Futa (Kai) Waseda

PhD Candidate | Trustworthy AI: Robustness, Reliability, and VLM Defense

The University of Tokyo

About Me

I study Trustworthy AI, focusing on adversarial robustness and reliable generalization from mechanism to deployment:

I analyze why models fail under adversarial perturbation (WACV'23).
I design robust training and defense methods for computer vision (ICIP'24, ICLR'25).
I extend these ideas to vision-language systems (WACV'26, ACMMM'25).
I also work on complementary reliability and security topics, including post-hoc calibration (ICML'23) and model IP protection (ACL'25 Main).

I have collaborated widely across academia and industry through joint research and internships, including work with TUM, NII, NEC, CyberAgent AI Lab, SB Intuitions, and Turing.

Interests

Trustworthy AI
Adversarial Robustness
Robust Generalization
Vision-Language Model Reliability

Education

BEng in Systems Innovation, 2020
The University of Tokyo
Exchange Student, 2022
Technical University of Munich
MS in Informatics, 2023
The University of Tokyo

News

2025.11: One 1st-authored paper accepted at WACV 2026.
2025.09: Received NII Inose Outstanding Student Award, 2025.
2025.07: One 1st-authored paper accepted at ACMMM 2025.
2025.05: One 1st-authored paper accepted at ACL 2025 Main.
2025.01: One 1st-authored paper accepted at ICLR 2025.
2024.09: One 1st-authored paper accepted at ICIP 2024.
2024.05: One 1st-authored paper accepted at MIRU 2024 Oral.
2023.09: Selected for research fellowship JST DC2.
2023.07: Received a research grant of 1 million yen from AIP Challenge Program, JST.
2023.03: Selected for research fellowship JST SPRING GX.
2023.04: One 1st-authored paper accepted at ICML 2023.
2022.10: One 1st-authored paper accepted at WACV 2023.

Recent Publications

Research strengths

Defenses for visual and vision-language models under adversarial settings.
Reliable generalization via calibration and robustness analysis.
Practical security themes, including model IP protection.

See all publications.

WACV 2026 March 2026

Multimodal Adversarial Defense for Vision-Language Models by Leveraging One-To-Many Relationships

Futa (Kai) Waseda, Antonio Tejero-de-Pablos, Isao Echizen

Targets robust defense for VLMs under multimodal adversarial attacks.
Leverages one-to-many image-text relationships during adversarial training.
Improves robustness while preserving clean-task performance.

PDF

ACMMM 2025 October 2025

Quality Text, Robust Vision: The Role of Language in Enhancing Visual Robustness of Vision-Language Models

Futa (Kai) Waseda, Saku Sugawara, Isao Echizen

Proposed QT-AFT to improve VLM robustness with high-quality text supervision.
Reduced class-overfitting while improving robustness to text-guided attacks.
Achieved strong zero-shot robustness and accuracy across 16 datasets.

PDF

ACL 2025 Main July 2025

MergePrint: Merge-Resistant Fingerprints for Robust Black-box Ownership Verification of Large Language Models

Shojiro Yamabe, Futa (Kai) Waseda, Tsubasa Takahashi, Koki Wataoka

Proposed MergePrint for merge-resistant fingerprinting of LLM ownership.
Enabled black-box verification without requiring model internals.
Preserved fingerprint detectability after model merging with limited utility loss.

PDF

ICLR 2025 April 2025

Rethinking Invariance Regularization in Adversarial Training to Improve Robustness-Accuracy Trade-off

Futa (Kai) Waseda, Ching-Chun Chang, Isao Echizen

Revisited invariance regularization to improve the robustness-accuracy trade-off.
Proposed AR-AT with asymmetric loss, stop-gradient, predictor, and split-BN.
Learned adversarially invariant yet discriminative representations more effectively.

PDF

ICIP 2024 October 2024

Defending Against Physical Adversarial Patch Attacks on Infrared Human Detection

Lukas Strack, Futa (Kai) Waseda, Huy H. Nguyen, Yinqiang Zheng, Isao Echizen

First defense study for physical adversarial patches in infrared human detection.
Proposed POD, an efficient patch-aware training and detection strategy.
Achieved strong robustness to unseen patch attacks while improving clean precision.

PDF

ICML 2023 July 2023

Beyond In-Domain Scenarios: Robust Density-Aware Calibration

Christian Tomani, Futa (Kai) Waseda, Yuesong Shen, Daniel Cremers

Proposed DAC, a KNN-based density-aware post-hoc calibration method.
Improved uncertainty reliability under domain shift and OOD conditions.
Maintained strong in-domain performance across diverse models and datasets.

PDF

WACV 2023 January 2023

Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently

Futa (Kai) Waseda, Sosuke Nishikawa, Trung-Nghia Le, Huy H. Nguyen, Isao Echizen

Analyzed class-aware transferability by separating “same mistake” and “different mistake” cases.
Showed that different mistakes can appear even between similar models.
Linked transfer behavior to model-specific use of non-robust features.

PDF Poster

Experience

Research Internship

Turing

Apr 2025 – Present Tokyo, Japan.

Research focus: reliable vision-language models.

Research Internship

SB Intuitions

Aug 2024 – Aug 2025 Tokyo, Japan.

Research focus: LLM’s IP protection.

Research Internship

CyberAgent AI Lab

Feb 2024 – Jan 2026 Tokyo, Japan.

Research focus: deep learning, vision-language models, and adversarial robustness.

Research Internship

NEC Corporation

Aug 2023 – Dec 2023 Tokyo, Japan.

Research focus: deep learning, computer vision, adversarial robustness, and parameter-efficient training.

CTO

Madori LABO（まどりLABO）

Apr 2023 – Present Tokyo, Japan.

Co-founding engineer at a startup building an AI-driven floor-plan design assistant.

Research Assistant

National Institute of Informatics

May 2020 – Present Tokyo, Japan.

Research focus: deep learning, computer vision, and adversarial robustness.

Technical Advisor

Ollo inc.

May 2020 – Present Tokyo, Japan

Started as a machine learning engineer and now provide technical guidance from a researcher’s perspective.

Awards

NII Inose Outstanding Student Award (NII猪瀬優秀学生賞), 2025

National Institute of Informatics (NII) Sep 2025

Received the NII Inose Outstanding Student Award (NII猪瀬優秀学生賞).

MIRU'24 Student Encouragement Award (MIRU'24 学生奨励賞)

Meeting on Image Recognition and Understanding (MIRU) Aug 2024

Received the MIRU 2024 Student Encouragement Award (MIRU'24 学生奨励賞).

Won the special prize at SAS analytics hackathon 2019.（SAS Institute Japan, The Analytics Hackathon 2019 特別賞）

SAS Institute Japan Jun 2019

In the contest, participants were given data and asked to construct machine learning system with high accuracy. (article url: https://enterprisezine.jp/article/detail/12209?p=2)

Won the first prize at MDS data science contest 2018.（MDSデータサイエンスコンテスト優勝）

Mathematics and Informatics Center Nov 2018

In the contest, participants were given big data and asked to perform value-generating analysis freely. Our group won the first prize and we were able to submit a paper. See the publication section.