#30 AI Series: Microsoft Security Response Center - A. Salem

Join the FINALE of the free BLISS AI Speaker Series Winter 2025/26!

We are excited to feature Ahmed Salem, who is currently a Researcher at Microsoft Security Response Center (MSRC) and will discuss "The Price of Intelligence: Three Risks Inherent in LLMs", lasting approximately 45 minutes. After the talk, seize the opportunity to connect with fellow AI enthusiasts to share ideas and questions while enjoying free drinks and pizza. Door close by 7.15pm, so please come early! Also, "attend"ing (RSVP) here on Meetup is strictly necessary to be guaranteed entry.
Please note that Meetup has recently been quite keen on promoting its Plus program. However, you are not obligated to purchase it, as both our events and the platform remain free.

Who is this event for?
This event is open to everyone interested in state-of-the-art AI research. We especially design it for students, PhD candidates, academic researchers, and industry professionals with a research focus in machine learning.

Abstract: As LLMs move from passive assistants to action taking agents, the price of intelligence is increasingly paid in control failures: what the model treats as instruction, how behavior shifts across time and context, and how fragile safety properties can become under downstream adaptation. In this talk, we begin with indirect prompt injection as an end‑to‑end problem, where untrusted content can steer downstream actions in realistic pipelines. We then discuss a defense direction that secures agent planning through deterministic policy enforcement and principled control over what information is exposed during planning. Finally, we turn to a practical question that underlies all of these results: how do we know when an agent/LLM is actually safe, rather than merely scoring well on an evaluation? We highlight two factors that can systematically distort safety measurement in agent settings. First, reasoning models can change compliance when they infer they are being evaluated (“test awareness”), which can bias apparent robustness and complicate safety audits. Second, we discuss implicit memory as a hidden channel that challenges the “stateless” assumption and enables temporal behaviors that standard evaluation setups may fail to surface.

Bio: Ahmed is a Researcher at the Microsoft Security Response Center (MSRC), focusing on machine learning privacy, biomedical data privacy, and applied cryptography. He was previously a Postdoctoral Researcher at Microsoft Research Cambridge (2022–2024). He received his PhD in Computer Science from CISPA Helmholtz Center for Information Security, Saarland University, under the supervision of Michael Backes and Yang Zhang, graduating summa cum laude. Before that, he earned his MSc in Computer Science from Saarland University with high honors and his BSc in Digital Media Engineering from the German University in Cairo. His work has appeared at ICML, USENIX Security, CCS, NDSS, and Oakland.

We are BLISS e.V., the AI organization in Berlin that connects like-minded individuals who share great interest and passion for the field of machine learning. This winter 2025/26, we will, again, host an exciting speaker series on site in Berlin, featuring excellent researchers from Tübingen AI Center, DeepMind, Microsoft, King's College London, cohere, and ETH Zürich.
Website: https://bliss.berlin
Youtube: https://www.youtube.com/@bliss.ev.berlin

Disclaimer: By attending this event you agree to be photographed.