Dr. Nathalie Baracaldo

Nathalie Baracaldo leads the AI Security and Privacy Solutions team and is a Research Staff Member at IBM’s Almaden Research Center in San Jose, CA. Nathalie is passionate about delivering machine learning solutions that are highly accurate, withstand adversarial attacks and protect data privacy. Nathalie’s research and team focuses on two main areas: federated learning, where models are trained without directly accessing training data and adversarial machine learning, where defenses are designed to withstand potential attacks to the machine learning pipeline. Nathalie has over eighteen patents filed, and five granted. In 2020, Nathalie received the IBM Master Inventor distinction. She has published more than twenty papers in peer-reviewed conferences and journals, receiving three best paper awards.  Nathalie received her Ph.D. degree from the University of Pittsburgh, USA in 2016.

Nathalie-baracaldo_edited.jpg

In this talk I will first discuss the potential vulnerabilities that arise in this setting including membership inference and poisoning attacks. Then I will discuss some of the solutions that the team I lead at IBM research has been working on. These solutions include the utilization of differential privacy and multi-party computation during the training process, and I will explain their effect on the final accuracy of the global model. Finally, I will outline some research directions in this area.