lea

 

Lea Schönherr

Faculty

I am a tenure-track faculty at CISPA Helmholtz Center for Information Security since 2022. I received my PhD in 2021 from Ruhr University Bochum, Germany, in the DFG Cluster of Excellence “Cyber Security in the Age of Large-Scale Adversaries“ (CASA). My research interests lie in the area of system-level adversarial machine learning and trustworthy generative AI. After my PhD I was visiting researcher at the University of California, Berkeley, and the University of Chicago.

 

In my Dormant Neurons research group our vision is to build secure, safe, and fair AI that people can trust.

 

Our work includes research on attacks and defenses for AI including LLM, multimodal systems, speech recognition systems, and generative models, as well as methods to prevent the misuse of generative AI. This includes robust feature analysis and studying human factors involved in recognizing generated media. In addition, we investigate code-generating models, focusing on understanding the strengths and limitations of automated systems. For more information on our research, please also see the group website from Dormant Neurons.

 

During my Ph.D., I was advised by Prof. Dr.-Ing. Dorothea Kolossa at the Cognitive Signal Processing group at Ruhr University Bochum (RUB), Germany. I also received two scholarships from UbiCrypt (DFG Research Training Group) and CASA (DFG Cluster of Excellence).

  ·     ·  

 

2026

Jonathan Evertz, Niklas Risse, Nicolai Neuer, Andreas Müller, Philipp Normann, Gaetano Sapia, Srishti Gupta, David Pape, Soumya Shaw, Devansh Srivastav, Christian Wressnegger, Erwin Quiring, Thorsten Eisenhofer, Daniel Arp, Lea Schönherr

Chasing Shadows: Pitfalls in LLM Security Research

Network and Distributed System Security Symposium (NDSS)    [Paper][BibTex]

Shir Bernstein, David Beste, Daniel Ayzenshteyn, Lea Schönherr, Yisroel Mirsky

Trust Me, I Know This Function: Hijacking LLM Static Analysis using Bias

Network and Distributed System Security Symposium (NDSS)    [Paper][BibTex]

Sandra Höltervennhoff, Jonas Ricker, Maike M Raphael, Charlotte Schwedes, Rebecca Weil, Asja Fischer, Thorsten Holz, Lea Schönherr, Sascha Fahl

Security Benefits and Side Effects of Labeling AI-Generated Images

ACM Conference on Human Factors in Computing Systems (CHI)    [Paper][BibTex]

Rostislav Makarov, Lea Schönherr, Timo Gerkmann

Are Modern Speech Enhancement Systems Vulnerable to Adversarial Attacks?

IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP)    [Paper][BibTex]

Sina Mavali, Jonas Ricker, David Pape, Asja Fischer, Lea Schönherr

Adversarial Robustness of AI-Generated Image Detectors in the Real World

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)    [Paper][BibTex]

Jonathan Evertz, Merlin Chlosta, Lea Schönherr, and Thorsten Eisenhofer

Whispers in the Machine: Confidentiality in LLM-integrated Systems

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)    [Paper][BibTex]

2025

David Pape, Sina Mavali, Thorsten Eisenhofer, and Lea Schönherr

Prompt Obfuscation for Large Language Models

USENIX Security Symposium    [Paper][BibTex]

Srishti Gupta, Daniele Angioni, Maura Pintor, Ambra Demontis, Lea Schönherr, Fabio Roli, Battista Biggio

Buffer-free Class-Incremental Learning with Out-of-Distribution Detection

Pattern Recognition    [Paper] [BibTex]

João Borges S. Carvalho, Víctor Jiménez Rodríguez, Alessandro Torcinovich, Antonio E Cinà, Carlos Cotrini, Lea Schönherr, Joachim M Buhmann

Rethinking Robustness in Machine Learning: A Posterior Agreement Approach

Transactions on Machine Learning Research (TMLR)    [Paper][BibTex]

Luca Olivieri, David Beste, Luca Negrini, Lea Schönherr, Antonio Emanuele Cina, Pietro Ferrara

Code Generation of Smart Contracts with LLMs: A Case Study on Hyperledger Fabric

International Symposium on Software Reliability Engineering (ISSRE)    [Paper][BibTex]

David Beste, Grégoire Menguy, Hossein Hajipour, Mario Fritz, Antonio Emanuele Cinà, Sébastien Bardin, Thorsten Holz, Thorsten Eisenhofer, Lea Schönherr

Exploring the Potential of LLMs for Code Deobfuscation

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)    [Paper][BibTex]

Antonio Emanuele Cinà, Francesco Villani, Maura Pintor, Lea Schönherr, Battista Biggio, and Marcello Pelillo

σ-Zero: Gradient-based Optimization of l0-norm Adversarial Examples

International Conference on Learning Representations (ICLR)    [Paper][BibTex]

2024

Edoardo Debenedetti, Javier Rando, Daniel Paleka, Silaghi Fineas Florin, Dragos Albastroiu, Niv Cohen, Yuval Lemberg, Reshmi Ghosh, Rui Wen, Ahmed Salem, Giovanni Cherubin, Santiago Zanella-Beguelin, Robin Schmid, Victor Klem, Takahiro Miki, Chenhao Li, Stefan Kraft, Mario Fritz, Florian Tramèr, Sahar Abdelnabi, and Lea Schönherr

Dataset and Lessons Learned from the 2024 SaTML LLM Capture-the-Flag Competition

NeurIPS Datasets and Benchmarks Track    [Paper][BibTex]

Sahar Abdelnabi, Amr Gomaa, Sarath Sivaprasad, Lea Schönherr, and Mario Fritz

Cooperation, Competition, and Maliciousness: LLM-Stakeholders Interactive Negotiation

NeurIPS Datasets and Benchmarks Track    [Paper] [BibTex]

Bhupendra Acharya, Dario Lazzaro, Efrén López-Morales, Adam Oest, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, and Thorsten Holz

The Imitation Game: Exploring Brand Impersonation Attacks on Social Media Platforms

USENIX Security Symposium    [Paper] [BibTex]

Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer, Markus Dürmuth, and Thorsten Holz

A Representative Study on Human Detection of Artificially Generated Media Across Countries

IEEE Security & Privacy (S&P)    [Paper] [BibTex]

Bhupendra Acharya, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Hoang Dai Nguyen, Adam Oest, Phani Vadrevu, and Thorsten Holz

Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams

IEEE Security & Privacy (S&P)    [Paper] [BibTex]

Hossein Hajipour, Keno Hassler, Thorsten Holz, Lea Schönherr, and Mario Fritz

CodeLMSec Benchmark: Systematically Evaluating and Finding Security Vulnerabilities in Black-Box Code Language Models

IEEE Secure and Trustworthy Machine Learning (SatML)    [Paper] [BibTex]

Soumya Shaw, Ben Nassi, and Lea Schönherr

Generated Audio Detectors are Not Robust in Real-World Conditions

ICML Workshop on Next Generation of AI Safety Workshop    [Paper] [BibTex]

Hossein Hajipour, Lea Schönherr, Thorsten Holz and Mario Fritz

HexaCoder: Secure Code Generation via Oracle-Guided Synthetic Training Data

ArXiv    [Paper][BibTex]

2023

David Pape, Sina Däubener, Thorsten Eisenhofer, Antonio Emanuele Cinà, and Lea Schönherr

On the Limitations of Model Stealing with Uncertainty Quantification Models

European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning (ESANN)    [Paper] [BibTex]

Nico Schiller, Merlin Chlosta, Moritz Schloegel, Nils Bars, Thorsten Eisenhofer, Tobias Scharnowski, Felix Domke, Lea Schönherr, and Thorsten Holz

Drone Security and the Mysterious Case of DJI’s DroneID

Network and Distributed System Security Symposium (NDSS)    [Paper] [BibTex]

Hojjat Aghakhani, Thorsten Eisenhofer, Lea Schönherr, Dorothea Kolossa, Thorsten Holz, Christopher Kruegel, and Giovanni Vigna

VENOMAVE: Clean-Label Poisoning Against Speech Recognition

IEEE Secure and Trustworthy Machine Learning (SatML)    [Paper] [BibTex]

2022

Timm Koppelmann, Luca Becker, Alexandru Nelus, Rene Glitza, Lea Schönherr, and Rainer Martin

Clustering-based Wake Word Detection in Privacy-aware Acoustic Sensor Networks

INTERSPEECH    [Paper] [BibTex]

Lea Schönherr, Maximilian Golla, Thorsten Eisenhofer, Jan Wiele, Dorothea Kolossa, and Thorsten Holz

Exploring Accidental Triggers of Smart Speakers

Computer Speech & Language    [Paper] [Website] [BibTex]

2021

Joel Frank and Lea Schönherr

WaveFake: A Data Set to Facilitate Audio DeepFake Detection

NeurIPS Datasets and Benchmarks Track    [Paper][Code] [Talk] [BibTex]

Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Dorothea Kolossa, and Thorsten Holz

Dompteur: Taming Audio Adversarial Examples

USENIX Security Symposium    [Paper] [Code] [Talk] [BibTex]

Lea Schönherr

Adverarially Robust Speech and Speaker Recognition

Ruhr University Bochum   [Dissertation] [BibTex]

Timm Koppelmann, Alexandru Nelus, Lea Schönherr, Dorothea Kolossa, and Rainer Martin

Privacy-Preserving Feature Extraction for Cloud-Based Wake Word Verification

INTERSPEECH    [Paper] [BibTex]

2020

Joel Frank, Thorsten Eisenhofer, Lea Schönherr, Asja Fischer, Dorothea Kolossa, and Thorsten Holz

Leveraging Frequency Analysis for Deep Fake Image Recognition

ICML    [Paper] [Code] [Talk] [BibTex]

Lea Schönherr, Thorsten Eisenhofer, Steffen Zeiler, Thorsten Holz, and Dorothea Kolossa

Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems

ACSAC    [Paper] [Talk] [BibTex]

Sina Däubener, Lea Schönherr, Asja Fischer, and Dorothea Kolossa

Detecting Adversarial Examples for Speech Recognition via Uncertainty Quantification

INTERSPEECH    [Paper] [Code] [BibTex]

Jan Freiwald, Lea Schönherr, Christopher Schymura, Steffen Zeiler, and Dorothea Kolossa

Loss Functions for Deep Monaural Speech Enhancement

IJCNN    [Paper] [BibTex]

2019

Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, and Dorothea Kolossa

Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding

Network and Distributed System Security Symposium (NDSS)    [Paper] [Website] [Code] [Talk] [BibTex]

2017

Lea Schönherr, Steffen Zeiler, and Dorothea Kolossa

Spoofing Detection via Simultaneous Verification of Audio-Visual Synchronicity and Transcription

ASRU    [Paper] [BibTex]

2016

Lea Schönherr, Dennis Orth, Martin Heckmann, and Dorothea Kolossa

Environmentally Robust Audio-Visual Speaker Identification

SLT    [Paper] [BibTex]