Yao Tong

PhD student, National University of Singapore
Email Scholar GitHub Resume

I am Yao Tong (童遥), a Ph.D. student in Computer Science at the National University of Singapore, supervised by Prof. Reza Shokri. I am currently a visiting researcher at ETH Zurich (SPY Lab), working with Prof. Florian Tramer. I received my B.E. in Computer Science and Engineering from The Chinese University of Hong Kong, Shenzhen, where I was advised by Prof. Baoyuan Wu, who inspired my first steps into research.

My research focuses on understanding the behaviors and capabilities of large language models (LLMs), the underlying mechanisms that give rise to them, and how these properties relate to and shape model trustworthiness.

  • Model behaviors and capabilities. I study phenomena such as intrinsic biases and generalization, and how they are shaped by different stages of the learning pipeline, including model initialization, data distributions, training paradigms (e.g., SFT and RL), and inference-time methods.
  • Trustworthiness. I study how these properties relate to model trustworthiness from two complementary perspectives: (i) as sources of security and privacy risks, and (ii) as signals that can be leveraged for detection and protection, such as model fingerprinting and data usage auditing.

More recently, I have become interested in agentic memory and personalization systems, particularly in how long-term memory and adaptive interaction introduce new failure modes, privacy risks, and auditing challenges.

🗞️

News

Jan '26
🎉 Two first-author papers have been accepted to ICLR 2026. See you in Rio de Janeiro, Brazil!
Oct '25
Honored as a Top Reviewer at NeurIPS 2025!
Mar '25
DUCI is available in the open-source privacy auditing toolkit PrivacyMeter!
Feb '25
🎉 DUCI was selected for an Oral presentation at ICLR 2025 (Top 1.5% of submissions). See you in Singapore!
May '24
🎉 Our paper The Stronger the Diffusion Model, the Easier the Backdoor: Data Poisoning to Induce Copyright Breaches Without Adjusting Finetuning Pipeline was selected for an Oral presentation at ICML 2024 (Top 1.5% of submissions). Interested in the first Copyright Infringement Attack? See you in Vienna!

Selected Publications

(* denotes equal contribution)

Selected Projects

Privacy Meter logo
Privacy Meter
An open-source library to audit data privacy in statistical and machine learning algorithms via membership inference.
  • Implemented privacy auditing tools such as DUCI and RMIA.
  • Contributed to the development and long-term maintenance of the library as one of the organizers.

Awards and Honors

Oral Paper Award - ICLR 2025, ICML 2024
Top Reviewer Award - NeurIPS 2025.
President Graduate Fellowship - NUS, 2023, 2024, 2025.
University Research Award - CUHKSZ, 2021, 2022.
Dean's List - CUHKSZ, 2020, 2021, 2022.
School Academic Scholarship - CUHKSZ, 2021, 2022.
Bowen Scholarship - CUHKSZ, 2019, 2020, 2021, 2022.

Professional Services

Reviewer:
  ICLR 2026, NeurIPS 2025 (Top Reviewer), ICLR 2025, ICML Workshop 2025, NeurIPS Workshop 2025

Sub-reviewer:
  CCS 2024, USENIX Security 2024

Contact

I'm always happy to connect for research discussions or to share broader interests. I have a wide range of passions — from the arts (music, calligraphy, painting, engraving, and pottery) to sports (I go skiing every winter), and even clothing design, where I enjoy creating my own modern Chinese-style clothing. Just email me tongyao[at]u.nus.edu.



© 2025 Yao Tong. Adapted from the websites of Nicklas Hansen and Xiaoqiang Lin. Original source available here, and this version can be forked here.