Zikui Cai

I am a postdoctoral associate at University of Maryland, College Park working with Furong Huang and Tom Goldstein. I obtained my Ph.D. from Electrical and Computer Engineering at the University of California, Riverside, under the guidance of M. Salman Asif. Originally from Wuhan, the "River City" of China, I completed my B.S. in Automation at Wuhan University of Technology. I am currently on the job market for faculty positions starting in Fall 2026.

My research focuses on trustworthy machine learning, where I strive to identify vulnerabilities and enhance the trustworthiness of machine learning systems. My long-term vision is to unify robust perception, executable reasoning, and safe embodiment into a coherent framework for autonomous agents. I aim to build systems that do not merely predict the next token, but actively reconstruct their environment, verify their plans through mental or physical simulation, and self-improve safely in the wild.

Research Interests

Multi-modal reasoning across vision, language, and action [ MORSE-500 ]
Building AI agents that plan, act, and self-improve
Embodied AI for navigation and manipulation in robotics
Agentic safety and alignment in multi-agent ecosystems [ AegisLLM ]
Controllable and safe AI via model editing and unlearning [ SLUG, Robust Eval ]
Exposing model vulnerabilities via efficient blackbox attacks [ BASES, EBAD, Context-Aware-Attacks, ZQA ]
Detecting adversarial attacks using language models [ SCENE-Lang ]
Enhancing user privacy via de-identification while preserving utility [ Disguise ]
Improving physical modeling via end-to-end optimization [ Learn PR, Learn CDI ]

News

[Jun. 2025] Our paper on Efficient Training for VLM has been accepted to ICCV 2025 @ Honolulu.
[Jun. 2025] Our paper on Model Tampering Attack for Robust Evaluation has been accepted to TMLR.
[May 2025] Our paper SLUG on Efficient Unlearning has been accepted to ICML 2025 @ Vancouver.
[Mar. 2025] Our paper AegisLLM on Agentic System for Safety has been accepted to ICLR 2025 BuildingTrust @ Singapore.
[Oct. 2024] Our papers on Efficient and Robust Unlearning are accepted to NeurIPS 2024 SafeGenAI @ Vancouver.
[Sept. 2024] Our paper on Cross-modality Safety Alignment is accepted to EMNLP 2024 @ Miami.
[Jul. 2024] Excited to join UMD UMIACS as a postdoc, working on Advanced Autonomous Robotics.
[Dec 2023] Our paper on Face De-identification is accepted to AAAI 2024 @ Vancouver.
[May 2023] Acknowledged as CVPR 2023 Outstanding Reviewer.
[May 2023] Recognized as Outstanding Teaching Assistant by ECE Graduate Division for 2023.
[Apr. 2023] Received Dissertation Year Program Fellowship 2023/2024.
[Feb. 2023] Our paper EBAD is accepted to CVPR 2023 @ Vancouver.
[Feb. 2023] Received HEERF Dissertation Year Program Award 2022/2023.
[Feb. 2023] Our paper BASES is accepted to NeurIPS 2022 @ New Orleans.
[Jun. 2022] Presenting our paper ZQA at CVPR 2022 @ New Orleans.

Selected Publications

Targeted Unlearning with Single Layer Unlearning Gradient

Zikui Cai, Yaoteng Tan, M Salman Asif

ICML 2025

arxiv code

AegisLLM: Scaling Agentic Systems for Self-Reflective Defense in LLM Security

Zikui Cai, Shayan Shabihi, Bang An, Zora Che, Brian R. Bartoldson, Bhavya Kailkhura, Tom Goldstein, Furong Huang

ICLR 2025 BuildingTrust

arxiv code

Model Tampering Attacks Enable More Rigorous Evaluations of LLM Capabilities

Zora Che, Stephen Casper, Robert Kirk, et al.

TMLR 2025

arxiv code

Can Textual Unlearning Solve Cross-Modality Safety Alignment?

Trishna Chakraborty, Erfan Shayegani, Zikui Cai, et al.

EMNLP 2024

arxiv

Disguise without Disruption: Utility-Preserving Face De-Identification

Zikui Cai, Zhongpai Gao, Benjamin Planche, Meng Zheng, Terrence Chen, M. Salman Asif, Ziyan Wu

AAAI 2024

arxiv

Ensemble-based Blackbox Attacks on Dense Prediction

Zikui Cai*, Yaoteng Tan*, M. Salman Asif

CVPR 2023

arxiv code

Blackbox Attacks via Surrogate Ensemble Search

Zikui Cai, Chengyu Song, Srikanth V. Krishnamurthy, Amit K. Roy-Chowdhury, M. Salman Asif

NeurIPS 2022

arxiv code poster slides talk

Zero-Query Transfer Attacks on Context-Aware Object Detectors

Zikui Cai, Shantanu Rane, Alejandro E. Brito, et al.

CVPR 2022

arxiv open access

Context-Aware Transfer Attacks for Object Detection

Zikui Cai, Xinxin Xie, Shasha Li, et al.

AAAI 2022

arxiv code slides poster talk

Exploiting Multi-Object Relationships for Detecting Adversarial Attacks in Complex Scenes

Mingjun Yin, Shasha Li, Zikui Cai, et al.

ICCV 2021

arxiv open access

Data-Driven Illumination Patterns For Coded Diffraction Imaging

Zikui Cai, Rakib Hyder, M. Salman Asif

ICIP 2021

paper

Solving Phase Retrieval with a Learned Reference

Rakib Hyder*, Zikui Cai*, M. Salman Asif

ECCV 2020

arxiv code