I am an associate professor in School of Computing and Information Systems at The University of Melbourne that I joined in 2020. Prior to that I spent 6 years at Microsoft Research in Cambridge, UK, where I was a principal researcher leading work on Confidential AI and I/O side-channel mitigation. Between 2014 and 2016, I was the Microsoft Fellow at Darwin College in Cambridge University. I received Sc.M. and Ph.D. from Brown University (supervised by Roberto Tamassia), and B.CS. (Hons) from The University of Melbourne (research project supervised by Peter Stuckey). During my PhD I did internships at IBM Research Zurich with Christian Cachin, Microsoft Research Redmond with Seny Kamara and Google (x2). My Erdős number is 3 (times 3 from Claire Mathieu, Michael Mitzenmacher and Eli Upfal).
My research interests include security, privacy and integrity of machine learning algorithms, data analysis tools, multi-party computation and systems relying on cloud storage, computation and hardware. The goal is to identify and prevent potential vulnerabilities and to design and build efficient solutions with provable guarantees. I also enjoy working on algorithms, data structures and theory.
I received research awards from Facebook and Oracle, and held research contracts with The Australian Bureau of Statistics and National Australia Bank. I was a visiting researcher at Microsoft Research in 2022-23. I was a PI on a joint MURI-AUSMURI project on Cybersecurity Assurance for Teams of Computers and Humans (CATCH) 2021-2024 and currently a PI on DSTG/ASCA Research Agreement Variation on Adversarial Reinforcement Learning: Attacks and Defences.
I received Commendation for Outstanding Research Contribution in the 2025 CORE awards (citation in CORE news) and was a finalist in AI in Cyber Security category of Women in AI Asia-Pacific Awards for two consecutive years (2023 and 2024).
Email: oohrimenko a t unimelb dоt edu dоt au
My research interests are broadly in privacy, integrity and security of data analysis, machine learning and systems relying on cloud computing and secure hardware, including (click to expand):
Trustworthy Machine Learning |
Differential Privacy |
Dataset Confidentiality |
Verifiable Computation |
Oblivious Computation |
Secure Hardware |
Searchable Encryption |
Collaborative ML |
Constraint Programming |
At Microsoft Research I was part of Confidential Computing group when our group contributed to:
- Azure Confidential Computing
- Projects highlighted by CTO of Microsoft Azure: oblivious computation, multi-party ML, and confidential inference.
- Confidential Consortium Framework
- Certified Adversarial Robustness via Randomized alpha-Smoothing for Regression Models
A. M. Rekavandi, F. Farokhi, O. Ohrimenko, and B. I. P. Rubinstein
In NeurIPS, 2024 - CERT-ED: Certifiably Robust Text Classification for Edit Distance
H., Zhuoqun, N. G. Marchant, O. Ohrimenko, and B. I. P. Rubinstein
In Findings of the Association for Computational Linguistics: EMNLP, 2024 - Elephants Do Not Forget: Differential Privacy with State Continuity for Privacy Budget
J. Jin, C. Chuengsatiansup, T. Murray, B. I. P. Rubinstein, Y. Yarom, and O. Ohrimenko
In ACM Conference on Computer and Communications Security (CCS), 2024 - Combining Classical and Probabilistic Independence Reasoning to Verify the Security of Oblivious Algorithms
P. Yan, T. Murray, O. Ohrimenko, T. Pham, and R. Sison
In Symposium on Formal Methods, 2024 - Getting a-Round Guarantees: Floating-Point Attacks on Certified Robustness
J. Jin, O. Ohrimenko, B. I. P. Rubinstein
In Proceedings of the 17th ACM Workshop on Security and Artificial Intelligence. AISec. Co-located with CCS2024, 2024 - Advancing Differential Privacy: Where We Are Now and Future Directions for Real-World Deployment
R. Cummings, D. Desfontaines, D. Evans, R. Geambasu, Y. Huang, M. Jagielski, P. Kairouz, G. Kamath, S. Oh, O. Ohrimenko, N. Papernot, R. Rogers, M. Shen, S. Song, W. Su, A. Terzis, A. Thakurta, S. Vassilvitskii, Y. Wang, L. Xiong, S. Yekhanin, D. Yu, H. Zhang, and W. Zhang
In Harvard Data Science Review, 2024 - Single Round-trip Hierarchical ORAM via Succinct Indices
W. Holland, O. Ohrimenko, and A Wirth.
In AsiaCCS, 2024 - The Melbourne Shuffle
O.Ohrimenko.
In Encyclopedia of Cryptography, Security and Privacy, 2023 - RS-Del: Edit distance robustness certificates for sequence classifiers via randomized deletion
Z. Huang, N. G. Marchant, K. Lucas, L. Bauer, O. Ohrimenko, and B. I. P. Rubinstein.
In NeurIPS, 2023
Code - Information Leakage from Data Updates in Machine Learning Models
T. Hui, F. Farokhi and O. Ohrimenko.
In Proceedings of the 16th ACM Workshop on Security and Artificial Intelligence. AISec. Co-located with CCS2023, 2023 - Fingerprint Attack: Client De-Anonymization in Federated Learning
Q. Xu, T. Cohn, and O. Ohrimenko.
In ECAI, 2023
Code - Tight Data Access Bounds for Private Top-k Selection
H. Wu, O. Ohrimenko, and A. Wirth.
In ICML, 2023
Oral presentation - Protecting Global Properties of Datasets with Distribution Privacy Mechanisms
M. Chen, and O. Ohrimenko.
In AIStats, 2023
Code - DDoD: Dual Denial of Decision Attacks on Human-AI Teams
B. Tag, N. van Berkel, S. Verma, B. Zhao, S. Berkovsky, M. Ali Kaafar, V. Kostakos, and O. Ohrimenko.
In IEEE Pervasive Computing, 2023 - Replication Robust Payoff Allocation in Submodular Cooperative Games
D. Han, M. Wooldridge, A. Rogers, O. Ohrimenko and S. Tschiatschek.
In IEEE Transactions on Artificial Intelligence, 2022 - Attribute Privacy: Framework and Mechanisms
W. Zhang, O. Ohrimenko and R Cummings.
In Conference on Fairness, Accountability, and Transparency (ACM FAccT), 2022 - Randomize the Future: Asymptotically Optimal Locally Private Frequency Estimation Protocol for Longitudinal Data
O. Ohrimenko, A. Wirth and H. Wu.
In ACM SIGMOD/PODS, 2022 - Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems
J. Jin,E. McMurtry, B. I. P. Rubinstein and O. Ohrimenko.
In IEEE Symposium on Security and Privacy, 2022
This work led to a fix in Opacus DP library and received Honorable mention on Google's Bug Hunter (link). - Efficient Oblivious Permutation via the Waksman Network
W. Holland, O. Ohrimenko and A. Wirth.
In AsiaCCS, 2022
Code - Leakage of Dataset Properties in Multi-Party Machine Learning
W. Zhang, S. Tople, and O. Ohrimenko.
In USENIX Security, 2021 - Analyzing Information Leakage of Updates to Natural Language Models
S. Zanella-Béguelin, L. Wutschitz, S. Tople, V. Rühle, A. Paverd, O. Ohrimenko, B. Köpf, and M Brockschmidt.
In ACM Conference on Computer and Communications Security (CCS), 2020 - Oblivious Sampling Algorithms for Private Data Analysis
S. Sasy and O. Ohrimenko.
In NeurIPS, 2019 - An Algorithmic Framework For Differentially Private Data Analysis on Trusted Processors
J. Allen, B. Ding, J. Kulkarni, H. Nori, O. Ohrimenko, and S. Yekhanin.
In NeurIPS, 2019 - Contamination Attacks and Mitigation in Multi-Party Machine Learning
J. Hayes and O. Ohrimenko.
In NeurIPS, 2018 - Structured Encryption and Leakage Suppression
S. Kamara, T. Moataz, and O. Ohrimenko.
In CRYPTO, 2018 - Verifying the consistency of remote untrusted services with conflict-free operations
C. Cachin and O. Ohrimenko.
In Information and Computation, 2018 - Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives
R. Bost, B. Minaud, and O. Ohrimenko.
In ACM Conference on Computer and Communications Security (CCS), 2017 - Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
D. Gruss, J. Lettner, F. Schuster, O. Ohrimenko, I. Haller, and M. Costa.
In USENIX Security, 2017 - Zero-Knowledge Accumulators and Set Algebra
E. Ghosh, O. Ohrimenko, D. Papadopoulos, R. Tamassia, and N. Triandopoulos.
In AsiaCrypt, 2016 - Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data
D. Fiore, C. Fournet, E. Ghosh, M. Kohlweiss, O. Ohrimenko, and B. Parno.
In ACM Conference on Computer and Communications Security (CCS), 2016 - Oblivious Multi-Party Machine Learning on Trusted Processors
O. Ohrimenko, F. Schuster, C. Fournet, A. Mehta, S. Nowozin, K. Vaswani, and M. Costa.
In USENIX Security, 2016 - Verifiable Zero-Knowledge Order Queries and Updates for Fully Dynamic Lists and Trees
E. Ghosh, M. Goodrich, O. Ohrimenko, and R. Tamassia.
In Conference on Security and Cryptography for Networks (SCN), 2016 - Efficient Verifiable Range and Closest Point Queries in Zero-Knowledge
E. Ghosh, O. Ohrimenko, and R. Tamassia.
In Privacy Enhancing Technologies Symposium (PETS), 2016 - Observing and Preventing Leakage in MapReduce
O. Ohrimenko, M. Costa, C. Fournet, C. Gkantsidis, M. Kohlweiss, and D. Sharma.
In ACM Conference on Computer and Communications Security (CCS), 2015 - Verifiable Member and Order Queries on a List in Zero-Knowledge
E. Ghosh, O. Ohrimenko, and R. Tamassia.
In Conference on Applied Cryptography and Network Security (ACNS), 2015
Best Student Paper Award. Article in Brown CS news. - Sorting and Searching Behind the Curtain
F. Baldimtsi and O. Ohrimenko.
In Financial Cryptography and Data Security, 2015 - Verifying the Consistency of Remote Untrusted Services, with Commutative Operations
C. Cachin and O. Ohrimenko.
In Conference on Principles of Distributed Systems (OPODIS), 2014 - The Melbourne Shuffle: Improving Oblivious Storage in the Cloud
O. Ohrimenko, M. T. Goodrich, R. Tamassia, and E. Upfal.
In Colloquium on Automata, Languages and Programming (ICALP), 2014
In the media: ACM Tech News, The Register, Business Cloud News and Bruce Schneier’s blog. - Haze: privacy-preserving real-time traffic statistics
J. W. S. Brown, O. Ohrimenko, and R. Tamassia.
In ACM SIGSPATIAL Conference on Advances in Geographic Information Systems (SIGSPATIAL/GIS), 2013 - Computer Security
O. Ohrimenko, C. Papamanthou, and B. Palazzi.
In Handbook of Graph Drawing and Visualization, 2013 - Privacy-Preserving Group Data Access via Stateless Oblivious RAM Simulation
M. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia.
In Symposium on Discrete Algorithms (SODA), 2012 - Practical Oblivious Storage
M. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia.
In ACM Conference on Data and Application Security and Privacy (CODASPY), 2012 - Graph Drawing in the Cloud: Privately Visualizing Relational Data using Small Working Storage
M. Goodrich, O. Ohrimenko, and R. Tamassia.
In Symposium on Graph Drawing (GD), 2012 - Authenticating Email Search Result
O. Ohrimenko, H. Reynolds, and R. Tamassia.
In Workshop on Security and Trust Management at ESORICS, 2012 - Efficient Verification of Web-Content Searching Through Authenticated Web Crawlers
M. Goodrich, D. Nguyen, O. Ohrimenko, C. Papamanthou, R. Tamassia, N. Triandopoulos and C. Lopes.
In Research Track for Very Large Data Bases (PVLDB), 2012 - Lower Bounds for Randomized Algorithms for Online Chain Partitioning
C. Mathieu and O. Ohrimenko.
In Information Processing Letters Volume 112 (IPL), 2012 - Oblivious RAM Simulation with Efficient Worst-Case Access Overhead
M. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia.
In ACM Cloud Computing Security Workshop at CCS (CCSW), 2011 - Propagation via Lazy Clause Generation
O. Ohrimenko, P. Stuckey, and M. Codish.
In Constraints Journal, Volume 14, 2009 - Modelling for Lazy Clause Generation
O. Ohrimenko and P. Stuckey.
In Computing: the Australasian Theory Symposium (CATS), 2008 - Propagation = Lazy Clause Generation
O. Ohrimenko, P. Stuckey, and M. Codish.
In Principles and Practice of Constraint Programming (CP), 2007
Best Student Paper Award
Algorithms and Complexity in 2021, 2022, 2023, 2024
Security Analytics in 2023, 2024
Computer Systems in 2020, 2021, 2022
Supervising a team of UoM students "Unimelb Peekaboo" in the NeurIPS Hide-and-seek privacy challenge: Generating synthetic data using DP GAN (code), 2020
Demystifying cryptography, Hands On Engineering and IT, UoM 2020
Excellence in First-Time Teaching and Learning Award from CIS/UoM in 2020
If you are interested in pursuing a Ph.D., a Master's or an undergraduate advanced studies project in security, privacy, data structures or algorithms, please contact me directly.
Graduate researchers:
- Pengbo Yan, PhD, co-supervision with Toby Murray and Rob Sison. Started in 2021.
- Jacey Ligthart-Smith, MPhil, co-supervision with Tony Wirth. Started in 2021.
- Calvin Huang, PhD, co-supervision with Neil Marchant and Ben Rubinstein. Started in 2021.
- Jiankai Jin, PhD, co-supervision with Ben Rubinstein. Started in 2021.
Alumni:
- Zheguang Zhao, postdoctoral researcher. Now at NetApp.
- Tian Hui, Masters, co-supervision with Farhad Farokhi. Graduated in 2023. Now Research Assistant at UoM.
- Qiongkai Xu, postdoctoral researcher. Now Lecturer at Macquarie University.
- Hao Wu, PhD, co-supervision with Tony Wirth. Graduated in 2023. Now Postdoctoral Researcher at University of Copenhagen, Denmark.
- William Holland, PhD, co-supervision with Tony Wirth and Justin Zobel. Graduated in 2022. Now at Data61/CSIRO.
- Michelle Chen, Masters. Graduated in 2021. Now at Google.
- Ge Yao, PhD, co-supervision with Udaya Parampalli. Graduated in 2020.
Interns at Microsoft Research:
I was also lucky to work with many bright students at Microsoft:- Dongge Han (Oxford University), 2019
- Wanrong Zhang (Georgia Institute of Technology, now at Harvard), 2019
- Sajin Sasy (University of Waterloo), 2019
- Jamie Hayes (University College London, now at Google DeepMind), 2018
- Kartik Nayak (The University Of Maryland, now at Duke University), 2017
- Lawrence Esswood (Cambridge University), 2016
- Daniel Gruss (Graz University of Technology, now at the Graz University of Technology), 2016
- Sameer Wagh (Princeton University, now at RISELab at Berkeley), 2016
- Esha Ghosh (Brown University, now at Microsoft Research), 2015
- Aastha Mehta (MPI-SWS, now at University of British Columbia), 2014
- Divya Sharma (Carnegie Mellon University, now at Google), 2014
At The University of Melbourne:
- On the executive team of School of Computing and Information Systems
- Co-lead of Computer Science group
- On Awards and Prizes working group at Faculty of Engineering and IT
- Security Research Group at CIS/UoM
(Selected) Invited talks, advisory committees and reports
- Plenary speaker at The 35th International Symposium on Algorithms and Computation (ISAAC), 2024
- Plenary speaker at Sydney Privacy Workshop, 2024
- Speaker at Computer Science Research Week, National University of Singapore, 2024
- CIS-CAIDE Submission in response to the Supporting responsible AI: discussion paper. Submitted to the Department of Industry, Science and Resources on 7/2023
- CIS Submission in response to the 2023-2030 Australian Cyber Security Strategy Discussion Paper. Submitted to the Department of Home Affairs on 4/2023
- CIS Submission in response to the Privacy Act Review Report. Submitted to the Attorney-General's Department on 3/2023
- Keynote talk at Workshop on Verifiable Database Systems, co-located with ACM SIGMOD, 2023
- Reviewer for U.S. PETs Prize Challenge hosted by NIST and NSF, 2022-23
- Dagstuhl seminar on Privacy in Speech and Language Technology (report), 2022
- Invited talks at Cambridge University, Alan Turing Institute, Data61, Meta and ANU on "Implementation Considerations for Differential Privacy", 2022
- Invited talks at Microsoft Research Redmond and UC Irvine on "Leakage and Protection of Dataset Properties", 2022
- Plenary speaker at AMSI–AustMS Workshop on Bridging Maths and Computer Science, June 2022
- Invited talk at Symposium on Data Access and Privacy, The Australian Bureau of Statistics, December 2021.
- Advisory Member, Methodology Advisory Committee, The Australian Bureau of Statistics, 2021
- On the panel on "Privacy-preserving Machine Learning" at Microsoft Research Summit, October 2021. (video)
- Contributed to the report on Privacy Enhancing Technologies by the Royal Society.
- Invited talk at CSAIL Security Seminar MIT on "Leakage in natural language processing", 2021
- Invited talk at Facebook on "Leakage and Protection of Dataset Properties", 2020
- Secure hardware for privacy-enhanced computation, UK Royal Society, 2019
- Update on Confidential Computing, RSA, 2019
- Sailing across the Side channel towards Confidential Computing, Real World Crypto, 2018
- 17 for ’17: Microsoft researchers on what to expect in 2017 and 2027
Co-organized workshops
- Privacy Preserving Machine Learning, CCS 2021
- Privacy Preserving Machine Learning, NeurIPS 2020
- Privacy Preserving Machine Learning, CCS 2019
- Privacy Preserving Machine Learning, NeurIPS 2018
Program committees
- Program Vice Co-Chair of USENIX Security 2025
- IEEE S&P 2024, IEEE S&P 2023, IEEE S&P 2022, IEEE S&P 2021
- ACM CCS 2024, ACM CCS 2023, ACM CCS 2022, ACM CCS 2021
- CRYPTO 2020
- AAAI 2022
- Computer Security Foundations Symposium (CSF 2020)
- Real World Crypto (RWC 2020)
- ICML workshop on Privacy (PiMLAI 2018)
- Conference on Computer and Communications Security (CCS 2018, CCS 2019)
- Financial Cryptography and Data Security (FC 2018, FC 2019)
- Conference on Distributed Computing Systems (ICDCS 2016)
- CCS Workshop on Privacy in the Electronic Society (WPES 2014, WPES 2015)
Reviewer for ICLR 2022, ICLR 2021, NeurIPS 2021, ICML 2020, AAAI 2020, NeurIPS 2020, ICML 2019, NeurIPS 2018.