Zesen Liu (刘泽森)

A photo of J. Doe

I am a first year Ph.D. student at CSE Department, HKUST, supervised by Prof. Dongdong She. Before coming to HKUST, I earned my bachelor’s degree at Xidian University.

My research focuses on the security of LLM-powered systems in realistic deployments. I study how these systems fail under adversaries and how to evaluate and secure these systems at deployment level—threat models.

Currently, I am investigating the security of prompt compression in long-context, agentic systems.

Previously, I worked with Prof. Xinlei He and Prof. Tianshuo Cong to study the watermark for LLM.

I can be reached at zliuhi at cse dot ust dot hk, google scholar, github.

Publications and Preprints

When Alignment Isn’t Enough: Response-Path Attacks on LLM Agents
Mingyu Luo, Zihan Zhang, Zesen Liu, Yuchong Xie, Zhixiang Zhang, Dung Hiu Hilton Yeung, Wai Ip Lai, Ping Chen, Ming Wen, and Dongdong She
arXiv:2605.02187arXiv
From Similarity to Vulnerability: Key Collision Attack on LLM Semantic Caching
Zhixiang Zhang, Zesen Liu, Yuchong Xie, Quanfeng Huang, and Dongdong She
ICML’26arXiv
QueryIPI: Query-agnostic Indirect Prompt Injection on Coding Agents
Yuchong Xie, Zesen Liu, Mingyu Luo, Zhixiang Zhang, Kaikai Zhang, Yuanyuan Yuan, Zongjie Li, Ping Chen, Shuai Wang, and Dongdong She
arXiv:2510.23675arXiv
CompressionAttack: Exploiting Prompt Compression as a New Attack Surface in LLM-Powered Agents
Zesen Liu, Zhixiang Zhang, Yuchong Xie, and Dongdong She
arXiv:2510.22963arXiv
Red-Teaming Coding Agents from a Tool-Invocation Perspective: An Empirical Security Assessment
Yuchong Xie, Mingyu Luo, Zesen Liu, Zhixiang Zhang, Kaikai Zhang, Yu Liu, Zongjie Li, Ping Chen, Shuai Wang, and Dongdong She
arXiv:2509.05755arXiv
OBIR-tree: An Efficient Oblivious Index for Spatial Keyword Queries on Secure Enclaves
Zikai Ye, Xiangyu Wang, Zesen Liu, Dan Zhu, and Jianfeng Ma
ACM SIGMOD International Conference on Management of Data (SIGMOD’25)
Have You Merged My Model? On The Robustness of Large Language Model IP Protection Methods Against Model Merging
Tianshuo Cong, Delong Ran, Zesen Liu, Xinlei He, Yichen Gong, Jinyuan Liu, Qi Li, Anyu Wang, and Xiaoyun Wang
The 1th ACM Workshop On Large AI Systems And Models With Privacy And Safety Analysis, co-located with CCS (CCS-LAMPS’24), Salt Lake City, USA. (Best paper award)
On Evaluating The Performance of Watermarked Machine-Generated Texts Under Adversarial Attacks
Zesen Liu, Tianshuo Cong, Xinlei He, and Qi Li
arXiv:2407.04794arXiv

Honors and Awards

  • 2025.06 Overseas Study Scholarship
  • 2024.11 Gratitude to Chinese Modern Scientists Scholarship
  • 2024.10 National Scholarship
  • 2024.06 Qi'an Xin First Prize Scholarship

Experience

  • Research assistant, Tsinghua University & Hong Kong University of Science and Technology-Guangzhou, 2023.10-2024.7

Academic Service

  • Reviewer, ICML '2026
  • Sub-Reviewer of ISSTA '2026, FSE '25, Oakland'25