NUS Presidential Young Professor

Assistant Professor
Computer Science Department
National University of Singapore (NUS)

Twitter: @rzshokri
Phone: +65-651-64464
Office: COM2-03-60
Mailing Address: Dept. of Computer Science,
NUS School of Computing, 13 Computing Drive,
Computing 1, #03-27, Singapore 117417.

My research is in data privacy and trustworthy machine learning. I am interested in designing algorithms to quantitatively measure the privacy risks of data processing algorithms, and build scalable algorithms for generalizable machine learning models that are privacy-preserving, robust, and interpretable. We work on understanding the trade-offs between different pillars of trust in machine learning for practical scenarios, and on resolving such conflicts with mathematical rigor. I have recieved the NUS Presidential Young Professorship, for working on privacy in machine learning, the NUS Early Carrier Research Award, for working on trustworthy machine learning for high-dimensional models, the AI Singapore research award (with Yair Zick), for working on privacy-aware transparency for machine learning, and AI Singapore research award (with Li Shiuan Peh), for working on efficient and secure collaborative machine learning.

I have open positions for PhD students and postdoctoral researchers. Please send me your CV and research statement.

NEWS ➙ We have released our ML Privacy Meter tool, which enables quantifying the privacy risks of machine learning models.

Recent/Upcoming Invited Talks and Visits

Selected Research Papers (see also Google Scholar)

Hongyan Chang, Virat Shejwalkar, Reza Shokri, and Amir Houmansadr
Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer
arXiv:1912.11279, 2019

Reza Shokri, Martin Strobel, and Yair Zick
Privacy Risks of Explaining Machine Learning Models
arXiv:1907.00164, 2019
Media: Harvard Business Review

Liwei Song, Reza Shokri, and Prateek Mittal
Privacy Risks of Securing Machine Learning Models against Adversarial Examples
ACM Conference on Computer and Communications Security (CCS), 2019.

Milad Nasr, Reza Shokri, and Amir Houmansadr
Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning
IEEE Symposium on Security and Privacy (S&P) -- Oakland, 2019. [talk by M. Nasr]

Sasi Kumar Murakonda, Reza Shokri, and George Theodorakopoulos
Ultimate Power of Inference Attacks: Privacy Risks of Learning High-Dimensional Graphical Models
arXiv:1905.12774, 2019

Milad Nasr, Reza Shokri, and Amir Houmansadr
Machine Learning with Membership Privacy using Adversarial Regularization [code] [talk by A. Houmansadr]
ACM Conference on Computer and Communications Security (CCS), 2018.

Tyler Hunt, Congzheng Song, Reza Shokri, Vitaly Shmatikov, and Emmett Witchel
Chiron: Privacy-preserving Machine Learning as a Service
arXiv:1803.05961, 2018
Media: ZDNet

Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov
Membership Inference Attacks against Machine Learning Models [code] [data] [talk]
IEEE Symposium on Security and Privacy (S&P) -- Oakland, 2017.
The Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies 2018.

Vincent Bindschaedler, Reza Shokri, and Carl Gunter
Plausible Deniability for Privacy-Preserving Data Synthesis [code]
VLDB Endowment International Conference on Very Large Data Bases (PVLDB), 2017.

Vincent Bindschaedler and Reza Shokri.
Synthesizing Plausible Privacy-Preserving Location Traces [code] [talk by V. Bindschaedler]
IEEE Symposium on Security and Privacy (S&P) -- Oakland, 2016.

Reza Shokri, George Theodorakopoulos, and Carmela Troncoso
Privacy Games along Location Traces: A Game-Theoretic Framework for Optimizing Location Privacy
ACM Transactions on Privacy and Security (TOPS), 2016.

Richard McPherson, Reza Shokri, and Vitaly Shmatikov
Defeating Image Obfuscation with Deep Learning
arXiv:1609.00408, 2016
Media: The Register, WIRED, The Telegraph, BBC, and more

Reza Shokri and Vitaly Shmatikov.
Privacy-Preserving Deep Learning [code]
ACM Conference on Computer and Communications Security (CCS), 2015.
(Invited to) Conference on Communication, Control, and Computing (Allerton), 2015.
Media: MIT Technology Review

Reza Shokri.
Privacy Games: Optimal User-Centric Data Obfuscation
Privacy Enhancing Technologies Symposium (PETS), 2015

Igor Bilogrevic, Kevin Huguenin, Stephan Mihaila, Reza Shokri, and Jean-Pierre Hubaux.
Predicting Users' Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms
Network and Distributed System Security (NDSS) Symposium, 2015.

Arthur Gervais, Reza Shokri, Adish Singla, Srdjan Capkun, and Vincent Lenders.
Quantifying Web-Search Privacy [code]
ACM Conference on Computer and Communications Security (CCS), 2014.

Reza Shokri, George Theodorakopoulos, Panos Papadimitratos, Ehsan Kazemi, and Jean-Pierre Hubaux.
Hiding in the Mobile Crowd: Location Privacy through Collaboration
IEEE Transactions on Dependable and Secure Computing (TDSC), 2014.

Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec.
Protecting Location Privacy: Optimal Strategy against Localization Attacks [code]
ACM Conference on Computer and Communications Security (CCS), 2012.

Reza Shokri, George Theodorakopoulos, Jean-Yves Le Boudec, and Jean-Pierre Hubaux.
Quantifying Location Privacy [code]
IEEE Symposium on Security and Privacy (S&P) -- Oakland, 2011.
Runner-up for the Outstanding Research Award in Privacy Enhancing Technologies 2012.


CS6231 (Sem 1: 2019-20): Adversarial Machine Learning

CS3235 (Sem 2: 2019-20): Computer Security

CS4257 (Sem 2: 2017-18, 2018-19): Algorithmic Foundations of Privacy (anonymous communication, data privacy, private computation)

CS6231 (Sem 1: 2018-19): An Adversarial View of Privacy (inference attacks)

CS6101 (Sem 1: 20**): Privacy and Security in Machine Learning (adversarial machine learning)

Professional Activities

NUS Computer Science Research Week: 2019, 2020

Program committee member of
  • IEEE Symposium on Security and Privacy (Oakland): 2019, 2020, 2021,
  • ACM Conference on Computer and Communications Security (CCS): 2017, 2019, 2020
  • Privacy-Enhancing Technologies Symposium (PETS): 2013, 2014, 2015, 2017, 2019, 2020
  • ACM ASIA Conference on Computer and Communications Security (ASIACCS): 2019, 2020
  • ACM CCS Workshop on Theory and Practice of Differential Privacy (TPDP): 2018, 2019
  • Deep Learning and Security workshop (DLS): 2020
  • AAAI Workshop on Privacy-Preserving Artificial Intelligence (PPAI): 2020
  • USENIX Security and AI Networking Conference: 2019
  • USENIX Security Symposium: 2015, 2016
  • Network and Distributed System Security Symposium (NDSS): 2016, 2017
  • IEEE European Symposium on Security and Privacy (Euro S&P): 2017
  • ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec): 2014, 2015, 2016, 2018
  • Conference on Decision and Game Theory for Security (GameSec): 2015, 2016, 2018
  • International World Wide Web Conference (WWW): 2016
  • ACM Workshop on Privacy in the Electronic Society (WPES): 2012, 2015
  • ASIACCS Workshop on IoT Privacy, Trust, and Security (IoTPTS): 2015, 2016
  • Workshop on Understanding and Enhancing Online Privacy (UEOP): 2016
  • International Workshop on Obfuscation: Science, Technology, and Theory: 2017
  • International Conference on Privacy, Security and Trust (PST): 2014
Program co-chair of Hot Topics in Privacy Enhancing Technologies (HotPETs): 2013 and 2014


Hongyan Chang
(PhD Student)
Rishav Chourasia
(PhD Student)
Martin Strobel
(Collaborator: PhD Student)
Sasi Kumar Murakonda
(Research Assistant)
Neel Patel
(Research Assistant)
Ta Duy Nguyen
(Research Assistant)
Anshul Aggarwal
(Research Assistant)
Mihir Khandekar
(Master's Student)
Yong Ler Lee
(Undergraduate Student)
Qinghao Chu
(Undergraduate Student)
Guo Sheng Alexander Lee
(Undergraduate Student)
Aadyaa Maddi
(Undergraduate Student)