Chong Xiang

I am a research scientist with the Security and Privacy Research team at NVIDIA, led by Edward Suh. I primarily work on AI Security.

I completed my PhD at Princeton Univeristy in 2024, where I was advised by Prateek Mittal. My PhD dissertation included a series of certifiably robust defenses against adversarial patch attacks, including PatchGuard, PatchGuard++, PatchCleanser, PatchCURE, DetectorGuard, and ObjectSeeker. Toward the end of my PhD, I also worked on LLM security, e.g., RobustRAG.

I graduated from Shanghai Jiao Tong University (SJTU) with a Bachelor's degree in 2019. I was a member of Network Security and Privacy Protection (NSEC) Lab and was advised by Haojin Zhu (2016-2019). I also worked with Bo Li as a research intern at University of Illinois Urbana-Champaign (2018).

Please feel free to reach out via email at cxiang@nvidia.com :)

Selected Publications

Certifiably Robust RAG against Retrieval Corruption
Chong Xiang^*, Tong Wu^*, Zexuan Zhong, David Wagner, Danqi Chen, Prateek Mittal
arXiv: 2405.15556 [GitHub]
PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses
Chong Xiang, Tong Wu, Sihui Dai, Jonathan Petit, Suman Jana, Prateek Mittal
33rd USENIX Security Symposium (USENIX Security 2024) [GitHub] [USENIX Open Access Media with Video and Slides]
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking
Chong Xiang, Alexander Valtchanov, Saeed Mahloujifar, Prateek Mittal
44th IEEE Symposium on Security and Privacy (S&P 2023) [GitHub] [Slides]
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier
Chong Xiang, Saeed Mahloujifar, Prateek Mittal
31st USENIX Security Symposium (USENIX Security 2022) [GitHub] [USENIX Open Access Media with Video and Slides]
DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks
Chong Xiang, Prateek Mittal
2021 ACM Conference on Computer and Communications Security (CCS 2021) [GitHub] [ACM DL] [Video] [Slides]
PatchGuard: A Provably Robust Defense against Adversarial Patches via Small Receptive Fields and Masking
Chong Xiang, Arjun Nitin Bhagoji, Vikash Sehwag, Prateek Mittal
30th USENIX Security Symposium (USENIX Security 2021) [GitHub] [USENIX Open Access Media with Video and Slides]
Generating 3D Adversarial Point Clouds
Chong Xiang, Charles R. Qi, Bo Li
2019 IEEE Conference on Computer Vision and Pattern Recognition (CVPR 2019) [GitHub]
See Google Scholar for a full list of publications