Selected Publications

(Full publication list can be found at Google scholar, DBLP, Research Map)

  • Oblivionis: A Lightweight Learning and Unlearning Framework for Federated Large Language Models
    Fuyao Zhang, Xinyu Yan, Tiantong Wu, Wenjie Li, Tianxiang Chen, Yang Cao, Ran Yan, Longtao Huang, Wei Yang Bryan Lim, Qiang Yang.
    AAAI 2026

  • Differentially Private Subspace Fine-Tuning for Large Language Models
    Lele Zheng, Xiang Wang, Tao Zhang, Yang Cao, Ke Cheng, Yulong Shen.
    AAAI 2026

  • Privacy on the Fly: A Predictive Adversarial Transformation Network for Mobile Sensor Data
    Tianle Song, Chenhao Lin, Yang Cao, Zhengyu Zhao, Jiahao Sun, Chong Zhang, Le Yang, Chao Shen.
    AAAI 2026 (Oral)

  • Otter: Mitigating Background Distractions of Wide-Angle Few-Shot Action Recognition with Enhanced RWKV
    Wenbo Huang, Jinghui Zhang, Zhenghao Chen, Guang Li, Lei Zhang, Yang Cao, Fang Dong, Takahiro Ogawa, Miki Haseyama.
    AAAI 2026 (Oral)

  • Are Your LLM-based Text-to-SQL Models Secure? Exploring SQL Injection via Backdoor Attacks
    Meiyu Lin, Haichuan Zhang, Jiale Lao, Renyuan Li, Yuanchun Zhou, Carl Yang, Yang Cao, Mingjie Tang.
    ACM SIGMOD 2026

  • Doppio: Communication-Efficient and Secure Multi-Party Shuffle Differential Privacy
    Wentao Dong, Yang Cao, Cong Wang, Wei-Bin Lee.
    VLDB 2026

  • AegisGuard: RL-Guided Adapter Tuning for TEE-Based Efficient & Secure On-Device Inference
    Che Wang, Ziqi Zhang, Yinggui Wang, Tiantong Wang, Yurong Hao, Jianbo Gao, Tao Wei, Yang Cao, Zhong Chen, Wei Yang Bryan Lim.
    NeurIPS 2025

  • Differentially Private Visual Learning with Public Subspace Augmented by Synthetic Data
    Haichao Sha, Yuncheng Wu, Ruixuan Liu, Yang Cao, Hong Chen.
    ACM MM 2025 Outstanding Papers in Generation Theme

  • Continuous Publication of Weighted Graphs with Local Differential Privacy
    Wen Xu, Pengpeng Qiao, Shang Liu, Zhirun Zheng, Yang Cao, Zhetao Li.
    VLDB 2025

  • MMGIA: Gradient Inversion Attack Against Multimodal Federated Learning via Intermodal Correlation
    Lele Zheng, Yang Cao, Leo yu Zhang, Wei Wang, Yulong Shen, Xiaochun Cao.
    IJCAI 2025

  • Enhancing Federated Domain Adaptation with Multi-Domain Prototype-Based Federated Fine-Tuning
    Jingyuan Zhang, Yiyang Duan, Shuaicheng Niu, Yang Cao, Wei Yang Bryan Lim.
    ICLR 2025

  • Federated Graph Condensation with Information Bottleneck Principles
    Bo Yan, Sihao He, Cheng Yang, Shang Liu, Yang Cao, Chuan Shi.
    AAAI 2025

  • PGB: Benchmarking Differentially Private Synthetic Graph Generation Algorithms
    Shang Liu, Hao Du, Yang Cao, Bo Yan, Jinfei Liu, Masatoshi Yoshikawa.
    IEEE ICDE 2025

  • Bargaining-based Data Markets
    Yuran Bi, Yihang Wu, Jinfei Liu, Kui Ren, Yang Cao.
    IEEE ICDE 2025

  • TabularMark: Watermarking Tabular Datasets for Machine Learning
    Yihao Zheng, Haocheng Xia, Junyuan Pang, Jinfei Liu, Kui Ren, Lingyang Chu, Yang Cao, Li Xiong.
    ACM CCS 2024

  • PreCurious: How Innocent Pre-Trained Language Models Turn into Privacy Traps.
    Ruixuan Liu, Tianhao Wang, Yang Cao, Li Xiong.
    ACM CCS 2024 [arXiv]

  • ULDP-FL: Federated Learning with Across Silo User-Level Differential Privacy.
    Fumiyuki Kato, Li Xiong, Shun Takagi, Yang Cao, Masatoshi Yoshikawa.
    VLDB 2024 [arXiv]

  • HRNet: Differentially Private Hierarchical and Multi-Resolution Network for Human Mobility Data Synthesization.
    Shun Takagi, Li Xiong, Fumiyuki Kato, Yang Cao, Masatoshi Yoshikawa.
    VLDB 2024 [arXiv]

  • Noise-Aware Algorithm for Heterogeneous Differentially Private Federated Learning.
    Saber Malekmohammadi, Yaoliang Yu, Yang Cao.
    ICML 2024 [arXiv]

  • Optimal Graph Learning and Nuclear Norm Maximization for Deep Cross-Domain Robust Label Propagation.
    Wei Wang, Hanyang Li, Ke Shi, Chao Huang, Yang Cao, Cong Wang, Xiaochun Cao.
    IJCAI 2024

  • Federated Heterogeneous Graph Neural Network for Privacy-preserving Recommendation.
    Bo Yan, Yang Cao, Haoyu Wang, Wenchuan Yang, Junping Du, Chuan Shi
    WWW 2024

  • A Generalized Shuffle Framework for Privacy Amplification: Strengthening Privacy Guarantees and Enhancing Utility.
    E Chen, Yang Cao, Yifei Ge.
    AAAI 2024

  • CARGO: Crypto-Assisted Differentially Private Triangle Counting without Trusted Servers.
    Shang Liu, Yang Cao, Takao Murakami, Jinfei Liu, Masatoshi Yoshikawa.
    ICDE 2024 [arXiv] [Code]

  • OLIVE: Oblivious Federated Learning on Trusted Execution Environment Against the Risk of Sparsification.
    Fumiyuki Kato, Yang Cao, Masatoshi Yoshikawa.
    VLDB 2023 [arXiv] [Code] [Slides]

  • Secure Shapley Value for Cross-Silo Federated Learning.
    Shuyuan Zheng, Yang Cao, Masatoshi Yoshikawa.
    VLDB 2023 [arXiv] [Code] [Slides]

  • Equitable Data Valuation Meets the Right to Be Forgotten in Model Markets.
    Haocheng Xia, Jinfei Liu, Jian Lou, Zhan Qin, Kui Ren, Yang Cao, Li Xiong.
    VLDB 2023

  • PrivateRec: Differentially Private Model Training and Online Serving for Federated News Recommendation.
    Ruixuan Liu, Yang Cao, Yanlin Wang, Lingjuan Lyu, Yun Chen, Hong Chen.
    KDD 2023 [arXiv]

  • HDPView: Differentially Private Materialized View for Exploring High Dimensional Relational Data.
    Fumiyuki Kato, Tsubasa Takahashi, Shun Takagi, Yang Cao, Seng Pei Liew, Masatoshi Yoshikawa.
    VLDB 2022 [arXiv] [Code]

  • Network Shuffling: Privacy Amplification via Random Walks.
    Seng Pei Liew, Tsubasa Takahashi, Shun Takagi, Fumiyuki Kato, Yang Cao, Masatoshi Yoshikawa.
    SIGMOD 2022 [arXiv]

  • FL-Market: Trading Private Models in Federated Learning.
    Shuyuan Zheng, Yang Cao, Masatoshi Yoshikawa, Huizhong Li, Qiang Yan
    IEEE BigData 2022 Selected as a Top-10 Best Paper [arXiv] [Slides] [Code]

  • FLAME: Differentially Private Federated Learning in the Shuffle Model.
    Ruixuan Liu, Yang Cao, Hong Chen, Ruoyang Guo, Masatoshi Yoshikawa.
    AAAI 2021 [arXiv] [Slides] [Code]

  • P3GM: Private High-Dimensional Data Release via Privacy Preserving Phased Generative Model.
    Shun Takagi, Tsubasa Takahashi, Yang Cao, Masatoshi Yoshikawa.
    IEEE ICDE 2020 [arXiv]

  • PGLP: Customizable and Rigorous Location Privacy through Policy Graph.
    Yang Cao, Yonghui Xiao, Shun Takagi, Li Xiong, Masatoshi Yoshikawa, Yilin Shen, Jinfei Liu, Hongxia Jin, Xiaofeng Xu.
    ESORICS 2020 [arXiv] [Code] [Slides]

  • PCKV: Locally Differentially Private Correlated Key-Value Data Collection with Optimized Utility.
    Xiaolan Gu, Ming Li, Yueqiang Cheng, Li Xiong and Yang Cao.
    USENIX Security 2020 [arXiv] [Slides] [Youtube]

  • FedSel: Federated SGD under Local Differential Privacy with Top-k Dimension Selection.
    Ruixuan Liu, Yang Cao, Masatoshi Yoshikawa, Hong Chen.
    DASFAA 2020 [arXiv] [Slides] [PDF]

  • Voice-Indistinguishability: Protecting Voiceprint in Privacy Preserving Speech Data Release.
    Yaowei Han, Sheng Li, Yang Cao, Qiang Ma, Masatoshi Yoshikawa.
    IEEE ICME 2020 Selected as a Top-10 Best Paper [arXiv] [Slides] [Code]

  • Providing Input-Discriminative Protection for Local Differential Privacy.
    Xiaolan Gu, Ming Li, Li Xiong and Yang Cao.
    IEEE ICDE 2020 [arXiv] [Slides]

  • Protecting Spatiotemporal Event Privacy in Continuous Location-Based Services.
    Yang Cao, Yonghui Xiao, Li Xiong, Liquan Bai and Masatoshi Yoshikawa.
    IEEE TKDE 2019 [arXiv] [IEEE]

  • Quantifying Differential Privacy in Continuous Data Release under Temporal Correlations.
    Yang Cao, Masatoshi Yoshikawa, Yonghui Xiao, Li Xiong.
    IEEE TKDE 2018, the special issue on Best of ICDE 2017. [Paper] [Code] [Slides] [Poster]