Hello! 👋 I’m a postdoc in the SPRING Lab at EPFL, headed by Prof. Carmela Troncoso. My position is funded by the CYD Distinguished Postdoctoral Fellowship of the Cyber-Defense Campus, where my main collaborator is Dr. Raphael Meier. I’m working on the safety of AI systems having the potential to cause harm, focusing on image generative AI, synthetic data, and client-side scanning.

I completed my PhD in the Computational Privacy Group at Imperial College London, advised by Dr. Yves-Alexandre de Montjoye. During my PhD, I developed methods to evaluate the privacy of a broad range of anonymization techniques (including re-pseudonymization, query-based systems, and synthetic data). I have focused on automation, scalability, tightness of evaluation, and practical relevance of threat models, with the goal of making privacy evaluations more accessible to practitioners. I also developed new privacy attacks against machine learning models and studied the adversarial robustness of client-side scanning.

News

16/10/2024: 🏆 Distinguished paper award for our paper QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems at ACM CCS 2024! Very glad to see this line of work, started with QuerySnout, recognized by the community.

23/08/2024: New paper QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems accepted at ACM CCS 2024! Joint work with Bozhidar Stevanoski and Yves-Alexandre de Montjoye.

17/07/2024: Our review paper on Anonymization: The imperfect science of using data while preserving privacy has been published in Science Advances. Joint work with Andrea Gadotti, Luc Rocher, Florimond Houssiau and Yves-Alexandre de Montjoye.

10/07/2024: Our paper Correlation inference attacks against machine learning models has been published in Science Advances! Joint work with Florent Guépin and Yves-Alexandre de Montjoye.

20/06/2024: 🏆 Best paper award for our paper Re-pseudonymization Strategies for Smart Meter Data Are Not Robust to Deep Learning Profiling Attacks at the ACM CODASPY ‘24 conference! Miruna Rusu, co-first author on the paper, presented the work in Porto, Portugal.

08/06/2024: New paper A Zero Auxiliary Knowledge Membership Inference Attack on Aggregate Location Data accepted in PoPETS 2024! Joint work with Vincent Guan, Florent Guépin and Yves-Alexandre de Montjoye.

More news here.

Publications

Peer-reviewed articles

* denotes joint first authorship.

1. Stevanoski, B., Cretu, A.-M. and de Montjoye Y.-A. QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems. To appear in ACM CCS 2024. [Extended arXiv version] [Code] 🏆 Distinguished paper award
   • Presented as a poster at the TPDP '24 workshop in Boston, MA, USA.
2. Gadotti, A., Rocher, L., Houssiau, F., Crețu, A.-M. and de Montjoye Y.-A. Anonymization: The imperfect science of using data while preserving privacy. In Science Advances, 2024. [Paper]
3. Crețu A.-M.*, Guépin F.* and de Montjoye Y.-A. Correlation inference attacks against machine learning models. In Science Advances, 2024. [Paper] [Code]
4. Guan, V.*, Guépin, F.*, Crețu A.-M. and de Montjoye Y.-A. A Zero Auxiliary Knowledge Membership Inference Attack on Aggregate Location Data. In Proceedings on Privacy Enhancing Technologies 2024(4) (PoPETS 2024). [Paper]
5. Cretu A.-M., Jones, D., de Montjoye Y.-A., and Tople, S. Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting. In Proceedings on Privacy Enhancing Technologies 2024(3) (PoPETS 2024). [Paper] [Code]
6. Cretu A.-M.*, Rusu, M.*, and de Montjoye Y.-A. Re-pseudonymization Strategies for Smart Meter Data Are Not Robust to Deep Learning Profiling Attacks. In Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy (CODASPY '24). [Paper] [Extended arXiv version] 🏆 Best paper award
7. Cretu A.-M. Evaluating privacy and robustness in modern data processing systems. PhD Thesis, Imperial College London (2023). [Thesis]
8. Guépin, F.*, Meeus, M.*, Crețu A.-M., and de Montjoye Y.-A. Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data. In 18th DPM International Workshop on Data Privacy Management (DPM 2023). [Paper] [Code]
9. Meeus, M.*, Guépin, F.*, Crețu A.-M., and de Montjoye Y.-A. Achilles' Heels: Vulnerable Record Identification in Synthetic Data Publishing. In 28th European Symposium on Research in Computer Security (ESORICS 2023). [Paper] [Code]
10. Jain S., Crețu A.-M., Cully, A. and de Montjoye Y.-A. Deep perceptual hashing algorithms with hidden dual-purpose: when client-side scanning does facial recognition. In 2023 IEEE Symposium on Security and Privacy (SP). [Paper]
    • Featured in Imperial News and Le soir.
    • Cited as evidence in the Open Letter from Security and Privacy Researchers in relation to the Online Safety Bill.
11. Crețu A.-M.*, Houssiau, F.*, Cully, A. and de Montjoye Y.-A. QuerySnout: Automating the discovery of attribute inference attacks against query-based systems. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS '22). [Paper] [Extended arXiv version] [Code]
12. Crețu A.-M., Monti F., Marrone S., Dong X., Bronstein M. and de Montjoye Y.-A. Interaction data are identifiable even across long periods of time. Nature Communications 13, 313 (2022). [Paper]
    • Presented at the ACM CCS Privacy Preserving Machine Learning 2021 workshop (PPML 2021). Contributed talk.
    • Presented at the NeurIPS Privacy and Machine Learning 2021 workshop (PriML 2021).
    • Featured in TechCrunch and Science News.
13. Jain S.*, Crețu A.-M.* and de Montjoye Y.-A. Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning. 31st USENIX Security Symposium (USENIX Security 22) [Paper] [Extended arXiv version] [Code]
    • Cited by Ofcom (UK's communications regulator) in their Overview of Perceptual Hashing Technology report.
    • Presented at the NeurIPS Privacy and Machine Learning 2021 workshop (PriML 2021).
    • Presented at the Conference on Applied Machine Learning for Information Security 2021 (CAMLIS 2021). Oral presentation.
    • Presented as a talk at the 14th Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETS 2021).
    • Featured in Imperial College London News and Le soir.
14. Kocijan V., Camburu O.-M., Crețu A.-M., Yordanov Y., Blunsom P. and Lukasiewicz T. WikiCREM: A Large Unsupervised Corpus for Coreference Resolution. Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing (EMNLP-IJCNLP) (2019) [Paper]
15. Kocijan V., Crețu A.-M., Camburu O.-M., Yordanov Y. and Lukasiewicz T. A Surprisingly Robust Trick for the Winograd Schema Challenge. Proceedings of the 57th Annual Meeting of the Association for Computational Linguistics (ACL 2019) [Paper]

Preprints

Awards and scholarships

• I am a recipient of the Cyber-Defense Campus (CYD) Distinguished Postdoctoral Fellowship, which generously supports my postdoctoral position in the SPRING Lab at EPFL.
• I am a recipient of the USENIX '22 Diversity grant, which generously supported my trip to the conference in Boston.
• I am a recipient of the EPFL Excellence Fellowship (awarded to students with outstanding academic records), which generously supported my MSc studies at EPFL.
• My studies in France were supported by a competitive 2-year full scholarship from the Fondation Odon Vallet and by a 2.5-year scholarship from the Fondation de l'Ecole Polytechnique.
• I was born and grew up in Buzău, Romania. There, I participated in many mathematics contests, including the Romanian National Olympiad, where I won one gold medal, three silver medals, and one bronze medal.