Federica Granese

IRD (UMMISCO)
Sorbonne Université
32 Av. Henri Varagnat, 93143 Bondy
91 Bd de l'Hôpital, 75013 Paris

France
federica.granese@ird.fr

github dblp google scholar linkedin cv

Hey there! I am currently serving as a Postdoctoral Fellow at Institut de Recherche pour le Développement (IRD) - Unité de Modélisation Mathématique et Informatique des Systèmes Complexes UMMISCO).

I successfully earned my B.Sc. and M.Sc. in Computer Science from Sapienza University of Rome in 2017 and 2019, respectively. Furthermore, in April 2023, I proudly completed my Ph.D. studies, receiving degrees from both Institut Polytechnique de Paris (École Polytechnique) and Sapienza University of Rome.

My interests lie at the intersection between security in machine learning on the one hand, and machine learning applied to the medical field on the other.

News
January 31, 2024 I will talk at the Séminaire COMCYBER/IA. Round table: «Fiabilité, confiance, éthique: quelle sécurité des IA?»
January 20, 2024 My thesis Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection is finally online!
January 19, 2024 Our work on Optimal Zero-Shot Detector for Multi-Armed Attacks has been accepted @ AISTATS 2024 - International Conference on Artificial Intelligence and Statistics.
November 16, 2023 I will present our work on The Negative Impact of Denoising on Automated Classification of Electrocardiograms at the Réunion d'Unité UMMISCO 2023, Bondy, France.
October 27, 2023 Our work on The Negative Impact of Denoising on Automated Classification of Electrocardiograms has been accepted at the DGM4H workshop @ NeurIPS 2023.
April 21, 2023 I successfully defended my PhD thesis titled Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection at Inria Saclay.
April 01, 2023 New job position: Postdoctoral Fellow at IRD - Unité de Modélisation Mathématique et Informatique des Systèmes Complexes (UMMISCO).
February 28, 2023 I completed my Research Internship, initiated in October 2022 at École de technologie supérieure (ÉTS) in Montreal, Quebec, focusing on the Detection of Errors in image segmentation tasks.

Research Interests

Security in Machine Learning: Towards Securing Machine Learning Algorithms through Misclassification Detection and Adversarial Attack Detection. Prof. Pablo Piantanida, Dr. Marco Romanelli.

Deep Neural Networks (DNNs) have seen significant advances in recent years and are nowadays widely used in a variety of applications. When it comes to safety-critical systems, developing methods and tools to make these algorithms reliable, particularly for non-specialists who may treat them as “black boxes” with no further checks, constitutes a core challenge. The purpose of the research is to investigate various methods that can enable the safe use of these technologies. In particular under the lens of:

  • Misclassification detection, i.e., the problem of identifying whether the prediction of a DNN classifier should (or should not) be trusted.
  • Multi-armed adversarial attacks detection, i.e., the problem of identifying simultaneous adversarial attacks perpetrated over the DNN classifier.
Machine Lerning for Health: DeepECG4U - L’intelligence artificielle au service de la santé cardiaque (artificial intelligence in the service of heart health) - Prof. Edi Prifti, Prof. Jean-Daniel Zucker.

I am particuarly focusing on:

  • Enhancing the robustness of Electrocardiogram (ECG) classifiers specifically for arrhythmia prediction.
  • Studying the impact of Electrocardiogram (ECG) denoising on automated classification and its consequential implications on the reliability of the models.

Publications

Proceedings of International Conferences and Journal Papers
  1. Federica Granese, Marco Romanelli, Pablo Piantanida: Optimal Zero-Shot Detector for Multi-Armed Attacks. AISTATS 2024. [To appear]
  2. Marine Picot, Federica Granese, Guillaume Staerman, Marco Romanelli, Francisco Messina, Pablo Piantanida, Pierre Colombo: A Halfspace-Mass Depth-Based Method for Adversarial Attack Detection. Trans. Mach. Learn. Res. 2023 (2023). [Paper | Code]
  3. Federica Granese, Marine Picot, Marco Romanelli, Francisco Messina, Pablo Piantanida: MEAD: A Multi-Armed Approach for Evaluation of Adversarial Examples Detectors. ECML/PKDD (3) 2022: 286-303. [Paper | Code]
  4. Federica Granese, Daniele Gorla, Catuscia Palamidessi: Enhanced models for privacy and utility in continuous-time diffusion networks. Int. J. Inf. Sec. 20(5): 763-782 (2021). [Paper]
  5. Federica Granese, Marco Romanelli, Daniele Gorla, Catuscia Palamidessi, Pablo Piantanida: DOCTOR: A Simple Method for Detecting Misclassification Errors. NeurIPS 2021: 5669-5681. Spotlight. [Paper | Code]
  6. Daniele Gorla, Federica Granese, Catuscia Palamidessi: Enhanced Models for Privacy and Utility in Continuous-Time Diffusion Networks. ICTAC 2019: 313-331. [Paper]
Preprints
  1. Federica Granese, Marco Romanelli, Siddharth Garg, Pablo Piantanida: A Minimax Approach Against Multi-Armed Adversarial Attacks Detection. CoRR abs/2302.02216 (2023). [Paper | Code coming soon]
  2. Eduardo Dadalto Câmara Gomes, Marco Romanelli, Federica Granese, Pablo Piantanida: A simple Training-Free Method for Rejection Option (2023). [Paper]
  3. Daniele Gorla, Louis Jalouzot, Federica Granese, Catuscia Palamidessi, Pablo Piantanida: On the (Im)Possibility of Estimating Various Notions of Differential Privacy. CoRR abs/2208.14414 (2022). [Paper]
Workshops
  1. Federica Granese, Ahmad Fall, Alex Lence, Joe-Elie Salem, Jean-Daniel Zucker, Edi Prifti: The Negative Impact of Denoising on Automated Classification of Electrocardiograms. Deep Generative Models for Health Workshop NeurIPS 2023. [Paper | Code]
  2. Daniele Gorla, Louis Jalouzot, Federica Granese, Catuscia Palamidessi, Pablo Piantanida: On the (Im) Possibility of Estimating Various Notions of Differential Privacy (short paper). Communication in the 24th Italian Conference on Theoretical Computer Science (ICTCS 2023).