Andrew Paverd
Scholar

Andrew Paverd

Google Scholar ID: QZ2HOkMAAAAJ
Microsoft
SecurityPrivacy
HomepageGoogle Scholar
Citations & Impact
All-time
Citations
2,388
 
H-index
23
 
i10-index
35
 
Publications
20
 
Co-authors
108
list available
Contact
TwitterOpen ↗GitHubOpen ↗LinkedInOpen ↗
Publications
8 items
Stateless Yet Not Forgetful: Implicit Memory as a Hidden Channel in LLMs
2026
Cited
0
Highlight & Summarize: RAG without the jailbreaks
2025
Cited
0
LLMail-Inject: A Dataset from a Realistic Adaptive Prompt Injection Challenge
2025
Cited
0
Design Patterns for Securing LLM Agents against Prompt Injections
2025
Cited
0
Securing AI Agents with Information-Flow Control
2025
Cited
0
ExclaveFL: Providing Transparency to Federated Learning using Exclaves
arXiv.org · 2024
Cited
0
Permissive Information-Flow Analysis for Large Language Models
arXiv.org · 2024
Cited
1
Get my drift? Catching LLM Task Drift with Activation Deltas
2024
Cited
6
Resume (English only)
Academic Achievements
  • December 2024: Paper 'Get my drift? Catching LLM Task Drift with Activation Deltas' accepted for IEEE SaTML 2025.
  • May 2024: Paper 'Trustworthy AI using Confidential Federated Learning: Federated learning and confidential computing are not competing technologies' published in ACM Queue.
  • February 2024: Paper 'Closed-Form Bounds for DP-SGD against Record-level Inference Attacks' accepted for USENIX Security 2024.
  • August 2023: Published the new 'Microsoft Vulnerability Severity Classification for AI Systems'.
  • June 2023: Paper 'An Empirical Study & Evaluation of Modern CAPTCHAs' accepted for USENIX Security 2023.
  • May 2023: Paper 'Bayesian Estimation of Differential Privacy' accepted for ICML 2023.
  • April 2023: Paper 'SoK: Let The Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning' accepted for IEEE Symposium on Security and Privacy 2023.
  • January 2023: Paper 'VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer Requests' accepted for NDSS 2023.
  • May 2022: Published a paper on pre-hijacked accounts at USENIX Security 2022.
Research Experience
  • April 2025: Will be giving lectures on AI Security at the CISPA-Ellis Summer School and KU Leuven Summer School.
  • January 2025: Will give a talk on 'Vulnerability Response in the Era of AI' at EPFL AMLD 2025.
  • August 2024: Will be giving a lecture at KU Leuven's Summer School.
  • July 2024: Will be speaking on a panel about Generative AI and Security at the Centre for Digital Trust and Society Forum 2024.
  • June 2024: Participated in the inaugural AI security tabletop exercise conducted by CISA.
  • June 2023: Gave a keynote on Evaluating Privacy in Machine Learning at the Dependable and Secure Machine Learning (DSML) workshop 2023.
  • January 2023: Opened applications for research internships in security and privacy at Microsoft Cambridge.
  • May 2022: Published a paper on user account creation security failures at USENIX Security 2022.
  • December 2021: Worked with Will Pearce and others.
Background
  • Principal Research Manager at Microsoft Security Response Center (MSRC), focusing on AI security.
Co-authors
108 total
N. Asokan
N. Asokan
Professor of Computer Science, University of Waterloo
Andrew Martin
Andrew Martin
Professor of Systems Security, University of Oxford
Ahmad-Reza Sadeghi
Ahmad-Reza Sadeghi
Technische Universität Darmstadt
Boris Köpf
Boris Köpf
Azure Research, Microsoft
Santiago Zanella-Béguelin
Santiago Zanella-Béguelin
Microsoft Research
Gene Tsudik
Gene Tsudik
Peter & Lois Griffin Professor, Jolly Good Fellow of This & That
Co-author 7
Co-author 7
Shruti Tople
Shruti Tople
Azure Research, Microsoft