Our Publications

The Digital Trust Centre (DTC) at NTU Singapore focuses on research and development in trust technologies, including AI Safety.

 

2026

  • Wang, F., Sun, F., Fan, M., Zhou, J., Ma, J., Chen, C., Shu, J., & Zhang, L. Y. (2026). FLAME: Flexible and lightweight biometric authentication scheme in malicious environments. Proceedings of the 41st Annual Computer Security Applications Conference (ACSAC 2025). https://doi.org/10.1109/ACSAC67867.2025.00044
  • Yang, Y., Yang, G., Li, Y., Wu, P., Shi, R., Huang, M., Weng, J., Pang, H.-H., & Deng, R. H. (2026). PriSrv+: Privacy and usability-enhanced wireless service discovery with fast and expressive matchmaking encryption. Proceedings of the Network and Distributed System Security (NDSS) Symposium. https://doi.org/10.14722/ndss.2026.230087
  • Xiang, K., Shi, B., Lyu, Y., Chen, J., Tsang, I. W., & Yin, H. (2026). MermaidFlow-CF: How agentic workflow representation governs constraint-faithful control. Proceedings of the AAAI Conference on Artificial Intelligence. https://openreview.net/forum?id=INX9FhqbUM
  • Li, Z., Kong, C., Yu, Y., Wu, Q., Jiang, X., Cheung, N.-M., Wen, B., Kot, A., & Jiang, X. (2026). SAVER: Mitigating hallucinations in large vision-language models via style-aware visual early revision. Proceedings of the AAAI Conference on Artificial Intelligence. https://doi.org/10.1609/aaai.v40i42.40873
  • Lu, H., Yu, Y., Xia, S., Yang, Y., Rajan, D., Ng, B. P., Kot, A., & Jiang, X. (2026). From pretrain to pain: Adversarial vulnerability of video foundation models without task knowledge. Proceedings of the AAAI Conference on Artificial Intelligence. https://doi.org/10.1609/aaai.v40i9.37695
  • Li, Y., Hu, J., Hooi, B., He, B., & Chen, C. (2026). DGP: A dual-granularity prompting framework for fraud detection with graph-enhanced LLMs. Proceedings of the AAAI Conference on Artificial Intelligence. https://ojs.aaai.org/index.php/AAAI/article/view/38541
  • Rawshan, L. B., Wang, Z., & Lim, B. Y. (2026). Comparing user understanding of explainable AI techniques with the cognitive XAI-adaptive model. Proceedings of the International Conference on Intelligent User Interfaces (IUI). https://doi.org/10.1145/3742413.3789147
  • Wang, F., Zhang, Y., & Lim, B. Y. (2026). Transferable XAI: Relating understanding across domains with explanation transfer. Proceedings of the International Conference on Intelligent User Interfaces (IUI). https://doi.org/10.1145/3742413.3789124
  • He, Y., Ling, S., Shi, Y., Wang, H., Tan, B. H. M., & Yang, A. S. (2026). Fully homomorphic encryption on the ring of Gaussian periods. Proceedings of the RSA Conference Cryptographers' Track (CT-RSA). https://eprint.iacr.org/2026/927
  • Jia, X., Du, J., Wei, H., Chen, J., Zhou, J. T., & Wang, Z. (2026). Reinforcement-guided synthetic data generation for privacy-sensitive identity recognition. Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). https://doi.org/10.48550/arXiv.2604.07884
  • Wang, C., Chen, Y., Yang, Z., Zhou, J. T., & Zhang, C. (2026). IMS3: Breaking distributional aggregation in diffusion-based dataset distillation. Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). https://doi.org/10.48550/arXiv.2603.13960

2025

  • Sun, J., Xu, G., Yang, Y., Yang, X., Li, X., Wu, C., Liu, Z., Yang, G., & Deng, R. H. (2025). Forward-secure hierarchical delegable signature for smart homes. IEEE Transactions on Information Forensics and Security, 20, 3950–3965. https://doi.org/10.1109/TIFS.2025.3555185
  • Wang, D., Cao, Y., Lam, K.-Y., Chi, C. H., & Choo, K. K. R. (2025, January 28). An accountable GAKA protocol with changeable thresholds and verifiable shares in UAVs-assisted IoVs for emergency rescue. IEEE Transactions on Intelligent Transportation Systems, 26(4), 5522–5537. https://doi.org/10.1109/TITS.2025.3531383
  • Jiang, Y., Shen, J., Liu, Z., Tan, C. W., & Lam, K.-Y. (2025, January 24). Towards efficient and certified recovery from poisoning attacks in federated learning. IEEE Transactions on Information Forensics & Security. https://doi.org/10.1109/TIFS.2025.3533907
  • Tu, R., Kang, X., Li, E., Tan, C. W., Chi, C. H., & Lam, K.-Y. (2025). Sentences based adversarial attack on AI-generated text detectors. IEEE Transactions on Big Data. https://doi.org/10.1109/TBDATA.2025.3600034
  • Du, H., Niyato, D., Kang, J., Xiong, Z., Lam, K.-Y., Fang, Y., & Li, Y. (2025). Spear or shield: The role of generative AI in intelligent network services. IEEE Network Magazine. https://doi.org/10.1109/MNET.2025.3594769
  • Li, F., Chen, X., Lam, K.-Y., Wang, L., & Liu, X. (2025). A secure wireless traffic prediction with federated learning. IEEE Transactions on Vehicular Technology. https://doi.org/10.1109/TVT.2025.3594326
  • Li, F., Wang, Y., Lam, K.-Y., Shen, B., & Wang, L. (2025, September). A secure dynamic spectrum access scheme for Internet-of-Things with swarm learning. IEEE Internet of Things Journal, 12(18), 37720–37733. https://doi.org/10.1109/JIOT.2025.3583710
  • Karunanayake, B., Khalil, I., Yi, X., & Lam, K.-Y. (2025, September). Toward LLM-driven adaptive policy orchestration for host-based intrusion detection systems in IoT environments. IEEE Network Magazine, 39(5), 66–73. https://doi.org/10.1109/MNET.2025.3579532
  • Shen, B., Lam, K.-Y., Li, F., & Wang, L. (2025). Privacy-aware spectrum pricing and power control optimization for LEO satellite Internet-of-Things. IEEE Transactions on Wireless Communications. https://doi.org/10.1109/TWC.2025.3574172
  • Hou, Y., Cao, Y., Xiong, H., He, D., Chi, C. H., & Lam, K.-Y. (2025). Heterogeneous parallel key-insulated multi-receiver signcryption scheme for IoV. IEEE Transactions on Information Forensics & Security. https://doi.org/10.1109/TIFS.2025.3567917
  • Li, F., Yang, J., Lam, K.-Y., Shen, B., & Luo, H. (2025, July). A dynamic spectrum access scheme for Internet of Things with improved federated learning. Journal of Network and Computer Applications, 239, 104189. https://doi.org/10.1016/j.jnca.2025.104189
  • Shang, C., Cao, J., Li, Z., Niu, B., Lam, K.-Y., Chi, C. H., & Li, H. (2025, August). A hierarchical encrypted compression scheme for intra-vehicle network. IEEE Transactions on Intelligent Transportation Systems, 26(8), 11916–11930. https://doi.org/10.1109/TITS.2025.3558192
  • Liu, Z., Ye, H., Jiang, Y., Shen, J., Guo, J., Tjuawinata, I., & Lam, K.-Y. (2025). Privacy-preserving federated unlearning with certified client removal. IEEE Transactions on Information Forensics & Security, 20, 3966–3978. https://doi.org/10.1109/TIFS.2025.3555868
  • Ye, H., Guo, J., Liu, Z., Jiang, Y., & Lam, K.-Y. (2025, April). Enhancing AI safety of machine unlearning for ensembled models. Applied Soft Computing, 174, 113011. https://doi.org/10.1016/j.asoc.2025.113011
  • Liu, Z., Ye, H., Chen, C., Zheng, Y., & Lam, K.-Y. (2025). Threats, attacks, and defenses in machine unlearning: A survey. IEEE Open Journal of the Computer Society. https://doi.org/10.1109/OJCS.2025.3543483
  • Tu, R., Kang, X., Tan, C. W., Chi, C. H., & Lam, K.-Y. (2025). All points guided adversarial generator for targeted attack against deep hashing retrieval. IEEE Transactions on Information Forensics & Security, 20, 1695–1709. https://doi.org/10.1109/TIFS.2025.3534585
  • Fan, J., Liu, Z., Du, H., Kang, J., Niyato, D., & Lam, K.-Y. (2025, April). Improving security in IoT-based human activity recognition: A correlation-based anomaly detection approach. IEEE Internet of Things Journal, 12(7), 8301–8315. https://doi.org/10.1109/JIOT.2024.3501361
  • Shang, C., Cao, J., Luo, Y., Niu, B., Gan, L., Lam, K.-Y., & Chi, C. H. (2025, March). A vision of 3GPP wireless sensing for intelligent vehicles: Scenarios, architectures, security challenges, solutions, and future trends. IEEE Network Magazine, 39(2), 80–90. https://doi.org/10.1109/MNET.2024.3480973
  • He, Y., Peng, F., Cai, R., Yu, Z., Long, M., & Lam, K.-Y. (2025). Category-conditional gradient alignment for domain adaptive face anti-spoofing. IEEE Transactions on Information Forensics & Security. https://doi.org/10.1109/TIFS.2024.3486098
  • Liu, Z., Jiang, Y., Jiang, W., Guo, J., Zhao, J., & Lam, K.-Y. (2025). Guaranteeing data privacy in federated unlearning with dynamic user participation. IEEE Transactions on Dependable and Secure Computing. https://doi.org/10.1109/TDSC.2024.3476533
  • Liu, R., Lam, K.-Y., Zhou, W., Wu, S., Zhao, J., Hu, D., & Gong, M. (2025). STBA: Towards evaluating the robustness of DNNs for query-limited black-box scenario. IEEE Transactions on Multimedia, 27, 2666–2681. https://doi.org/10.1109/TMM.2025.3535328
  • Kalapaaking, A., Khalil, I., Yi, X., Lam, K.-Y., Huang, G. B., & Wang, N. (2025, January). Auditable and verifiable federated learning based on blockchain-enabled decentralization. IEEE Transactions on Neural Networks and Learning Systems, 36(1), 102–115. https://doi.org/10.1109/TNNLS.2024.3407670
  • Zheng, Y., Wang, G., Qin, J., Chen, Z., Lin, J., Wei, P., Lin, L., & Lam, K.-Y. (2025). CIREC: Causal intervention-inspired policy learning to mitigate exposure bias for interactive recommendation. IEEE Transactions on Knowledge and Data Engineering. https://doi.org/10.1109/TKDE.2025.3622687
  • Zhou, Q., Wang, D., Li, T., Xu, Z., Liu, Y., Ren, K., Wang, W., & Gu, Q. (2025). FOOLSDEDIT: Deceptively steering your edits towards targeted attribute-aware distribution. IEEE Transactions on Dependable and Secure Computing. https://doi.org/10.48550/arXiv.2402.03705
  • Zhang, M., Guo, X., Cao, X., Sun, S., Fu, H., & Guo, Q. (2025). Lighting is unreliable: Adversarial video relighting against rPPG heart rate measurement. IEEE Transactions on Information Forensics and Security. https://doi.org/10.1109/TIFS.2025.3587221

2024

  • Luo, B., Zhang, Z., Wang, Q., Ke, A., Lu, S., & He, B. (2024). AI-powered fraud detection in decentralized finance: A project life cycle perspective. ACM Computing Surveys, 57(4), Article 96, 1–38.https://doi.org/10.1145/3705296 
  • Fan, J., Liu, Z., Du, H., Kang, J., Niyato, D., & Lam, K.-Y. (2024, November 29). Improving security in IoT-based human activity recognition. IEEE Internet of Things Journal, 12(7), 8301–8315. https://doi.org/10.1109/JIOT.2024.3501361
  • Liu, Z., Jiang, Y., Shen, J., Peng, M., Lam, K.-Y., Yuan, X., & Liu, X. (2024, October 7). A survey on federated unlearning: Challenges, methods, and future directions. ACM Computing Surveys. https://doi.org/10.1145/3679014
  • Kruglik, S., Dau, S. H., Kiah, H. M., Wang, H., & Zhang, L. F. (2024, September 2). Querying twice to achieve information-theoretic verifiability in private information retrieval. IEEE Transactions on Information Forensics and Security, vol. 19, pp. 8172-8187. https://doi.org/10.1109/TIFS.2024.3453550 
  • Guo, Q., Wang, Z., Juefei-Xu, F., Lin, D., Ma, L., Feng, W., & Liu, Y. (2024, August 16). CarveNet: Carving point-block for complex 3D shape completion. IEEE Transactions on Multimedia, vol. 27, pp. 1047-1058. https://doi.org/10.1109/TMM.2024.3443613 
  • Hu, J., Zhao, Y., Tan, B. H. M., Aung, K. M. M., & Wang, H. (2024, May 17). Enabling threshold functionality for private set intersection protocols in cloud computing. IEEE Transactions on Information Forensics and Security, vol. 19, pp. 6184-6196, 2024, doi: 10.1109/TIFS.2024.3402355. https://doi.org/10.1109/TIFS.2024.3402355 
  • Liu, R., Zhou, W., Zhang, T., Chen, K., Zhao, J., & Lam, K.-Y. (2024, April 17). Boosting black-box attack to deep neural networks with conditional diffusion models. IEEE Transactions on Information Forensics & Security, 20, 1695–1709. https://doi.org/10.1109/TIFS.2024.3515792
  • Yang, M., Tjuawinata, I., Lam, K.-Y., Zhu, T., & Zhao, J. (2024, April). Local differential privacy and its applications: A comprehensive survey. IEEE Internet of Things Journal, 12(7), 8301–8315. https://doi.org/10.1109/JIOT.2024.3501361
  • Kalapaaking, A., Khalil, I., Yi, X., Lam, K.-Y., Huang, G. B., & Wang, N. (2024, June 14). Auditable and verifiable federated learning based on blockchain-enabled decentralization. IEEE Transactions on Neural Networks and Learning Systems, 36(1), 102–115. https://doi.org/10.1109/TNNLS.2024.3407670
  • Liu, Z., Guo, J., Yang, W., Fan, J., Lam, K.-Y., & Zhao, J. (2024, January 19). Dynamic user clustering for efficient and privacy-preserving federated learning. IEEE Transactions on Dependable and Secure Computing. https://doi.org/10.1109/TDSC.2024.3476533
  • Lam, K.-Y., Lu, X., Zhang, L., Wang, X., Wang, H., & Goh, S. Q. (2024, January 12). Efficient FHE-based privacy-enhanced neural network for trustworthy AI-as-a-service. IEEE Transactions on Information Forensics & Security. https://doi.org/10.1109/TIFS.2025.3567917

2023

2022

 

 

2026

  • Wang, F., Sun, F., Fan, M., Zhou, J., Ma, J., Chen, C., Shu, J., & Zhang, L. Y. (2026). FLAME: Flexible and lightweight biometric authentication scheme in malicious environments. Proceedings of the 41st Annual Computer Security Applications Conference (ACSAC 2025). https://doi.org/10.1109/ACSAC67867.2025.00044
  • Yang, Y., Yang, G., Li, Y., Wu, P., Shi, R., Huang, M., Weng, J., Pang, H.-H., & Deng, R. H. (2026). PriSrv+: Privacy and usability-enhanced wireless service discovery with fast and expressive matchmaking encryption. Proceedings of the Network and Distributed System Security (NDSS) Symposium. https://doi.org/10.14722/ndss.2026.230087
  • Xiang, K., Shi, B., Lyu, Y., Chen, J., Tsang, I. W., & Yin, H. (2026). MermaidFlow-CF: How agentic workflow representation governs constraint-faithful control. Proceedings of the AAAI Conference on Artificial Intelligence. https://openreview.net/forum?id=INX9FhqbUM
  • Li, Z., Kong, C., Yu, Y., Wu, Q., Jiang, X., Cheung, N.-M., Wen, B., Kot, A., & Jiang, X. (2026). SAVER: Mitigating hallucinations in large vision-language models via style-aware visual early revision. Proceedings of the AAAI Conference on Artificial Intelligence. https://doi.org/10.1609/aaai.v40i42.40873
  • Lu, H., Yu, Y., Xia, S., Yang, Y., Rajan, D., Ng, B. P., Kot, A., & Jiang, X. (2026). From pretrain to pain: Adversarial vulnerability of video foundation models without task knowledge. Proceedings of the AAAI Conference on Artificial Intelligence. https://doi.org/10.1609/aaai.v40i9.37695
  • Li, Y., Hu, J., Hooi, B., He, B., & Chen, C. (2026). DGP: A dual-granularity prompting framework for fraud detection with graph-enhanced LLMs. Proceedings of the AAAI Conference on Artificial Intelligence. https://ojs.aaai.org/index.php/AAAI/article/view/38541
  • Rawshan, L. B., Wang, Z., & Lim, B. Y. (2026). Comparing user understanding of explainable AI techniques with the cognitive XAI-adaptive model. Proceedings of the International Conference on Intelligent User Interfaces (IUI). https://doi.org/10.1145/3742413.3789147
  • Wang, F., Zhang, Y., & Lim, B. Y. (2026). Transferable XAI: Relating understanding across domains with explanation transfer. Proceedings of the International Conference on Intelligent User Interfaces (IUI). https://doi.org/10.1145/3742413.3789124
  • He, Y., Ling, S., Shi, Y., Wang, H., Tan, B. H. M., & Yang, A. S. (2026). Fully homomorphic encryption on the ring of Gaussian periods. Proceedings of the RSA Conference Cryptographers' Track (CT-RSA). https://eprint.iacr.org/2026/927
  • Jia, X., Du, J., Wei, H., Chen, J., Zhou, J. T., & Wang, Z. (2026). Reinforcement-guided synthetic data generation for privacy-sensitive identity recognition. Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). https://doi.org/10.48550/arXiv.2604.07884
  • Wang, C., Chen, Y., Yang, Z., Zhou, J. T., & Zhang, C. (2026). IMS3: Breaking distributional aggregation in diffusion-based dataset distillation. Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). https://doi.org/10.48550/arXiv.2603.13960

2025

  • Zuo, C., Lai, S., Sun, S.-F., Yuan, X., Liu, J. K., Shao, J., Wang, H., Zhu, L., & Cui, S. (2025). Searchable encryption for conjunctive queries with extended forward and backward privacy. Proceedings on Privacy Enhancing Technologies, 2025(1), 440–455. https://doi.org/10.56553/popets-2025-0024
  • Wang, X., Li, J., Tsang, I. W., & Ong, Y.-S. (2025). Towards harmless Rawlsian fairness regardless of demographic prior. In Advances in Neural Information Processing Systems 37 (NeurIPS 2024). https://doi.org/10.52202/079017-2571 
  • Wu, Y., Zhang, J., Kerschbaum, F., & Zhang, T. (2025, February 23). THEMIS: Regulating textual inversion for personalized concept censorship. In Proceedings of the Network and Distributed System Security (NDSS) Symposium 2025. https://doi.org/10.14722/ndss.2025.230450
  • Li, B., Wang, Y., Fei, H., Li, J., Ji, W., Lee, M.-L., & Hsu, W. (2025). FormFactory: An interactive benchmarking suite for multimodal form-filling agents. Proceedings of the 33rd ACM International Conference on Multimedia. https://doi.org/10.1145/3746027.3758285
  • Ke, P., Zhang, L. F., Wang, H., & Wang, L.-P. (2025). List-decodable Byzantine robust PIR: Lower communication complexity, higher Byzantine tolerance, smaller list size. Advances in Cryptology – ASIACRYPT 2025. https://doi.org/10.1007/978-981-95-5116-3_7
  • Zhao, F., Chen, S., Au, M. H., Weng, J., Wang, H., & Guo, J. (2025). Bootstrappable fully homomorphic attribute-based encryption with unbounded circuit depth. Advances in Cryptology – ASIACRYPT 2025. https://doi.org/10.1007/978-981-95-5122-4_8
  • Yu, X., Wan, Z., Bossens, D. M., Lyu, Y., Guo, Q., & Tsang, I. W. (2025). Imitation from diverse behaviors: Wasserstein quality diversity imitation learning with single-step archive exploration. Proceedings of the International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2025). https://doi.org/10.48550/arXiv.2411.06965
  • Ji, W., Fu, Y., Ying, L., Fan, D.-P., Wang, Y., Cheng, M.-M., Tsang, I. W., & Guo, Q. (2025). AngleRoCL: Angle-robust concept learning for physically view-invariant T2I adversarial patches. Advances in Neural Information Processing Systems (NeurIPS 2025). https://doi.org/10.48550/arXiv.2506.09538
  • Xing, Y., Cao, Y., Chung, N., Zhang, J., Tsang, I. W., Cheng, M.-M., Liu, Y., Ma, L., & Guo, Q. (2025). DepthVanish: Optimizing adversarial interval structures for stereo-depth-invisible patches. Advances in Neural Information Processing Systems (NeurIPS 2025). https://doi.org/10.48550/arXiv.2506.16690
  • Chi, H., Feng, Z., Lyu, Y., Zheng, C., Luo, L., Ong, Y.-S., Tsang, I. W., Chen, H., Chang, Y., & Yin, H. (2025). InstructFlow: Adaptive symbolic constraint-guided code generation for long-horizon planning. Advances in Neural Information Processing Systems (NeurIPS 2025). https://neurips.cc/virtual/2025/loc/san-diego/poster/116092
  • Ma, T., Tang, T., Lyu, Y., Yin, H., Ong, Y.-S., & Tsang, I. W. (2025). PrivAgentFlow: Agentic workflow for distributed privacy control in web agents. Advances in Neural Information Processing Systems (NeurIPS 2025). https://neurips.cc/virtual/2025/loc/mexico-city/133172
  • Wu, Q., Yu, Y., Kong, C., Liu, Z., Wan, J., Li, H., Kot, A. C., & Chan, A. B. (2025). Temporal unlearnable examples: Preventing personal video data from unauthorized exploitation by object tracking. Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV 2025). https://openaccess.thecvf.com/content/ICCV2025/html/Wu_Temporal_Unlearnable_Examples_Preventing_Personal_Video_Data_from_Unauthorized_Exploitation_ICCV_2025_paper.html
  • Styborski, J. A., Lyu, M., Lu, J., Kapur, N., & Kong, A. W. K. (2025). When and where do data poisons attack texture inversion. Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV 2025). https://openaccess.thecvf.com/content/ICCV2025/html/Styborski_When_and_Where_do_Data_Poisons_Attack_Textual_Inversion_ICCV_2025_paper.html
  • Li, L., Lu, S., Ren, Y., & Kong, A. W.-K. (2025). Set you straight: Auto-steering denoising trajectories to sidestep unwanted concepts. Proceedings of the 33rd ACM International Conference on Multimedia. https://doi.org/10.1145/3746027.3754546

2024

 

Books

  • X. Yi. X. Yang, X. Liu, A. Kelarev, K.Y. Lam, M. Yang, X. Wang and E. Bertino. “Privacy Enhancing Techniques: Practices and Applications”, Springer Cham, July 2025, ISBN 978-3-031-95139-8. https://doi.org/10.1007/978-3-031-95140-4.

 

Projects and Case Studies