Nicolas Papernot
Appointment
- Canada CIFAR AI Chair
- Pan-Canadian AI Strategy
About
Nicolas Papernot is a Canada CIFAR AI Chair at the Vector Institute, an assistant professor in the department of electrical and computer engineering at the University of Toronto, and a research scientist at Google Brain.
Papernot’s research interests span the areas of computer security and privacy in machine learning. Together with his collaborators, he demonstrated the first practical black-box attacks against deep neural networks. His work on differential privacy for machine learning, involving the development of a family of algorithms called Private Aggregation of Teacher Ensembles (PATE), has made it easy for machine learning researchers to contribute to differential privacy research. He also co-authored with Ian Goodfellow an open-source library called CleverHans, now widely adopted in the technical community to benchmark machine learning in adversarial settings.
Awards
- Best Paper Award, ICLR, 2017
- Google PhD Fellowship in Security, 2016
Relevant Publications
Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2017). Practical black-box attacks against machine learning. In Proceedings of the 2017 ACM on Asia conference on computer and communications security (pp. 506-519).
Tramèr, F., Kurakin, A., Papernot, N., Goodfellow, I., Boneh, D., & McDaniel, P. (2017). Ensemble adversarial training: Attacks and defenses.
Papernot, N., McDaniel, P., & Goodfellow, I. (2016). Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277.
Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z. B., & Swami, A. (2016). The limitations of deep learning in adversarial settings. In 2016 IEEE European symposium on security and privacy (EuroS&P) (pp. 372-387). IEEE.
Papernot, N., McDaniel, P., Wu, X., Jha, S., & Swami, A. (2016). Distillation as a defense to adversarial perturbations against deep neural networks. In 2016 IEEE symposium on security and privacy (SP) (pp. 582-597). IEEE.
Support Us
CIFAR is a registered charitable organization supported by the governments of Canada, Alberta and Quebec, as well as foundations, individuals, corporations and Canadian and international partner organizations.