| 2024 | "Belt and suspenders" or "just red tape"?: Investigating Early Artifacts and User Perceptions of IoT App Security Certification. Prianka Mandal, Amit Seal Ami, Victor Olaiya, Sayyed Hadi Razmjo, Adwait Nadkarni |
| 2024 | "But they have overlooked a few things in Afghanistan: " An Analysis of the Integration of Biometric Voter Verification in the 2019 Afghan Presidential Elections. Kabir Panahi, Shawn Robertson, Yasemin Acar, Alexandru G. Bardas, Tadayoshi Kohno, Lucy Simko |
| 2024 | "Did They F***ing Consent to That?": Safer Digital Intimacy via Proactive Protection Against Image-Based Sexual Abuse. Lucy Qin, Vaughn Hamilton, Sharon Wang, Yigit Aydinalp, Marin Scarlett, Elissa M. Redmiles |
| 2024 | "I Don't Know If We're Doing Good. I Don't Know If We're Doing Bad": Investigating How Practitioners Scope, Motivate, and Conduct Privacy Work When Developing AI Products. Hao-Ping (Hank) Lee, Lan Gao, Stephanie S. Yang, Jodi Forlizzi, Sauvik Das |
| 2024 | "I chose to fight, be brave, and to deal with it": Threat Experiences and Security Practices of Pakistani Content Creators. Lea Gröber, Waleed Arshad, Shanza, Angelica Goetzen, Elissa M. Redmiles, Maryam Mustafa, Katharina Krombholz |
| 2024 | "I feel physically safe but not politically safe": Understanding the Digital Threats and Safety Practices of OnlyFans Creators. Ananta Soneji, Vaughn Hamilton, Adam Doupé, Allison McDonald, Elissa M. Redmiles |
| 2024 | "I just hated it and I want my money back": Data-driven Understanding of Mobile VPN Service Switching Preferences in The Wild. Rohit Raj, Mridul Newar, Mainack Mondal |
| 2024 | "I really just leaned on my community for support": Barriers, Challenges and Coping Mechanisms Used by Survivors of Technology-Facilitated Abuse to Seek Social Support. Naman Gupta, Kate Walsh, Sanchari Das, Rahul Chatterjee |
| 2024 | "I'm not convinced that they don't collect more than is necessary": User-Controlled Data Minimization Design in Search Engines. Tanusree Sharma, Lin Kyi, Yang Wang, Asia J. Biega |
| 2024 | "There are rabbit holes I want to go down that I'm not allowed to go down": An Investigation of Security Expert Threat Modeling Practices for Medical Devices. Ronald E. Thompson III, Madeline McLaughlin, Carson Powers, Daniel Votipka |
| 2024 | "These results must be false": A usability evaluation of constant-time analysis tools. Marcel Fourné, Daniel De Almeida Braga, Jan Jancar, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar |
| 2024 | "What Keeps People Secure is That They Met The Security Team": Deconstructing Drivers And Goals of Organizational Security Awareness. Jonas Hielscher, Simon Parkin |
| 2024 | "What do you want from theory alone?" Experimenting with Tight Auditing of Differentially Private Synthetic Data Generation. Meenatchi Sundaram Muthu Selva Annamalai, Georgi Ganev, Emiliano De Cristofaro |
| 2024 | "You have to read 50 different RFCs that contradict each other": An Interview Study on the Experiences of Implementing Cryptographic Standards. Nicolas Huaman, Jacques Suray, Jan H. Klemmer, Marcel Fourné, Sabrina Amft, Ivana Trummová, Yasemin Acar, Sascha Fahl |
| 2024 | 00SEVen - Re-enabling Virtual Machine Forensics: Introspecting Confidential VMs Using Privileged in-VM Agents. Fabian Schwarz, Christian Rossow |
| 2024 | 33rd USENIX Security Symposium, USENIX Security 2024, Philadelphia, PA, USA, August 14-16, 2024 Davide Balzarotti, Wenyuan Xu |
| 2024 | 6Sense: Internet-Wide IPv6 Scanning and its Security Applications. Grant Williams, Mert Erdemir, Amanda Hsu, Shraddha Bhat, Abhishek Bhaskar, Frank Li, Paul Pearce |
| 2024 | A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard. Joschua Schilling, Andreas Wendler, Philipp Görz, Nils Bars, Moritz Schloegel, Thorsten Holz |
| 2024 | A Broad Comparative Evaluation of Software Debloating Tools. Michael D. Brown, Adam Meily, Brian Fairservice, Akshay Sood, Jonathan Dorn, Eric Kilmer, Ronald Eytchison |
| 2024 | A Decade of Privacy-Relevant Android App Reviews: Large Scale Trends. Omer Akgul, Sai Teja Peddinti, Nina Taft, Michelle L. Mazurek, Hamza Harkous, Animesh Srivastava, Benoit Seguin |
| 2024 | A First Physical-World Trajectory Prediction Attack via LiDAR-induced Deceptions in Autonomous Driving. Yang Lou, Yi Zhu, Qun Song, Rui Tan, Chunming Qiao, Wei-Bin Lee, Jianping Wang |
| 2024 | A Flushing Attack on the DNS Cache. Yehuda Afek, Anat Bremler-Barr, Shoham Danino, Yuval Shavitt |
| 2024 | A Formal Analysis of SCTP: Attack Synthesis and Patch Verification. Jacob Ginesin, Max von Hippel, Evan Defloor, Cristina Nita-Rotaru, Michael Tüxen |
| 2024 | A Friend's Eye is A Good Mirror: Synthesizing MCU Peripheral Models from Peripheral Drivers. Chongqing Lei, Zhen Ling, Yue Zhang, Yan Yang, Junzhou Luo, Xinwen Fu |
| 2024 | A High Coverage Cybersecurity Scale Predictive of User Behavior. Yukiko Sawaya, Sarah Lu, Takamasa Isohara, Mahmood Sharif |
| 2024 | A Linear Reconstruction Approach for Attribute Inference Attacks against Synthetic Data. Meenatchi Sundaram Muthu Selva Annamalai, Andrea Gadotti, Luc Rocher |
| 2024 | A Mixed-Methods Study on User Experiences and Challenges of Recovery Codes for an End-to-End Encrypted Service. Sandra Höltervennhoff, Noah Wöhler, Arne Möhle, Marten Oltrogge, Yasemin Acar, Oliver Wiese, Sascha Fahl |
| 2024 | A NEW HOPE: Contextual Privacy Policies for Mobile Applications and An Approach Toward Automated Generation. Shidong Pan, Zhen Tao, Thong Hoang, Dawen Zhang, Tianshi Li, Zhenchang Xing, Xiwei Xu, Mark Staples, Thierry Rakotoarivelo, David Lo |
| 2024 | A Taxonomy of C Decompiler Fidelity Issues. Luke Dramko, Jeremy Lacomis, Edward J. Schwartz, Bogdan Vasilescu, Claire Le Goues |
| 2024 | A Wolf in Sheep's Clothing: Practical Black-box Adversarial Attacks for Evading Learning-based Windows Malware Detection in the Wild. Xiang Ling, Zhiyu Wu, Bin Wang, Wei Deng, Jingzheng Wu, Shouling Ji, Tianyue Luo, Yanjun Wu |
| 2024 | ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation. Ataberk Olgun, Yahya Can Tugrul, Nisa Bostanci, Ismail Emir Yuksel, Haocong Luo, Steve Rhyner, Abdullah Giray Yaglikçi, Geraldo F. Oliveira, Onur Mutlu |
| 2024 | ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture. Supraja Sridhara, Andrin Bertschi, Benedict Schlüter, Mark Kuhne, Fabio Aliberti, Shweta Shinde |
| 2024 | ACE: A Model Poisoning Attack on Contribution Evaluation Methods in Federated Learning. Zhangchen Xu, Fengqing Jiang, Luyao Niu, Jinyuan Jia, Bo Li, Radha Poovendran |
| 2024 | AE-Morpher: Improve Physical Robustness of Adversarial Objects against LiDAR-based Detectors via Object Reconstruction. Shenchen Zhu, Yue Zhao, Kai Chen, Bo Wang, Hualong Ma, Cheng'an Wei |
| 2024 | AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images. David Oygenblik, Carter Yagemann, Joseph Zhang, Arianna Mastali, Jeman Park, Brendan Saltaformaggio |
| 2024 | ATTention Please! An Investigation of the App Tracking Transparency Permission. Reham Mohamed, Arjun Arunasalam, Habiba Farrukh, Jason Tong, Antonio Bianchi, Z. Berkay Celik |
| 2024 | Abandon All Hope Ye Who Enter Here: A Dynamic, Longitudinal Investigation of Android's Data Safety Section. Ioannis Arkalakis, Michalis Diamantaris, Serafeim Moustakas, Sotiris Ioannidis, Jason Polakis, Panagiotis Ilia |
| 2024 | Abuse Reporting for Metadata-Hiding Communication Based on Secret Sharing. Saba Eskandarian |
| 2024 | Abuse-Resistant Location Tracking: Balancing Privacy and Safety in the Offline Finding Ecosystem. Harry Eldridge, Gabrielle Beck, Matthew Green, Nadia Heninger, Abhishek Jain |
| 2024 | Accelerating Secure Collaborative Machine Learning with Protocol-Aware RDMA. Zhenghang Ren, Mingxuan Fan, Zilong Wang, Junxue Zhang, Chaoliang Zeng, Zhicong Huang, Cheng Hong, Kai Chen |
| 2024 | Adversarial Illusions in Multi-Modal Embeddings. Tingwei Zhang, Rishi D. Jha, Eugene Bagdasaryan, Vitaly Shmatikov |
| 2024 | Adversary is on the Road: Attacks on Visual SLAM using Unnoticeable Adversarial Patch. Baodong Chen, Wei Wang, Pascal Sikorski, Ting Zhu |
| 2024 | Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation. Zion Leonahenahe Basque, Ati Priya Bajaj, Wil Gibbs, Jude O'Kain, Derron Miao, Tiffany Bao, Adam Doupé, Yan Shoshitaishvili, Ruoyu Wang |
| 2024 | All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts. Tianle Sun, Ningyu He, Jiang Xiao, Yinliang Yue, Xiapu Luo, Haoyu Wang |
| 2024 | An Interview Study on Third-Party Cyber Threat Hunting Processes in the U.S. Department of Homeland Security. William P. Maxam III, James C. Davis |
| 2024 | An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection. Shenao Yan, Shen Wang, Yue Duan, Hanbin Hong, Kiho Lee, Doowon Kim, Yuan Hong |
| 2024 | Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content. Qinge Xie, Manoj Vignesh Kasi Murali, Paul Pearce, Frank Li |
| 2024 | Argus: All your (PHP) Injection-sinks are belong to us. Rasoul Jahanshahi, Manuel Egele |
| 2024 | Assessing Suspicious Emails with Banner Warnings Among Blind and Low-Vision Users in Realistic Settings. Filipo Sharevski, Aziz Zeidieh |
| 2024 | Athena: Analyzing and Quantifying Side Channels of Transport Layer Protocols. Feiyang Yu, Quan Zhou, Syed Rafiul Hussain, Danfeng Zhang |
| 2024 | Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities. Emre Güler, Sergej Schumilo, Moritz Schloegel, Nils Bars, Philipp Görz, Xinyi Xu, Cemal Kaygusuz, Thorsten Holz |
| 2024 | AttackGNN: Red-Teaming GNNs in Hardware Security Using Reinforcement Learning. Vasudev Gohil, Satwik Patnaik, Dileep Kalathil, Jeyavijayan Rajendran |
| 2024 | AutoFHE: Automated Adaption of CNNs for Efficient Evaluation over FHE. Wei Ao, Vishnu Naresh Boddeti |
| 2024 | Automated Large-Scale Analysis of Cookie Notice Compliance. Ahmed Bouhoula, Karel Kubicek, Amit Zac, Carlos Cotrini, David A. Basin |
| 2024 | BUDAlloc: Defeating Use-After-Free Bugs by Decoupling Virtual Address Management from Kernel. Junho Ahn, Jaehyeon Lee, Kanghyuk Lee, Wooseok Gwak, Minseong Hwang, Youngjin Kwon |
| 2024 | BackdoorIndicator: Leveraging OOD Data for Proactive Backdoor Detection in Federated Learning. Songze Li, Yanbo Dai |
| 2024 | Batch PIR and Labeled PSI with Oblivious Ciphertext Compression. Alexander Bienstock, Sarvar Patel, Joon Young Seo, Kevin Yeo |
| 2024 | BeeBox: Hardening BPF against Transient Execution Attacks. Di Jin, Alexander J. Gaidis, Vasileios P. Kemerlis |
| 2024 | Being Transparent is Merely the Beginning: Enforcing Purpose Limitation with Polynomial Approximation. Shuofeng Liu, Zihan Wang, Minhui Xue, Long Wang, Yuanchao Zhang, Guangdong Bai |
| 2024 | Bending microarchitectural weird machines towards practicality. Ping-Lun Wang, Riccardo Paccagnella, Riad S. Wahby, Fraser Brown |
| 2024 | Biosignal Authentication Considered Harmful Today. Veena Krish, Nicola Paoletti, Milad Kazemi, Scott A. Smolka, Amir Rahmati |
| 2024 | Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape. Diwen Xue, Anna Ablove, Reethika Ramesh, Grace Kwak Danciu, Roya Ensafi |
| 2024 | CAMP: Compiler and Allocator-based Heap Memory Protection. Zhenpeng Lin, Zheng Yu, Ziyi Guo, Simone Campanoni, Peter A. Dinda, Xinyu Xing |
| 2024 | CAMP: Compositional Amplification Attacks against DNS. Huayi Duan, Marco Bearzi, Jodok Vieli, David A. Basin, Adrian Perrig, Si Liu, Bernhard Tellenbach |
| 2024 | CARDSHARK: Understanding and Stablizing Linux Kernel Concurrency Bugs Against the Odds. Tianshuo Han, Xiaorui Gong, Jian Liu |
| 2024 | CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks. Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao |
| 2024 | CO3: Concolic Co-execution for Firmware. Changming Liu, Alejandro Mera, Engin Kirda, Meng Xu, Long Lu |
| 2024 | CacheWarp: Software-based Fault Injection using Selective State Reset. Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz |
| 2024 | CalcuLatency: Leveraging Cross-Layer Network Latency Measurements to Detect Proxy-Enabled Abuse. Reethika Ramesh, Philipp Winter, Sam Korman, Roya Ensafi |
| 2024 | Can I Hear Your Face? Pervasive Attack on Voice Authentication Systems with a Single Face Image. Nan Jiang, Bangjie Sun, Terence Sim, Jun Han |
| 2024 | Can Virtual Reality Protect Users from Keystroke Inference Attacks? Zhuolin Yang, Zain Sarwar, Iris Hwang, Ronik Bhaskar, Ben Y. Zhao, Haitao Zheng |
| 2024 | Cascade: CPU Fuzzing via Intricate Program Generation. Flavien Solt, Katharina Ceesay-Seitz, Kaveh Razavi |
| 2024 | CellularLint: A Systematic Approach to Identify Inconsistent Behavior in Cellular Network Specifications. Mirza Masfiqur Rahman, Imtiaz Karim, Elisa Bertino |
| 2024 | ChainPatrol: Balancing Attack Detection and Classification with Performance Overhead for Service Function Chains Using Virtual Trailers. Momen Oqaily, Hinddeep Purohit, Yosr Jarraya, Lingyu Wang, Boubakr Nour, Makan Pourzandi, Mourad Debbabi |
| 2024 | ChainReactor: Automated Privilege Escalation Chain Discovery via AI Planning. Giulio De Pasquale, Ilya Grishchenko, Riccardo Iesari, Gabriel Pizarro, Lorenzo Cavallaro, Christopher Kruegel, Giovanni Vigna |
| 2024 | ClearStamp: A Human-Visible and Robust Model-Ownership Proof based on Transposed Model Training. Torsten Krauß, Jasper Stang, Alexandra Dmitrienko |
| 2024 | Closed-Form Bounds for DP-SGD against Record-level Inference. Giovanni Cherubin, Boris Köpf, Andrew Paverd, Shruti Tople, Lukas Wutschitz, Santiago Zanella-Béguelin |
| 2024 | Co-Designing a Mobile App for Bystander Privacy Protection in Jordanian Smart Homes: A Step Towards Addressing a Complex Privacy Landscape. Wael S. Albayaydh, Ivan Flechais |
| 2024 | Code is not Natural Language: Unlock the Power of Semantics-Oriented Graph Representation for Binary Code Similarity Detection. Haojie He, Xingwei Lin, Ziang Weng, Ruijie Zhao, Shuitao Gan, Libo Chen, Yuede Ji, Jiashui Wang, Zhi Xue |
| 2024 | Correction-based Defense Against Adversarial Video Attacks via Discretization-Enhanced Video Compressive Sensing. Wei Song, Cong Cong, Haonan Zhong, Jingling Xue |
| 2024 | Cost-effective Attack Forensics by Recording and Correlating File System Changes. Le Yu, Yapeng Ye, Zhuo Zhang, Xiangyu Zhang |
| 2024 | Critical Code Guided Directed Greybox Fuzzing for Commits. Yi Xiang, Xuhong Zhang, Peiyu Liu, Shouling Ji, Xiao Xiao, Hong Liang, Jiacheng Xu, Wenhai Wang |
| 2024 | Cross the Zone: Toward a Covert Domain Hijacking via Shared DNS Infrastructure. Yunyi Zhang, Mingming Zhang, Baojun Liu, Zhan Liu, Jia Zhang, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu |
| 2024 | Cryptographic Analysis of Delta Chat. Yuanming Song, Lenka Mareková, Kenneth G. Paterson |
| 2024 | D-Helix: A Generic Decompiler Testing Framework Using Symbolic Differentiation. Muqi Zou, Arslan Khan, Ruoyu Wu, Han Gao, Antonio Bianchi, Dave (Jing) Tian |
| 2024 | DAAP: Privacy-Preserving Model Accuracy Estimation on Unlabeled Datasets Through Distribution-Aware Adversarial Perturbation. Guodong Cao, Zhibo Wang, Yunhe Feng, Xiaowei Dong |
| 2024 | DARKFLEECE: Probing the Dark Side of Android Subscription Apps. Chang Yue, Chen Zhong, Kai Chen, Zhiyu Zhang, Yeonjoon Lee |
| 2024 | DEEPTYPE: Refining Indirect Call Targets with Strong Multi-layer Type Analysis. Tianrou Xia, Hong Hu, Dinghao Wu |
| 2024 | DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks. Xingkai Wang, Wenbo Shen, Yujie Bu, Jinmeng Zhou, Yajin Zhou |
| 2024 | DNN-GP: Diagnosing and Mitigating Model's Faults Using Latent Concepts. Shuo Wang, Hongsheng Hu, Jiamin Chang, Benjamin Zi Hao Zhao, Qi Alfred Chen, Minhui Xue |
| 2024 | DONAPI: Malicious NPM Packages Detector using Behavior Sequence Knowledge Mapping. Cheng Huang, Nannan Wang, Ziyan Wang, Siqi Sun, Lingzi Li, Junren Chen, Qianchong Zhao, Jiaxuan Han, Zhen Yang, Lei Shi |
| 2024 | DPAdapter: Improving Differentially Private Deep Learning through Noise Tolerance Pre-training. Zihao Wang, Rui Zhu, Dongruo Zhou, Zhikun Zhang, John Mitchell, Haixu Tang, Xiaofeng Wang |
| 2024 | DVSorder: Ballot Randomization Flaws Threaten Voter Privacy. Braden L. Crimmins, Dhanya Narayanan, Drew Springall, J. Alex Halderman |
| 2024 | DVa: Extracting Victims and Abuse Vectors from Android Accessibility Malware. Haichuan Xu, Mingxuan Yao, Runze Zhang, Mohamed Moustafa Dawoud, Jeman Park, Brendan Saltaformaggio |
| 2024 | DaCapo: Automatic Bootstrapping Management for Efficient Fully Homomorphic Encryption. Seonyoung Cheon, Yongwoo Lee, Dongkwan Kim, Ju Min Lee, Sunchul Jung, Taekyung Kim, Dongyoon Lee, Hanjun Kim |
| 2024 | Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting. Robin Kirchner, Jonas Möller, Marius Musch, David Klein, Konrad Rieck, Martin Johns |
| 2024 | Data Coverage for Guided Fuzzing. Mingzhe Wang, Jie Liang, Chijin Zhou, Zhiyong Wu, Jingzhou Fu, Zhuo Su, Qing Liao, Bin Gu, Bodong Wu, Yu Jiang |
| 2024 | Data Subjects' Reactions to Exercising Their Right of Access. Arthur Borem, Elleen Pan, Olufunmilola Obielodan, Aurelie Roubinowitz, Luca Dovichi, Michelle L. Mazurek, Blase Ur |
| 2024 | Deciphering Textual Authenticity: A Generalized Strategy through the Lens of Large Language Semantics for Detecting Human vs. Machine-Generated Text. Mazal Bethany, Brandon Wherry, Emet Bethany, Nishant Vishwamitra, Anthony Rios, Peyman Najafirad |
| 2024 | DeepEclipse: How to Break White-Box DNN-Watermarking Schemes. Alessandro Pegoraro, Carlotta Segna, Kavita Kumari, Ahmad-Reza Sadeghi |
| 2024 | Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernels. Lukas Maar, Florian Draschbacher, Lukas Lamster, Stefan Mangard |
| 2024 | Defending Against Data Reconstruction Attacks in Federated Learning: An Information Theory Approach. Qi Tan, Qi Li, Yi Zhao, Zhuotao Liu, Xiaobing Guo, Ke Xu |
| 2024 | Demystifying the Security Implications in IoT Device Rental Services. Yi He, Yunchao Guan, Ruoyu Lun, Shangru Song, Zhihao Guo, Jianwei Zhuge, Jianjun Chen, Qiang Wei, Zehui Wu, Miao Yu, Hetian Shi, Qi Li |
| 2024 | Detecting Kernel Memory Bugs through Inconsistent Memory Management Intention Inferences. Dinghao Liu, Zhipeng Lu, Shouling Ji, Kangjie Lu, Jianhai Chen, Zhenguang Liu, Dexin Liu, Renyi Cai, Qinming He |
| 2024 | Detecting and Mitigating Sampling Bias in Cybersecurity with Unlabeled Data. Saravanan Thirumuruganathan, Fatih Deniz, Issa Khalil, Ting Yu, Mohamed Nabeel, Mourad Ouzzani |
| 2024 | Devil in the Room: Triggering Audio Backdoors in the Physical World. Meng Chen, Xiangyu Xu, Li Lu, Zhongjie Ba, Feng Lin, Kui Ren |
| 2024 | Did the Neurons Read your Book? Document-level Membership Inference for Large Language Models. Matthieu Meeus, Shubham Jain, Marek Rei, Yves-Alexandre de Montjoye |
| 2024 | Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments. Gabriel Karl Gegenhuber, Florian Holzbauer, Philipp É. Frenzel, Edgar R. Weippl, Adrian Dabrowski |
| 2024 | Digital Discrimination of Users in Sanctioned States: The Case of the Cuba Embargo. Anna Ablove, Shreyas Chandrashekaran, Hieu Le, Ram Sundara Raman, Reethika Ramesh, Harry Oppenheimer, Roya Ensafi |
| 2024 | Dissecting Privacy Perspectives of Websites Around the World: "Aceptar Todo, Alle Akzeptieren, Accept All...". Aysun Ogut, Berke Turanlioglu, Doruk Can Metiner, Albert Levi, Cemal Yilmaz, Orçun Çetin, A. Selcuk Uluagac |
| 2024 | Divide and Surrender: Exploiting Variable Division Instruction Timing in HQC Key Recovery Attacks. Robin Leander Schröder, Stefan Gast, Qian Guo |
| 2024 | Do You See How I Pose? Using Poses as an Implicit Authentication Factor for QR Code Payment. Chuxiong Wu, Qiang Zeng |
| 2024 | Does Online Anonymous Market Vendor Reputation Matter? Alejandro Cuevas Villalba, Nicolas Christin |
| 2024 | Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models. Zhiyuan Yu, Xiaogeng Liu, Shunning Liang, Zach Cameron, Chaowei Xiao, Ning Zhang |
| 2024 | Don't Waste My Efforts: Pruning Redundant Sanitizer Checks by Developer-Implemented Type Checks. Yizhuo Zhai, Zhiyun Qian, Chengyu Song, Manu Sridharan, Trent Jaeger, Paul L. Yu, Srikanth V. Krishnamurthy |
| 2024 | Double Face: Leveraging User Intelligence to Characterize and Recognize AI-synthesized Faces. Matthew Joslin, Xian Wang, Shuang Hao |
| 2024 | EL3XIR: Fuzzing COTS Secure Monitors. Christian Lindenmeier, Mathias Payer, Marcel Busch |
| 2024 | ENG25519: Faster TLS 1.3 handshake using optimized X25519 and Ed25519. Jipeng Zhang, Junhao Huang, Lirui Zhao, Donglong Chen, Çetin Kaya Koç |
| 2024 | EVOKE: Efficient Revocation of Verifiable Credentials in IoT Networks. Carlo Mazzocca, Abbas Acar, A. Selcuk Uluagac, Rebecca Montanari |
| 2024 | EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection. Shigang Liu, Di Cao, Junae Kim, Tamas Abraham, Paul Montague, Seyit Camtepe, Jun Zhang, Yang Xiang |
| 2024 | Efficient Privacy Auditing in Federated Learning. Hongyan Chang, Brandon Edwards, Anindya S. Paul, Reza Shokri |
| 2024 | Election Eligibility with OpenID: Turning Authentication into Transferable Proof of Eligibility. Véronique Cortier, Alexandre Debant, Anselme Goetschmann, Lucca Hirschi |
| 2024 | ElectionGuard: a Cryptographic Toolkit to Enable Verifiable Elections. Josh Benaloh, Michael Naehrig, Olivier Pereira, Dan S. Wallach |
| 2024 | Enabling Contextual Soft Moderation on Social Media through Contrastive Textual Deviation. Pujan Paudel, Mohammad Hammas Saeed, Rebecca Auger, Chris Wells, Gianluca Stringhini |
| 2024 | Enabling Developers, Protecting Users: Investigating Harassment and Safety in VR. Abhinaya S. B., Aafaq Sabir, Anupam Das |
| 2024 | Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation. Fangfei Yang, Bumjin Im, Weijie Huang, Kelly Kaoudis, Anjo Vahldiek-Oberwagner, Chia-Che Tsai, Nathan Dautenhahn |
| 2024 | Engaging Company Developers in Security Research Studies: A Comprehensive Literature Review and Quantitative Survey. Raphael Serafini, Stefan Albert Horstmann, Alena Naiakshina |
| 2024 | Enhancing Network Attack Detection with Distributed and In-Network Data Collection System. Seyed Mohammad Mehdi Mirnajafizadeh, Ashwin Raam Sethuram, David Mohaisen, DaeHun Nyang, Rhongho Jang |
| 2024 | Exploiting Leakage in Password Managers via Injection Attacks. Andrés Fábrega, Armin Namavari, Rachit Agarwal, Ben Nassi, Thomas Ristenpart |
| 2024 | Exploring ChatGPT's Capabilities on Vulnerability Management. Peiyu Liu, Junming Liu, Lirong Fu, Kangjie Lu, Yifan Xia, Xuhong Zhang, Wenzhi Chen, Haiqin Weng, Shouling Ji, Wenhai Wang |
| 2024 | Exploring Covert Third-party Identifiers through External Storage in the Android New Era. Zikan Dong, Tianming Liu, Jiapeng Deng, Haoyu Wang, Li Li, Minghui Yang, Meng Wang, Guosheng Xu, Guoai Xu |
| 2024 | Exploring digital security and privacy in relative poverty in Germany through qualitative interviews. Anastassija Kostan, Sara Olschar, Lucy Simko, Yasemin Acar |
| 2024 | Eye of Sauron: Long-Range Hidden Spy Camera Detection and Positioning with Inbuilt Memory EM Radiation. Qibo Zhang, Daibo Liu, Xinyu Zhang, Zhichao Cao, Fanzi Zeng, Hongbo Jiang, Wenqiang Jin |
| 2024 | FAMOS: Robust Privacy-Preserving Authentication on Payment Apps via Federated Multi-Modal Contrastive Learning. Yifeng Cai, Ziqi Zhang, Jiaping Gui, Bingyan Liu, Xiaoke Zhao, Ruoyu Li, Zhe Li, Ding Li |
| 2024 | FEASE: Fast and Expressive Asymmetric Searchable Encryption. Long Meng, Liqun Chen, Yangguang Tian, Mark Manulis, Suhui Liu |
| 2024 | FFXE: Dynamic Control Flow Graph Recovery for Embedded Firmware Binaries. Ryan Tsang, Asmita, Doreen Joseph, Soheil Salehi, Prasant Mohapatra, Houman Homayoun |
| 2024 | FIRE: Combining Multi-Stage Filtering with Taint Analysis for Scalable Recurring Vulnerability Detection. Siyue Feng, Yueming Wu, Wenjie Xue, Sikui Pan, Deqing Zou, Yang Liu, Hai Jin |
| 2024 | FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques. Nikolaos Pantelaios, Alexandros Kapravelos |
| 2024 | FVD-DPM: Fine-grained Vulnerability Detection via Conditional Diffusion Probabilistic Models. Miaomiao Shao, Yuxin Ding |
| 2024 | FaceObfuscator: Defending Deep Learning-based Privacy Attacks with Gradient Descent-resistant Features in Face Recognition. Shuaifan Jin, He Wang, Zhibo Wang, Feng Xiao, Jiahui Hu, Yuan He, Wenwen Zhang, Zhongjie Ba, Weijie Fang, Shuhong Yuan, Kui Ren |
| 2024 | FakeBehalf: Imperceptible Email Spoofing Attacks against the Delegation Mechanism in Email Systems. Jinrui Ma, Lutong Chen, Kaiping Xue, Bo Luo, Xuanbo Huang, Mingrui Ai, Huanjie Zhang, David S. L. Wei, Yan Zhuang |
| 2024 | False Claims against Model Ownership Resolution. Jian Liu, Rui Zhang, Sebastian Szyller, Kui Ren, N. Asokan |
| 2024 | Fast RS-IOP Multivariate Polynomial Commitments and Verifiable Secret Sharing. Zongyang Zhang, Weihan Li, Yanpei Guo, Kexin Shi, Sherman S. M. Chow, Ximeng Liu, Jin Dong |
| 2024 | Fast and Private Inference of Deep Neural Networks by Co-designing Activation Functions. Abdulrahman Diaa, Lucas Fenaux, Thomas Humphries, Marian Dietz, Faezeh Ebrahimianghazani, Bailey Kacsmar, Xinda Li, Nils Lukas, Rasoul Akhavan Mahdavi, Simon Oya, Ehsan Amjadian, Florian Kerschbaum |
| 2024 | Finding Traceability Attacks in the Bluetooth Low Energy Specification and Its Implementations. Jianliang Wu, Patrick Traynor, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi |
| 2024 | Fingerprinting Obfuscated Proxy Traffic with Encapsulated TLS Handshakes. Diwen Xue, Michalis Kallitsis, Amir Houmansadr, Roya Ensafi |
| 2024 | Fledging Will Continue Until Privacy Improves: Empirical Analysis of Google's Privacy-Preserving Targeted Advertising. Giuseppe Calderonio, Mir Masood Ali, Jason Polakis |
| 2024 | Forget and Rewire: Enhancing the Resilience of Transformer-based Models against Bit-Flip Attacks. Najmeh Nazari, Hosein Mohammadi Makrani, Chongzhou Fang, Hossein Sayadi, Setareh Rafatirad, Khaled N. Khasawneh, Houman Homayoun |
| 2024 | Formal Security Analysis of Widevine through the W3C EME Standard. Stéphanie Delaune, Joseph Lallemand, Gwendal Patat, Florian Roudot, Mohamed Sabt |
| 2024 | Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging. Karthikeyan Bhargavan, Charlie Jacomme, Franziskus Kiefer, Rolfe Schmidt |
| 2024 | Formalizing Soundness Proofs of Linear PCP SNARKs. Bolton Bailey, Andrew Miller |
| 2024 | Formalizing and Benchmarking Prompt Injection Attacks and Defenses. Yupei Liu, Yuqi Jia, Runpeng Geng, Jinyuan Jia, Neil Zhenqiang Gong |
| 2024 | FraudWhistler: A Resilient, Robust and Plug-and-play Adversarial Example Detection Method for Speaker Recognition. Kun Wang, Xiangyu Xu, Li Lu, Zhongjie Ba, Feng Lin, Kui Ren |
| 2024 | From One Thousand Pages of Specification to Unveiling Hidden Bugs: Large Language Model Assisted Fuzzing of Matter IoT Devices. Xiaoyue Ma, Lannan Luo, Qiang Zeng |
| 2024 | From the Childhood Past: Views of Young Adults on Parental Sharing of Children's Photos. Tania Ghafourian, Nicholas Micallef, Sameer Patil |
| 2024 | Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing. Asmita, Yaroslav Oliinyk, Michael Scott, Ryan Tsang, Chongzhou Fang, Houman Homayoun |
| 2024 | GFWeb: Measuring the Great Firewall's Web Censorship at Scale. Nguyen Phong Hoang, Jakub Dalek, Masashi Crete-Nishihata, Nicolas Christin, Vinod Yegneswaran, Michalis Polychronakis, Nick Feamster |
| 2024 | GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes. Eric Cornelissen, Mikhail Shcherbakov, Musard Balliu |
| 2024 | GPU Memory Exploitation for Fun and Profit. Yanan Guo, Zhenkai Zhang, Jun Yang |
| 2024 | GhostRace: Exploiting and Mitigating Speculative Race Conditions. Hany Ragab, Andrea Mambretti, Anil Kurmus, Cristiano Giuffrida |
| 2024 | GlobalConfusion: TrustZone Trusted Application 0-Days by Design. Marcel Busch, Philipp Mao, Mathias Payer |
| 2024 | Go Go Gadget Hammer: Flipping Nested Pointers for Arbitrary Data Leakage. Youssef Tobah, Andrew Kwong, Ingab Kang, Daniel Genkin, Kang G. Shin |
| 2024 | GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers. Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher W. Fletcher, David Kohlbrenner, Riccardo Paccagnella, Daniel Genkin |
| 2024 | Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD. Anvith Thudi, Hengrui Jia, Casey Meehan, Ilia Shumailov, Nicolas Papernot |
| 2024 | GraphGuard: Private Time-Constrained Pattern Detection Over Streaming Graphs in the Cloud. Songlei Wang, Yifeng Zheng, Xiaohua Jia |
| 2024 | GridSE: Towards Practical Secure Geographic Search via Prefix Symmetric Searchable Encryption. Ruoyang Guo, Jiarui Li, Shucheng Yu |
| 2024 | Guardians of the Galaxy: Content Moderation in the InterPlanetary File System. Saidu Sokoto, Leonhard Balduf, Dennis Trautwein, Yiluo Wei, Gareth Tyson, Ignacio Castro, Onur Ascigil, George Pavlou, Maciej Korczynski, Björn Scheuermann, Michal Król |
| 2024 | GuideEnricher: Protecting the Anonymity of Ethereum Mixing Service Users with Deep Reinforcement Learning. Ravindu De Silva, Wenbo Guo, Nicola Ruaro, Ilya Grishchenko, Christopher Kruegel, Giovanni Vigna |
| 2024 | HECKLER: Breaking Confidential VMs with Malicious Interrupts. Benedict Schlüter, Supraja Sridhara, Mark Kuhne, Andrin Bertschi, Shweta Shinde |
| 2024 | HIVE: A Hardware-assisted Isolated Execution Environment for eBPF on AArch64. Peihua Zhang, Chenggang Wu, Xiangyu Meng, Yinqian Zhang, Mingfan Peng, Shiyang Zhang, Bing Hu, Mengyao Xie, Yuanming Lai, Yan Kang, Zhe Wang |
| 2024 | HYPERPILL: Fuzzing for Hypervisor-bugs by leveraging the Hardware Virtualization Interface. Alexander Bulekov, Qiang Liu, Manuel Egele, Mathias Payer |
| 2024 | Hermes: Unlocking Security Analysis of Cellular Network Protocols by Synthesizing Finite State Machines from Natural Language Specifications. Abdullah Al Ishtiaq, Sarkar Snigdha Sarathi Das, Syed Md. Mukit Rashid, Ali Ranjbar, Kai Tu, Tianwei Wu, Zhezheng Song, Weixuan Wang, Mujtahid Akon, Rui Zhang, Syed Rafiul Hussain |
| 2024 | Hijacking Attacks against Neural Network by Analyzing Training Data. Yunjie Ge, Qian Wang, Huayang Huang, Qi Li, Cong Wang, Chao Shen, Lingchen Zhao, Peipei Jiang, Zheng Fang, Shenyi Zhang |
| 2024 | Holding Secrets Accountable: Auditing Privacy-Preserving Machine Learning. Hidde Lycklama, Alexander Viand, Nicolas Küchler, Christian Knabenhans, Anwar Hithnawi |
| 2024 | How Does a Deep Learning Model Architecture Impact Its Privacy? A Comprehensive Study of Privacy Attacks on CNNs and Transformers. Guangsheng Zhang, Bo Liu, Huan Tian, Tianqing Zhu, Ming Ding, Wanlei Zhou |
| 2024 | How WEIRD is Usable Privacy and Security Research? Ayako Akiyama Hasegawa, Daisuke Inoue, Mitsuaki Akiyama |
| 2024 | How does Endpoint Detection use the MITRE ATT&CK Framework? Apurva Virkud, Muhammad Adil Inam, Andy Riddle, Jason Liu, Gang Wang, Adam Bates |
| 2024 | I Experienced More than 10 DeFi Scams: On DeFi Users' Perception of Security Breaches and Countermeasures. Mingyi Liu, Jun Ho Huh, HyungSeok Han, Jaehyuk Lee, Jihae Ahn, Frank Li, Hyoungshick Kim, Taesoo Kim |
| 2024 | I/O-Efficient Dynamic Searchable Encryption meets Forward & Backward Privacy. Priyanka Mondal, Javad Ghareh Chamani, Ioannis Demertzis, Dimitrios Papadopoulos |
| 2024 | INSIGHT: Attacking Industry-Adopted Learning Resilient Logic Locking Techniques Using Explainable Graph Neural Network. Lakshmi Likhitha Mankali, Ozgur Sinanoglu, Satwik Patnaik |
| 2024 | Improving Indirect-Call Analysis in LLVM with Type and Data-Flow Co-Analysis. Dinghao Liu, Shouling Ji, Kangjie Lu, Qinming He |
| 2024 | Improving ML-based Binary Function Similarity Detection by Assessing and Deprioritizing Control Flow Graph Features. Jialai Wang, Chao Zhang, Longfei Chen, Yi Rong, Yuxiao Wu, Hao Wang, Wende Tan, Qi Li, Zongpeng Li |
| 2024 | Improving the Ability of Thermal Radiation Based Hardware Trojan Detection. Ting Su, Yaohua Wang, Shi Xu, Lusi Zhang, Simin Feng, Jialong Song, Yiming Liu, Yongkang Tang, Yang Zhang, Shaoqing Li, Yang Guo, Hengzhu Liu |
| 2024 | In Wallet We Trust: Bypassing the Digital Wallets Payment Security for Free Shopping. Raja Hasnain Anwar, Syed Rafiul Hussain, Muhammad Taqi Raza |
| 2024 | InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, Cristiano Giuffrida |
| 2024 | Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor. Luyi Li, Hosein Yavarzadeh, Dean M. Tullsen |
| 2024 | Inf2Guard: An Information-Theoretic Framework for Learning Privacy-Preserving Representations against Inference Attacks. Sayedeh Leila Noorbakhsh, Binghui Zhang, Yuan Hong, Binghui Wang |
| 2024 | Inference of Error Specifications and Bug Detection Using Structural Similarities. Niels Dossche, Bart Coppens |
| 2024 | Information Flow Control in Machine Learning through Modular Model Architecture. Trishita Tiwari, Suchin Gururangan, Chuan Guo, Weizhe Hua, Sanjay Kariyappa, Udit Gupta, Wenjie Xiong, Kiwan Maeng, Hsien-Hsin S. Lee, G. Edward Suh |
| 2024 | Instruction Backdoor Attacks Against Customized LLMs. Rui Zhang, Hongwei Li, Rui Wen, Wenbo Jiang, Yuan Zhang, Michael Backes, Yun Shen, Yang Zhang |
| 2024 | Intellectual Property Exposure: Subverting and Securing Intellectual Property Encapsulation in Texas Instruments Microcontrollers. Marton Bognar, Cas Magnus, Frank Piessens, Jo Van Bulck |
| 2024 | Into the Dark: Unveiling Internal Site Search Abused for Black Hat SEO. Yunyi Zhang, Mingxuan Liu, Baojun Liu, Yiming Zhang, Haixin Duan, Min Zhang, Hui Jiang, Yanzhe Li, Fan Shi |
| 2024 | Invalidate+Compare: A Timer-Free GPU Cache Attack Primitive. Zhenkai Zhang, Kunbei Cai, Yanan Guo, Fan Yao, Xing Gao |
| 2024 | Investigating Moderation Challenges to Combating Hate and Harassment: The Case of Mod-Admin Power Dynamics and Feature Misuse on Reddit. Madiha Tabassum, Alana Mackey, Ashley Schuett, Ada Lerner |
| 2024 | Invisibility Cloak: Proactive Defense Against Visual Game Cheating. Chenxin Sun, Kai Ye, Liangcai Su, Jiayi Zhang, Chenxiong Qian |
| 2024 | IoT Market Dynamics: An Analysis of Device Sales, Security and Privacy Signals, and their Interactions. Swaathi Vetrivel, Brennen Bouwmeester, Michel van Eeten, Carlos Hernandez Gañán |
| 2024 | Is It a Trap? A Large-scale Empirical Study And Comprehensive Assessment of Online Automated Privacy Policy Generators for Mobile Apps. Shidong Pan, Dawen Zhang, Mark Staples, Zhenchang Xing, Jieshan Chen, Xiwei Xu, Thong Hoang |
| 2024 | It Doesn't Look Like Anything to Me: Using Diffusion Model to Subvert Visual Phishing Detectors. Qingying Hao, Nirav Diwan, Ying Yuan, Giovanni Apruzzese, Mauro Conti, Gang Wang |
| 2024 | K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures. Daniel Collins, Loïs Huguenin-Dumittan, Ngoc Khanh Nguyen, Nicolas Rolin, Serge Vaudenay |
| 2024 | Key Recovery Attacks on Approximate Homomorphic Encryption with Non-Worst-Case Noise Flooding Countermeasures. Qian Guo, Denis Nabokov, Elias Suvanto, Thomas Johansson |
| 2024 | KnowPhish: Large Language Models Meet Multimodal Knowledge Graphs for Enhancing Reference-Based Phishing Detection. Yuexin Li, Chengyu Huang, Shumin Deng, Mei Lin Lock, Tri Cao, Nay Oo, Hoon Wei Lim, Bryan Hooi |
| 2024 | LLM-Fuzzer: Scaling Assessment of Large Language Model Jailbreaks. Jiahao Yu, Xingwei Lin, Zheng Yu, Xinyu Xing |
| 2024 | LR-Miner: Static Race Detection in OS Kernels by Mining Locking Rules. Tuo Li, Jia-Ju Bai, Gui-Dong Han, Shi-Min Hu |
| 2024 | LaKey: Efficient Lattice-Based Distributed PRFs Enable Scalable Distributed Key Management. Matthias Geihs, Hart Montgomery |
| 2024 | LanDscAPe: Exploring LDAP weaknesses and data leaks at Internet scale. Jonas Kaspereit, Gurur Öndarö, Gustavo Luvizotto Cesar, Simon Ebbers, Fabian Ising, Christoph Saatjohann, Mattijs Jonker, Ralph Holz, Sebastian Schinzel |
| 2024 | Landscape More Secure Than Portrait? Zooming Into the Directionality of Digital Images With Security Implications. Benedikt Lorch, Rainer Böhme |
| 2024 | Large Language Models for Code Analysis: Do LLMs Really Do Their Job? Chongzhou Fang, Ning Miao, Shaurya Srivastav, Jialin Liu, Ruoyu Zhang, Ruijie Fang, Asmita, Ryan Tsang, Najmeh Nazari, Han Wang, Houman Homayoun |
| 2024 | LaserAdv: Laser Adversarial Attacks on Speech Recognition Systems. Guoming Zhang, Xiaohui Ma, Huiting Zhang, Zhijie Xiang, Xiaoyu Ji, Yanni Yang, Xiuzhen Cheng, Pengfei Hu |
| 2024 | Leakage-Abuse Attacks Against Structured Encryption for SQL. Alexander Hoover, Ruth Ng, Daren Khu, Yao'an Li, Joelle Lim, Derrick Ng, Jed Lim, Yiyang Song |
| 2024 | Learning with Semantics: Towards a Semantics-Aware Routing Anomaly Detection System. Yihao Chen, Qilei Yin, Qi Li, Zhuotao Liu, Ke Xu, Yi Xu, Mingwei Xu, Ziqian Liu, Jianping Wu |
| 2024 | Length Leakage in Oblivious Data Access Mechanisms. Grace Jia, Rachit Agarwal, Anurag Khandelwal |
| 2024 | Less Defined Knowledge and More True Alarms: Reference-based Phishing Detection without a Pre-defined Reference List. Ruofan Liu, Yun Lin, Xiwen Teoh, Gongshen Liu, Zhiyong Huang, Jin Song Dong |
| 2024 | Less is More: Revisiting the Gaussian Mechanism for Differential Privacy. Tianxi Ji, Pan Li |
| 2024 | Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems. Jiaxu Zhao, Yuekang Li, Yanyan Zou, Zhaohui Liang, Yang Xiao, Yeting Li, Bingwei Peng, Nanyu Zhong, Xinyi Wang, Wei Wang, Wei Huo |
| 2024 | Lightweight Authentication of Web Data via Garble-Then-Prove. Xiang Xie, Kang Yang, Xiao Wang, Yu Yu |
| 2024 | Logic Gone Astray: A Security Analysis Framework for the Control Plane Protocols of 5G Basebands. Kai Tu, Abdullah Al Ishtiaq, Syed Md. Mukit Rashid, Yilu Dong, Weixuan Wang, Tianwei Wu, Syed Rafiul Hussain |
| 2024 | Loopy Hell(ow): Infinite Traffic Loops at the Application Layer. Yepeng Pan, Anna Ascheman, Christian Rossow |
| 2024 | Lotto: Secure Participant Selection against Adversarial Servers in Federated Learning. Zhifeng Jiang, Peng Ye, Shiqi He, Wei Wang, Ruichuan Chen, Bo Li |
| 2024 | Lurking in the shadows: Unveiling Stealthy Backdoor Attacks against Personalized Federated Learning. Xiaoting Lyu, Yufei Han, Wei Wang, Jingkai Liu, Yongsheng Zhu, Guangquan Xu, Jiqiang Liu, Xiangliang Zhang |
| 2024 | MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning. Zian Jia, Yun Xiong, Yuhong Nan, Yao Zhang, Jinjing Zhao, Mi Wen |
| 2024 | MD-ML: Super Fast Privacy-Preserving Machine Learning for Malicious Security with a Dishonest Majority. Boshi Yuan, Shixuan Yang, Yongxiang Zhang, Ning Ding, Dawu Gu, Shi-Feng Sun |
| 2024 | MFKDF: Multiple Factors Knocked Down Flat. Matteo Scarlata, Matilda Backendal, Miro Haller |
| 2024 | MIST: Defending Against Membership Inference Attacks Through Membership-Invariant Subspace Training. Jiacheng Li, Ninghui Li, Bruno Ribeiro |
| 2024 | MOAT: Towards Safe BPF Kernel Extension. Hongyi Lu, Shuai Wang, Yechang Wu, Wanning He, Fengwei Zhang |
| 2024 | MUSES: Efficient Multi-User Searchable Encrypted Database. Tung Le, Rouzbeh Behnia, Jorge Guajardo, Thang Hoang |
| 2024 | Machine Learning needs Better Randomness Standards: Randomised Smoothing and PRNG-based attacks. Pranav Dahiya, Ilia Shumailov, Ross Anderson |
| 2024 | Making Them Ask and Answer: Jailbreaking Large Language Models in Few Queries via Disguise and Reconstruction. Tong Liu, Yingjie Zhang, Zhe Zhao, Yinpeng Dong, Guozhu Meng, Kai Chen |
| 2024 | Malla: Demystifying Real-world Large Language Model Integrated Malicious Services. Zilong Lin, Jian Cui, Xiaojing Liao, Xiaofeng Wang |
| 2024 | Max Attestation Matters: Making Honest Parties Lose Their Incentives in Ethereum PoS. Mingfei Zhang, Rujia Li, Sisi Duan |
| 2024 | Mempool Privacy via Batched Threshold Encryption: Attacks and Defenses. Arka Rai Choudhuri, Sanjam Garg, Julien Piet, Guru-Vamsi Policharla |
| 2024 | MetaSafe: Compiling for Protecting Smart Pointer Metadata to Ensure Safe Rust Integrity. Martin Kayondo, Inyoung Bang, Yeongjun Kwak, Hyungon Moon, Yunheung Paek |
| 2024 | MicGuard: A Comprehensive Detection System against Out-of-band Injection Attacks for Different Level Microphone-based Devices. Tiantian Liu, Feng Lin, Zhongjie Ba, Li Lu, Zhan Qin, Kui Ren |
| 2024 | ModelGuard: Information-Theoretic Defense Against Model Extraction Attacks. Minxue Tang, Anna Dai, Louis DiValentin, Aolin Ding, Amin Hass, Neil Zhenqiang Gong, Yiran Chen, Hai (Helen) Li |
| 2024 | Moderating Illicit Online Image Promotion for Unsafe User Generated Content Games Using Large Vision-Language Models. Keyan Guo, Ayush Utkarsh, Wenbo Ding, Isabelle Ondracek, Ziming Zhao, Guo Freeman, Nishant Vishwamitra, Hongxin Hu |
| 2024 | More Simplicity for Trainers, More Opportunity for Attackers: Black-Box Attacks on Speaker Recognition Systems by Inferring Feature Extractor. Yunjie Ge, Pinji Chen, Qian Wang, Lingchen Zhao, Ningping Mou, Peipei Jiang, Cong Wang, Qi Li, Chao Shen |
| 2024 | Mudjacking: Patching Backdoor Vulnerabilities in Foundation Models. Hongbin Liu, Michael K. Reiter, Neil Zhenqiang Gong |
| 2024 | MultiFuzz: A Multi-Stream Fuzzer For Testing Monolithic Firmware. Michael Chesser, Surya Nepal, Damith C. Ranasinghe |
| 2024 | Navigating Traumatic Stress Reactions During Computer Security Interventions. Lana Ramjit, Natalie Dolci, Francesca Rossi, Ryan Garcia, Thomas Ristenpart, Dana Cuomo |
| 2024 | Navigating the Privacy Compliance Maze: Understanding Risks with Privacy-Configurable Mobile SDKs. Yifan Zhang, Zhaojie Hu, Xueqiang Wang, Yuhui Hong, Yuhong Nan, Xiaofeng Wang, Jiatao Cheng, Luyi Xing |
| 2024 | Near-Optimal Constrained Padding for Object Retrievals with Dependencies. Pranay Jain, Andrew C. Reed, Michael K. Reiter |
| 2024 | NetShaper: A Differentially Private Network Side-Channel Mitigation System. Amir Sabzi, Rut Vora, Swati Goswami, Margo I. Seltzer, Mathias Lécuyer, Aastha Mehta |
| 2024 | Neural Network Semantic Backdoor Detection and Mitigation: A Causality-Based Approach. Bing Sun, Jun Sun, Wayne Koh, Jie Shi |
| 2024 | Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators. Jiajun Xin, Arman Haghighi, Xiangan Tian, Dimitrios Papadopoulos |
| 2024 | O-Ring and K-Star: Efficient Multi-party Private Set Intersection. Mingli Wu, Tsz Hon Yuen, Kwan Yin Chan |
| 2024 | OPTIKS: An Optimized Key Transparency System. Julia Len, Melissa Chase, Esha Ghosh, Kim Laine, Radames Cruz Moreno |
| 2024 | OPTISAN: Using Multiple Spatial Error Defenses to Optimize Stack Memory Protection within a Budget. Rahul George, Mingming Chen, Kaiming Huang, Zhiyun Qian, Thomas La Porta, Trent Jaeger |
| 2024 | ORANalyst: Systematic Testing Framework for Open RAN Implementations. Tianchang Yang, Syed Md. Mukit Rashid, Ali Ranjbar, Gang Tan, Syed Rafiul Hussain |
| 2024 | OblivGNN: Oblivious Inference on Transductive and Inductive Graph Neural Network. Zhibo Xu, Shangqi Lai, Xiaoning Liu, Alsharif Abuadbba, Xingliang Yuan, Xun Yi |
| 2024 | On Bridging the Gap between Control Flow Integrity and Attestation Schemes. Mahmoud Ammar, Ahmed Abdelraoof, Silviu Vlasceanu |
| 2024 | On Data Fabrication in Collaborative Vehicular Perception: Attacks and Countermeasures. Qingzhao Zhang, Shuowei Jin, Ruiyang Zhu, Jiachen Sun, Xumiao Zhang, Qi Alfred Chen, Z. Morley Mao |
| 2024 | On a Collision Course: Unveiling Wireless Attacks to the Aircraft Traffic Collision Avoidance System (TCAS). Giacomo Longo, Martin Strohmeier, Enrico Russo, Alessio Merlo, Vincent Lenders |
| 2024 | On the Criticality of Integrity Protection in 5G Fronthaul Networks. Jiarong Xing, Sophia Yoo, Xenofon Foukas, Daehyeok Kim, Michael K. Reiter |
| 2024 | On the Difficulty of Defending Contrastive Learning against Backdoor Attacks. Changjiang Li, Ren Pang, Bochuan Cao, Zhaohan Xi, Jinghui Chen, Shouling Ji, Ting Wang |
| 2024 | Operation Mango: Scalable Discovery of Taint-Style Vulnerabilities in Binary Firmware Services. Wil Gibbs, Arvind S. Raj, Jayakrishna Menon Vadayath, Hui Jun Tay, Justin Miller, Akshay Ajayan, Zion Leonahenahe Basque, Audrey Dutcher, Fangzhou Dong, Xavier J. Maso, Giovanni Vigna, Christopher Kruegel, Adam Doupé, Yan Shoshitaishvili, Ruoyu Wang |
| 2024 | Opportunistic Data Flow Integrity for Real-time Cyber-physical Systems Using Worst Case Execution Time Reservation. Yujie Wang, Ao Li, Jinwen Wang, Sanjoy K. Baruah, Ning Zhang |
| 2024 | OptFuzz: Optimization Path Guided Fuzzing for JavaScript JIT Compilers. Jiming Wang, Yan Kang, Chenggang Wu, Yuhao Hu, Yue Sun, Jikai Ren, Yuanming Lai, Mengyao Xie, Charles Zhang, Tao Li, Zhe Wang |
| 2024 | Orbital Trust and Privacy: SoK on PKI and Location Privacy Challenges in Space Networks. David Koisser, Richard Mitev, Nikita Yadav, Franziska Vollmer, Ahmad-Reza Sadeghi |
| 2024 | PEPSI: Practically Efficient Private Set Intersection in the Unbalanced Setting. Rasoul Akhavan Mahdavi, Nils Lukas, Faezeh Ebrahimianghazani, Thomas Humphries, Bailey Kacsmar, John A. Premkumar, Xinda Li, Simon Oya, Ehsan Amjadian, Florian Kerschbaum |
| 2024 | PINE: Efficient Verification of a Euclidean Norm Bound of a Secret-Shared Vector. Guy N. Rothblum, Eran Omri, Junye Chen, Kunal Talwar |
| 2024 | PIXELMOD: Improving Soft Moderation of Visual Misleading Information on Twitter. Pujan Paudel, Chen Ling, Jeremy Blackburn, Gianluca Stringhini |
| 2024 | POPSTAR: Lightweight Threshold Reporting with Reduced Leakage. Hanjun Li, Sela Navot, Stefano Tessaro |
| 2024 | PURE: Payments with UWB RElay-protection. Daniele Coppola, Giovanni Camurati, Claudio Anliker, Xenia Hofmeier, Patrick Schaller, David A. Basin, Srdjan Capkun |
| 2024 | PURL: Safe and Effective Sanitization of Link Decoration. Shaoor Munir, Patrick Lee, Umar Iqbal, Sandra Deepthy Siby, Zubair Shafiq |
| 2024 | Page-Oriented Programming: Subverting Control-Flow Integrity of Commodity Operating System Kernels with Non-Writable Code Pages. Seunghun Han, Seong-Joong Kim, Wook Shin, Byung Joon Kim, Jae-Cheol Ryou |
| 2024 | Pandawan: Quantifying Progress in Linux-based Firmware Rehosting. Ioannis Angelakopoulos, Gianluca Stringhini, Manuel Egele |
| 2024 | PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses. Chong Xiang, Tong Wu, Sihui Dai, Jonathan Petit, Suman Jana, Prateek Mittal |
| 2024 | Peep With A Mirror: Breaking The Integrity of Android App Sandboxing via Unprivileged Cache Side Channel. Yan Lin, Joshua Wong, Xiang Li, Haoyu Ma, Debin Gao |
| 2024 | Penetration Vision through Virtual Reality Headsets: Identifying 360-degree Videos from Head Movements. Anh Nguyen, Xiaokuan Zhang, Zhisheng Yan |
| 2024 | PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing. Gelei Deng, Yi Liu, Víctor Mayoral Vilches, Peng Liu, Yuekang Li, Yuan Xu, Martin Pinzger, Stefan Rass, Tianwei Zhang, Yang Liu |
| 2024 | PerfOMR: Oblivious Message Retrieval with Reduced Communication and Computation. Zeyu Liu, Eran Tromer, Yunhao Wang |
| 2024 | PhishDecloaker: Detecting CAPTCHA-cloaked Phishing Websites via Hybrid Vision-based Interactive Models. Xiwen Teoh, Yun Lin, Ruofan Liu, Zhiyong Huang, Jin Song Dong |
| 2024 | Pixel Thief: Exploiting SVG Filter Leakage in Firefox and Chrome. Sioli O'Connell, Lishay Aben Sour, Ron Magen, Daniel Genkin, Yossi Oren, Hovav Shacham, Yuval Yarom |
| 2024 | Pixel+ and Pixel++: Compact and Efficient Forward-Secure Multi-Signatures for PoS Blockchain Consensus. Jianghong Wei, Guohua Tian, Ding Wang, Fuchun Guo, Willy Susilo, Xiaofeng Chen |
| 2024 | PointerGuess: Targeted Password Guessing Model Using Pointer Mechanism. Kedong Xiu, Ding Wang |
| 2024 | Practical Data-Only Attack Generation. Brian Johannesmeyer, Asia Slowinska, Herbert Bos, Cristiano Giuffrida |
| 2024 | Practical Security Analysis of Zero-Knowledge Proof Circuits. Hongbo Wen, Jon Stephens, Yanju Chen, Kostas Ferles, Shankara Pailoor, Kyle Charbonnet, Isil Dillig, Yu Feng |
| 2024 | Prefetch for Fun and Profit: A Revisit of Prefetch Attacks on Apple M1. Hyunwoo Choi, Suryeon Kim, Seungwon Shin |
| 2024 | PrivImage: Differentially Private Synthetic Image Generation using Diffusion Models with Semantic-Aware Pretraining. Kecen Li, Chen Gong, Zhixiang Li, Yuzhong Zhao, Xinwen Hou, Tianhao Wang |
| 2024 | Privacy Side Channels in Machine Learning Systems. Edoardo Debenedetti, Giorgio Severi, Milad Nasr, Christopher A. Choquette-Choo, Matthew Jagielski, Eric Wallace, Nicholas Carlini, Florian Tramèr |
| 2024 | Privacy-Preserving Data Aggregation with Public Verifiability Against Internal Adversaries. Marco Palazzo, Florine W. Dekker, Alessandro Brighente, Mauro Conti, Zekeriya Erkin |
| 2024 | Prompt Stealing Attacks Against Text-to-Image Generation Models. Xinyue Shen, Yiting Qu, Michael Backes, Yang Zhang |
| 2024 | Property Existence Inference against Generative Models. Lijin Wang, Jingjing Wang, Jie Wan, Lin Long, Ziqi Yang, Zhan Qin |
| 2024 | Quantifying Privacy Risks of Prompts in Visual Prompt Learning. Yixin Wu, Rui Wen, Michael Backes, Pascal Berrang, Mathias Humbert, Yun Shen, Yang Zhang |
| 2024 | Query Recovery from Easy to Hard: Jigsaw Attack against SSE. Hao Nie, Wei Wang, Peng Xu, Xianglong Zhang, Laurence T. Yang, Kaitai Liang |
| 2024 | RADIUS/UDP Considered Harmful. Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, Adam Suhl |
| 2024 | RECORD: A RECeption-Only Region Determination Attack on LEO Satellite Users. Eric Jedermann, Martin Strohmeier, Vincent Lenders, Jens B. Schmitt |
| 2024 | REMARK-LLM: A Robust and Efficient Watermarking Framework for Generative Large Language Models. Ruisi Zhang, Shehzeen Samarah Hussain, Paarth Neekhara, Farinaz Koushanfar |
| 2024 | Rabbit-Mix: Robust Algebraic Anonymous Broadcast from Additive Bases. Chongwon Cho, Samuel Dittmer, Yuval Ishai, Steve Lu, Rafail Ostrovsky |
| 2024 | Racing for TLS Certificate Validation: A Hijacker's Guide to the Android TLS Galaxy. Sajjad Pourali, Xiufen Yu, Lianying Zhao, Mohammad Mannan, Amr M. Youssef |
| 2024 | Racing on the Negative Force: Efficient Vulnerability Root-Cause Analysis through Reinforcement Learning on Counterexamples. Dandan Xu, Di Tang, Yi Chen, Xiaofeng Wang, Kai Chen, Haixu Tang, Longxing Li |
| 2024 | Reconstructing training data from document understanding models. Jérémie Dentan, Arnaud Paran, Aymen Shabou |
| 2024 | Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs. Sebastian Angel, Eleftherios Ioannidis, Elizabeth Margolin, Srinath T. V. Setty, Jess Woods |
| 2024 | Relation Mining Under Local Differential Privacy. Kai Dong, Zheng Zhang, Chuang Jia, Zhen Ling, Ming Yang, Junzhou Luo, Xinwen Fu |
| 2024 | Remote Keylogging Attacks in Multi-user VR Applications. Zihao Su, Kunlin Cai, Reuben Beeler, Lukas Dresel, Allan Garcia, Ilya Grishchenko, Yuan Tian, Christopher Kruegel, Giovanni Vigna |
| 2024 | ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing. Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li |
| 2024 | Rethinking the Invisible Protection against Unauthorized Image Usage in Stable Diffusion. Shengwei An, Lu Yan, Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Guanhong Tao, Xiangyu Zhang |
| 2024 | Rethinking the Security Threats of Stale DNS Glue Records. Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq |
| 2024 | Rise of Inspectron: Automated Black-box Auditing of Cross-platform Electron Apps. Mir Masood Ali, Mohammad Ghasemisharif, Chris Kanich, Jason Polakis |
| 2024 | RustSan: Retrofitting AddressSanitizer for Efficient Sanitization of Rust. Kyuwon Cho, Jongyoon Kim, Kha Dinh Duy, Hajeong Lim, Hojoon Lee |
| 2024 | SAIN: Improving ICS Attack Detection Sensitivity via State-Aware Invariants. Syed Ghazanfar Abbas, Muslum Ozgur Ozmen, Abdulellah Alsaheel, Arslan Khan, Z. Berkay Celik, Dongyan Xu |
| 2024 | SCAVY: Automated Discovery of Memory Corruption Targets in Linux Kernel for Privilege Escalation. Erin Avllazagaj, Yonghwi Kwon, Tudor Dumitras |
| 2024 | SDFuzz: Target States Driven Directed Fuzzing. Penghui Li, Wei Meng, Chao Zhang |
| 2024 | SHiFT: Semi-hosted Fuzz Testing for Embedded Applications. Alejandro Mera, Changming Liu, Ruimin Sun, Engin Kirda, Long Lu |
| 2024 | SIMurai: Slicing Through the Complexity of SIM Card Security Research. Tomasz Piotr Lisowski, Merlin Chlosta, Jinjin Wang, Marius Muench |
| 2024 | SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel. Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, Stefan Mangard |
| 2024 | SOAP: A Social Authentication Protocol. Felix Linker, David A. Basin |
| 2024 | SPF Beyond the Standard: Management and Operational Challenges in Practice and Practical Recommendations. Md. Ishtiaq Ashiq, Weitong Li, Tobias Fiebig, Taejoong Chung |
| 2024 | SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications. Malte Wessels, Simon Koch, Giancarlo Pellegrino, Martin Johns |
| 2024 | SWOOSH: Efficient Lattice-Based Non-Interactive Key Exchange. Phillip Gajland, Bor de Kock, Miguel Quaresma, Giulio Malavolta, Peter Schwabe |
| 2024 | SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching. Victor Duta, Mitchel Aloserij, Cristiano Giuffrida |
| 2024 | Scalable Multi-Party Computation Protocols for Machine Learning in the Honest-Majority Setting. Fengrun Liu, Xiang Xie, Yu Yu |
| 2024 | Scalable Private Set Union, with Stronger Security. Yanxue Jia, Shi-Feng Sun, Hong-Sheng Zhou, Dawu Gu |
| 2024 | Scalable Zero-knowledge Proofs for Non-linear Functions in Machine Learning. Meng Hao, Hanxiao Chen, Hongwei Li, Chenkai Weng, Yuan Zhang, Haomiao Yang, Tianwei Zhang |
| 2024 | SeaK: Rethinking the Design of a Secure Allocator for OS Kernel. Zicheng Wang, Yicheng Guang, Yueqi Chen, Zhenpeng Lin, Michael V. Le, Dang K. Le, Dan Williams, Xinyu Xing, Zhongshu Gu, Hani Jamjoom |
| 2024 | Secure Account Recovery for a Privacy-Preserving Web Service. Ryan Little, Lucy Qin, Mayank Varia |
| 2024 | Security and Privacy Analysis of Samsung's Crowd-Sourced Bluetooth Location Tracking System. Tingfeng Yu, James Henderson, Alwen Tiu, Thomas Haines |
| 2024 | Security and Privacy Software Creators' Perspectives on Unintended Consequences. Harshini Sri Ramulu, Helen Schmitt, Dominik Wermke, Yasemin Acar |
| 2024 | SecurityNet: Assessing Machine Learning Vulnerabilities on Public Models. Boyang Zhang, Zheng Li, Ziqing Yang, Xinlei He, Michael Backes, Mario Fritz, Yang Zhang |
| 2024 | ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization. Zheng Yu, Ganxiang Yang, Xinyu Xing |
| 2024 | Shaken, not Stirred - Automated Discovery of Subtle Attacks on Protocols using Mix-Nets. Jannik Dreier, Pascal Lafourcade, Dhekra Mahmoud |
| 2024 | Shesha : Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors. Anirban Chakraborty, Nimish Mishra, Debdeep Mukhopadhyay |
| 2024 | Simulated Stress: A Case Study of the Effects of a Simulated Phishing Campaign on Employees' Perception, Stress and Self-Efficacy. Markus Schöps, Marco Gutfleisch, Eric Wolter, M. Angela Sasse |
| 2024 | Single Pass Client-Preprocessing Private Information Retrieval. Arthur Lazzaretti, Charalampos Papamanthou |
| 2024 | SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism. Ingab Kang, Walter Wang, Jason Kim, Stephan van Schaik, Youssef Tobah, Daniel Genkin, Andrew Kwong, Yuval Yarom |
| 2024 | SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes. Sophia Yoo, Xiaoqi Chen, Jennifer Rexford |
| 2024 | Smudged Fingerprints: Characterizing and Improving the Performance of Web Application Fingerprinting. Brian Kondracki, Nick Nikiforakis |
| 2024 | SnailLoad: Exploiting Remote Network Latency Measurements without JavaScript. Stefan Gast, Roland Czerny, Jonas Juffinger, Fabian Rauscher, Simone Franza, Daniel Gruss |
| 2024 | Snowflake, a censorship circumvention system using temporary WebRTC proxies. Cecylia Bocovich, Arlo Breault, David Fifield, Serene, Xiaokang Wang |
| 2024 | SoK (or SoLK?): On the Quantitative Study of Sociodemographic Factors and Computer Security Behaviors. Miranda Wei, Jaron Mink, Yael Eiger, Tadayoshi Kohno, Elissa M. Redmiles, Franziska Roesner |
| 2024 | SoK: All You Need to Know About On-Device ML Model Extraction - The Gap Between Research and Practice. Tushar Nayan, Qiming Guo, Mohammed Alduniawi, Marcus Botacin, A. Selcuk Uluagac, Ruimin Sun |
| 2024 | SoK: Neural Network Extraction Through Physical Side Channels. Péter Horváth, Dirk Lauret, Zhuoran Liu, Lejla Batina |
| 2024 | SoK: Security of Programmable Logic Controllers. Efrén López-Morales, Ulysse Planta, Carlos E. Rubio-Medrano, Ali Abbasi, Alvaro A. Cárdenas |
| 2024 | SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements. Aleksei Stafeev, Giancarlo Pellegrino |
| 2024 | SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Deepfake Media Datasets. Seth Layton, Tyler Tucker, Daniel Olszewski, Kevin Warren, Kevin R. B. Butler, Patrick Traynor |
| 2024 | SoK: What don't we know? Understanding Security Vulnerabilities in SNARKs. Stefanos Chaliasos, Jens Ernstberger, David Theodore, David Wong, Mohammad Jahanara, Benjamin Livshits |
| 2024 | SpecLFB: Eliminating Cache Side Channels in Speculative Executions. Xiaoyu Cheng, Fei Tong, Hongyu Wang, Zhe Zhou, Fang Jiang, Yuxing Mao |
| 2024 | Speculative Denial-of-Service Attacks In Ethereum. Aviv Yaish, Kaihua Qin, Liyi Zhou, Aviv Zohar, Arthur Gervais |
| 2024 | Spider-Scents: Grey-box Database-aware Web Scanning for Stored XSS. Eric Olsson, Benjamin Eriksson, Adam Doupé, Andrei Sabelfeld |
| 2024 | Spill the TeA: An Empirical Study of Trusted Application Rollback Prevention on Android Smartphones. Marcel Busch, Philipp Mao, Mathias Payer |
| 2024 | Splitting the Difference on Adversarial Training. Matan Levi, Aryeh Kontorovich |
| 2024 | SpotProxy: Rediscovering the Cloud for Censorship Circumvention. Patrick Tser Jern Kon, Sina Kamali, Jinyu Pei, Diogo Barradas, Ang Chen, Micah Sherr, Moti Yung |
| 2024 | Sprints: Intermittent Blockchain PoW Mining. Michael Mirkin, Lulu Zhou, Ittay Eyal, Fan Zhang |
| 2024 | Stateful Least Privilege Authorization for the Cloud. Leo Cao, Luoxi Meng, Deian Stefan, Earlence Fernandes |
| 2024 | Stop, Don't Click Here Anymore: Boosting Website Fingerprinting By Considering Sets of Subpages. Asya Mitseva, Andriy Panchenko |
| 2024 | Swipe Left for Identity Theft: An Analysis of User Data Privacy Risks on Location-based Dating Apps. Karel Dhondt, Victor Le Pochat, Yana Dimova, Wouter Joosen, Stijn Volckaert |
| 2024 | SymBisect: Accurate Bisection for Fuzzer-Exposed Vulnerabilities. Zheng Zhang, Yu Hao, Weiteng Chen, Xiaochen Zou, Xingyu Li, Haonan Li, Yizhuo Zhai, Zhiyun Qian, Billy Lau |
| 2024 | SymFit: Making the Common (Concrete) Case Fast for Binary-Code Concolic Execution. Zhenxiao Qi, Jie Hu, Zhaoqi Xiao, Heng Yin |
| 2024 | Sync+Sync: A Covert Channel Built on fsync with Storage. Qisheng Jiang, Chundong Wang |
| 2024 | TAPFixer: Automatic Detection and Repair of Home Automation Vulnerabilities based on Negated-property Reasoning. Yinbo Yu, Yuanqi Xu, Kepu Huang, Jiajia Liu |
| 2024 | TYGR: Type Inference on Stripped Binaries using Graph Neural Networks. Chang Zhu, Ziyang Li, Anton Xue, Ati Priya Bajaj, Wil Gibbs, Yibo Liu, Rajeev Alur, Tiffany Bao, Hanjun Dai, Adam Doupé, Mayur Naik, Yan Shoshitaishvili, Ruoyu Wang, Aravind Machiry |
| 2024 | Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation. Ziyi Guo, Dang K. Le, Zhenpeng Lin, Kyle Zeng, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé, Xinyu Xing |
| 2024 | Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation. Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk |
| 2024 | That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications. Carter Slocum, Yicheng Zhang, Erfan Shayegani, Pedram Zaree, Nael B. Abu-Ghazaleh, Jiasi Chen |
| 2024 | The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts. Konstantin Fischer, Ivana Trummová, Phillip Gajland, Yasemin Acar, Sascha Fahl, M. Angela Sasse |
| 2024 | The Decisive Power of Indecision: Low-Variance Risk-Limiting Audits and Election Contestation via Marginal Mark Recording. Benjamin Fuller, Rashmi Pai, Alexander Russell |
| 2024 | The Effect of Design Patterns on (Present and Future) Cookie Consent Decisions. Nataliia Bielova, Laura Litvine, Anysia Nguyen, Mariam Chammat, Vincent Toubiana, Estelle Hary |
| 2024 | The Imitation Game: Exploring Brand Impersonation Attacks on Social Media Platforms. Bhupendra Acharya, Dario Lazzaro, Efrén López-Morales, Adam Oest, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Thorsten Holz |
| 2024 | The Impact of Exposed Passwords on Honeyword Efficacy. Zonghao Huang, Lujo Bauer, Michael K. Reiter |
| 2024 | The Unpatchables: Why Municipalities Persist in Running Vulnerable Hosts. Aksel Ethembabaoglu, Rolf van Wegberg, Yury Zhauniarovich, Michel van Eeten |
| 2024 | Tickets or Privacy? Understand the Ecosystem of Chinese Ticket Grabbing Apps. Yijing Liu, Yiming Zhang, Baojun Liu, Haixin Duan, Qiang Li, Mingxuan Liu, Ruixuan Li, Jia Yao |
| 2024 | Tossing in the Dark: Practical Bit-Flipping on Gray-box Deep Neural Networks for Runtime Trojan Injection. Zihao Wang, Di Tang, Xiaofeng Wang, Wei He, Zhaoyang Geng, Wenhao Wang |
| 2024 | Toward Unbiased Multiple-Target Fuzzing with Path Diversity. Huanyao Rong, Wei You, Xiaofeng Wang, Tianhao Mao |
| 2024 | Towards Generic Database Management System Fuzzing. Yupeng Yang, Yongheng Chen, Rui Zhong, Jizhou Chen, Wenke Lee |
| 2024 | Towards More Practical Threat Models in Artificial Intelligence Security. Kathrin Grosse, Lukas Bieringer, Tarek R. Besold, Alexandre Alahi |
| 2024 | Towards Privacy and Security in Private Clouds: A Representative Survey on the Prevalence of Private Hosting and Administrator Characteristics. Lea Gröber, Simon Lenau, Rebecca Weil, Elena Groben, Michael Schilling, Katharina Krombholz |
| 2024 | Towards Privacy-Preserving Social-Media SDKs on Android. Haoran Lu, Yichen Liu, Xiaojing Liao, Luyi Xing |
| 2024 | Towards an Effective Method of ReDoS Detection for Non-backtracking Engines. Weihao Su, Hong Huang, Rongchen Li, Haiming Chen, Tingjian Ge |
| 2024 | Transferability of White-box Perturbations: Query-Efficient Adversarial Attacks against Commercial DNN Services. Meng Shen, Changyue Li, Qi Li, Hao Lu, Liehuang Zhu, Ke Xu |
| 2024 | True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center. Limin Yang, Zhi Chen, Chenkai Wang, Zhenning Zhang, Sushruth Booma, Phuong Cao, Constantin Adam, Alexander Withers, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Gang Wang |
| 2024 | Trust Me If You Can - How Usable Is Trusted Types In Practice? Sebastian Roth, Lea Gröber, Philipp Baus, Katharina Krombholz, Ben Stock |
| 2024 | Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM. Yibin Yang, David Heath |
| 2024 | UBA-Inf: Unlearning Activated Backdoor Attack with Influence-Driven Camouflage. Zirui Huang, Yunlong Mao, Sheng Zhong |
| 2024 | UIHash: Detecting Similar Android UIs through Grid-Based Visual Appearance Representation. Jiawei Li, Jian Mao, Jun Zeng, Qixiao Lin, Shaowen Feng, Zhenkai Liang |
| 2024 | Unbalanced Circuit-PSI from Oblivious Key-Value Retrieval. Meng Hao, Weiran Liu, Liqiang Peng, Hongwei Li, Cong Zhang, Hanxiao Chen, Tianwei Zhang |
| 2024 | Uncovering the Limits of Machine Learning for Automatic Vulnerability Detection. Niklas Risse, Marcel Böhme |
| 2024 | Understanding Ethereum Mempool Security under Asymmetric DoS by Symbolized Stateful Fuzzing. Yibo Wang, Yuzhe Tang, Kai Li, Wanning Ding, Zhihua Yang |
| 2024 | Understanding Help-Seeking and Help-Giving on Social Media for Image-Based Sexual Abuse. Miranda Wei, Sunny Consolvo, Patrick Gage Kelley, Tadayoshi Kohno, Tara Matthews, Sarah Meiklejohn, Franziska Roesner, Renee Shelby, Kurt Thomas, Rebecca Umbach |
| 2024 | Understanding How to Inform Blind and Low-Vision Users about Data Privacy through Privacy Question Answering Assistants. Yuanyuan Feng, Abhilasha Ravichander, Yaxing Yao, Shikun Zhang, Rex Chen, Shomir Wilson, Norman Sadeh |
| 2024 | Understanding the Security and Privacy Implications of Online Toxic Content on Refugees. Arjun Arunasalam, Habiba Farrukh, Eliz Tekcan, Z. Berkay Celik |
| 2024 | Unleashing the Power of Type-Based Call Graph Construction by Using Regional Pointer Information. Yuandao Cai, Yibo Jin, Charles Zhang |
| 2024 | Unpacking Privacy Labels: A Measurement and Developer Perspective on Google's Data Safety Section. Rishabh Khandelwal, Asmit Nayak, Paul Chung, Kassem Fawaz |
| 2024 | Unveiling IoT Security in Reality: A Firmware-Centric Journey. Nicolas Nino, Ruibo Lu, Wei Zhou, Kyu Hyung Lee, Ziming Zhao, Le Guan |
| 2024 | Unveiling the Hunter-Gatherers: Exploring Threat Hunting Practices and Challenges in Cyber Defense. Priyanka Badva, Kopo M. Ramokapane, Eleonora Pantano, Awais Rashid |
| 2024 | Unveiling the Secrets without Data: Can Graph Neural Networks Be Exploited through Data-Free Model Extraction Attacks? Yuanxin Zhuang, Chuan Shi, Mengmei Zhang, Jinghui Chen, Lingjuan Lyu, Pan Zhou, Lichao Sun |
| 2024 | Using My Functions Should Follow My Checks: Understanding and Detecting Insecure OpenZeppelin Code in Smart Contracts. Han Liu, Daoyuan Wu, Yuqiang Sun, Haijun Wang, Kaixuan Li, Yang Liu, Yixiang Chen |
| 2024 | VOGUES: Validation of Object Guise using Estimated Components. Raymond Muller, Yanmao Man, Ming Li, Ryan M. Gerdes, Jonathan Petit, Z. Berkay Celik |
| 2024 | VeriSimplePIR: Verifiability in SimplePIR at No Online Cost for Honest Servers. Leo de Castro, Keewoo Lee |
| 2024 | Verify your Labels! Trustworthy Predictions and Datasets via Confidence Scores. Torsten Krauß, Jasper Stang, Alexandra Dmitrienko |
| 2024 | VibSpeech: Exploring Practical Wideband Eavesdropping via Bandlimited Signal of Vibration-based Side Channel. Chao Wang, Feng Lin, Hao Yan, Tong Wu, Wenyao Xu, Kui Ren |
| 2024 | Voice App Developer Experiences with Alexa and Google Assistant: Juggling Risks, Liability, and Security. William Seymour, Noura Abdi, Kopo M. Ramokapane, Jide S. Edu, Guillermo Suarez-Tangil, Jose Such |
| 2024 | VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger. Zihao Zhan, Yirui Yang, Haoqi Shan, Hanqiu Wang, Yier Jin, Shuo Wang |
| 2024 | Voodoo: Memory Tagging, Authenticated Encryption, and Error Correction through MAGIC. Lukas Lamster, Martin Unterguggenberger, David Schrammel, Stefan Mangard |
| 2024 | VulSim: Leveraging Similarity of Multi-Dimensional Neighbor Embeddings for Vulnerability Detection. Samiha Shimmi, Ashiqur Rahman, Mohan Gadde, Hamed Okhravi, Mona Rahimi |
| 2024 | Vulnerability-oriented Testing for RESTful APIs. Wenlong Du, Jian Li, Yanhao Wang, Libo Chen, Ruijie Zhao, Junmin Zhu, Zhengguang Han, Yijun Wang, Zhi Xue |
| 2024 | WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web. Joey Allen, Zheng Yang, Feng Xiao, Matthew Landen, Roberto Perdisci, Wenke Lee |
| 2024 | Web Platform Threats: Automated Detection of Web Security Issues With WPT. Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei |
| 2024 | What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check. Yunlong Xing, Shu Wang, Shiyu Sun, Xu He, Kun Sun, Qi Li |
| 2024 | What Was Your Prompt? A Remote Keylogging Attack on AI Assistants. Roy Weiss, Daniel Ayzenshteyn, Guy Amit, Yisroel Mirsky |
| 2024 | When Threads Meet Interrupts: Effective Static Detection of Interrupt-Based Deadlocks in Linux. Chengfeng Ye, Yuandao Cai, Charles Zhang |
| 2024 | When the User Is Inside the User Interface: An Empirical Study of UI Security Properties in Augmented Reality. Kaiming Cheng, Arkaprabha Bhattacharya, Michelle Lin, Jaewook Lee, Aroosh Kumar, Jeffery F. Tian, Tadayoshi Kohno, Franziska Roesner |
| 2024 | WhisperFuzz: White-Box Fuzzing for Detecting and Locating Timing Vulnerabilities in Processors. Pallavi Borkar, Chen Chen, Mohamadreza Rostami, Nikhilesh Singh, Rahul Kande, Ahmad-Reza Sadeghi, Chester Rebeiro, Jeyavijayan Rajendran |
| 2024 | Why Aren't We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication. Leona Lassak, Elleen Pan, Blase Ur, Maximilian Golla |
| 2024 | Windows into the Past: Exploiting Legacy Crypto in Modern OS's Kerberos Implementation. Michal Shagam, Eyal Ronen |
| 2024 | Wireless Signal Injection Attacks on VSAT Satellite Modems. Robin Bisping, Johannes Willbold, Martin Strohmeier, Vincent Lenders |
| 2024 | With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors. Martin Dunsche, Marcel Maehren, Nurullah Erinola, Robert Merget, Nicolai Bissantz, Juraj Somorovsky, Jörg Schwenk |
| 2024 | Xplain: Analyzing Invisible Correlations in Model Explanation. Kavita Kumari, Alessandro Pegoraro, Hossein Fereidooni, Ahmad-Reza Sadeghi |
| 2024 | YPIR: High-Throughput Single-Server PIR with Silent Preprocessing. Samir Jordan Menon, David J. Wu |
| 2024 | Yes, One-Bit-Flip Matters! Universal DNN Model Inference Depletion with Runtime Code Fault Injection. Shaofeng Li, Xinyu Wang, Minhui Xue, Haojin Zhu, Zhi Zhang, Yansong Gao, Wen Wu, Xuemin (Sherman) Shen |
| 2024 | You Can Obfuscate, but You Cannot Hide: CrossPoint Attacks against Network Topology Obfuscation. Xuanbo Huang, Kaiping Xue, Lutong Chen, Mingrui Ai, Huancheng Zhou, Bo Luo, Guofei Gu, Qibin Sun |
| 2024 | You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks. Rafael Uetz, Marco Herzog, Louis Hackländer, Simon Schwarz, Martin Henze |
| 2024 | Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities. Yuhao Wu, Jinwen Wang, Yujie Wang, Shixuan Zhai, Zihan Li, Yi He, Kun Sun, Qi Li, Ning Zhang |
| 2024 | ZKSMT: A VM for Proving SMT Theorems in Zero Knowledge. Daniel Luick, John C. Kolesar, Timos Antonopoulos, William R. Harris, James Parker, Ruzica Piskac, Eran Tromer, Xiao Wang, Ning Luo |
| 2024 | ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms. Patrick Jattke, Max Wipfli, Flavien Solt, Michele Marazzi, Matej Bölcskei, Kaveh Razavi |
| 2024 | Zero-setup Intermediate-rate Communication Guarantees in a Global Internet. Marc Wyss, Adrian Perrig |
| 2024 | d-DSE: Distinct Dynamic Searchable Encryption Resisting Volume Leakage in Encrypted Databases. Dongli Liu, Wei Wang, Peng Xu, Laurence T. Yang, Bo Luo, Kaitai Liang |
| 2024 | dp-promise: Differentially Private Diffusion Probabilistic Models for Image Synthesis. Haichen Wang, Shuchao Pang, Zhigang Lu, Yihang Rao, Yongbin Zhou, Minhui Xue |
| 2024 | iHunter: Hunting Privacy Violations at Scale in the Software Supply Chain on iOS. Dexin Liu, Yue Xiao, Chaoqi Zhang, Kaitao Xie, Xiaolong Bai, Shikun Zhang, Luyi Xing |
| 2024 | pi-Jack: Physical-World Adversarial Attack on Monocular Depth Estimation with Perspective Hijacking. Tianyue Zheng, Jingzhi Hu, Rui Tan, Yinqian Zhang, Ying He, Jun Luo |
| 2024 | zkCross: A Novel Architecture for Cross-Chain Privacy-Preserving Auditing. Yihao Guo, Minghui Xu, Xiuzhen Cheng, Dongxiao Yu, Wangjie Qiu, Gang Qu, Weibing Wang, Mingming Song |