Jaechul Roh
PhD Student in Computer Science
University of Massachusetts Amherst
jroh [AT] cs.umass.edu
About
I am a third-year Ph.D. student in computer science at the University of Massachusetts Amherst, advised by Amir Houmansadr and also closely collaborating with Eugene Bagdasarian. I am affiliated to both SPIN Lab and UMass AI Security Lab. My research centers on the privacy and security of AI models and agentic systems. I am particularly interested in understanding and mitigating vulnerabilities in multimodal systems, with recent work examining the reliability of models that process audio, text, and vision inputs.
Prior to my graduate studies, I earned my bachelor's degree in computer engineering from the Hong Kong University of Science and Technology (HKUST) in the year 2023, where I completed my Final Year Thesis (FYT) on the topic of ''Adversarial Attacks in Federated Learning'' under the supervision of Jun Zhang. I have also worked with Minhao Cheng on the robustness of language models, specifically exploring methods associated with defense against backdoor attacks in language models.
I have recently completed my Summer Research Internship at Brave Software where I worked on privacy and security of AI agents with Ali Shahin Shamsabadi.
Education
University of Massachusetts AmherstAugust 2023 - Current
Ph.D. in Computer Science
The Hong Kong University of Science and Technology Sept. 2017 - May 2023
B.Eng. Computer Engineering
Publications
* indicates equal contribution.SPILLage: Agentic Oversharing on the Web
Jaechul Roh, Eugene Bagdasarian, Hamed Haddadi, Ali Shahin Shamsabadi
Under Review
Throttling Web Agents Using Reasoning Gates
Abhinav Kumar, Jaechul Roh, Ali Naseh, Amir Houmansadr, Eugene Bagdasarian
arXiv (Under Review)
Bob's Confetti : Phonetic Memorization Attacks in Music and Video Generation
Jaechul Roh*, Zachary Novack*, Yuefeng Peng, Niloofar Mireshghallah, Taylor Berg-Kirkpatrick, Amir Houmansadr
arXiv (Under Review)
OverThink: Slowdown Attacks on Reasoning LLMs
Abhinav Kumar, Jaechul Roh, Ali Naseh, Marezna Karpinska, Mohit Iyyer, Amir Houmansadr, Eugene Bagdasaryan
arXiv (Under Review)
World-To-Image: Grounding Text-To-Image Generation With Agent-Driven World Knowledge
Moo Hyun Son, Jintaek Oh, Sub Bin Mun, Jaechul Roh, Sehyun Choi
arXiv (Under Review)
Multilingual and Multi-Accent Jailbreaking of Audio LLMs
Jaechul Roh, Virat Shejwalkar, Amir Houmansadr
COLM 2025
Backdooring Bias (B²) into Stable Diffusion Models
Ali Naseh, Jaechul Roh, Eugene Bagdasaryan, Amir Houmansadr
USENIX Security 2025
OSLO: One-Shot Label-Only Membership Inference Attacks
Yuefeng Peng, Jaechul Roh, Subhransu Maji, Amir Houmansadr
NeurIPS 2024
Memory Triggers: Unveiling Memorization in Text-To-Image Generative Models through Word-Level Duplication
Ali Naseh, Jaechul Roh, Amir Houmansadr
AAAI PPAI 2024
Robust Smart Home Face Recognition under Starving Federated Data
Jaechul Roh, Yajun Fang
IEEE UV 2022
MSDT: Masked Language Model Scoring Defense in Text Domain
Jaechul Roh, Minhao Cheng, Yajun Fang
IEEE UV 2022
Impact of Adversarial Training on the Robustness of Deep Neural Networks
Jaechul Roh
IEEE ICISCAE 2022
Throttling Web Agents Using Reasoning Gates
Abhinav Kumar, Jaechul Roh, Ali Naseh, Amir Houmansadr, Eugene Bagdasarian
arXiv (Under Review)
Bob's Confetti : Phonetic Memorization Attacks in Music and Video Generation
Jaechul Roh*, Zachary Novack*, Yuefeng Peng, Niloofar Mireshghallah, Taylor Berg-Kirkpatrick, Amir Houmansadr
arXiv (Under Review)
OverThink: Slowdown Attacks on Reasoning LLMs
Abhinav Kumar, Jaechul Roh, Ali Naseh, Marezna Karpinska, Mohit Iyyer, Amir Houmansadr, Eugene Bagdasaryan
arXiv (Under Review)
World-To-Image: Grounding Text-To-Image Generation With Agent-Driven World Knowledge
Moo Hyun Son, Jintaek Oh, Sub Bin Mun, Jaechul Roh, Sehyun Choi
arXiv (Under Review)
Chain-of-Code Collapse: Reasoning Failures in LLMs via Adversarial Prompting in Code Generation
Jaechul Roh, Varun Gandhi, Shivani Anilkumar, Arin Garg
arXiv
R1dacted: Investigating Local Censorship in DeepSeek's R1 Language Model
Ali Naseh, Harsh Chaudhari, Jaechul Roh, Mingshi Wu, Alina Oprea, Amir Houmansadr
arXiv
FameBias: Embedding Manipulation Bias Attack in Text-to-Image Models
Jaechul Roh*, Andrew Yuan*, Jinsong Mao*
arXiv
Understanding (Un)Intended Memorization in Text-to-Image Generative Models
Ali Naseh, Jaechul Roh, Amir Houmansadr
arXiv
SPILLage: Agentic Oversharing on the Web
Jaechul Roh, Eugene Bagdasarian, Hamed Haddadi, Ali Shahin Shamsabadi
Under Review
Throttling Web Agents Using Reasoning Gates
Abhinav Kumar, Jaechul Roh, Ali Naseh, Amir Houmansadr, Eugene Bagdasarian
arXiv (Under Review)
Bob's Confetti : Phonetic Memorization Attacks in Music and Video Generation
Jaechul Roh*, Zachary Novack*, Yuefeng Peng, Niloofar Mireshghallah, Taylor Berg-Kirkpatrick, Amir Houmansadr
arXiv (Under Review)
OverThink: Slowdown Attacks on Reasoning LLMs
Abhinav Kumar, Jaechul Roh, Ali Naseh, Marezna Karpinska, Mohit Iyyer, Amir Houmansadr, Eugene Bagdasaryan
arXiv (Under Review)
World-To-Image: Grounding Text-To-Image Generation With Agent-Driven World Knowledge
Moo Hyun Son, Jintaek Oh, Sub Bin Mun, Jaechul Roh, Sehyun Choi
arXiv (Under Review)
Chain-of-Code Collapse: Reasoning Failures in LLMs via Adversarial Prompting in Code Generation
Jaechul Roh, Varun Gandhi, Shivani Anilkumar, Arin Garg
arXiv
R1dacted: Investigating Local Censorship in DeepSeek's R1 Language Model
Ali Naseh, Harsh Chaudhari, Jaechul Roh, Mingshi Wu, Alina Oprea, Amir Houmansadr
arXiv
FameBias: Embedding Manipulation Bias Attack in Text-to-Image Models
Jaechul Roh*, Andrew Yuan*, Jinsong Mao*
arXiv
Understanding (Un)Intended Memorization in Text-to-Image Generative Models
Ali Naseh, Jaechul Roh, Amir Houmansadr
arXiv
Multilingual and Multi-Accent Jailbreaking of Audio LLMs
Jaechul Roh, Virat Shejwalkar, Amir Houmansadr
COLM 2025
Backdooring Bias (B²) into Stable Diffusion Models
Ali Naseh, Jaechul Roh, Eugene Bagdasaryan, Amir Houmansadr
USENIX Security 2025
OSLO: One-Shot Label-Only Membership Inference Attacks
Yuefeng Peng, Jaechul Roh, Subhransu Maji, Amir Houmansadr
NeurIPS 2024
Memory Triggers: Unveiling Memorization in Text-To-Image Generative Models through Word-Level Duplication
Ali Naseh, Jaechul Roh, Amir Houmansadr
AAAI PPAI 2024
Robust Smart Home Face Recognition under Starving Federated Data
Jaechul Roh, Yajun Fang
IEEE UV 2022
MSDT: Masked Language Model Scoring Defense in Text Domain
Jaechul Roh, Minhao Cheng, Yajun Fang
IEEE UV 2022
Impact of Adversarial Training on the Robustness of Deep Neural Networks
Jaechul Roh
IEEE ICISCAE 2022
Academic Service
-
Invited Talks:
- Google Speech Technologies Group: Presented our ”Multilingual and Multi-Accent Jailbreaking of Audio LLMs” paper to the NFM Reading Group led by the Speech Technologies Group at Google DeepMind. [Slides]
-
Published Magazine Article:
- Can You Trust What AI Hears (and Says)? XRDS: Crossroads, The ACM Magazine for Students 31 (4), 34-39. [Link]
-
Reviewer:
- Main conference: ICLR (2025, 2026)
- Workshop: COLM XLLM-Workshop (2025)
Vitæ
Full Resume in PDF.
-
Brave Software Jun. 2025 - Sep. 2025Research Intern
Research Area: Privacy in Web Agent -
UMass Amherst Aug. 2023 -Ph.D. Student in Computer Science
SPIN Lab, UMass AI Security Lab -
IEEE Universal Village Jun. 2022 - Sept. 2022Student Researcher
-
Super Chain AI Jun. 2021 - Aug. 2021NLP Engineer Intern
-
Military Service (R.O.K Army) Jul. 2018 - Mar. 2020Sergeant (Squad Leader)
-
HKUST Aug. 2017 - May. 2023B.Eng. in Computer Engineering
Final Year Thesis: Adversarial Attacks in Federated Learning