Nicolas Papernot is an Assistant Professor of Computer Engineering and Computer Science at the University of Toronto. He also holds a Canada CIFAR AI Chair at the Vector Institute, and is a faculty affiliate at the Schwartz Reisman Institute. His research interests span the security and privacy of machine learning. Some of his group’s recent projects include generative model collapse, cryptographic auditing of ML, private learning, proof-of-learning, and machine unlearning. Nicolas is an Alfred P. Sloan Research Fellow in Computer Science and a Member of the Royal Society of Canada’s College of New Scholars. His work on differentially private machine learning was awarded an outstanding paper at ICLR 2022 and a best paper at ICLR 2017. He co-created the IEEE Conference on Secure and Trustworthy Machine Learning (SaTML) and is co-chairing its first two editions in 2023 and 2024. He previously served as an associate chair of the IEEE Symposium on Security and Privacy (Oakland), and an area chair of NeurIPS. Nicolas earned his Ph.D. at the Pennsylvania State University, working with Prof. Patrick McDaniel and supported by a Google PhD Fellowship. Upon graduating, he spent a year at Google Brain where he still spends some of his time.
Assistant Professor, Department of Electrical & Computer Engineering, University of Toronto
Assistant Professor, Department of Computer Science, University of Toronto
Canada CIFAR Artificial Intelligence Chair
Research Interests
- Computer Security
- Machine Learning
- Privacy
Highlights
- Faculty Affiliate, Schwartz Reisman Institute for Technology and Society
- Member of the College of New Scholars of the Royal Society of Canada in 2023.
- Co-founded the IEEE Conference on Secure and Trustworthy Machine Learning (SaTML).
- Outstanding Paper Award (10th International Conference on Learning Representations)
- Named an Alfred P. Sloan Research Fellow in Computer Science in 2022.
- Canada CIFAR AI Chair in 2019
- Connaught New Researcher Award
- Early Research Award from the Ministry of Colleges and Universities
- Google PhD Fellowship in Security
- Best Paper Award (5th International Conference on Learning Representations)
Publications
Dataset Inference: Ownership Resolution in Machine Learning
2021
Bad characters: Imperceptible nlp attacks
2021
Manipulating SGD with data ordering attacks
2021
Hyperparameter Tuning with Renyi Differential Privacy
2021
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning
2021
Markpainting: Adversarial Machine Learning meets Inpainting
2021
Unrolling sgd: Understanding factors influencing machine unlearning
2021
Increasing the Cost of Model Extraction with Calibrated Proof of Work
2022
Accelerating Symbolic Analysis for Android Apps
2021
Losing Less: A Loss for Differentially Private Deep Learning
2021
A Zest of LIME: Towards Architecture-Independent Model Distances
2021
Private Multi-Winner Voting For Machine Learning
2021
Context-invariant, multi-variate time series representations
2021
Fourth International Workshop on Dependable and Secure Machine Learning–DSML 2021
2021
Is Fairness Only Metric Deep? Evaluating and Addressing Subgroup Gaps in Deep Metric Learning
2019