About

Hello, Yuhao here! Starting September 2023, I join SRI lab at ETH Zürich as a PhD student. I got my MSc in Computer Science majoring Machine Intelligence and minoring Theoretical Computer Science at ETH Zürich, and my BSc in Mathematics and Applied Mathematics with a dual degree in Finance at CKC Honors College, Zhejiang University. I am lucky to work with:

• Dr. G. Zhou, who leads me to the fantastic world of macroeconomics and encouraged me during my early stage of research, which benefits me deeply even after I left the field;
• Dr. S. Ji and Dr. X. Zhang, who showed me the excitement and challenges of trustworthy artificial intelligence and offered valuable guidance and suggestions for years;
• Dr. Y. Zhang, who has always been kind and helpful, especially when I feel lost;
• Dr. F. Yang, who welcomed me since my first semester in a foreign country and continues to help;
• Dr. M. Vechev, who shares numerous good days and continues to be a good friend.

My favorite formula includes:

\[e^{\pi i}=-1\] \[\hat{f}(\xi) = \int_{-\infty}^{\infty}f(x)e^{2\pi i x\xi}dx\]

Find my CV here.

Feel free to contact me if you have any questions or interests.

Working Ethics

I solemnly swear that I put 120% effort into making the proofs in all my publications, including those I am not the (co-)first author, correct, rigorous and readable.

Research Interests

I am interested in making AI generally safe and trustworthy. Meanwhile, I am trying to use the current “unsafe” AI to do good things, e.g., advancing various science domains.

Publication

Equal contributions are marked by *. All published works are open-sourced (if applicable) on GitHub and the manuscripts are publicly accessible on Arxiv.

Trustworthy Artificial Intelligence

• Yuhao Mao*, Yani Zhang*, Martin Vechev, On the Expressiveness of Multi-Neuron Convex Relaxations, preprint.
• Ping He, Yuhao Mao, Changjiang Li, Lorenzo Cavallaro, Ting Wang, Shouling Ji, On the Security Risks of ML-based Malware Detection Systems: A Survey, preprint.
• Chenhao Sun*, Yuhao Mao*, Mark Niklas Müller, Martin Vechev, Average Certified Radius is a Poor Metric for Randomized Smoothing, The Forty-Second International Conference on Machine Learning (ICML’25).
• Yuhao Mao, Stefan Balauca, Martin Vechev, CTBENCH: A Library and Benchmark for Certified Training, The Forty-Second International Conference on Machine Learning (ICML’25).
• Stefan Balauca, Mark Niklas Müller, Yuhao Mao, Maximilian Baader, Marc Fischer, Martin Vechev, Gaussian Loss Smoothing Enables Certified Training with Tight Convex Relaxations, Transactions on Machine Learning Research 07/2025 (TMLR’25).
• Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev, Understanding Certified Training with Interval Bound Propagation, The Twelfth International Conference on Learning Representations (ICLR’24).
• Maximilian Baader*, Mark Niklas Müller*, Yuhao Mao, Martin Vechev, Expressivity of ReLU-Networks under Convex Relaxations, The Twelfth International Conference on Learning Representations (ICLR’24).
• Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev, Connecting Certified and Adversarial Training, The Thirty-seventh Conference on Neural Information Processing Systems (NeurIPS’23).
• Yuyou Gan*, Yuhao Mao*, Xuhong Zhang, Shouling Ji, Yuwen Pu, Meng Han, Jianwei Yin, Ting Wang, ``Is your explanation stable?’’: A Robustness Evaluation Framework for Feature Attribution, ACM SIGSAC Conference on Computer and Communications Security 2022 (CCS’22).
• Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang, Transfer Attack Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings, IEEE Symposium on Security & Privacy 2022 (SP’22).

Artificial Intelligence for Science

• Chenhao Chu, Yuhao Mao, Hua Wang, Transfer Learning Assisted Fast Design Migration Over Technology Nodes: A Study on Transformer Matching Network, IEEE MTT-S International Microwave Symposium 2024 (IMS’24).

Talk

• Training Certifiably Robust Neural Networks. January 2024 at Zhejiang University, China.

Teaching

• Rigorous Software Engineering (Bachelor’s), Spring 2024/2025, ETH Zürich, TA on exercises and lectures.
• Reliable and Trustworthy Artificial Intelligence (Master’s), Fall 2023-2025, ETH Zürich, TA on exercises and projects.
• Computational Intelligence Lab (Master’s), Spring 2023, ETH Zürich, TA on exercises.
• Introduction to Machine Learning (Bachelor’s), Spring 2023, ETH Zürich, TA on exercises.

Community Contribution

Review for NeurIPS (since 2024, acknowledged as Top Reviewers 2024), ICLR (since 2025), TMLR (since 2025), ICML (since 2025).

Learning

I made public some of my cheatsheets, based on standard textbooks and courses provided by ETH Zürich, for personal reference and general interest. Many thanks to the original authors that enlightened me with the great knowledge.

• Advanced Machine Learning
• Advanced Graph Algorithm and Optimization
• Information Theory
• Network Modeling
• Natural Language Processing
• Optimization for Data Science
• Probablistic Artificial Intelligence
• Randomized Algorithms and Probabilistic Method
• Reliable and Trustworthy Artificial Intelligence