Fnu Suya

Fnu Suya

MC2 Postdoctoral Fellow

University of Maryland College Park



I am an MC2 Postdoctoral Fellow at the Maryland Cybersecurity Center (MC2) at the University of Maryland, College Park. I received my Ph.D. degree in Computer Science from the University of Virginia, advised by Prof. David Evans and Prof. Yuan Tian at UCLA. I am interested in machine learning for security and the trustworthy aspects of machine learning, especially in malicious training environments.

I am joining the Min H. Kao Department of Electrical Engineering and Computer Science at the University of Tennessee, Knoxville as a tenure-track Assistant Professor in Fall 2024. I am looking for self-motivated students to work on trustworthy machine learning and machine learning for security. If you are interested, please fill out the questionnaire and send me an email.


  • My first SoK paper is accepted to IEEE SaTML 2024, see you in Toronto!


  • Trustworhy Machine Learning
  • Poisoning Attacks
  • Machine Learning for Security
  • Ph.D. in Computer Science, 2017-2023

    University of Virginia

  • Ph.D. in Computer Science (discontinued due to advisor relocation), 2015-2017

    Arizona State University

  • B.Eng. (Honors) in Electrical Engineering, 2010-2014

    China Agricultural University

Selected Publications

Quickly discover relevant content by filtering publications.
(2024). SoK: Pitfalls in Evaluating Black-Box Attacks. In IEEE SaTML 2024.

PDF Cite Code

(2023). What Distributions are Robust to Indiscriminate Poisoning Attacks for Linear Learners?. In NeurIPS 2023.

PDF Cite Poster

(2023). Manipulating Transfer Learning for Property Inference. In CVPR 2023.

PDF Cite Code Video

(2022). Poisoning Attacks and Subpopulation Susceptibility. In VISxAI 2022 (Best Paper Award).

PDF Cite Code

(2022). Stealthy Backdoors as Compression Artifacts. In TIFS 2022.

PDF Cite Code

(2021). Model-Targeted Poisoning Attacks with Provable Convergence. In ICML, 2021.

PDF Cite Code Poster Slides

(2019). Hybrid Batch Attacks: Finding Black-box Adversarial Examples with Limited Queries. In Usenix Security 2020.

PDF Cite Code Slides Video


University of Maryland, College Park
MC2 Postdoctoral Fellow
Oct 2023 – Present Maryland, USA
Research on machine learning for security and poisoning for beneficial outcomes.
University of Virginia
Graduate Research Assistant
Aug 2017 – Aug 2023 Virginia, USA
Research on trustworthy machine learning at SRG.
Qualcomm AI Research
Interim Engineering Intern
May 2021 – Aug 2021 San Diego, USA (remote)
Robust federated learning against backdoor attacks.
Amazon Web Services
Applied Scientist Intern
Jan 2021 – Apr 2021 New York City, USA (remote)
Worked on GNN based anomaly detection on extremely large graphs.
Bosch AI Center
Research Intern
Jun 2020 – Aug 2020 Pittsburgh, USA (remote)
Worked on query efficient black-box attacks on vision classifiers.