Peng Cheng (程鹏)

Peng Cheng (程鹏)

Researcher

Latest Update

Short Bio

Peng Cheng is currently a researcher with the State Key Laboratory of Blockchain and Data Security at Zhejiang University, Hangzhou, China. He received his Ph.D. degree in Computer Science from Lancaster University, Lancaster, UK. He was a visiting researcher at University College Cork, Cork, Ireland, from 2019 to 2020. He was a postdoctoral research associate at the School of Cyber Science and Technology, Zhejiang University, Hangzhou, China. His research interests include audio deepfake detection, speech privacy preservation, and IoT security. Results have been published in renowned international journals and conferences such as Proc. IEEE, CCS, S&P, and WWW. His research was a finalist for the 2019 Black Hat Conference Pwnie Award for Innovative Research.

Research Interests

My research focuses on securing AI systems and AI-generated content across the entire pipeline—from model development to deployment—with particular emphasis on the intersection of security, safety, and privacy in intelligent systems.

AI-Generated Content (AIGC) Security & Safety: Investigating vulnerabilities in generative AI systems, developing detection methods for synthetic content, examining existing and creating attribution mechanisms to ensure trustworthy AI-generated media.

Adversarial Machine Learning: Developing frameworks to understand and defend against adversarial attacks on AI models.

Speech and Acoustic Security: Exploring privacy-preserving technologies for voice-enabled systems, acoustic-channel attack vectors, and anti-eavesdropping mechanisms that protect user privacy while maintaining legitimate functionality.

IoT and Embedded AI Security: Addressing security challenges in resource-constrained intelligent devices, focusing on sensor-based vulnerabilities and lightweight protection mechanisms suitable for smart home and wearable technologies.

My work bridges theoretical foundations and practical applications, aiming to build AI systems that are secure against malicious manipulation, safe from unintended behaviors, and respectful of user privacy.

Recent News

  • September 2025: Paper “wmcopier” accepted at NeurIPS 2025, congratulations to Ziping!
  • September 2025: Our team achieved 3rd Place in IJCAI 2025 Deepfake Detection and Localization Challenge (DDL Challenge)
  • October 2024: Co-supervised Master’s student won the National Graduate Scholarship (China)
  • October 2024: Won National Grand Prize in 19th “Challenge Cup” National Competition as advisor for “Multimodal AI Audit Matrix” project
  • June 2024: Started position as tenure-track researcher at State Key Laboratory of Blockchain and Data Security, Zhejiang University
  • May 2024: Paper “SurrogatePrompt: Bypassing the Safety Filter of Text-to-Image Models via Substitution” accepted at CCS 2024
  • February 2024: Paper “ALIF: Low-Cost Adversarial Audio Attacks on Black-Box Speech Platforms Using Linguistic Features” accepted at IEEE S&P 2024
  • January 2025: Appointed as Program Committee Member for ACM Web Conference (WWW 2025)
  • January 2025: Serving as Special Issue Guest Editor for “Intelligent Voice Security and Defense Technologies”, Journal of Cyber Security

Selected Publications

  • Peng Huang, Kun Pan, Qingni Wang, Peng Cheng, Li Lu, Zhongjie Ba, Kui Ren. “SecHeadset: A Practical Privacy Protection System for Real-time Voice Communication.” *Proceedings of the ACM MobiSys. Anaheim, California, US. 2025. doi: to appear.

  • Zhongjie Ba, Jieming Zhong, Jiachen Lei, Peng Cheng, Qingni Wang, Zhan Qin, Zhibo Wang, Kui Ren. “SurrogatePrompt: Bypassing the Safety Filter of Text-to-Image Models via Substitution.” *Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. Salt Lake City, UT, USA. 2024. doi: 10.1145/3658644.3670317.

  • Zhongjie Ba, Bin Gong, Yuwei Wang, Liu Liu, Peng Cheng, Fengxiao Lin, Li Lu, Kui Ren. “Indelible ‘Footprints’ of Inaudible Command Injection.” *IEEE Transactions on Information Forensics and Security. 2024.

  • Peng Cheng, Yuwei Wang, Peng Huang, Zhongjie Ba, Xiaodong Lin, Fengxiao Lin, Li Lu, Kui Ren. “ALIF: Low-Cost Adversarial Audio Attacks on Black-Box Speech Platforms Using Linguistic Features.” IEEE Symposium on Security and Privacy. San Francisco, CA, USA. 2024. doi: 10.1109/SP54263.2024.00104.

  • Peng Huang, Yihao Wei, Peng Cheng, Zhongjie Ba, Li Lu, Fengxiao Lin, Yuwei Wang, Kui Ren. “Phoneme-Based Proactive Anti-Eavesdropping with Controlled Recording Privilege.” IEEE Transactions on Dependable and Secure Computing. 2024.

  • Zhongjie Ba, Qing Wen, Peng Cheng, Yuwei Wang, Fengxiao Lin, Li Lu, Zhibo Liu. “Transferring Audio Deepfake Detection Capability Across Languages.” *Proceedings of the ACM Web Conference. Austin, TX, USA. 2023. doi: 10.1145/3543507.3583422.

  • Peng Cheng, Yuexin Wu, Yi Hong, Zhongjie Ba, Fengxiao Lin, Li Lu, Kui Ren. “UniAP: Protecting Speech Privacy With Non-Targeted Universal Adversarial Perturbations.” IEEE Transactions on Dependable and Secure Computing. 21(1), 31–46, 2023. doi: 10.1109/TDSC.2023.3288610.

  • Peng Cheng, Utz Roedig. “Personal Voice Assistant Security and Privacy—A Survey.” Proceedings of the IEEE. 110(4), 476–507, 2022. doi: 10.1109/JPROC.2022.3153167.

For a complete list of publications, please visit my Google Scholar profile.

Professional Services

Editorial Services

Guest Editor, Journal of Cyber Security (2025) - Special Issue: “Intelligent Voice Security and Defense Technologies”

Conference Program Committees

Program Committee Member: ACM Web Conference (WWW 2025), AAAI Conference on Artificial Intelligence (AAAI 2026)

Journal Reviewer

Proceedings of the IEEE (Impact Factor: 25.9), ACM Transactions on Internet of Things (TIOT) (Impact Factor: 3.5), IEEE Internet of Things Journal (IoT-J) (Impact Factor: 8.2), Journal of Information Network Security

Research Projects

  • Principal Investigator (2025-2028): National Natural Science Foundation of China (NSFC) General Program - “Research on Speech Synthesis Data Compliance Management Technology Based on Intrinsic Characteristics of Audio Signals”
  • Principal Investigator (2025-2026): Zhejiang University-Alibaba Collaboration - “Active and Passive Security Protection Technologies for the Maojing Voice Interaction System”
  • Participant: Multiple NSFC projects including Key Projects on cross-chain security and deep learning applications

Mentorship & Supervision

Currently co-supervising 5 Ph.D. students and 7 Master’s students at Zhejiang University. Successfully co-mentored 1 Ph.D. student, 5 Master’s students, and 1 undergraduate student to degree completion. National Graduate Scholarship Winner (2024): Co-supervised Master’s student received China’s highest-level scholarship for graduate students.

Industry Impact

My research has made significant contributions to industry security:

  • AI Model Security: Identified vulnerabilities in commercial text-to-image models (Midjourney, Stability.ai) through SurrogatePrompt attack method
  • Watermarking Systems: Developed wmcopier method, recognized by Amazon’s Responsible AI Team for identifying critical vulnerabilities
  • Open-Source Contributions: ALIF framework adopted by NVIDIA for their official AI security toolkit
  • Media Recognition: SonarSnoop research featured in IT media (Motherboard, ZDNet, Sophos) and praised by renowned security experts