. S. Pal, Y. Yao, et al., Backdoor Secrets Unveiled: Identifying Backdoor Data with Optimized Scaled Prediction Consistency, ICLR 2024.
  7. J. Jia*, J. Liu*, …, Y. Yao, et al., Model Sparsity Can Simplify Machine Unlearning, NeurIPS 2023 Spotlight.
  8. A. Chen, Y. Yao, et al., Understanding and Improving Visual Prompting: A Label-Mapping Perspective, CVPR 2023.
  9. Y. Yao*, Y. Zhang*, et al., Advancing Model Pruning via Bi-level Optimization, NeurIPS 2022.
  10. Y. Yao*, Y. Gong*, et al., Reverse Engineering of Imperceptible Adversarial Image Perturbations, ICLR 2022.
  11. Y. Zhang, Y. Yao, et al., How to Robustify Black-Box ML Models? A Zeroth-Order Optimization Perspective, ICLR 2022 Spotlight.

Service & Awards

  • Workshop Chair: AdvML Frontiers at ICML’22, ICML’23, NeurIPS’24
  • Reviewer: NeurIPS, ICLR, ICML, ACL, CVPR, ACMMM, ICASSP, TPAMI
  • Travel Grants: NeurIPS 2022, CVPR 2023, NeurIPS 2024
  • Best Poster Award, EWSN 2019
  • Cisco Research Award ($75K) for “Towards Lifelong LMM Agents in Embodied AI”

学习

小时候,学习是完成确定的任务;现在,学习是解决不确定的恐慌。以前总以为,活到老、学到老是鞭策中国人持续进步的口号;现在能理解,那其实是聪明的过来人对一种实现幸福的方式的总结。刚读博士的时候,导师和我说,无论每天做什么,总要留出一些时间写文字,写什么都可以。我一直到最近才能体会到,刷八个小时短视频只会让你失去八个小时,写三十分钟文字,你至少得到了一些文字。 –2026年6月1日

思维实验

Kevin说不刷小视频的时候可以进行脑中思维实验,他叫这是白日梦,我叫这是沉思。可以从梦幻西游里面想象三头六臂的地狱战神在我家里敲锣打鼓,我如何用我的金背大砍刀破它的紫色皮肤。星际争霸里面有成群结队的大和星舰在我家的上空和神族航空母舰对轰。人生的curriculum learning真是神奇,小时候最喜欢玩的游戏们永远都会在我的30岁的幻想中反复出现,让我在头痛欲裂的职场工作里会心一笑。 –2026年6月2日

不想起床

生物钟把我在七点钟拉起来,我却想要继续睡。为什么不想起床?为什么嗜睡?是因为心中没有对当日生活的期待,是缺少对未来、新生活的探索欲望。人的状态会有起伏,但不必要的放大效应应该被避免。突然想起大学同学总提的“苦行僧”式的生活理念,大概保持对幸福的低期待,是持续清醒的实现手段之一吧。 –2026年6月3日

大秘宝

海贼王哥尔D罗杰把他的财富都放在拉夫德鲁了,而我的大秘宝也被你看到了。 –2026年6月3日