Nathalie Baracaldo
Scholar

Nathalie Baracaldo

Google Scholar ID: 3ACndBYAAAAJ
IBM Almaden Research Center, Senior Research Staff Member, Ph.D.
AI securityFederated LearningAdversarial machine learningInformation SecurityInsider Threat
HomepageGoogle Scholar
Citations & Impact
All-time
Citations
6,617
 
H-index
28
 
i10-index
46
 
Publications
20
 
Co-authors
11
list available
Contact
TwitterOpen ↗GitHubOpen ↗LinkedInOpen ↗
Publications
13 items
The Unlearning Mirage: A Dynamic Framework for Evaluating LLM Unlearning
2026
Cited
0
Entropy-Aware On-Policy Distillation of Language Models
2026
Cited
0
In-Context Probing for Membership Inference in Fine-Tuned Language Models
2025
Cited
0
Beyond SFT: Reinforcement Learning for Safer Large Reasoning Models with Better Reasoning Ability
2025
Cited
0
Mitigating Modality Imbalance in Multi-modal Learning via Multi-objective Optimization
2025
Cited
0
Evaluating the Dynamics of Membership Privacy in Deep Learning
2025
Cited
0
Membership Inference Attacks as Privacy Tools: Reliability, Disparity and Ensemble
2025
Cited
0
Reasoning Model Unlearning: Forgetting Traces, Not Just Answers, While Preserving Reasoning Skills
2025
Cited
0
Resume (English only)
Academic Achievements
  • Named IBM Master Inventor (2020)
  • Received IBM Corporate Technical Recognition (2021) for contributions to Trusted AI
  • Associate Editor of IEEE Transactions on Service Computing
  • Guest Editor for IEEE S&P Magazine Special Issue on ML Security and Privacy
  • Publication Chair (S&P 2022) and Poster Chair (S&P 2021) at IEEE Symposium on Security and Privacy
  • Organized federated learning workshops: MLSys CrossFL 2022, ICML-FL 2021, ICML-FL 2020
  • Advisor for 2021 Workshop on Security, Privacy, and Ethics in Health and Biomedical Research
  • Published numerous papers (available via Google Scholar)
  • Holds multiple patents (available via Google Patents)
Research Experience
  • Leads the AI Security and Privacy Solutions team at IBM Almaden Research Center
  • Principal Investigator for DARPA’s GARD (Guaranteeing AI Robustness Against Deception) program
  • Contributor to the Adversarial Robustness 360 Toolbox (ART)
  • Designed secure systems in cloud computing, Platform as a Service (PaaS), secure data sharing, and Internet of Things
  • Developed scalable systems for monitoring, performance management, and SLA management in cloud environments
Background
  • Manager of AI Security and Privacy Solutions and Research Staff Member at IBM Almaden Research Center
  • Research interests lie at the intersection of information security, privacy, and trust
  • Passionate about developing highly accurate machine learning solutions that resist adversarial attacks and protect data privacy
  • Team focuses on federated learning (training models without direct access to raw data) and adversarial machine learning (designing defenses against attacks on ML pipelines)
  • Contributor to IBM's Trusted AI initiative
Miscellany
  • Invited tutorial speaker at IEEE TPS 2021
  • Keynote speaker at EMISA 2021
  • Featured guest on Data Science Podcast discussing federated learning
  • Authored blog posts on 'Accountable Federated Learning' (in English and German)
  • Presented at NeurIPS 2020 workshop 'Beyond AutoML: Scaling & Automating AI'
  • Interviewed on YouTube (DC_THURS) about federated learning and adversarial ML
Co-authors
11 total
Heiko Ludwig
Heiko Ludwig
Research Manager, IBM Research
James Joshi
James Joshi
Professor, SCI, University of Pittsburgh
Co-author 3
Co-author 3
Co-author 4
Co-author 4
Balaji Palanisamy
Balaji Palanisamy
Associate Professor, School of Computing and Information, University of Pittsburgh
Co-author 6
Co-author 6
Co-author 7
Co-author 7
Co-author 8
Co-author 8