Profile picture for Ana-Maria Cretu

Google Scholar / Website / LinkedIn / Twitter

Ana-Maria Cretu

Email: a DOT cretu AT imperial.ac.uk

I completed my PhD in the CPG in 2023. For the latest information, check out my personal website.

My research in the CPG lied at the intersection between (1) machine learning and (2) privacy and security. In my thesis, I studied vulnerabilities in behavioral datasets and data processing systems such as machine learning models, query-based systems and client-side scanning through the lens of automated attacks. Specifically, I used machine learning and evolutionary algorithms to develop novel attacks against such systems. Through a rigurous study of privacy vulnerabilities, my research can inform the design of principled countermeasures allowing to prevent them and, ultimately, to use data safely.

Prior to starting my PhD, I obtained an MSc in Computer Science from EPFL, Switzerland, and the Diplome d’Ingénieur de l’Ecole Polytechnique (equivalent to a Bachelors and Master’s degree) from Ecole Polytechnique, France. At Ecole Polytechnique, I studied Pure and Applied Mathematics and Computer Science, and specialized in Data Science. Towards completion of my EPFL MSc degree, I did my Master Thesis in the Department of Computer Science at the University of Oxford under the supervision of Prof. Thomas Lukasiewicz, and in close collaboration with Dr. Oana-Maria Camburu. My research there was on 1) developing deep learning-based approaches to solve the Winograd Schema Challenge and 2) developing sentence representation models with the goal of improving interpretability and performance on a set of benchmark natural language processing tasks.

In 2022, I did an internship at Microsoft Research in the Privacy-Preserving Machine Learning team, working with Dr. Shruti Tople and Dr. Daniel Jones. In 2020, I was a research intern at Twitter (London, UK) in the graph learning team. I worked with Dr. Davide Eynard on the privacy of Twitter graph data. In 2017, I did a summer internship at Google (Boulder, Colorado, USA), in the Payments Compliance Engineering Team, under Craig Wright’s supervision. In 2016, I did a 5-month internship at Google (Paris, France), under Dr. Sertan Girgin’s supervision.

News

Publications

  • Stevanoski, B., Cretu, A.-M., and de Montjoye Y. A. QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems. ACM Conference on Computer and Communications Security (ACM CCS 2024) (2024).

  • Gadotti, A., Rocher, L., Houssiau, F., Cretu, A.-M., and de Montjoye Y. A. Anonymization: The imperfect science of using data while preserving privacy. Science Advances, 2024 (2024).

  • Guan, V., Guépin, F., Cretu, A.-M., and de Montjoye Y. A. A Zero Auxiliary Knowledge Membership Inference Attack on Aggregate Location Data. Proceedings on Privacy Enhancing Technologies 2024(4) (PoPETS 2024) (2024).

  • Cretu, A.-M., Jones, Daniel, de Montjoye Y. A, and Tople, Shruti. Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting. In Proceedings on Privacy Enhancing Technologies 2024(3), 407–430. (2024).

  • Cretu, A.-M., Guépin, F., and de Montjoye Y. A. Correlation inference attacks against machine learning models. Science Advances, 2024 (2024).

  • Cretu, A.-M.*, Rusu, Miruna*, and de Montjoye Y. A. Re-pseudonymization Strategies for Smart Meter Data Are Not Robust to Deep Learning Profiling Attacks. In Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy (CODASPY ’24), June 19–21, 2024, Porto, Portugal. ACM, New York, NY, USA. (2024).

  • Guépin, F., Meeus, M., Cretu, A.-M., and de Montjoye Y. A. Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data. 18th DPM International Workshop on Data Privacy Management, Sept 2023, The Hague (2023).

  • Meeus, M., Guépin, F., Cretu, A.-M., and de Montjoye Y. A. Achilles’ Heels: Vulnerable Record Identification in Synthetic Data Publishing. 28th European Symposium on Research in Computer Security (ESORICS), Sept 2023, The Hague (2023).

  • Jain, S., Cretu, A.-M., Cully, A. and de Montjoye Y. A. Deep perceptual hashing algorithms with hidden dual purpose: when client-side scanning does facial recognition. 2023 IEEE Symposium on Security and Privacy (SP) (2023).
    Selected Press: Imperial College London News

  • Cretu, A.-M.*, Houssiau, F.*, Cully, A., and de Montjoye Y. A. QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS '22). Association for Computing Machinery, New York, NY, USA, 623–637. (2022).
    Selected Press: Imperial College London

  • Jain, S.*, Cretu, A.-M.*, and de Montjoye Y. A. Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. 31st USENIX Security Symposium (2022).
    Selected Press: Imperial College London News

  • Cretu, A.-M., Monti, F., Marrone, S., Dong, X., Bronstein, M. and de Montjoye Y. A. Interaction data are identifiable even across long periods of time. Nature Communications (13), 313 (2022).
    Selected Press: Science News, RFI

  • Kocijan, V., Camburu, O.-M., Cretu, A.-M., Yordanov, Y., Blunsom, P. & Lukasiewicz, T. WikiCREM: A Large Unsupervised Corpus for Co−Reference Resolution. Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and 9th International Joint Conference on Natural Language Processing‚ EMNLP−IJCNLP (2019).

  • Kocijan, V., Cretu, A.-M., Camburu, O.-M., Yordanov, Y., & Lukasiewicz, T. A Surprisingly Robust Trick for the Winograd Schema Challenge. Association for Computational Linguistics (pp. 4837-4842) (2019).