Papers by Wenkai Yang
Communication Efficient Federated Learning for Multilingual Neural Machine Translation with Adapter (2023.findings-acl)
Copied to clipboard
| Challenge: | Existing frameworks for federated multilingual neural machine translation (Fed-MNMT) are limited in language resources. |
| Approach: | They propose a framework that keeps PLMs frozen and only transfers lightweight adapter modules between clients. |
| Outcome: | The proposed framework reduces communication cost by over 98% while achieving similar or even better performance compared to baselines. |
Be Careful about Poisoned Word Embeddings: Exploring the Vulnerability of the Embedding Layers in NLP Models (2021.naacl-main)
Copied to clipboard
| Challenge: | Recent studies reveal a security threat to natural language processing models, called the Backdoor Attack. |
| Approach: | They propose to hack a model by modifying one single word embedding vector without sacrificing accuracy on clean samples. |
| Outcome: | The proposed method is more efficient and stealthier on sentiment analysis and sentence-pair classification tasks. |
Distilling Rule-based Knowledge into Large Language Models (2025.coling-main)
Copied to clipboard
| Challenge: | Recent advances in large language models have broadened their applicability across diverse realworld scenarios. |
| Approach: | They propose to encode rule-based knowledge into large language models by using strong in-context abilities to extract the knowledge from the textual rules and then explicitly encode it into the parameters of LLMs. |
| Outcome: | The proposed learning paradigm is much more efficient than example-based learning in both sample size and generalization ability. |
RAP: Robustness-Aware Perturbations for Defending against Backdoor Attacks on NLP Models (2021.emnlp-main)
Copied to clipboard
| Challenge: | Backdoor attacks are a serious threat to the safety of reusing deep neural networks (DNNs). |
| Approach: | They propose an efficient online defense mechanism based on robustness-aware perturbations to distinguish poisoned and clean samples to defend against backdoor attacks on natural language processing models. |
| Outcome: | The proposed method achieves better defending performance and lower computational costs than existing defense methods. |
Expose Backdoors on the Way: A Feature-Based Efficient Defense against Textual Backdoor Attacks (2022.findings-emnlp)
Copied to clipboard
| Challenge: | Existing online backdoor defense methods for NLP models focus on anomalies at input or output level, causing fragility to adaptive attacks and high computational cost. |
| Approach: | They propose a feature-based online defense method to detect poisoned samples . they use a distance-based anomaly score to distinguish poisones from clean samples based on feature-level regularization . |
| Outcome: | The proposed method outperforms existing methods in sentiment analysis and offense detection tasks. |
Rethinking Stealthiness of Backdoor Attack against NLP Models (2021.acl-long)
Copied to clipboard
| Challenge: | Existing backdoor attacks are not stealthy to system deployers or users. |
| Approach: | They propose a novel backdoor attack method based on negative data augmentation and modifying word embeddings that is much stealthier while maintaining pretty good attacking performance. |
| Outcome: | The proposed method is much stealthier while maintaining pretty good attacking performance. |
CURE: Critique-Driven Unified Reinforcement Learning for Test-Time Self-Improvement (2026.acl-long)
Copied to clipboard
| Challenge: | Existing critique-guided methods fail to equip models with the autonomous improvement capabilities required for test-time scaling. |
| Approach: | They propose a framework that jointly optimizes a single policy for standard solving, critiquing, and guided re-exploration. |
| Outcome: | The proposed framework maintains competitive single-turn performance and unlocks effective inference-time scaling. |
Exploring Backdoor Vulnerabilities of Chat Models (2025.coling-main)
Copied to clipboard
| Challenge: | Recent studies show that Large Language Models (LLMs) are susceptible to a security threat known as Backdoor Attack. |
| Approach: | They propose a backdoor attack method that distributes trigger scenarios across user inputs in different rounds and makes the backdoor be triggered only when all trigger scenarios have appeared in the historical conversations. |
| Outcome: | The proposed method achieves high attack success rates on chat models while maintaining normal capabilities on providing helpful responses to benign user requests. |
Revisiting Weak-to-Strong Generalization in Theory and Practice: Reverse KL vs. Forward KL (2025.findings-acl)
Copied to clipboard
| Challenge: | Weak-to-strong generalization is a promising approach to guide stronger systems, but its effectiveness is constrained by the inherent imperfections of weak model supervision. |
| Approach: | They propose a theoretically grounded approach that replaces forward KL divergence with reverse KL, which prioritizes high-confidence predictions. |
| Outcome: | The proposed approach replaces forward KL divergence with reverse KL, reducing the influence of unreliable weak supervision. |
Fine-Tuning Deteriorates General Textual Out-of-Distribution Detection by Distorting Task-Agnostic Features (2023.findings-eacl)
Copied to clipboard
| Challenge: | Existing methods for detecting out-of-distribution inputs are underexplored . detecting semantic and non-semantic shifts is difficult for pre-tuned pre-trainers . |
| Approach: | They propose a general OOD score that integrates confidence scores from task-agnostic and task-specific representations to improve detecting semantic and non-semantic shifts. |
| Outcome: | The proposed method improves on two cross-task benchmarks with semantic and non-semantic shifts. |