Federica Granese

Inria - Université Côte d'Azur
2004 Rte des Lucioles, 06560 Valbonne
France
federica.granese@inria.fr

github dblp google scholar linkedin cv

Hey there! I am currently holding a Starting Research Position (SRP) at Inria Center at Université Côte d'Azur - Marianne team.

I successfully earned my B.Sc. and M.Sc. in Computer Science from Sapienza University of Rome in 2017 and 2019, respectively. Furthermore, in April 2023, I proudly completed my Ph.D. studies, receiving degrees from both Institut Polytechnique de Paris (École Polytechnique) and Sapienza University of Rome.

My interests lie at the intersection between security in machine learning on the one hand, and machine learning applied to the medical field on the other.

News
December 24, 2024 I have been recognized as one of the top 25% excellent reviewers @ KDD 2025 – the ACM SIGKDD Conference on Knowledge Discovery and Data Mining.
December 1, 2024 After nearly five years in Paris, I am excited to announce that I will be embarking on a new adventure in Sophia Antipolis. I am thrilled to be joining the newly formed Marianne Team, led by DR. Serena Villata, as part of a Starting Research Position. I’m also looking forward to finally enjoying the beautiful weather again!
November 16, 2024 Our work on ECGrecover: a Deep Learning Approach for Electrocardiogram Signal Completion has been accepted @ KDD 2025 – the ACM SIGKDD Conference on Knowledge Discovery and Data Mining.
October 10, 2024 Our work on Adapting TabPFN for Zero-Inflated Metagenomic Data has been accepted at the Table Representation Learning (TRL) workshop @ NeurIPS 2024.
September 26, 2024 I will be giving a seminar on my research on safety and security in machine learning at Inria-Lille (Magnet team).
July 02, 2024 Mentions honorables: Prix De Thèse SSFAM.
May 31, 2024 I will be presenting a seminar on my research on Adversarial Examples at the SoSySec seminar at Inria-Rennes.
May 02, 2024 I will present our paper Optimal Zero-Shot Detector for Multi-Armed Attacks at the AISTATS conference. ¡Nos vemos en Valencia!
January 31, 2024 I will talk at the Séminaire COMCYBER/IA. Round table: «Fiabilité, confiance, éthique: quelle sécurité des IA?»
January 20, 2024 My thesis Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection is finally online!
January 19, 2024 Our work on Optimal Zero-Shot Detector for Multi-Armed Attacks has been accepted @ AISTATS 2024 - International Conference on Artificial Intelligence and Statistics.
November 16, 2023 I will present our work on The Negative Impact of Denoising on Automated Classification of Electrocardiograms at the Réunion d'Unité UMMISCO 2023, Bondy, France.
October 27, 2023 Our work on The Negative Impact of Denoising on Automated Classification of Electrocardiograms has been accepted at the DGM4H workshop @ NeurIPS 2023.
April 21, 2023 I successfully defended my PhD thesis titled Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection at Inria Saclay.
April 01, 2023 New job position: Postdoctoral Fellow at IRD (UMMISCO) - Sorbonne University, Paris, France.
February 28, 2023 I completed my Research Internship, initiated in October 2022 at École de technologie supérieure (ÉTS) in Montreal, Quebec, focusing on the Detection of Errors in image segmentation tasks.

Research Interests

Security in Machine Learning: Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection. Prof. Pablo Piantanida, Dr. Marco Romanelli, DR. Catuscia Palamidessi, Prof. Daniele Gorla.

Deep Neural Networks (DNNs) have seen significant advances in recent years and are nowadays widely used in a variety of applications. When it comes to safety-critical systems, developing methods and tools to make these algorithms reliable, particularly for non-specialists who may treat them as “black boxes” with no further checks, constitutes a core challenge. The purpose of the research is to investigate various methods that can enable the safe use of these technologies. In particular under the lens of:

  • Misclassification detection, i.e., the problem of identifying whether the prediction of a DNN classifier should (or should not) be trusted.
  • Multi-armed adversarial attacks detection, i.e., the problem of identifying simultaneous adversarial attacks perpetrated over the DNN classifier.
Machine Lerning for Health: Application of machine learning and AI concepts to various healthcare use cases. In collaboration with - DR. Jean-Daniel Zucker and DR. Edi Prifti (Sorbonne University, IRD).

I am particuarly focusing on:

  • Enhancing the robustness of Electrocardiogram (ECG) classifiers specifically for arrhythmia prediction.
  • Studying the impact of Electrocardiogram (ECG) denoising on automated classification and its consequential implications on the reliability of the models.
  • Meta-learning for metagenomic classification tasks with a focus on Prior-Data Fitted Networks (PFNs)-like models.

Publications

Proceedings of International Conferences and Journal Papers
  1. Alex Lence, Federica Granese, Ahmad Fall, Blaise Hanczar, Joe-Elie Salem, Jean-Daniel Zucker, Edi Prifti: ECGrecover: a Deep Learning Approach for Electrocardiogram Signal Completion. KDD 2025. [Paper | Code]
  2. Federica Granese, Marco Romanelli, Pablo Piantanida: Optimal Zero-Shot Detector for Multi-Armed Attacks. AISTATS 2024. [Paper | Code]
  3. Marine Picot, Federica Granese, Guillaume Staerman, Marco Romanelli, Francisco Messina, Pablo Piantanida, Pierre Colombo: A Halfspace-Mass Depth-Based Method for Adversarial Attack Detection. Trans. Mach. Learn. Res. 2023 (2023). [Paper | Code]
  4. Federica Granese, Marine Picot, Marco Romanelli, Francisco Messina, Pablo Piantanida: MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. ECML/PKDD (3) 2022: 286-303. [Paper | Code]
  5. Federica Granese, Daniele Gorla, Catuscia Palamidessi: Enhanced models for privacy and utility in continuous-time diffusion networks. Int. J. Inf. Sec. 20(5): 763-782 (2021). [Paper]
  6. Federica Granese, Marco Romanelli, Daniele Gorla, Catuscia Palamidessi, Pablo Piantanida: DOCTOR: A Simple Method for Detecting Misclassification Errors. NeurIPS 2021: 5669-5681. Spotlight. [Paper | Code]
  7. Daniele Gorla, Federica Granese, Catuscia Palamidessi: Enhanced Models for Privacy and Utility in Continuous-Time Diffusion Networks. ICTAC 2019: 313-331. [Paper]
Preprints
  1. Alex Lence, Ahmad Fall, Samuel David Cohen, Federica Granese, Jean-Daniel Zucker, Joe-Elie Salem, Edi Prifti. ECGtizer: a fully automated digitizing and signal recovery pipeline for electrocardiograms. [Paper | Code]
  2. Eduardo Dadalto Câmara Gomes, Marco Romanelli, Federica Granese, Pablo Piantanida: A simple Training-Free Method for Rejection Option (2023). [Paper]
  3. Daniele Gorla, Louis Jalouzot, Federica Granese, Catuscia Palamidessi, Pablo Piantanida: On the (Im)Possibility of Estimating Various Notions of Differential Privacy. CoRR abs/2208.14414 (2022). [Paper]
Workshops
  1. Giulia Perciballi, Federica Granese, Ahmad Fall, Farida Zehraoui, Edi Prifti, Jean-Daniel Zucker: Adapting TabPFN for Zero-Inflated Metagenomics Data. Third Table Representation Learning Workshop NeurIPS 2024. [Paper | Code]
  2. Federica Granese, Ahmad Fall, Alex Lence, Joe-Elie Salem, Jean-Daniel Zucker, Edi Prifti: The Negative Impact of Denoising on Automated Classification of Electrocardiograms. Deep Generative Models for Health Workshop NeurIPS 2023. [Paper | Code]
  3. Daniele Gorla, Louis Jalouzot, Federica Granese, Catuscia Palamidessi, Pablo Piantanida: On the (Im) Possibility of Estimating Various Notions of Differential Privacy (short paper). Communication in the 24th Italian Conference on Theoretical Computer Science (ICTCS 2023).