Roei Schuster

Vector Institute for Artificial Intelligence

About me

I am a Postdoctoral Fellow at the Vector Institute for AI, advised by prof. Nicolas Papernot.

I am interested in the broad intersection of information security and machine learning. I published work on using data and ML for both defenses (to construct tight security policies) and attacks (analyzing and exploiting noisy side-channel leaks). I also focus on new advances in natural language processing, and their adversarial implications.

Previously, I completed a PhD in computer science at Tel Aviv University, where I was advised by prof. Eran Tromer, Throughout my entire PhD period, I was also a researcher at Cornell Tech. Before that, I completed my B.Sc. in computer science at the Technion, and worked as a researcher in the information security industry.


  • Understanding Transformer Memorization Recall Through Idioms [pdf]
    Adi Haviv, Ido Cohen, Jacob Gidron, Roei Schuster, Yoav Goldberg, Mor Geva. 2022
  • Squint Hard Enough: Evaluating Perceptual Hashing with Machine Learning [pdf]
    Jonathan Prokos, Tushar M. Jois, Neil Fendley, Roei Schuster, Matthew Green, Eran Tromer, and Yinzhi Cao. USENIX Security 2023
  • In Differential Privacy, There is Truth: on Vote Leakage in Ensemble Private Learning [pdf]
    Jiaqi Wang, Roei Schuster, Ilia Shumailov, David Lie, Nicolas Papernot NeurIPS 2022
  • Toward Proactive Support for Older Adults: Predicting the Right Moment for Providing Mobile Safety Help
    Tamir Mendel, Roei Schuster, Eran Tromer, and Eran Toch IMWUT/UbiComp 2022
  • Lend Me Your Ear: Passive Remote Physical Side Channels on PCs [pdf]
    (alphabetically) Daniel Genkin, Noam Nissan, Roei Schuster, and Eran Tromer. USENIX Security 2022
    • Also presented at Real-World Crypto '22 and as an invited talk at '22
  • When the Curious Abandon Honesty: Federated Learning is Not Private [pdf]
    Franziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, and Nicolas Papernot. 2021
  • Transformer Feed-Forward Layers Are Key-Value Memories [pdf]
    Mor Geva, Roei Schuster, Jonathan Berant, and Omer Levy. EMNLP 2021
  • You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion [pdf]
    Roei Schuster, Congzheng Song, Eran Tromer, and Vitaly Shmatikov. USENIX Security 2021
    • Distinguished Paper Award winner
    • Also presented as invited poster at EuroS&P '22
  • De-Anonymizing Text by Fingerprinting Language Generation [pdf]
    Zhen Sun, Roei Schuster, and Vitaly Shmatikov. NeurIPS 2020 (Spotlight)
  • Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning [pdf]
    Roei Schuster, Tal Schuster, Yoav Meri, and Vitaly Shmatikov. IEEE S&P (Oakland) 2020
  • The Limitations of Stylometry for Detecting Machine-Generated Fake News [pdf]
    Tal Schuster, Roei Schuster, Darsh J Shah, and Regina Barzilay. Computational Linguistics, 2020
    Media coverage: MIT News
  • Synesthesia: Detecting Screen Content via Remote Acoustic Side-Channels [pdf] [paper webpage]
    (alphabetically) Daniel Genkin, Mihir Pattani, Roei Schuster, and Eran Tromer. IEEE S&P (Oakland) 2019
    Media coverage: Ars Technica, WIRED
  • Situational Access Control in the Internet of Things [pdf]
    Roei Schuster, Vitaly Shmatikov, and Eran Tromer. CCS 2018
  • Beauty and the Burst: Remote Identification of Encrypted Video Streams [pdf] [paper webpage]
    Roei Schuster, Vitaly Shmatikov, and Eran Tromer. USENIX Security 2017
    Media coverage: The Economist IEEE Spectrum
  • DroidDisintegrator: Intra-Application Information Flow Control for Android Apps [pdf] [paper webpage]
    Roei Schuster and Eran Tromer. AsiaCCS 2016