Zhouxing Shi

About me

I will join Department of Computer Science and Engineering at University of California, Riverside (CSE@UCR) as an Assistant Professor. I am looking for motivated students to join my group (including PhD students to start in 2025~2026).

I am currently a final-year Ph.D. Candidate at UCLA Computer Science Department, advised by Prof. Cho-Jui Hsieh. Prior to UCLA, I received my B.Eng. degree from the CST department at Tsinghua University.

My primary research focus is on trustworthy machine learning, and I am broadly interested in developing more trustworthy and reliable AI models. In particular, I work on verifiable machine learning, with topics such as formal verification for neural networks, training verification-friendly neural networks with stronger verifiable guarantees, applications of verifiable machine learning in mission-critical scenarios, and more recently, verification for generative AI. Additionally, I also study empirical methods for evaluating and improving the robustness or safety of large-scale ML foundation models.

Selected Publications

(* Equal contribution; for full publications: see Publications or Google Scholar )

Neural Network Verification with Branch-and-Bound for General Nonlinearities

Code

Benchmark

Zhouxing Shi*, Qirui Jin*, Zico Kolter, Suman Jana, Cho-Jui Hsieh, Huan Zhang

TACAS 2025

Lyapunov-stable Neural Control for State and Output Feedback: A Novel Formulation

Code

Benchmark

Press

Lujie Yang*, Hongkai Dai*, Zhouxing Shi, Cho-Jui Hsieh, Russ Tedrake, Huan Zhang

ICML 2024

Defending LLMs against Jailbreaking Attacks via Backtranslation

Code

Yihan Wang*, Zhouxing Shi*, Andrew Bai, Cho-Jui Hsieh

ACL-Findings 2024

Red Teaming Language Model Detectors with Language Models

Code

arXiv

Zhouxing Shi*, Yihan Wang*, Fan Yin*, Xiangning Chen, Kai-Wei Chang, Cho-Jui Hsieh (*Alphabetical)

TACL 2024 (presented at EMNLP 2024)

Effective Robustness against Natural Distribution Shifts for Models with Different Training Data

Demo

Zhouxing Shi, Nicholas Carlini, Ananth Balashankar, Ludwig Schmidt, Cho-Jui Hsieh, Alex Beutel, Yao Qin

NeurIPS 2023

Fast Certified Robust Training with Short Warmup

Code

Zhouxing Shi*, Yihan Wang*, Huan Zhang, Jinfeng Yi, Cho-Jui Hsieh

NeurIPS 2021

Automatic Perturbation Analysis for Scalable Certified Robustness and Beyond

Code

arXiv

Kaidi Xu*, Zhouxing Shi*, Huan Zhang*, Yihan Wang, Kai-Wei Chang, Minlie Huang, Bhavya Kailkhura, Xue Lin, Cho-Jui Hsieh

NeurIPS 2020

Software

auto_LiRPA : A library for automatically computing differentiable verified output bounds for general computational graphs. Originally proposed in our NeurIPS 2020 paper, it is the core bound computation engine in the award-winning alpha-beta-CROWN.
alpha-beta-CROWN : A comprehensive neural network verification toolbox that consists of multiple complete verification algorithms (such as GenBaB) on top of auto_LiRPA. It is the 1st place winner at the annual VNN-COMP from 2021 to 2024.

Awards

UCLA Dissertation Year Award (fellowship), 2024-2025
Amazon Fellowship (Amazon & UCLA Science Hub fellowship), 2022-2023
4X first-place winner at the International Verification of Neural Networks Competition (VNN-COMP), 2021-2024

Teaching

TA at UCLA:

CS 35L Software Construction (Fall 2023, Prof. Paul Eggert)
CS M146 Introduction to Machine Learning (Fall 2022, Prof. Kai-Wei Chang)
CS 35L Software Construction (Spring 2022, Prof. Paul Eggert)
CS 260C Deep Learning (Winter 2022, Prof. Cho-Jui Hsieh)