Hi, I’m a third year CS PhD student at Cornell Tech working with Vitaly Shmatikov. My research interest is AI Safety and LLM Control & Intervention.

Currently I’m a Research Intern at Qwen Team in Shanghai working with Fei Huang. At Qwen, I developed intervention mechanisms that prevents LLM repetition and language confusion. Both of them have been deployed in Qwen API and Qwen Chat.

📝 Publications

• NeurIPS 2025 Harnessing the universal geometry of embeddings, Rishi Jha, Collin Zhang, Vitaly Shmatikov, John X. Morris
• NSDI 2024 Zombie: Middleboxes that Don’t Snoop, Collin Zhang, Zachary DeStefano, Arasu Arun, Joseph Bonneau, Paul Grubbs, Michael Walfish
• EMNLP 2024 Extracting Prompts by Inverting LLM Outputs, Collin Zhang, John X. Morris, Vitaly Shmatikov

📝 Preprints

• Language Confusion Gate: Language-Aware Decoding Through Model Self-Distillation, Collin Zhang, Fei Huang, Chenhan Yuan, Junyang Lin
• Adversarial Decoding: Generating Readable Documents for Adversarial Objectives, Collin Zhang, Tingwei Zhang, Vitaly Shmatikov
• Soft Prompts Go Hard: Steering Visual Language Models with Hidden Meta-Instructions, Tingwei Zhang, Collin Zhang, John X Morris, Eugene Bagdasaryan, Vitaly Shmatikov
• Universal Zero-shot Embedding Inversion, Collin Zhang, John X. Morris, Vitaly Shmatikov
• Harnessing the Universal Geometry of Embeddings, Rishi Jha, Collin Zhang, Vitaly Shmatikov, John X Morris

📖 Educations

• 2023.08 - (now), Cornell University, PhD, Computer Science
• 2019.09 - 2023.05, New York University Stern School of Business, BS, Computer Science & Econometrics
• 2016.09 - 2019.06, Nanjing Foreign Language School

👻 Projects

• FastDraw A Fast and Complete Swift Drawing(Handwriting) Library for iOS
• adversarial_decoding Generating Readable Documents for Multiple Adversarial Objectives
• output2prompt Inverting Outputs to Prompts

🎤 Talks

• Presented Zombie: Middleboxes that Don’t Snoop (Slide) at Cornell Systems Lunch on Sep 22 2023