AIR-ML Lab @ CISPA


Led by Dr. Xiao Zhang, the AIR-ML lab conducts research on Adversarial, Interpretable, and Robust Machine Learning (AIR-ML), with the ultimate goal of building trustworthy AI systems that are both resilient to attacks and transparent in their decision-making. Specifically, we analyze the dynamics of ML models, develop principled tools to audit and address their vulnerabilities, and build trustworthy AI systems for real-world applications. Our lab is currently affilated with CISPA Helmholtz Center for Information Security and located in Saarbrücken, Germany.

  • Group Retreat at Treetop Saarschleife (Sep 2025). From left to right: Piyush Pant, Advik Raj Basani, Xiao Zhang, Santanu Rathod, Yuelin Xu, Subrat Kishore Dutta, and Youngjin Kwon.
    Group Retreat at Treetop Saarschleife (Sep 2025). From left to right: Piyush Pant, Advik Raj Basani, Xiao Zhang, Santanu Rathod, Yuelin Xu, Subrat Kishore Dutta, and Youngjin Kwon.
  • Group Retreat at Hotel Saarschleife (Sep 2025). From left to right: Piyush Pant, Advik Raj Basani, Yuelin Xu, Santanu Rathod, Xiao Zhang, Subrat Kishore Dutta, and Youngjin Kwon.
    Group Retreat at Hotel Saarschleife (Sep 2025). From left to right: Piyush Pant, Advik Raj Basani, Yuelin Xu, Santanu Rathod, Xiao Zhang, Subrat Kishore Dutta, and Youngjin Kwon.
  • Group Dinner at Osaka, Saabrücken (Dec 2024). From left to right: Xiao Zhang, Yuelin Xu, Youngjin Kwon, Minxing Zhang, Somrita Ghosh, and Piyush Pant.
    Group Dinner at Osaka, Saabrücken (Dec 2024). From left to right: Xiao Zhang, Yuelin Xu, Youngjin Kwon, Minxing Zhang, Somrita Ghosh, and Piyush Pant.

Latest News

[Jun 2026]Jia starts his visit at AIR-ML as a guest PhD researcher. Welcome Jia!
[Jun 2026]One paper accepted in UAI 2026 on adversarial training and robust overfitting! Congratulations to Yuelin!
[May 2026]One paper accepted in TMLR 2026 on adversarial purification and vision language models! Congratulations to Jia!
[Apr 2026]One paper accepted in ACL 2026 Findings on LLM jailbreaks! Congratulations to Yuan!
[Jan 2026]One paper accepted in SaTML 2026 on semi-supervised adversarial training! Congratulations to Somrita!
[Oct 2025]Our paper (DivTrackee versus DynTracker: Promoting Diversity in Anti-Facial Recognition against Dynamic FR Strategy) has been awarded the Distinguished Paper Award 🏆 at CCS 2025! Congratulations to Wenshu & Minxing!
[Sep 2025]One paper accepted in NeurIPS 2025 on LLM jailbreaks! Congratulations to Advik!
[Aug 2025]Jia starts his visit at AIR-ML as an intern stduent. Welcome Advik!
[Jun 2025]One paper accepted in ICCV 2025 on adversarial patches! Congratulations to Subrat!
[May 2025]One paper accepted in ICML 2025 on cost-sensitive robustness and randomized smoothing! Congratulations to Yuan!
See all posts