About Me

I am currently a PhD student at University of Maryland, College Park (UMD) working with Prof. Furong Huang. Previously, I eared a Master's degree from Singapore University of Technology and Design (SUTD), advised by Prof. Ngai-Man Cheung; and a Bachelor of Computer Science (Honours) from the University of Information Technology (UIT) - Vietnam National University Ho Chi Minh City working with Prof. Tam Nguyen and Dr. Tiep Nguyen.

My research interest focuses on Safety and Security AI with a recent interest in multimodality models and embodied agents. See more on my selected publications below.

I'm actively looking for part-time/full-time internship opportunities starting from Summer 2026. Please feel free to reach out if I could be a good fit.

Recent News

  • Sep, 2025 Started my PhD in CS at University of Maryland, College Park
  • Aug, 2025 Our paper on model inversion attacks against LVLMs available on Arxiv
  • May, 2025 Our paper on rethinking Model Inversion Attacks Framework is available on Arxiv
  • Sep, 2024 One paper on ViT's OoD generalization accepted by NeurIPS-24
  • Jul, 2024 One paper on Model Inversion Resilient Architecture accepted by ECCV-24
  • Mar, 2024 One paper on Model Inversion Defense via Transfer Learning accepted by CVPR-24
  • Jan, 2024 Started my Master of Engineering at SUTD

Education

  • University of Maryland, College Park (UMD)
    PhD in Computer Science

  • Singapore University of Technology and Design (SUTD)
    M.Eng (Research)

  • University of Information and Technology (UIT), Vietnam Nation University HCMC (VNUHCM)
    B.Sc in Computer Science (Honour)

Work Experience

  • University of Maryland College Park
    Teaching Assistant, 2025 - Present
  • Temasek Lab @ SUTD
    Research Assistant, 2022 - 2025
  • Viettel Group
    Intern, 2020 - 2021

Academic Services

  • Conference Reviewer
    NeurIPS 2024/2025, ICLR 2025, ICML 2025, ACM MM 2025
  • Program Commitee
    AAAI 2026
  • Journal Reviewer
    TMM 2023/2024/2025

Selected Publications

    [5] Model Inversion Attacks on Vision-Language Models: Do They Leak What They Learn?

    Ngoc-Bao Nguyen, Sy-Tuyen Ho, Koh Jun Hao, Ngai-Man Cheung. Research Question: To what extent do LVLMs leak sensitive information of visual training data? How can we design model inversion attacks tailored for LVLMs? Arxiv'25 [paper]

    [4] Revisiting Model Inversion Evaluation: From Misleading Standards to Reliable Privacy Assessment.

    Sy-Tuyen Ho, Koh Jun Hao, Ngoc-Bao Nguyen, Alexander Binder, Ngai-Man Cheung. Research Question: Why shouldn’t we rely on the most commonly used framework for computing attack success rates in MI research, and how can we compute them faithfully? Arxiv'25 [paper] [benchmark+code]

    [3] Vision Transformer Neural Architecture Search for Out-of-Distribution Generalization: Benchmark and Insights.

    Sy-Tuyen Ho*, Tuan Van Vo*, Somayeh Ebrahimkhani*, Ngai-Man Cheung. (* joint first authors) Research Question: How do ViT architectural attributes affect OoD generalization, and why is the embedding dimension a key factor in optimizing it? NeurIPS'24 (Main Track) [paper] [benchmark+code]

    [2] On the Vulnerability of Skip Connections to Model Inversion Attacks.

    Koh Jun Hao*, Sy-Tuyen Ho*, Ngoc-Bao Nguyen, Ngai-man Cheung. (* joint first authors) Research Question: What is the impact of a common DNN architectural module—skip connections—on model inversion attacks, and how can we leverage this understanding to design MI-resilient architectures? ECCV'24 [paper] [code]

    [1] Model Inversion Robustness: Can Transfer Learning Help?

    Sy-Tuyen Ho, Koh Jun Hao, Keshigeyan Chandrasegaran, Ngoc-Bao Nguyen, Ngai-man Cheung.

    Research Question: Why and how does Transfer Learning prevent data leakage in Model Inversion Attack? CVPR'24 [paper] [code]