Nicole Meng's Mission To Make AI Safer And More Accessible

AI-driven solutions have grown significantly across different industries due to their computing capabilities and high performance, powering critical fields, such as healthcare, robotics, and autonomous driving. Despite their rapid development and growing adoption, these systems are often deployed without proper security evaluations of how models behave under realistic adversarial scenarios. AI-powered products can be susceptible to data poisoning, jailbreak, or backdoor attacks: all weaknesses that would compromise model integrity in high-stakes situations.

AI security researcher Nicole Meng believes that safety and security research must evolve in parallel with the rapid advancement of modern AI systems. Her work focuses on identifying vulnerabilities in generative and foundation models, particularly in computer vision and multimodal AI, with the goal of building systems that are robust and resilient against real world threats.

Her research explores how AI models can be manipulated, produce unsafe outputs, or behave unpredictably under carefully crafted attack conditions. Meng aims to help the industry better understand, evaluate, and strengthen the safety and reliability of next generation AI systems as they become increasingly integrated into everyday technologies and critical applications.

AI’s Current Safety Risks

Meng’s work aims to target one of the most urgent but least defined problems in technology today: how to design and integrate defenses directly into advanced AI systems without weakening their performance. She believes that the AI systems’ technical capabilities have evolved faster than the defenses built to protect them, and that this imbalance puts both institutions (as well as the people they serve) at risk.

“Most researchers and industry leaders are solely focused on their model’s performance,” she explains, “but the models themselves often lack adversarial robustness and privacy protection.”

For Meng, the consequences of this oversight are concrete. A manipulated input for a vision model in a driverless car could misread a stop sign, turning a simple command into a life-threatening mistake, or a diagnostic model in a hospital could be manipulated into misinterpreting a medical image, resulting in potentially harmful treatments.

She points to an article she read during undergrad, detailing how researchers tricked a self-driving car into drifting into the wrong lane, as an early sign of how easily real-world systems can be manipulated.

That’s why she considers it essential to build security directly into these models, viewing this work as “as foundational as the first laws a society creates.” Her work focuses on designing frameworks that can systematically strengthen these models: methods that can identify vulnerabilities, preserve robust performance, and help researchers and engineers improve AI safety early in development.

“A model should not be deployed for public use unless it has passed both standardized and customized robustness evaluations,” she explains. “People are too focused on how great AI is. We need more people saying, ‘Let’s test it. Let’s put rules in place.’ My goal is to be one of the contributing powers to pinpoint key vulnerabilities, designing effective defenses integrated with systems, and establishing systematic frameworks for evaluations.”

How Nicole Meng Strengthens AI Through Research

Over the years, Meng has been involved in multiple research projects that seek to strengthen the security of AI.

Meng notes that her undergraduate thesis introduced the Triangle Attack with Reinforcement Learning (TARL), a black-box adversarial attack that identified critical security weaknesses in computer vision image classification models. TARL strategically probes a model with minimal information, learning through reinforcement on how to generate near-imperceptible changes to inputs, alterations that could make a model mislabel or misclassify what it sees.

This work gave researchers a new way to evaluate a model’s internal performance and better understand how easily critical systems could be misled.

Meng expanded her research with two papers presented in 2024. One introduced a method for classifying long, unstructured texts in preferential trade agreements by using condensed text embeddings to extract information from dense legal documents. The other proposed a two-stage machine learning framework for predicting international trade flows, combining explainable AI with factorization models to show how specific trade provisions influence economic dynamics.

Shifting Her Focus To Generative Vision Models

Lately, Meng’s research has focused on Neural Radiance Fields (NeRF) and 3D Gaussian Splatting (3DGS), both 3D modeling systems that reconstruct entire 3D scenes from limited 2D image inputs. These models are gaining increased attention for their real-time rendering abilities and accuracy. Once trained, they are able to generate a 3D scene from sparse images in real-time on demand, powering applications in drone imaging, 3D medical imaging, and real estate photography.

During one recent research project, Meng led a team set out to develop an adversarial algorithm to demonstrate the current vulnerabilities of Generalizable NeRF models. The method customizes small, optimized perturbations to the input images that NeRF relies on. They explored whether tiny, carefully designed distortions, those too subtle for humans to notice, could alter the system’s understanding of depth, color, shape, or structure of the entire generated scene. The team’s goal was to identify whether NeRF, despite its sophistication, remains vulnerable to carefully crafted pixel-level perturbations that can interfere with its ability to generate accurate and reliable 3D representations.The result, in turn, revealed vulnerabilities that hadn’t been thoroughly researched before.

“You can essentially trick a NeRF model by adding imperceptible noise to the image you’re feeding it. That’s a vulnerability of deep learning,” Meng explains. “Humans focus on the bigger picture; tiny pixel changes don’t affect our perceptions and decisions, but these models are ultra-sensitive to per‑pixel changes.”

The implications of her team’s findings reach far beyond the lab. NeRF-like models are increasingly used in robotics, autonomous navigation, and 3D mapping tools, meaning their misinterpretation of a scene could lead to inaccurate spatial decisions. In certain environments, even a slight distortion in depth could cause a machine to misread a surface or object, impacting safety-critical decisions. Understanding and addressing these vulnerabilities would be critical as these models move into broader industry uses.

Meng’s paper introducing this breakthrough was recently published and presented at one of the most distinguished conferences in the computer science field, where it showed the importance of assessing generative 3D systems before they move into mainstream use.

Since 3D generative model security and privacy is a relatively new, fast-evolving, yet underexplored topic in computer vision, Meng is hosting and leading SPAR-3D, the first-ever 3D vision system security and privacy workshop at CVPR 2026 in Denver. She is bringing researchers from all over the world who work on generative 3D vision, AI safety, and multimodal alignments to establish foundations for trustworthy 3D AI systems. While these experts have worked individually, unifying them together has the potential to accelerate research progress, surface system vulnerabilities, and systematically explore and define common threat models and evaluation standards that the industry currently lacks.

Industry Experience And Entrepreneurial Leadership

In parallel with her research work, Meng also gained hands-on industry experience. She worked as a full-stack software engineer in the workforce intelligence team at an AI-powered enterprise software platform, where she utilized ReactJS, Redux, and TypeScript at a rapid pace, deploying production-ready features within weeks.

Despite enjoying this type of engineering, she eventually realized she was more interested in the combination of research and innovation-driven education. This led her to co-found learnLogica LLC, an education startup designed to provide students access to advanced computer science curriculum.

Her mentorship also extended internationally, including a project with a leading university’s Summer Global Research Program. There, she guided a student in creating the first publicly available dataset for Taiwanese Sign Language, enabling further research in vision-language translation tools. The project produced a valuable resource for the academic community while showing Meng’s commitment to making technology inclusive and accessible.

Through these efforts, Meng helps prepare future computer scientists to approach technology with both technical depth and ethical awareness.

Establishing Safe Deployments For AI

For Nicole Meng, the next wave of AI progress will depend not just on smarter models, but on smarter oversight: frameworks that make reliability and transparency inseparable from innovation. Through her research in fields like 3D reconstruction and mentorship initiatives, she hopes to shape a future where the question isn’t how fast AI can advance, but how responsibly it can evolve.

BDG Media newsroom and editorial staff were not involved in the creation of this content.