default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCIDAhmed Salem 0001
Person information
- affiliation: CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Other persons with the same name
- Ahmed Salem — disambiguation page
- Ahmed Salem 0002 — Amazon Web Services, USA (and 1 more)
- Ahmed Salem 0003
![[0000-0002-0999-4000]](https://dblp.org/img/orcid-mark.12x12.png "0000-0002-0999-4000")
— Xidian University, School of Computer Science and Technology, Xi'an, China - Ahmed Salem 0004 — Hood College, Department of Computer Science and Information Technology, Frederick, MD, USA
- Ahmed Salem 0005 (aka: Ahmed Diefy Ahmed Salem) — Chungbuk National University, College of Electrical and Computer Engineering, Cheongju, South Korea
- Ahmed Salem 0006 — University of Agder, Faculty of Engineering and Science, Grimstad, Norway (and 1 more)
- Ahmed Salem 0007 — King Abdulaziz University, Faculty of Science, Department of Mathematics, Jeddah, Saudi Arabia (and 1 more)
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2025
[i29]Mark Russinovich, Ahmed Salem:
Obliviate: Efficient Unmemorization for Protecting Intellectual Property in Large Language Models. CoRR abs/2502.15010 (2025)- [i28]Mark Russinovich, Ahmed Salem:
Jailbreaking is (Mostly) Simpler Than You Think. CoRR abs/2503.05264 (2025) - 2024
- [j2]Mark Russinovich, Ahmed Salem, Santiago Zanella-Béguelin, Yonatan Zunger:
The Price of Intelligence: Three risks inherent in LLMs. ACM Queue 22(6): 20 (2024) - [c15]Ge Han, Ahmed Salem, Zheng Li, Shanqing Guo, Michael Backes, Yang Zhang:
Detection and Attribution of Models Trained on Generated Data. ICASSP 2024: 4875-4879 - [c14]Edoardo Debenedetti, Javier Rando, Daniel Paleka, Silaghi Fineas Florin, Dragos Albastroiu, Niv Cohen, Yuval Lemberg, Reshmi Ghosh, Rui Wen, Ahmed Salem, Giovanni Cherubin, Santiago Zanella-Béguelin, Robin Schmid, Victor Klemm, Takahiro Miki, Chenhao Li, Stefan Kraft, Mario Fritz, Florian Tramèr, Sahar Abdelnabi, Lea Schönherr:
Dataset and Lessons Learned from the 2024 SaTML LLM Capture-the-Flag Competition. NeurIPS 2024 - [i27]Mark Russinovich, Ahmed Salem, Ronen Eldan:
Great, Now Write an Article About That: The Crescendo Multi-Turn LLM Jailbreak Attack. CoRR abs/2404.01833 (2024) - [i26]Sahar Abdelnabi, Aideen Fay, Giovanni Cherubin, Ahmed Salem, Mario Fritz, Andrew Paverd:
Are you still on track!? Catching LLM Task Drift with Activations. CoRR abs/2406.00799 (2024) - [i25]Edoardo Debenedetti, Javier Rando, Daniel Paleka, Silaghi Fineas Florin, Dragos Albastroiu, Niv Cohen, Yuval Lemberg, Reshmi Ghosh, Rui Wen, Ahmed Salem, Giovanni Cherubin, Santiago Zanella-Béguelin, Robin Schmid, Victor Klemm, Takahiro Miki, Chenhao Li, Stefan Kraft, Mario Fritz, Florian Tramèr, Sahar Abdelnabi, Lea Schönherr:
Dataset and Lessons Learned from the 2024 SaTML LLM Capture-the-Flag Competition. CoRR abs/2406.07954 (2024) - [i24]Ziqing Yang, Michael Backes, Yang Zhang, Ahmed Salem:
SOS! Soft Prompt Attack Against Open-Source Large Language Models. CoRR abs/2407.03160 (2024) - [i23]Mark Russinovich, Ahmed Salem:
Hey, That's My Model! Introducing Chain & Hash, An LLM Fingerprinting Technique. CoRR abs/2407.10887 (2024) - [i22]Boyang Zhang, Yicong Tan, Yun Shen, Ahmed Salem, Michael Backes, Savvas Zannettou, Yang Zhang:
Breaking Agents: Compromising Autonomous LLM Agents Through Malfunction Amplification. CoRR abs/2407.20859 (2024) - [i21]Minxing Zhang, Ahmed Salem, Michael Backes, Yang Zhang:
Vera Verto: Multimodal Hijacking Attack. CoRR abs/2408.00129 (2024) - [i20]Shoaib Ahmed Siddiqui, Radhika Gaonkar, Boris Köpf, David Krueger, Andrew Paverd, Ahmed Salem, Shruti Tople, Lukas Wutschitz, Menglin Xia, Santiago Zanella-Béguelin:
Permissive Information-Flow Analysis for Large Language Models. CoRR abs/2410.03055 (2024) - 2023
- [c13]Santiago Zanella-Béguelin, Lukas Wutschitz, Shruti Tople, Ahmed Salem, Victor Rühle, Andrew Paverd, Mohammad Naseri, Boris Köpf, Daniel Jones:
Bayesian Estimation of Differential Privacy. ICML 2023: 40624-40636 - [c12]Ahmed Salem, Giovanni Cherubin, David Evans, Boris Köpf, Andrew Paverd, Anshuman Suri, Shruti Tople, Santiago Zanella-Béguelin:
SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning. SP 2023: 327-345 - [c11]Nils Lukas, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, Santiago Zanella-Béguelin:
Analyzing Leakage of Personally Identifiable Information in Language Models. SP 2023: 346-363 - [c10]Wai Man Si, Michael Backes, Yang Zhang, Ahmed Salem:
Two-in-One: A Model Hijacking Attack Against Text Generation Models. USENIX Security Symposium 2023: 2223-2240 - [c9]Zheng Li, Ning Yu, Ahmed Salem, Michael Backes, Mario Fritz, Yang Zhang:
UnGANable: Defending Against GAN-based Face Manipulation. USENIX Security Symposium 2023: 7213-7230 - [i19]Nils Lukas, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, Santiago Zanella-Béguelin:
Analyzing Leakage of Personally Identifiable Information in Language Models. CoRR abs/2302.00539 (2023) - [i18]Wai Man Si, Michael Backes, Yang Zhang, Ahmed Salem:
Two-in-One: A Model Hijacking Attack Against Text Generation Models. CoRR abs/2305.07406 (2023) - [i17]Rui Wen, Tianhao Wang, Michael Backes, Yang Zhang, Ahmed Salem:
Last One Standing: A Comparative Analysis of Security and Privacy of Soft Prompt Tuning, LoRA, and In-Context Learning. CoRR abs/2310.11397 (2023) - [i16]Boyang Zhang, Xinyue Shen, Wai Man Si, Zeyang Sha, Zeyuan Chen, Ahmed Salem, Yun Shen, Michael Backes, Yang Zhang:
Comprehensive Assessment of Toxicity in ChatGPT. CoRR abs/2311.14685 (2023) - [i15]Lukas Wutschitz, Boris Köpf, Andrew Paverd, Saravan Rajmohan, Ahmed Salem, Shruti Tople, Santiago Zanella-Béguelin, Menglin Xia, Victor Rühle:
Rethinking Privacy in Machine Learning Pipelines from an Information Flow Control Perspective. CoRR abs/2311.15792 (2023) - [i14]Ahmed Salem, Andrew Paverd, Boris Köpf:
Maatphor: Automated Variant Analysis for Prompt Injection Attacks. CoRR abs/2312.11513 (2023) - 2022
- [b1]Ahmed Salem:
Adversarial inference and manipulation of machine learning models. Saarland University, Saarbrücken, Germany, 2022 - [c8]Ahmed Salem, Rui Wen, Michael Backes, Shiqing Ma, Yang Zhang:
Dynamic Backdoor Attacks Against Machine Learning Models. EuroS&P 2022: 703-718 - [c7]Ahmed Salem, Michael Backes, Yang Zhang:
Get a Model! Model Hijacking Attack Against Machine Learning Models. NDSS 2022 - [c6]Yugeng Liu, Rui Wen, Xinlei He, Ahmed Salem, Zhikun Zhang, Michael Backes, Emiliano De Cristofaro, Mario Fritz, Yang Zhang:
ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models. USENIX Security Symposium 2022: 4525-4542 - [i13]Santiago Zanella-Béguelin, Lukas Wutschitz, Shruti Tople, Ahmed Salem, Victor Rühle, Andrew Paverd, Mohammad Naseri, Boris Köpf, Daniel Jones:
Bayesian Estimation of Differential Privacy. CoRR abs/2206.05199 (2022) - [i12]Zheng Li, Ning Yu, Ahmed Salem, Michael Backes, Mario Fritz, Yang Zhang:
UnGANable: Defending Against GAN-based Face Manipulation. CoRR abs/2210.00957 (2022) - [i11]Ahmed Salem, Giovanni Cherubin, David Evans, Boris Köpf, Andrew Paverd, Anshuman Suri, Shruti Tople, Santiago Zanella-Béguelin:
SoK: Let The Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning. CoRR abs/2212.10986 (2022) - 2021
- [c5]Xiaoyi Chen, Ahmed Salem, Dingfan Chen, Michael Backes, Shiqing Ma, Qingni Shen, Zhonghai Wu, Yang Zhang:
BadNL: Backdoor Attacks against NLP Models with Semantic-preserving Improvements. ACSAC 2021: 554-569 - [c4]Lucjan Hanzlik, Yang Zhang, Kathrin Grosse, Ahmed Salem, Maximilian Augustin, Michael Backes, Mario Fritz:
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service. CVPR Workshops 2021: 3300-3309 - [i10]Yugeng Liu, Rui Wen, Xinlei He, Ahmed Salem, Zhikun Zhang, Michael Backes, Emiliano De Cristofaro, Mario Fritz, Yang Zhang:
ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models. CoRR abs/2102.02551 (2021) - [i9]Ahmed Salem, Michael Backes, Yang Zhang:
Get a Model! Model Hijacking Attack Against Machine Learning Models. CoRR abs/2111.04394 (2021) - 2020
- [c3]Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, Yang Zhang:
Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning. USENIX Security Symposium 2020: 1291-1308 - [i8]Ahmed Salem, Rui Wen, Michael Backes, Shiqing Ma, Yang Zhang:
Dynamic Backdoor Attacks Against Machine Learning Models. CoRR abs/2003.03675 (2020) - [i7]Xiaoyi Chen, Ahmed Salem, Michael Backes, Shiqing Ma, Yang Zhang:
BadNL: Backdoor Attacks Against NLP Models. CoRR abs/2006.01043 (2020) - [i6]Ahmed Salem, Yannick Sautter, Michael Backes, Mathias Humbert, Yang Zhang:
BAAAN: Backdoor Attacks Against Autoencoder and GAN-Based Machine Learning Models. CoRR abs/2010.03007 (2020) - [i5]Ahmed Salem, Michael Backes, Yang Zhang:
Don't Trigger Me! A Triggerless Backdoor Attack Against Deep Neural Networks. CoRR abs/2010.03282 (2020)
2010 – 2019
- 2019
- [j1]Ahmed Salem, Pascal Berrang, Mathias Humbert, Michael Backes:
Privacy-Preserving Similar Patient Queries for Combined Biomedical Data. Proc. Priv. Enhancing Technol. 2019(1): 47-67 (2019) - [c2]Jinyuan Jia, Ahmed Salem, Michael Backes, Yang Zhang, Neil Zhenqiang Gong:
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples. CCS 2019: 259-274 - [c1]Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, Michael Backes:
ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models. NDSS 2019 - [i4]Ahmed Salem, Apratim Bhattacharyya, Michael Backes, Mario Fritz, Yang Zhang:
Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning. CoRR abs/1904.01067 (2019) - [i3]Jinyuan Jia, Ahmed Salem, Michael Backes, Yang Zhang, Neil Zhenqiang Gong:
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples. CoRR abs/1909.10594 (2019) - 2018
- [i2]Ahmed Salem, Yang Zhang, Mathias Humbert, Mario Fritz, Michael Backes:
ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models. CoRR abs/1806.01246 (2018) - [i1]Lucjan Hanzlik, Yang Zhang, Kathrin Grosse, Ahmed Salem, Max Augustin, Michael Backes, Mario Fritz:
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service. CoRR abs/1808.00590 (2018)
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from 
to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the 
of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from 
, 
, and 
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from 
.
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2025-05-12 21:39 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
