निरुपम गुप्ता  /  Nirupam Gupta

I am a Tenure-Track Assistant Professor in the ML Section of the Department of Computer Science at the University of Copenhagen (DIKU). Before joining DIKU, I was a postdoctoral researcher at EPFL (Switzerland) and Georgetown University (USA). I obtained my PhD from the University of Maryland — College Park and my Bachelor's degree from IIT Delhi.

Research. I work on the foundations of trustworthy machine learning, focusing on robustness and privacy in distributed and federated learning. My goal is to make rigorous protection of patients, users and models a practical default in real AI deployments — rather than a guarantee that exists only on paper. A pedagogical introduction to the robustness side of this work is in my book Robust Machine Learning: Distributed Methods for Safe AI (Springer, 2024). Active projects are listed below.

Teaching. At DIKU I teach Privacy in Machine Learning (PriMaL), Machine Learning B (MLB), and a new course on Robust Machine Learning launching in 2026–27. PriMaL runs in the Fall and MLB in the Spring; both support hybrid and fully remote participation. Course details are on the DIKU ML courses site.

“It seems complex only because of ignorance; otherwise everything is simple.” — OSHO (The Book of Secrets)

Ongoing Projects

Below are the main research directions I am currently working on. I am always happy to hear from motivated students and researchers interested in any of these threads — feel free to reach out at nigu[at]di.ku.dk.

  1. Trustworthy Federated Learning under Realistic Threats. Federated learning lets multiple parties train a shared model without exchanging raw data, but real-world deployments face partial trust, communication constraints, heterogeneous data, and corruptions of many kinds — from inadvertent issues like missing modalities or broken sensors, to deliberate ones like mislabelled training data, erroneous gradient updates, or malicious clients. The rigorous tools that exist for these problems — differential privacy and Byzantine resilience — calibrate their protections to a worst-case, all-knowing adversary, which forces so much protective noise into training that accuracy collapses. This project develops a unified framework — expected adversarial sensitivity (EAS) — that calibrates privacy and robustness to realistic, auditable threat models instead, with reconstruction-risk certificates, robust aggregation tailored to bounded adversaries, and audit tools any practitioner can use. The aim is to make rigorous safeguards a practical default in deployed ML rather than a guarantee that exists only on paper. Background reading: my book on Robust Machine Learning and my chapter in Large Language Models in Cybersecurity on the difficulty of provable robustness and privacy for LLMs. Current collaborators: EPFL, INRIA, Sorbonne University.
  2. Robustness in Decentralised Learning over Sparse Communication Graphs. Peer-to-peer learning when no central server exists and the communication graph is sparse: how to guarantee reliable model updates in the presence of misbehaving nodes, and how to trade off communication efficiency against robustness. Applications include distributed sensor networks, edge computing and drone networks where existing centralised assumptions break down.

Recent Publications last 5 years

A complete list is available on my DBLP profile and Google Scholar. Entries marked α follow the alphabetical author-order convention common in CS theory.

  1. Tight Stability Bounds for Robust Distributed Learning: Byzantine Failures Hurt Generalization More than Data Poisoning. Thomas Boudou, Batiste Le Bars, Nirupam Gupta, Aurélien Bellet. ICML 2026.
  2. On the Relevance of Byzantine Robust Optimization Against Data Poisoning. α Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot. JMLR 2026.
  3. Robust Federated Inference. α Akash Dhasade, Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Maxime Jacovella, Anne-Marie Kermarrec, Rafael Pinot. ICLR 2026.
  4. Reconciling Communication Compression and Byzantine-Robustness in Distributed Learning. Diksha Gupta, Nirupam Gupta, Antonio Honsell, Giovanni Neglia, Chuan Xu. AISTATS 2026.
  5. Adaptive Gradient Clipping for Robust Federated Learning. α Youssef Allouah, Rachid Guerraoui, Nirupam Gupta, Ahmed Jellouli, Geovani Rizk, John Stephan. ICLR 2025. Spotlight · top 5%
  6. Revisiting Ensembling in One-Shot Federated Learning. α Youssef Allouah, Akash Dhasade, Rachid Guerraoui, Nirupam Gupta, Anne-Marie Kermarrec, Rafael Pinot, Rafael Pires, Rishi Sharma. NeurIPS 2024.
  7. Fine-Tuning Personalization in Federated Learning to Mitigate Adversarial Clients. α Youssef Allouah, Abdellah El Mrini, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot. NeurIPS 2024.
  8. Tackling Byzantine Clients in Federated Learning. α Youssef Allouah, Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot, Geovani Rizk, Sasha Voitovych. ICML 2024.
  9. Robust Distributed Learning: Tight Error Bounds and Breakdown Point under Data Heterogeneity. α Youssef Allouah, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot, Geovani Rizk. NeurIPS 2023. Spotlight · top 5%
  10. On the Privacy-Robustness-Utility Trilemma in Distributed Learning. α Youssef Allouah, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot, John Stephan. ICML 2023.
  11. Robust Collaborative Learning with Linear Gradient Overhead. α Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Lê-Nguyên Hoang, Rafael Pinot, John Stephan. ICML 2023.
  12. Fixing by Mixing: A Recipe for Optimal Byzantine ML under Heterogeneity. α Youssef Allouah, Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot, John Stephan. AISTATS 2023.
  13. Byzantine Machine Learning Made Easy by Resilient Averaging of Momentums. α Sadegh Farhadkhani, Rachid Guerraoui, Nirupam Gupta, Rafael Pinot, John Stephan. ICML 2022.