Reliable & Secure AI Systems

Wei Hao

I build the systems that make AI trustworthy by enterprises in the real world — reliable when it serves, and secure when it's attacked.

Founder of an AI startup company PhD, Computer Science · Columbia University New York City

Read the research View CV

01 — Vision

Make AI systems we can actually depend on.

I received my PhD degree from Columbia University. My PhD work spans the full lifecycle of deploying machine learning in production — from serving and monitoring models at scale to defending them against adversaries and detecting their misuse. The thread connecting it all: AI is only useful when it is reliable, observable, and safe. My systems are deployed in companies including Microsoft and Barracuda Networks.

Co-advised by Asaf Cidon & Junfeng Yang.

ML Systems at Scale

Predictable serving, model versioning, and on-device monitoring — Clockwork (OSDI), MGit (ICML), Nazar (ASPLOS).

AI Security & Robustness

Evasive attacks on edge models, jailbreak analysis, and robust deepfake-audio detection.

Detecting AI Misuse

Generalized LLM-generated text detection and large-scale study of LLM-generated malicious email.

02 — Timeline

Recent news

Present

Building an AI startup company.

May 2026

Officially received my PhD degree from Columbia University.

Apr 2026

Honored to receive the Davide Giri Memorial Prize for combining research excellence with efforts to promote research collaboration.

Apr 2026

My dissertation received the G-Research PhD Prize.

Jun 2025

Our study on the prevalence of LLM-generated malicious emails was covered in Forbes and TechRepublic.

May 2025

Learning to Rewrite: Generalized LLM-Generated Text Detection accepted to the main conference of ACL 2025.

Mar 2025

Do Spammers Dream of Electric Sheep? — characterizing LLM-generated malicious emails — accepted to ACM IMC 2025.

Jan 2025

Diversity Helps Jailbreak Large Language Models accepted to NAACL 2025.

Jan 2025

I Can Hear You: Selective Robust Training for Deepfake Audio Detection accepted to ICLR 2025.

Oct 2024

Nazar: Monitoring and Adapting ML Models on Mobile Devices accepted to ASPLOS 2025.

Jun 2024

Started a summer internship at Barracuda Networks working on AI security in production.

May 2024

MGit: A Model Versioning and Management System accepted to ICML 2024.

May 2023

Selected as an ML and Systems Rising Star.

Mar 2023

Returned to MSR Redmond for a summer internship on Project Fiddle — in person this time.

Jan 2022

A Tale of Two Models: Constructing Evasive Attacks on Edge Models accepted at MLSys 2022 (20.6% acceptance) — my first first-author PhD paper.

Nov 2020

Clockwork received the OSDI Distinguished Artifact Award.

Aug 2020

Serving DNNs like Clockwork accepted at OSDI 2020.

03 — Selected Work

Publications that shaped the thesis

All publications →

IMC 2025

Do Spammers Dream of Electric Sheep? Characterizing the Prevalence of LLM-Generated Malicious Emails

Wei Hao, Van Tran, Vincent Rideout, Zixi Wang, AnMei Dasbach-Prisk, M. H. Afifi, Junfeng Yang, Ethan Katz-Bassett, Grant Ho, Asaf Cidon

Forbes News coverage Paper

ACL 2025

Learning to Rewrite: Generalized LLM-Generated Text Detection

Wei Hao*, Ran Li*, Weiliang Zhao, Junfeng Yang, Chengzhi Mao

Paper Code

ASPLOS 2025

Nazar: Monitoring and Adapting ML Models on Mobile Devices

Wei Hao, Zixi Wang, Lauren Hong, Lingxiao Li, Nader Karayanni, AnMei Dasbach-Prisk, Chengzhi Mao, Junfeng Yang, Asaf Cidon

Paper

ICML 2024

MGit: A Model Versioning and Management System

Wei Hao*, Daniel Mendoza*, Rafael Mendes, Deepak Narayanan, Amar Phanishayee, Asaf Cidon, Junfeng Yang

Paper

MLSys 2022

A Tale of Two Models: Constructing Evasive Attacks on Edge Models

Wei Hao, Aahil Awatramani, Jiayang Hu, Chengzhi Mao, Pin-Chun Chen, Eyal Cidon, Asaf Cidon, Junfeng Yang

Paper

OSDI 2020

Serving DNNs like Clockwork: Performance Predictability from the Bottom Up

Arpan Gujarati, Reza Karimi, Safya Alzayat, Wei Hao, Antoine Kaufmann, Ymir Vigfusson, Jonathan Mace

Distinguished Artifact Award Paper Talk

04 — Honors

Awards & recognition

2026

Davide Giri Memorial Prize

Given to a Computer Science PhD who combines excellence in research results with continued outstanding efforts to promote research collaboration.

Columbia CS

2026

G-Research PhD Prize

Awarded for outstanding doctoral research.

Dissertation

2023

ML and Systems Rising Star

Recognized among the field's emerging researchers at the intersection of machine learning and systems.

MLCommons

2022

MLSys Student Travel Grant

MLSys

2020

OSDI Distinguished Artifact Award

For Clockwork — a distributed DNN serving system with predictable end-to-end performance.

OSDI