Jiacheng Zhang | The University of Melbourne

About Me

Hi there, I am Jiacheng Zhang, a Ph.D. candidate at Trustworthy Machine Learning and Reasoning Group (TMLR) in the Faculty of Engineering and Information Technology, the University of Melbourne, advised by Prof. Feng Liu and Prof. Ben Rubinstein. Before that, I obtained my Honours degree from the University of Sydney, feeling fortunate to learn from Prof. Tongliang Liu.

I am passionate about advancing the field of trustworthy machine learning. My research interests lie in improving the Robustness and Safety of AI systems at all levels, including:

Trustworthy alignment for multimodal large language models
Robust fine-tuning for pre-trained vision-language models
Robust training for vision models

I firmly believe that before AI can achieve widespread societal adoption, its foundations must be trustworthy and safe.

Please feel free to email me for research, collaborations, or a casual chat.

Education

2023.08 - present, the Unversity of Melbourne (UoM), Ph.D. in Engineering and IT, advised by Prof. Feng Liu and Prof. Ben Rubinstein.
2022.07 - 2023.07, the University of Sydney (USYD), B.Sc. in Data Science (Honours), advised by Prof. Tongliang Liu.
2019.03 - 2022.03, the University of Melbourne (UoM), B.Sc. in Data Science.

Publication

ICML

Improving Accuracy-robustness Trade-off via Pixel Reweighted Adversarial Training

Jiacheng Zhang, Feng Liu*, Dawei Zhou, Jingfeng Zhang, Tongliang Liu* (* Corresponding authors).

International Conference on Machine Learning (ICML), 2024.

PDF Code

Quick Introduction

Adversarial training (AT) trains models using adversarial examples (AEs), which are natural images modified with specific perturbations to mislead the model. These perturbations are constrained by a predefined perturbation budget ϵ and are equally applied to each pixel within an image. However, in this paper, we discover that not all pixels contribute equally to the accuracy on AEs (i.e., robustness) and accuracy on natural images (i.e., accuracy). Motivated by this finding, we propose Pixel-reweighted AdveRsarial Training (PART), a new framework that partially reduces ϵ for less influential pixels, guiding the model to focus more on key regions that affect its outputs. Specifically, we first use class activation mapping (CAM) methods to identify important pixel regions, then we keep the perturbation budget for these regions while lowering it for the remaining regions when generating AEs. In the end, we use these pixel-reweighted AEs to train a model. PART achieves a notable improvement in accuracy without compromising robustness on CIFAR-10, SVHN and TinyImagenet-200, justifying the necessity to allocate distinct weights to different pixel regions in robust classification.

Honour & Award

Google Travel Scholarship, Google, 2025.
ICML Travel Award, ICML, 2024.
Amazon Best UG Senior Project Award, USYD, 2023.
University Medal (Top 1 in Major, Highest Honour for Undergraduates), USYD, 2023.
Melbourne Research Scholarship, UoM, 2023.
Vacation Research Scholarship, UoM, 2021.

Academic Service

Conference Reviewer: ICML, NeurIPS, ICLR, AISTATS, etc.
Journal Reviewer: NEUNET, etc.

Invited Talk

Talk on “Improving Accuracy-robustness Trade-off via Pixel Reweighted Adversarial Training”, UoM, Melbourne, Jan 23, 2025 (Invited Seminar Talk).
Talk on “Improving Accuracy-robustness Trade-off via Pixel Reweighted Adversarial Training”, AJCAI 2024, Melbourne, Nov 26, 2024 (Invited Seminar Talk).

Teaching Assistant

SWEN20003: Object Oriented Software Development (2024 S2 & 2025 S1).
COMP20008: Elements of Data Processing (2024 S1 & 2024 S2 & 2025 S1).