Prior to joining the University of Waterloo as a tenure-track Assistant Professor, Dr. Hongyang Zhang was a postdoctoral fellow at the Toyota Technological Institute at Chicago, working with Avrim Blum and Greg Shakhnarovich. He has a Ph.D. (2019) and a Master’s (2018) in machine learning from Carnegie Mellon University. Prior to that, he graduated from Peking University (2015) in Computer Science.
Dr. Zhang’s research is on the study of robust, secure, and trustworthy machine learning. As machine learning tools become increasingly popular in real applications, there is a serious threat that such technological innovations may cause inadvertent or even malicious harm to certain groups or the population at large. Indeed, intensive recent work on this topic suggests that machine learning models are vulnerable to adversarial attacks, outliers, and various forms of noise. Nonetheless, Dr. Zhang as well as some others have shown that it is possible to design new learning algorithms that are provably and empirically robust to these corruptions with record-breaking performance.
Besides making solid theoretical contributions, Dr. Zhang also emphasizes combining theory with practice in his research. For example, his theoretically principled algorithm TRADES has been featured by various third-party benchmarks / leaderboards and won the championship in the NeurIPS’18 Adversarial Vision Challenge, in which it beat hundreds of teams from industry. He also won the championship out of 1,558 teams in the CVPR 2021 Security AI Challenger: Unrestricted Adversarial Attacks on ImageNet.