Zitao Chen

Ayo~ I am an Assistant Professor in the EECS department at the University of Kansas. I completed my PhD degree in Electrical and Computer Engineering from the University of British Columbia in 2025. I received my bachelor's degree from China University of Geosciences (Wuhan) in 2018 and M.A.Sc degree from UBC in 2020. [CV]

My research centers on Trustworthy Machine Learning, focusing on understanding the critical failure modes in ML systems and creating solutions to enhance their trustworthiness in real-world use. My current interests include ML privacy, accountability and safety.

Email: {first name} {last initial} AT ece.ubc.ca | AT ku.edu

Anonymity Unveiled: A Practical Framework for Auditing Data Use in Deep Learning Models [paper] [code]
Zitao Chen, Karthik Pattabiraman
[CCS'25] In Proceedings of the 2025 ACM Conference on Computer and Communications Security (Acceptance rate: 13.9%)
Artifact Available, Functional and Results Reproduced

A Method to Facilitate Membership Inference Attacks in Deep Learning Models [paper] [code]
Zitao Chen, Karthik Pattabiraman
[NDSS'25] The ISOC Network and Distributed Systems Security Symposium (Acceptance rate: 16.1%)
Artifact Available, Functional and Results Reproduced

Overconfidence is a Dangerous Thing: Mitigating Membership Inference Attacks by Enforcing Less Confident Prediction [paper] [code]
Zitao Chen, Karthik Pattabiraman
[NDSS'24] The ISOC Network and Distributed Systems Security Symposium (Acceptance rate: 15%)
Artifact Available, Functional and Results Reproduced

Jujutsu: A Two-stage Defense against Adversarial Patch Attacks on Deep Neural Networks [paper] [code]
Zitao Chen, Pritam Dash, Karthik Pattabiraman
[AisaCCS'23] In Proceedings of the 18th ACM ASIA Conference on Computer and Communications Security (Acceptance rate: 16%)

A Low-cost Fault Corrector for Deep Neural Networks through Range Restriction [paper] [code]
Zitao Chen, Guanpeng Li, Karthik Pattabiraman
[DSN'21] The 51st IEEE/IFIP International Conference on Dependable Systems and Networks (Acceptance rate: 16.3%)
Best Paper Award Runner-Up (2 out of 295 submissions)
Selected for IEEE Top Picks in Test and Reliability
Invited for submission to the IEEE Design & Test (DnT) journal
Our Ranger algorithm was adopted by Intel OpenVINO [details]

PID-Piper: Recovering Robotic Vehicles from Physical Attacks [paper] [code]
Pritam Dash, Guanpeng Li, Zitao Chen, Mehdi Karimibiuki, and Karthik Pattabiraman
[DSN'21] The 51st IEEE/IFIP International Conference on Dependable Systems and Networks (Acceptance rate: 16.3%)
Best Paper Award (1 out of 295 submissions)

TensorFI: A Flexible Fault Injection Framework for TensorFlow Applications [paper] [code]
Zitao Chen*, Niranjhana Narayanan*, Bo Fang, Guanpeng Li, Karthik Pattabiraman, Nathan DeBardeleben
[ISSRE'20] The 31st International Symposium on Software Reliability Engineering (Acceptance rate: 25.7%)

BinFI: An Efficient Fault Injector for Safety-Critical Machine Learning Systems [paper] [code]
Zitao Chen, Guanpeng Li, Karthik Pattabiraman, Nathan DeBardeleben
[SC'19] International Conference for High Performance Computing, Networking, Storage, and Analysi (Acceptance rate: 20.9%)
Finalist for the SC Reproducibility Initiative (3 out of 344 submissions)