Sizhe is studying AI security in real-world applications. Currently, he is defending against prompt injection attacks, the top-1 threat to AI agents. Prompt injection has caused actual harm to multiple AI systems from Google, OpenAI, Anthropic, etc. To open up broader usage of LLMs in agents, he develops principled, general, and practical prompt injection defenses. His SoTA training recipe yields powerful open LLMs with an order of magnitude lower attack success rates against the strongest adaptive prompt injections, without noticeable utility drop.
Sizhe is a CS Ph.D. candidate at UC Berkeley in Berkeley AI Research, working with Prof. David Wagner. His research has been supported by funding from NVIDIA Fellowship, Meta FAIR, Google DeepMind, and UCB EECS. Previously, Sizhe got his M.Eng. and B.Eng. from Shanghai Jiao Tong University. He practices neatness and minimalism. Outside of research, he loves to sing, photograph, write blogs, hike, ski, play badminton, and play table tennis.