Applied Scientist with over 6 years of combined industry and research experience in Computer Vision, Generative AI, and LLMs. Experienced in foundation models, prompt engineering, and model optimization, with research spanning model robustness, backdoor security, and efficient AI. Authored 20 papers in top AI venues (NeurIPS, CVPR, ECCV, AAAI, TMLR, WACV) and recipient of the Amazon Inventor Award for innovation.
Work Experience
Applied Scientist
Amazon, Returns & Recommerce, Bellevue, WA, USA
Jul 2024 - Current
Built an automated evaluation framework for multi-turn LLM conversations, standardizing quality and safety metrics across 5M+ customer–LLM dialogues/day; defined a failure-mode taxonomy and continuous regression test suite to score question quality, logical flow, hallucination, and policy compliance, and detect regressions after model/prompt updates.
Built an end-to-end evaluation pipeline for customer comments and LLM-generated follow-up questions, eliminating manual review and saving $1M+ and 25,000+ labeling hours/year; used RAG-based retrieval and prompt optimization to quantify information gain, relevance, and clarity, with synthetic edge-case generation to expand coverage on hard scenarios.
Designed and deployed production Responsible AI guardrails for return-related chat, sustaining 50+ TPS real-time inference; implemented prompt-injection defenses, misuse/content-violation detection, and risk-based routing, optimized for low-latency and cost-efficient serving under adversarial traffic patterns.
Extended diffusion-model safety into an image-safeguarding framework that protects customer images from generative misuse within Amazon’s Responsible AI ecosystem; published at WACV 2025, with a pending patent and the Amazon Inventor Award for innovation and impact.
Applied Scientist Intern
Amazon, Alexa AI, Sunnyvale, CA, USA
Jun 2023 - Sep 2023
Developed a novel and practical defense method to protect user images in real-time from identity theft and copyright misuse in generative diffusion models, demonstrating real-time protection applicability, by introducing latent-space adversarial perturbations.
Engineered an optimized perturbation generation and inference framework, accelerating processing speed by 150× (from ~30s to 0.2s per image) and reducing memory usage by 2.6×, by optimizing the perturbation generation path while maintaining protection performance.
Evaluated the system on three public diffusion benchmarks and 10,000+ real-world samples, showing up to 20% improvement over existing diffusion-model protection methods across 10+ evaluation metrics, by measuring protection strength, visual fidelity, and generalization end-to-end.
AI/ML Engineer Intern
MoMo (M_Service), Ho Chi Minh City, Vietnam
Jun 2021 - Sep 2021
Developed an end-to-end machine learning pipeline for data cleaning, labeling, and DNN training, powering an in-house ID verification system used by 10M+ users, by enabling accurate ID card information extraction.
Designed and deployed a secure internal data-labeling platform integrated into the pipeline, processing 20,000+ high-quality annotations and reducing external labeling costs by more than $100K, by moving labeling workflows in-house with secure, integrated tooling.
Enhanced OCR model performance, improving accuracy by 10% in large-scale deployment, by targeted data curation and model fine-tuning to deliver production-level reliability.
Graduate Research Assistant
Rutgers University, New Brunswick, NJ, USA
Sep 2020 - May 2024
Conducted leading-edge research in Deep Learning, expanding research direction and idea exchange, by identifying emerging research challenges/opportunities and hosting a weekly paper reading group.
Designed and executed extensive experiments to validate hypotheses, resulting in 20 published papers at top AI conferences (NeurIPS, ECCV, AAAI, ICASSP, MobiCom), by effectively communicating research findings through concise academic papers and conference presentations.
Supported course instructors, mentoring and assisting over 200 students in foundational and advanced Computer Engineering courses, by organizing weekly recitations, grading assignments, and holding office hours.
Featured Publications
[NeurIPS 2025] Xiao, J., Luo, C., Huang, L., Yang, C., Sui, Y., Phan, H., Zang, X., Ying, Y., Anandkumar, A., and Yuan, B. “EcoSpa: Efficient Transformer Training with Coupled Sparsity.” Advances in Neural Information Processing Systems.
[TMLR 2025] Sui, Y., Phan, H., Xiao, J., Zhang, T., Tang, Z., Shi, C., Wang, Y., Chen, Y., and Yuan, B. “DisDet: Exploring Detectability of Backdoor Attacks on Diffusion Models.” Transactions on Machine Learning Research.
[WACV 2025]Phan, H., Huang, B., Jaiswal, A., Sabir, E., Singhal, P., and Yuan, B. “Latent Diffusion Shield: Mitigating Malicious Use of Diffusion Models through Latent-Space Adversarial Perturbations.” Winter Conference on Applications of Computer Vision.
[ECCV 2024]Phan, H., Xiao, J., Sui, Y., Zhang, T., Tang, Z., Shi, C., Wang, Y., Chen, Y., and Yuan, B. “Clean & Compact: Efficient Data-Free Backdoor Defense via Model Compactness.” European Conference on Computer Vision.
[MobiCom 2024] Zhang, T., Phan, H., Tang, Z., Shi, C., Wang, Y., Yuan, B., and Chen, Y. “Inaudible Backdoor Attack via Stealthy Frequency-Trigger Injection in Audio Spectrograms.” ACM International Conference on Mobile Computing and Networking.
[MMSys 2023] Tang, Z., Phan, H., Feng, X., Yuan, B., Liu, Y., and Wei, S. “Security-Preserving Live 3D Video Surveillance.” ACM Multimedia Systems Conference.
[AAAI 2023 (Oral)]Phan, H., Yin, M., Sui, Y., Zonouz, S., and Yuan, B. “CSTAR: Towards Compact and Structured Deep Neural Networks with Adversarial Robustness.” AAAI Conference on Artificial Intelligence.
[ECCV 2022]Phan, H., Shi, C., Xie, Y., Zhang, T., Li, Z., Zhao, T., Liu, J., Wang, Y., Chen, Y., and Yuan, B. “RIBAC: Towards Robust and Imperceptible Backdoor Attacks against Compact DNNs.” European Conference on Computer Vision.
[MobiCom 2022] Shi, C., Zhang, T., Li, Z., Phan, H., Zhao, T., Wang, Y., Liu, J., Yuan, B., and Chen, Y. “Audio-Domain Position-Independent Backdoor Attack via Unnoticeable Triggers.” ACM International Conference on Mobile Computing and Networking.
[ICASSP 2022]Phan, H., Xie, Y., Liu, J., Chen, Y., and Yuan, B. “Invisible and Efficient Backdoor Attacks for Compressed Deep Neural Networks.” IEEE International Conference on Acoustics, Speech, and Signal Processing.
[MMSys 2022] Ye, M., Tang, Z., Phan, H., Xie, Y., Yuan, B., and Wei, S. “Visual Privacy Protection in Mobile Image Recognition Using Protective Perturbations.” ACM Multimedia Systems Conference.
[AAAI 2022] Yin, M., Phan, H., Zang, X., Liao, S., and Yuan, B. “BATUDE: Budget-Aware Neural Network Compression Based on Tucker Decomposition.” AAAI Conference on Artificial Intelligence.
[NeurIPS 2021] Sui, Y., Yin, M., Xie, Y., Phan, H., Zonouz, S. A., and Yuan, B. “CHIP: Channel-Independence-Based Pruning for Compact Neural Networks.” Advances in Neural Information Processing Systems.
[ACM MM 2020] Tang, Z., Feng, X., Xie, Y., Phan, H., Guo, T., Yuan, B., and Wei, S. “VVSec: Securing Volumetric Video Streaming via Benign Use of Adversarial Perturbations.” ACM International Conference on Multimedia.
[AAAI 2020]Phan, H., Xie, Y., Liao, S., Chen, J., and Yuan, B. “CAG: A Real-Time, Low-Cost, Enhanced-Robustness, High-Transferability, Content-Aware Adversarial Attack Generator.” AAAI Conference on Artificial Intelligence.