Zhanhao Hu 胡展豪

Postdoc at UC Berkeley

Contact:
zhanhaohu[DOT]cs[AT]gmail[DOT]com
Google Scholar Github

Affiliation:
Department of Electrical Engineering and Computer Sciences (EECS),
Institute for Data Science (BIDS),
UC Berkeley, California, 94720

I am a postdoc in the Department of Electrical Engineering and Computer Sciences (EECS) at UC Berkeley, advised by Prof. David Wagner. I received my Ph.D. in Computer Science and Technology from Tsinghua University in 2023, advised by Prof. Bo Zhang and Prof. Xiaolin Hu. I was also honored to work with Prof. Jun Zhu and Prof. Jianming Li. I received my Bachelor’s degree in Mathematics and Physics from Tsinghua University in 2017.

My research has focused on robustness, and safety/security issues in deep learning, particularly in Computer Vision (CV) and Large Language Models (LLMs). In my early research, I also worked on brain-inspired approaches, and later on adversarial examples, jailbreaking attacks, and prompt injection, with the broader goal of understanding how modern AI systems fail and what those failures reveal about their underlying representations and reasoning.

More broadly, these studies are part of my effort to better understand deep learning itself and to explore potential approaches toward Artificial General Intelligence (AGI). I see robustness as one useful lens for asking whether a learning paradigm can generalize beyond the environments it was trained in, especially under distribution shifts, adversarial inputs, and other challenging settings.

From this perspective, robustness and safety/security research is not only about fixing vulnerabilities. It is also a way to probe the capabilities and limits of intelligent systems, and to think more carefully about what it would take for an AI system to reliably understand instructions, constraints, and goals. See my blog posts for more discussions.

Special thanks to Kexin for taking the profile picture.

Selected

ICLR

GradShield: Alignment Preserving Finetuning

Zhanhao Hu*, Xiao Huang*, Patrick Mendoza, Emad Alghamdi, Basel Alomair, Raluca Ada Popa, and David Wagner

Accepted by ICLR, 2026

ICLR

JULI: Jailbreak Large Language Models by Self-Introspection

Jesson Wang*, Zhanhao Hu*, and David Wagner

Accepted by ICLR, 2026

Bib arXiv

@article{wang2026juli,
  title = {JULI: Jailbreak Large Language Models by Self-Introspection},
  author = {Wang*, Jesson and Hu*, Zhanhao and Wagner, David},
  year = {2026},
  journal = {Accepted by ICLR},
}

Neurips

Spotlight

Toxicity Detection for Free

Zhanhao Hu, Julien Piet, Geng Zhao, Jiantao Jiao, and David Wagner

In The Thirty-Eighth Annual Conference on Neural Information Processing Systems (Neurips), 2024

Bib arXiv Code

@inproceedings{hu2024toxicity,
  emph = {Spotlight},
  title = {Toxicity Detection for Free},
  author = {Hu, Zhanhao and Piet, Julien and Zhao, Geng and Jiao, Jiantao and Wagner, David},
  booktitle = {The Thirty-Eighth Annual Conference on Neural Information Processing Systems (Neurips)},
  year = {2024},
}

CVPR

Physically Realizable Natural-Looking Clothing Textures Evade Person Detectors via 3D Modeling

Zhanhao Hu*, Wenda Chu*, Xiaopei Zhu, Hui Zhang, Bo Zhang, and Xiaolin Hu

In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2023

Bib arXiv Code Video

@inproceedings{hu2023physically,
  title = {Physically Realizable Natural-Looking Clothing Textures Evade Person Detectors via 3D Modeling},
  author = {Hu*, Zhanhao and Chu*, Wenda and Zhu, Xiaopei and Zhang, Hui and Zhang, Bo and Hu, Xiaolin},
  booktitle = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
  year = {2023},
}

CVPR

Oral

Adversarial Texture for Fooling Person Detectors in the Physical World

Zhanhao Hu, Siyuan Huang, Xiaopei Zhu, Fuchun Sun, Bo Zhang, and Xiaolin Hu

In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2022

Bib arXiv Code Video

@inproceedings{hu2022adversarial,
  emph = {Oral},
  title = {Adversarial Texture for Fooling Person Detectors in the Physical World},
  author = {Hu, Zhanhao and Huang, Siyuan and Zhu, Xiaopei and Sun, Fuchun and Zhang, Bo and Hu, Xiaolin},
  booktitle = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
  pages = {13307--13316},
  year = {2022},
}

CVPR

Oral

Infrared Invisible Clothing: Hiding from Infrared Detectors at Multiple Angles in Real World

Xiaopei Zhu, Zhanhao Hu, Siyuan Huang, Jianmin Li, and Xiaolin Hu

In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2022

Bib arXiv Video_1 Video_2

@inproceedings{zhu2022infrared,
  emph = {Oral},
  title = {Infrared Invisible Clothing: Hiding from Infrared Detectors at Multiple Angles in Real World},
  author = {Zhu, Xiaopei and Hu, Zhanhao and Huang, Siyuan and Li, Jianmin and Hu, Xiaolin},
  booktitle = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
  pages = {13317--13326},
  year = {2022},
}