School of Computing and Information Systems

Xingliang Yuan

Associate Professor, ARC Future Fellow
Cybersecurity Group
School of Computing and Information Systems
The University of Melbourne
View research Research group Contact
Portrait of Xingliang Yuan

Overview

I am an Associate Professor in the School of Computing and Information Systems at the University of Melbourne and an ARC Future Fellow. I am also the Course Director for the Master of Cybersecurity. Before joining the University of Melbourne, I was a faculty member in the Faculty of IT at Monash University from 2017 to 2024.

My work sits broadly in computer security, with a particular focus on secure networked systems, encrypted data processing, trustworthy machine learning, and the security of modern AI deployment.

I am always interested in hearing from strong prospective students. Please email your CV, transcript, research statement (no more than 200 words), and English test score. Information on UniMelb PhD admission and scholarships can be found here, here, here, and here.

Research Themes

My current research agenda spans cryptographic systems, privacy-preserving learning, and the safeguards needed to deploy AI systems responsibly.

Encrypted data processing systems

Scalable and verifiable encrypted storage, leakage monitoring of searchable encryption schemes, and their deployment in large-scale systems such as CDN, DNS, and RAG pipelines.

Privacy-preserving machine learning

Tailored MPC protocols for modern deep learning workloads, such as secure inference and training, with cryptographic guarantees.

Trustworthy and secure AI

Machine unlearning, privacy inference defences, model stealing mitigation, LLM safety, and agentic system security.

News

  • [May'26]
    I am co-organising the Third Digital Trust Research Symposium at Nanyang Technological University.
  • [Jan'26]
    I am invited to deliver a talk "Building Post-Deployment Safeguards for Digital Assets" at the National Research Center on Digital Trust, NTU Singapore.
  • [Dec'25]
    I co-organised the Workshop on Secure Collaborative Computing at Scale at The University of Melbourne.
  • [Dec'25]
    Our papers "PrivTune: Efficient and Privacy-Preserving Fine-Tuning of Large Language Models via Device-Cloud Collaboration" and "O-TSN: Enabling Oblivious Traffic Switch for Time-Sensitive Networking" have been accepted by IEEE INFOCOM'26.
  • [Sep'25]
    Our papers "Zero-Shot Privacy-Aware Text Rewriting via Iterative Tree Search" and "NAP^2: A Benchmark for Naturalness and Privacy-Preserving Text Rewriting by Learning from Human" have been accepted by EMNLP-Findings'26.
  • [Aug'25]
    I am appointed as the course director for the new online Master Programme of Cyber Security at the University of Melbourne.
  • [Jul'25]
    I am invited to serve as an Area Editor (Security, Privacy, and Trust) for IEEE Transactions on Service Computing.
  • [Jan'25]
    Our papers "THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models" and "V-ORAM: A Versatile and Adaptive ORAM Framework with Service Transformation for Dynamic Workloads" have been accepted by USENIX Security'25 (Cycle 1).
  • [Dec'24]
    Our paper "OblivCDN: A Practical Privacy-preserving CDN with Oblivious Content Access" has been accepted by ACM AsiaCCS'25 (11 straightly accepted papers out of 289 submissions in Cycle 1).
  • [Nov'24]
    I will co-organise the Second Symposium on Digital Trust at Nanyang Technological University.
  • [Nov'24]
    Our paper "SIGuard: Guarding Secure Inference with Post Data Privacy" has been accepted by NDSS'25.
  • [Nov'24]
    I will co-organise RAID'25 as a general co-chair.
  • [Jul'24]
    I am deeply honored to be awarded with an ARC Future Fellowship.
  • [Jun'24]
    I have officially joined the University of Melbourne as an Associate Professor.
  • [Jun'24]
    I am invited to serve as a TPC member for IEEE S&P'25.
  • [Apr'24]
    Our paper "OblivGNN: Oblivious Inference on Transductive and Inductive Graph Neural Network" has been accepted by USENIX Security'24.
  • [Apr'24]
    I am invited to serve as a TPC member for NDSS'25.
  • [Mar'24]
    Our paper "Unraveling Privacy Risks of Individual Fairness in Graph Neural Networks" has been accepted by IEEE ICDE'24.
  • [Feb'24]
    Our paper "Trustworthy Graph Neural Networks: Aspects, Methods and Trends" has been accepted by Proceedings of The IEEE and been featured in the issue cover.
  • [Nov'23]
    Our paper "GraphGuard: Detecting and Counteracting Training Data Misuse in Graph Neural Networks" has been accepted by NDSS'24.
  • [Oct'23]
    Our paper "Securing Graph Neural Networks in MLaaS: A Comprehensive Realisation of Query-based Integrity Verification" has been accepted by IEEE S&P'24 (Oakland).
  • [Oct'23]
    I am invited to serve as a track co-chair (Security, Privacy, and Trust in Distributed Systems) for IEEE ICDCS'24.

Recent Publications

My full publication list can be found at DBLP and Google Scholar.

Encrypted Search

  • [USENIX Security'25]
    V-ORAM: A Versatile and Adaptive ORAM Framework with Service Transformation for Dynamic Workloads
    Bo Zhang, Helei Cui, Xingliang Yuan, Zhiwen Yu, and Bin Guo
    In the 34th USENIX Security Symposium, 2025.
  • [ACM CCS'23]
    Leakage-Abuse Attacks Against Forward and Backward Private Searchable Symmetric Encryption
    Lei Xu, Leqian Zheng, Chengzhi Xu, Xingliang Yuan, and Cong Wang
    In the 30th ACM Conference on Computer and Communications Security, Copenhagen, Denmark, 2023 (Acceptance ratio: 19%).
  • [IEEE TKDE]
    ShieldDB: An Encrypted Document Database with Padding Countermeasures
    Viet Vo, Xingliang Yuan, Shi-Feng Sun, Joseph Liu, Surya Nepal, and Cong Wang
    IEEE Transactions on Knowledge and Data Engineering, Accepted, 2021.
  • [ISOC NDSS'21]
    Practical Non-Interactive Searchable Encryption with Forward and Backward Privacy
    Shi-Feng Sun, Ron Steinfeld, Shangqi Lai, Xingliang Yuan, Amin Sakzad, Joseph Liu, Surya Nepal, and Dawu Gu
    In the Network and Distributed System Security Symposium, 2021 (Acceptance ratio: 15%).
  • [ACM AsiaCCS'19]
    GraphSE^2: An Encrypted Graph Database for Privacy-Preserving Social Search
    Shangqi Lai, Xingliang Yuan, Shi-Feng Sun, Joseph K. Liu, Yuhong Liu, and Dongxi Liu
    In the 14th ACM ASIA Conference on Computer and Communications Security, Auckland, New Zealand, 2019 (Acceptance ratio: 44/258 = 17%).
  • [ACM CCS'18]
    Practical Backward-Secure Searchable Encryption from Symmetric Puncturable Encryption
    Shi-Feng Sun, Xingliang Yuan, Joseph K. Liu, Ron Steinfeld, Amin Sakzad, Viet Vo, and Surya Nepal
    In the 25th ACM Conference on Computer and Communications Security, Toronto, Canada, 2018 (Acceptance ratio: 134/809 = 16.6%).

Secure Networked Protocols and Systems

  • [ACM AsiaCCS'25]
    OblivCDN: A Practical Privacy-preserving CDN with Oblivious Content Access
    Viet Vo, Shangqi Lai, Xingliang Yuan, Surya Nepal, and Qi Li
    In the 20th ACM ASIA Conference on Computer and Communications Security, 2025 (11 straightly accepted papers out of 289 submissions in Cycle 1).
  • [IEEE TDSC]
    Practical Encrypted Network Traffic Pattern Matching for Secure Middleboxes
    Shangqi Lai, Xingliang Yuan, Shi-Feng Sun, Joseph Liu, Ron Steinfeld, Amin Sakzad, and Dongxi Liu
    IEEE Transactions on Dependable and Secure Computing, In Press, 2021.
  • [ISOC NDSS'21]
    OblivSketch: Oblivious Network Measurement as a Cloud Service
    Shangqi Lai, Xingliang Yuan, Joseph Liu, Xun Yi, Qi Li, Dongxi Liu, and Surya Nepal
    In the Network and Distributed System Security Symposium, virtually, 2021 (Acceptance ratio: 15%).
  • [ACM CCS'19]
    LightBox: Full-stack Protected Stateful Middlebox at Lightning Speed
    Huayi Duan, Cong Wang, Xingliang Yuan, Yajin Zhou, Qian Wang, and Kui Ren
    In the 26th ACM Conference on Computer and Communications Security, London, UK, 2019 (Acceptance ratio: 149/933 = 16%).

Privacy-Preserving Machine Learning

  • [ISOC NDSS'25]
    SIGuard: Guarding Secure Inference with Post Data Privacy
    Xinqian Wang, Xiaoning Liu, Shangqi Lai, Xun Yi, and Xingliang Yuan
    In the Network and Distributed System Security Symposium, 2025.
  • [USENIX Security'24]
    OblivGNN: Oblivious Inference on Transductive and Inductive Graph Neural Network
    Zhibo Xu, Shangqi Lai, Xiaoning Liu, Alsharif Abuadbba, Xingliang Yuan, and Xun Yi
    In the 33rd USENIX Security Symposium, 2024.
  • [IEEE INFOCOM'22]
    The Right to be Forgotten in Federated Learning: An Efficient Realization with Rapid Retraining
    Yi Liu, Lei Xu, Xingliang Yuan, Cong Wang, and Bo Li
    In the 41st International Conference on Computer Communications, 2022 (Acceptance ratio: 19.9%).
  • [IEEE TIFS]
    Leia: A Lightweight Cryptographic Neural Network Inference System at the Edge
    Xiaoning Liu, Bang Wu, Xingliang Yuan, and Xun Yi
    IEEE Transactions on Information Forensics and Security, Accepted, 2021.
  • [ESORICS'21]
    MediSC: Towards Secure and Lightweight Deep Learning as a Medical Diagnostic Service
    Xiaoning Liu, Yifeng Zheng, Xingliang Yuan, and Xun Yi
    In the 26th European Symposium on Research in Computer Security, virtually, 2021 (Best Paper Award, Acceptance ratio: 21%).

AI Safety and Security

  • [USENIX Security'25]
    THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models
    Yujin Huang, Zhi Zhang, Qingchuan Zhao, Xingliang Yuan, and Chunyang Chen
    In the 34th USENIX Security Symposium, 2025.
  • [ACM Web'25]
    50 Shades of Deceptive Patterns: A Unified Taxonomy, Multimodal Detection, and Security Implications
    Zewei Shi, Ruoxi Sun, Jieshan Chen, Jiamou Sun, Jason Xue, Yansong Gao, Feng Liu, and Xingliang Yuan
    In the Web Conference, 2025.
  • [ICLR'25]
    AI2TALE: An Innovative Information Theory-based Approach for Learning to Localize Phishing Attacks
    Van Nguyen, Tingmin Wu, Xingliang Yuan, Marthie Grobler, Surya Nepal, Carsten Rudolph
    In the International Conference on Learning Representations, 2025.
  • [ACM MM'24]
    Arondight: Red teaming large vision language models with auto-generated multi-modal jailbreak prompts
    Yi Liu, Chengjun Cai, Xiaoli Zhang, Xingliang Yuan, and Cong Wang
    In the 32nd ACM International Conference on Multimedia, 2024.
  • [ACM KDD'24]
    BadSampler: Harnessing the Power of Catastrophic Forgetting to Poison Byzantine-robust Federated Learning
    Yi Liu, Cong Wang, and Xingliang Yuan
    In the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining, 2024.
  • [IEEE TSC]
    DeFiGuard: A Price Manipulation Detection Service in DeFi using Graph Neural Networks
    Dabao Wang, Bang Wu, Xingliang Yuan, Lei Wu, Yajin Zhou, and Helei Cui
    In IEEE Transactions on Service Computing, 2024.
  • [ACM Web'23]
    Training-free Lexical Backdoor Attacks on Language Models
    Yujin Huang, Terry Yue Zhuo, Qiongkai Xu, Han Hu, Xingliang Yuan, Chunyang Chen
    In the Web Conference, 2023.

Secure and Trustworthy Graph Learning

  • [ACM Web'25]
    Dynamic Graph Unlearning: A General and Efficient Post-Processing Method via Gradient Transformation
    He Zhang, Bang Wu, Xiangwen Yang, Xingliang Yuan, Xiaoning Liu, and Xun Yi
    In the Web Conference, 2025.
  • [IEEE S&P'25]
    GRID: Protecting Training Graph from Link Stealing Attacks on GNN Models
    Jiadong Lou, Xu Yuan, Rui Zhang, Xingliang Yuan, Neil Gong, and Nian-Feng Tzeng
    In IEEE Symposium on Security and Privacy, Oakland, USA, 2025.
  • [IEEE ICDE'24]
    Unraveling Privacy Risks of Individual Fairness in Graph Neural Networks
    He Zhang, Xingliang Yuan, and Shirui Pan
    In IEEE 40th International Conference on Data Engineering, 2024.
  • [IEEE S&P'24]
    Securing Graph Neural Networks in MLaaS: A Comprehensive Realisation of Query-based Integrity Verification
    Bang Wu, Xingliang Yuan, Shuo Wang, Qi Li, Minhui Xue, and Shirui Pan
    In IEEE Symposium on Security and Privacy, Oakland, USA, 2024.
  • [ISOC NDSS'24]
    GraphGuard: Detecting and Counteracting Training Data Misuse in Graph Neural Networks
    Bang Wu, He Zhang, Xiangwen Yang, Shuo Wang, Minhui Xue, Shirui Pan, and Xingliang Yuan
    In Network and Distributed System Security Symposium, San Diego, USA, 2024.
  • [Proceeding of the IEEE]
    Trustworthy Graph Neural Networks: Aspects, Methods, and Trends
    He Zhang, Bang Wu, Xingliang Yuan, Shirui Pan, Hanghang Tong, Jian Pei
    In Proceedings of the IEEE, 2024.
  • [ICML'23]
    Demystifying Uneven Vulnerability of Link Stealing Attacks against Graph Neural Networks
    He Zhang, Bang Wu, Shuo Wang, Xiangwen Yang, Minhui Xue, Shirui Pan, and Xingliang Yuan
    In the International Conference on Machine Learning, Honolulu, Hawaii, USA, 2023.
  • [ACM AsiaCCS'22]
    Model Extraction Attacks on Graph Neural Networks: Taxonomy and Realisation
    Bang Wu, Xiangwen Yang, Shirui Pan, and Xingliang Yuan
    In the 17th ACM ASIA Conference on Computer and Communications Security, 2022 (First round acceptance ratio: 15%).
  • [IEEE ICDM'21]
    Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications
    Bang Wu, Xiangwen Yang, Shirui Pan, and Xingliang Yuan
    In the IEEE International Conference on Data Mining, 2021.