USENIX Security Symposium A*

440 papers

YearTitle / Authors
2025"Helps me Take the Post With a Grain of Salt: " Soft Moderation Effects on Accuracy Perceptions and Sharing Intentions of Inauthentic Political Content on X.
Filipo Sharevski, Verena Distler, Florian Alt
2025"I Cannot Write This Because It Violates Our Content Policy": Understanding Content Moderation Policies and User Experiences in Generative AI Products.
Lan Gao, Oscar Chen, Rachel Lee, Nick Feamster, Chenhao Tan, Marshini Chetty
2025"I have no idea how to make it safer": Studying Security and Privacy Mindsets of Browser Extension Developers.
Shubham Agarwal, Rafael Mrowczynski, Maria Hellenthal, Ben Stock
2025"I wasn't sure if this is indeed a security risk": Data-driven Understanding of Security Issue Reporting in GitHub Repositories of Open Source npm Packages.
Rajdeep Ghosh, Shiladitya De, Mainack Mondal
2025"I'm regretting that I hit run": In-situ Assessment of Potential Malware.
Brandon Lit, Edward Crowder, Hassan Khan, Daniel Vogel
2025"I'm trying to learn...and I'm shooting myself in the foot": Beginners' Struggles When Solving Binary Exploitation Exercises.
James Mattei, Christopher Pellegrini, Matthew Soto, Marina Sanusi Bohuk, Daniel Votipka
2025"It's not my responsibility to write them": An Empirical Study of Software Product Managers and Security Requirements.
Houda Naji, Felix Reichmann, Tobias Bruns, M. Angela Sasse, Alena Naiakshina
2025"No, I Can't Be a Security Personnel on Your Phone": Security and Privacy Threats From Sharing Infrastructure in Rural Ghana.
Emmanuel Tweneboah, Collins W. Munyendo, Yixin Zou
2025"Please don't send that bot anything": A Mixed-methods Study of Personal Impersonation Attacks Targeting Digital Payments on Social Media.
Hoang Dai Nguyen, Sumit Dhungana, Madhulika Itha, Phani Vadrevu
2025"That's my perspective from 30 years of doing this": An Interview Study on Practices, Experiences, and Challenges of Updating Cryptographic Code.
Alexander Krause, Harjot Kaur, Jan H. Klemmer, Oliver Wiese, Sascha Fahl
2025"Threat modeling is very formal, it's very technical, and also very hard to do correctly": Investigating Threat Modeling Practices in Open-Source Software Projects.
Harjot Kaur, Carson Powers, Ronald E. Thompson III, Sascha Fahl, Daniel Votipka
2025'Hey mum, I dropped my phone down the toilet': Investigating Hi Mum and Dad SMS Scams in the United Kingdom.
Sharad Agarwal, Emma Harvey, Enrico Mariconti, Guillermo Suarez-Tangil, Marie Vasek
202534th USENIX Security Symposium, USENIX Security 2025, Seattle, WA, USA, August 13-15, 2025.
Lujo Bauer, Giancarlo Pellegrino
2025A Comprehensive Formal Security Analysis of OPC UA.
Vincent Diemunsch, Lucca Hirschi, Steve Kremer
2025A Crack in the Bark: Leveraging Public Knowledge to Remove Tree-Ring Watermarks.
Junhua Lin, Marc Juarez
2025A First Look at Governments' Enterprise Security Guidance.
Kimberly Ruth, Raymond Buernor Obu, Ifeoluwa Shode, Gavin Li, Carrie Gates, Grant Ho, Zakir Durumeric
2025A Formal Analysis of Apple's iMessage PQ3 Protocol.
Felix Linker, Ralf Sasse, David A. Basin
2025A Framework for Abusability Analysis: The Case of Passkeys in Interpersonal Threat Models.
Alaa Daffalla, Arkaprabha Bhattacharya, Jacob Wilder, Rahul Chatterjee, Nicola Dell, Rosanna Bellini, Thomas Ristenpart
2025A Framework for Designing Provably Secure Steganography.
Guorui Liao, Jinshuai Yang, Weizhi Shao, Yongfeng Huang
2025A Mixed-Methods Study of Open-Source Software Maintainers On Vulnerability Management and Platform Security Features.
Jessy Ayala, Yu-Jye Tung, Joshua Garcia
2025A Stakeholder-Based Framework to Highlight Tensions when Implementing Privacy Features.
Julia Netter, Tim Nelson, Skyler Austen, Eva Lau, Colton Rusch, Malte Schwarzkopf, Kathi Fisler
2025A Tale of Two Worlds, a Formal Story of WireGuard Hybridization.
Pascal Lafourcade, Dhekra Mahmoud, Sylvain Ruhault, Abdul Rahman Taleb
2025A Thorough Security Analysis of BLE Proximity Tracking Protocols.
Xiaofeng Liu, Chaoshun Zuo, Qinsheng Hou, Pengcheng Ren, Jianliang Wu, Qingchuan Zhao, Shanqing Guo
2025A limited technical background is sufficient for attack-defense tree acceptability.
Nathan Daniel Schiele, Olga Gadyatskaya
2025AGNNCert: Defending Graph Neural Networks against Arbitrary Perturbations with Deterministic Certification.
Jiate Li, Binghui Wang
2025AKMA+: Security and Privacy-Enhanced and Standard-Compatible AKMA for 5G Communication.
Yang Yang, Guomin Yang, Yingjiu Li, Minming Huang, Zilin Shen, Imtiaz Karim, Ralf Sasse, David A. Basin, Elisa Bertino, Jian Weng, HweeHwa Pang, Robert H. Deng
2025ALERT: Machine Learning-Enhanced Risk Estimation for Databases Supporting Encrypted Queries.
Longxiang Wang, Lei Xu, Yufei Chen, Ying Zou, Cong Wang
2025APPATCH: Automated Adaptive Prompting Large Language Models for Real-World Software Vulnerability Patching.
Yu Nong, Haoran Yang, Long Cheng, Hongxin Hu, Haipeng Cai
2025AUDIO WATERMARK: Dynamic and Harmless Watermark for Black-box Voice Dataset Copyright Protection.
Hanqing Guo, Junfeng Guo, Bocheng Chen, Yuanda Wang, Xun Chen, Heng Huang, Qiben Yan, Li Xiao
2025AUTOVR: Automated UI Exploration for Detecting Sensitive Data Flow Exposures in Virtual Reality Apps.
John Y. Kim, Chaoshun Zuo, Yanjie Zhao, Zhiqiang Lin
2025Abusability of Automation Apps in Intimate Partner Violence.
Shirley Zhang, Paul Chung, Jacob Vervelde, Nishant Korapati, Rahul Chatterjee, Kassem Fawaz
2025Achilles: A Formal Framework of Leaking Secrets from Signature Schemes via Rowhammer.
Junkai Liang, Zhi Zhang, Xin Zhang, Qingni Shen, Yansong Gao, Xingliang Yuan, Haiyang Xue, Pengfei Wu, Zhonghai Wu
2025Activation Approximations Can Incur Safety Vulnerabilities in Aligned LLMs: Comprehensive Analysis and Defense.
Jiawen Zhang, Kejia Chen, Lipeng He, Jian Lou, Dan Li, Zunlei Feng, Mingli Song, Jian Liu, Kui Ren, Xiaohu Yang
2025Addressing Sensitivity Distinction in Local Differential Privacy: A General Utility-Optimized Framework.
Xingyu He, Youwen Zhu, Rongke Liu, Gaoning Pan, Changyu Dong
2025Addressing the Address Books' (Interdependent) Privacy Issues.
Kavous Salehzadeh Niksirat, Lev Velykoivanenko, Samuel Mätzler, Stephan Mulders, Aurelia Tamò-Larrieux, Marc-Olivier Boldi, Mathias Humbert, Kévin Huguenin
2025AidFuzzer: Adaptive Interrupt-Driven Firmware Fuzzing via Run-Time State Recognition.
Jianqiang Wang, Qinying Wang, Tobias Scharnowski, Li Shi, Simon Wörner, Thorsten Holz
2025Aion: Robust and Efficient Multi-Round Single-Mask Secure Aggregation Against Malicious Participants.
Yizhong Liu, Zixiao Jia, Xiao Chen, Song Bian, Runhua Xu, Dawei Li, Yuan Lu
2025AirTag-Facilitated Stalking Protection: Evaluating Unwanted Tracking Notifications and Tracker Locating Features.
Dañiel Gerhardt, Matthias Fassl, Carolyn Guthoff, Adrian Dabrowski, Katharina Krombholz
2025Am I Infected? Lessons from Operating a Large-Scale IoT Security Diagnostic Service.
Takayuki Sasaki, Tomoya Inazawa, Youhei Yamaguchi, Simon Parkin, Michel van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto
2025An Industry Interview Study of Software Signing for Supply Chain Security.
Kelechi G. Kalu, Tanmay Singla, Chinenye Okafor, Santiago Torres-Arias, James C. Davis
2025Analyzing the AI Nudification Application Ecosystem.
Cassidy Gibson, Daniel Olszewski, Natalie Grace Brigham, Anna Crowder, Kevin R. B. Butler, Patrick Traynor, Elissa M. Redmiles, Tadayoshi Kohno
2025Approve Once, Regret Forever: On the Exploitation of Ethereum's Approve-TransferFrom Ecosystem.
Nicola Ruaro, Fabio Gritti, Dongyu Meng, Robert McLaughlin, Ilya Grishchenko, Christopher Kruegel, Giovanni Vigna
2025Approximation Enforced Execution of Untrusted Linux Kernel Extensions.
Hao Sun, Zhendong Su
2025Arbitrary-Threshold Fully Homomorphic Encryption with Lower Complexity.
Yijia Chang, Songze Li
2025Are CAPTCHAs Still Bot-hard? Generalized Visual CAPTCHA Solving with Agentic Vision Language Model.
Xiwen Teoh, Yun Lin, Siqi Li, Ruofan Liu, Avi Sollomoni, Yaniv Harel, Jin Song Dong
2025Ares: Comprehensive Path Hijacking Detection via Routing Tree.
Yinxiang Tao, Chengwan Zhang, Changqing An, Shuying Zhuang, Jilong Wang, Congcong Miao
2025Ariadne: Navigating through the Labyrinth of Data-Driven Customization Inconsistencies in Android.
Parjanya Vyas, Haseeb Ur Rehman Faheem, Yousra Aafer, N. Asokan
2025As Advertised? Understanding the Impact of Influencer VPN Ads.
Omer Akgul, Richard Roberts, Emma Shroyer, Dave Levin, Michelle L. Mazurek
2025Assessing the Aftermath: the Effects of a Global Takedown against DDoS-for-hire Services.
Anh V. Vu, Ben Collier, Daniel R. Thomas, John Kristoff, Richard Clayton, Alice Hutchings
2025Assuring Certified Database Utility in Privacy-Preserving Database Fingerprinting.
Mingyang Song, Zhongyun Hua, Yifeng Zheng, Tao Xiang, Guoai Xu, Xingliang Yuan
2025Atkscopes: Multiresolution Adversarial Perturbation as a Unified Attack on Perceptual Hashing and Beyond.
Yushu Zhang, Yuanyuan Sun, Shuren Qi, Zhongyun Hua, Wenying Wen, Yuming Fang
2025Attacker Control and Bug Prioritization.
Guilhem Lacombe, Sébastien Bardin
2025AudioMarkNet: Audio Watermarking for Deepfake Speech Detection.
Wei Zong, Yang-Wai Chow, Willy Susilo, Joonsang Baek, Seyit Camtepe
2025Auspex: Unveiling Inconsistency Bugs of Transaction Fee Mechanism in Blockchain.
Zheyuan He, Zihao Li, Jiahao Luo, Feng Luo, Junhan Duan, Jingwei Li, Shuwei Song, Xiapu Luo, Ting Chen, Xiaosong Zhang
2025AutoLabel: Automated Fine-Grained Log Labeling for Cyber Attack Dataset Generation.
Yihao Peng, Tongxin Zhang, Jieshao Lai, Yuxuan Zhang, Yiming Wu, Hai Wan, Xibin Zhao
2025Automated Discovery of Semantic Attacks in Multi-Robot Navigation Systems.
Doguhan Yeke, Kartik Anand Pant, Muslum Ozgur Ozmen, Hyungsub Kim, James M. Goppert, Inseok Hwang, Antonio Bianchi, Z. Berkay Celik
2025Automated Soundness and Completeness Vetting of Polygon zkEVM.
Xinghao Peng, Zhiyuan Sun, Kunsong Zhao, Zuchao Ma, Zihao Li, Jinan Jiang, Xiapu Luo, Yinqian Zhang
2025Available Attestation: Towards a Reorg-Resilient Solution for Ethereum Proof-of-Stake.
Mingfei Zhang, Rujia Li, Xueqian Lu, Sisi Duan
2025Await() a Second: Evading Control Flow Integrity by Hijacking C++ Coroutines.
Marcos Bajo, Christian Rossow
2025BEAT-MEV: Epochless Approach to Batched Threshold Encryption for MEV Prevention.
Jan Bormet, Sebastian Faust, Hussien Othman, Ziyan Qu
2025BGP Vortex: Update Message Floods Can Create Internet Instabilities.
Felix Stöger, Henry Birge-Lee, Giacomo Giuliari, Jordi Subirà Nieto, Adrian Perrig
2025BLens: Contrastive Captioning of Binary Functions using Ensemble Embedding.
Tristan Benoit, Yunru Wang, Moritz Dannehl, Johannes Kinder
2025BLuEMan: A Stateful Simulation-based Fuzzing Framework for Open-Source RTOS Bluetooth Low Energy Protocol Stacks.
Wei-Che Kao, Yen-Chia Chen, Yu-Sheng Lin, Yu-cheng Yang, Chi-Yu Li, Chun-Ying Huang
2025Backdooring Bias (B^2) into Stable Diffusion Models.
Ali Naseh, Jaechul Roh, Eugene Bagdasarian, Amir Houmansadr
2025BarraCUDA: Edge GPUs do Leak DNN Weights.
Péter Horváth, Lukasz Chmielewski, Léo Weissbart, Lejla Batina, Yuval Yarom
2025Beyond Exploit Scanning: A Functional Change-Driven Approach to Remote Software Version Identification.
Jinsong Chen, Mengying Wu, Geng Hong, Baichao An, Mingxuan Liu, Lei Zhang, Baojun Liu, Haixin Duan, Min Yang
2025Beyond Statistical Estimation: Differentially Private Individual Computation via Shuffling.
Shaowei Wang, Changyu Dong, Xiangfu Song, Jin Li, Zhili Zhou, Di Wang, Han Wu
2025Big Help or Big Brother? Auditing Tracking, Profiling, and Personalization in Generative AI Assistants.
Yash Vekaria, Aurelio Loris Canino, Jonathan Levitsky, Alex Ciechonski, Patricia Callejo, Anna Maria Mandalari, Zubair Shafiq
2025Blockchain Address Poisoning.
Taro Tsuchiya, Jin-Dong Dong, Kyle Soska, Nicolas Christin
2025BlueGuard: Accelerated Host and Guest Introspection Using DPUs.
Meni Orenbach, Rami Ailabouni, Nael Masalha, Thanh Nguyen, Ahmad Saleh, Frank Block, Fritz Alder, Ofir Arkin, Ahmad Atamli
2025Boosting Gradient Leakage Attacks: Data Reconstruction in Realistic FL Settings.
Mingyuan Fan, Fuyi Wang, Cen Chen, Jianying Zhou
2025Bots can Snoop: Uncovering and Mitigating Privacy Risks of Bots in Group Chats.
Kai-Hsiang Chou, Yi-Min Lin, Yi-An Wang, Jonathan Weiping Li, Tiffany Hyun-Jin Kim, Hsu-Chun Hsiao
2025Branch Privilege Injection: Compromising Spectre v2 Hardware Mitigations by Exploiting Branch Predictor Race Conditions.
Sandro Rüegge, Johannes Wikner, Kaveh Razavi
2025Breaking the Blindfold: Deep Learning-based Blind Side-channel Analysis.
Azade Rezaeezade, Trevor Yap, Dirmanto Jap, Shivam Bhasin, Stjepan Picek
2025Breaking the Layer Barrier: Remodeling Private Transformer Inference with Hybrid CKKS and MPC.
Tianshi Xu, Wen-jie Lu, Jiangrui Yu, Yi Chen, Chenqi Lin, Runsheng Wang, Meng Li
2025Bridging the Gap in Vision Language Models in Identifying Unsafe Concepts Across Modalities.
Yiting Qu, Michael Backes, Yang Zhang
2025BulletCT: Towards More Scalable Ring Confidential Transactions With Transparent Setup.
Nan Wang, Qianhui Wang, Dongxi Liu, Muhammed F. Esgin, Alsharif Abuadbba
2025Bundled Authenticated Key Exchange: A Concrete Treatment of Signal's Handshake Protocol and Post-Quantum Security.
Keitaro Hashimoto, Shuichi Katsumata, Thom Wiggers
2025CAMP in the Odyssey: Provably Robust Reinforcement Learning with Certified Radius Maximization.
Derui Wang, Kristen Moore, Diksha Goel, Minjune Kim, Gang Li, Yang Li, Robin Doss, Minhui Xue, Bo Li, Seyit Camtepe, Liming Zhu
2025Careless Retention and Management: Understanding and Detecting Data Retention Denial-of-Service Vulnerabilities in Java Web Containers.
Keke Lian, Lei Zhang, Haoran Zhao, Yinzhi Cao, Yongheng Liu, Fute Sun, Yuan Zhang, Min Yang
2025Catch-22: Uncovering Compromised Hosts using SSH Public Keys.
Cristian Munteanu, Georgios Smaragdakis, Anja Feldmann, Tobias Fiebig
2025Censorship Evasion with Unidentified Protocol Generation.
Ryan Wails, Rob Jansen, Aaron Johnson, Micah Sherr
2025CertPHash: Towards Certified Perceptual Hashing via Robust Training.
Yuchen Yang, Qichang Liu, Christopher Brix, Huan Zhang, Yinzhi Cao
2025CertTA: Certified Robustness Made Practical for Learning-Based Traffic Analysis.
Jinzhu Yan, Zhuotao Liu, Yuyang Xie, Shiyu Liang, Lin Liu, Ke Xu
2025ChainFuzz: Exploiting Upstream Vulnerabilities in Open-Source Supply Chains.
Peng Deng, Lei Zhang, Yuchuan Meng, Zhemin Yang, Yuan Zhang, Min Yang
2025Characterizing and Detecting Propaganda-Spreading Accounts on Telegram.
Klim Kireev, Yevhen Mykhno, Carmela Troncoso, Rebekah Overdorf
2025Characterizing the MrDeepFakes Sexual Deepfake Marketplace.
Catherine Han, Anne Li, Deepak Kumar, Zakir Durumeric
2025Chimera: Creating Digitally Signed Fake Photos by Fooling Image Recapture and Deepfake Detectors.
Seongbin Park, Alexander Vilesov, Jinghuai Zhang, Hossein Khalili, Yuan Tian, Achuta Kadambi, Nader Sehatbakhsh
2025ChoiceJacking: Compromising Mobile Devices through Malicious Chargers like a Decade ago.
Florian Draschbacher, Lukas Maar, Mathias Oberhuber, Stefan Mangard
2025Cloak, Honey, Trap: Proactive Defenses Against LLM Agents.
Daniel Ayzenshteyn, Roy Weiss, Yisroel Mirsky
2025CloudFlow: Identifying Security-sensitive Data Flows in Serverless Applications.
Giuseppe Raffa, Jorge Blasco, Daniel O'Keeffe, Santanu Kumar Dash
2025CoVault: Secure, Scalable Analytics of Personal Data.
Roberta De Viti, Isaac Sheff, Noemi Glaeser, Baltasar Dinis, Rodrigo Rodrigues, Bobby Bhattacharjee, Anwar Hithnawi, Deepak Garg, Peter Druschel
2025CollisionRepair: First-Aid and Automated Patching for Storage Collision Vulnerabilities in Smart Contracts.
Yu Pan, Wanjing Han, Yue Duan, Mu Zhang
2025Comprehensive Deniability Analysis of Signal Handshake Protocols: X3DH, PQXDH to Fully Post-Quantum with Deniable Ring Signatures.
Shuichi Katsumata, Guilhem Niot, Ida Tucker, Thom Wiggers
2025Confusing Value with Enumeration: Studying the Use of CVEs in Academia.
Moritz Schloegel, Daniel Klischies, Simon Koch, David Klein, Lukas Gerlach, Malte Wessels, Leon Trampert, Martin Johns, Mathy Vanhoef, Michael Schwarz, Thorsten Holz, Jo Van Bulck
2025Context Matters: Qualitative Insights into Developers' Approaches and Challenges with Software Composition Analysis.
Elizabeth Lin, Sparsha Gowda, William Enck, Dominik Wermke
2025CoreCrisis: Threat-Guided and Context-Aware Iterative Learning and Fuzzing of 5G Core Networks.
Yilu Dong, Tianchang Yang, Abdullah Al Ishtiaq, Syed Md. Mukit Rashid, Ali Ranjbar, Kai Tu, Tianwei Wu, Md. Sultan Mahmud, Syed Rafiul Hussain
2025Cross-Modal Prompt Inversion: Unifying Threats to Text and Image Generative AI Models.
Dayong Ye, Tianqing Zhu, Feng He, Bo Liu, Minhui Xue, Wanlei Zhou
2025Current Affairs: A Security Measurement Study of CCS EV Charging Deployments.
Marcell Szakály, Sebastian Köhler, Ivan Martinovic
2025Cyber-Physical Deception Through Coordinated IoT Honeypots.
Chongqi Guan, Guohong Cao
2025DFS: Delegation-friendly zkSNARK and Private Delegation of Provers.
Yuncong Hu, Pratyush Mishra, Xiao Wang, Jie Xie, Kang Yang, Yu Yu, Yuwen Zhang
2025DISPATCH: Unraveling Security Patches from Entangled Code Changes.
Shiyu Sun, Yunlong Xing, Xinda Wang, Shu Wang, Qi Li, Kun Sun
2025DNS FLaRE: A Flush-Reload Attack on DNS Forwarders.
Gilad Moav, Yehuda Afek, Anat Bremler-Barr, Amit Klein
2025DP-BREM: Differentially-Private and Byzantine-Robust Federated Learning with Client Momentum.
Xiaolan Gu, Ming Li, Li Xiong
2025DarkGram: A Large-Scale Analysis of Cybercriminal Activity Channels on Telegram.
Sayak Saha Roy, Elham Pourabbas Vafa, Kobra Khanmohamaddi, Shirin Nilizadeh
2025Data Duplication: A Novel Multi-Purpose Attack Paradigm in Machine Unlearning.
Dayong Ye, Tianqing Zhu, Jiayang Li, Kun Gao, Bo Liu, Leo Yu Zhang, Wanlei Zhou, Yang Zhang
2025Data-Free Model-Related Attacks: Unleashing the Potential of Generative AI.
Dayong Ye, Tianqing Zhu, Shang Wang, Bo Liu, Leo Yu Zhang, Wanlei Zhou, Yang Zhang
2025DeBackdoor: A Deductive Framework for Detecting Backdoor Attacks on Deep Models with Limited Data.
Dorde Popovic, Amin Sadeghi, Ting Yu, Sanjay Chawla, Issa Khalil
2025Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue.
Lioba Heimbach, Yann Vonlanthen, Juan Villacis, Lucianna Kiffer, Roger Wattenhofer
2025DeepFold: Efficient Multilinear Polynomial Commitment from Reed-Solomon Code and Its Application to Zero-knowledge Proofs.
Yanpei Guo, Xuanming Liu, Kexi Huang, Wenjie Qu, Tianyang Tao, Jiaheng Zhang
2025Demystifying the (In)Security of QR Code-based Login in Real-world Deployments.
Xin Zhang, Xiaohan Zhang, Bo Zhao, Yuhong Nan, Zhichen Liu, Jianzhou Chen, Huijun Zhou, Min Yang
2025Depth Gives a False Sense of Privacy: LLM Internal States Inversion.
Tian Dong, Yan Meng, Shaofeng Li, Guoxing Chen, Zhen Liu, Haojin Zhu
2025Detecting Compromise of Passkey Storage on the Cloud.
Mazharul Islam, Sunpreet S. Arora, Rahul Chatterjee, Ke Coby Wang
2025DiffLoc: WiFi Hidden Camera Localization Based on Electromagnetic Diffraction.
Xiang Zhang, Jie Zhang, Huan Yan, Jinyang Huang, Zehua Ma, Bin Liu, Meng Li, Kejiang Chen, Qing Guo, Tianwei Zhang, Zhi Liu
2025Digital Security Perceptions and Practices Around the World: A WEIRD versus Non-WEIRD Comparison.
Franziska Herbert, Collins W. Munyendo, Jonas Hielscher, Steffen Becker, Yixin Zou
2025DiskSpy: Exploring a Long-Range Covert-Channel Attack via mmWave Sensing of μm-level HDD Vibrations.
Weiye Xu, Danli Wen, Jianwei Liu, Zixin Lin, Yuanqing Zheng, Xian Xu, Jinsong Han
2025Disparate Privacy Vulnerability: Targeted Attribute Inference Attacks and Defenses.
Ehsanul Kabir, Lucas Craig, Shagufta Mehnaz
2025Distributed Private Aggregation in Graph Neural Networks.
Huanhuan Jia, Yuanbo Zhao, Kai Dong, Zhen Ling, Ming Yang, Junzhou Luo, Xinwen Fu
2025Distributional Private Information Retrieval.
Ryan Lehmkuhl, Alexandra Henzinger, Henry Corrigan-Gibbs
2025Does Finality Gadget Finalize Your Block? A Case Study of Binance Consensus.
Rujia Li, Jingyuan Ding, Qin Wang, Keting Jia, Haibin Zhang, Sisi Duan
2025Dorami: Privilege Separating Security Monitor on RISC-V TEEs.
Mark Kuhne, Stavros Volos, Shweta Shinde
2025Dormant: Defending against Pose-driven Human Image Animation.
Jiachen Zhou, Mingsi Wang, Tianlin Li, Guozhu Meng, Kai Chen
2025Double-Edged Shield: On the Fingerprintability of Customized Ad Blockers.
Saiid El Hajj Chehade, Ben Stock, Carmela Troncoso
2025Doubly Dangerous: Evading Phishing Reporting Systems by Leveraging Email Tracking Techniques.
Anish Chand, Nick Nikiforakis, Phani Vadrevu
2025Dumbo-MPC: Efficient Fully Asynchronous MPC with Optimal Resilience.
Yuan Su, Yuan Lu, Jiliang Li, Yuyi Wang, Chengyi Dong, Qiang Tang
2025ECC.fail: Mounting Rowhammer Attacks on DDR4 Servers with ECC Memory.
Nureddin Kamadan, Walter Wang, Stephan van Schaik, Christina Garman, Daniel Genkin, Yuval Yarom
2025EKC: A Portable and Extensible Kernel Compartment for De-Privileging Commodity OS.
Jiaqin Yan, Qiujiang Chen, Shuai Zhou, Yuke Peng, Guoxing Chen, Yinqian Zhang
2025ELFuzz: Efficient Input Generation via LLM-driven Synthesis Over Fuzzer Space.
Chuyang Chen, Brendan Dolan-Gavitt, Zhiqiang Lin
2025Easy As Child's Play: An Empirical Study on Age Verification of Adult-Oriented Android Apps.
Yifan Yao, Shawn McCollum, Zhibo Sun, Yue Zhang
2025EchoLLM: LLM-Augmented Acoustic Eavesdropping Attack on Bone Conduction Headphones with mmWave Radar.
Xin Yao, Kecheng Huang, Yimin Chen, Jiawei Guo, Jie Tang, Ming Zhao
2025Effective Directed Fuzzing with Hierarchical Scheduling for Web Vulnerability Detection.
Zihan Lin, Yuan Zhang, Jiarun Dai, Xinyou Huang, Bocheng Xiang, Guangliang Yang, Letian Yuan, Lei Zhang, Tian Chen, Min Yang
2025Effective PII Extraction from LLMs through Augmented Few-Shot Learning.
Shuai Cheng, Shu Meng, Haitao Xu, Haoran Zhang, Shuai Hao, Chuan Yue, Wenrui Ma, Meng Han, Fan Zhang, Zhao Li
2025Efficient 2PC for Constant Round Secure Equality Testing and Comparison.
Tianpei Lu, Xin Kang, Bingsheng Zhang, Zhuo Ma, Xiaoyuan Zhang, Yang Liu, Kui Ren, Chun Chen
2025Efficient Batchable Secure Outsourced Computation: Depth-Aware Arithmetization of Common Primitives for BFV & BGV.
Jelle Vos, Mauro Conti, Zekeriya Erkin
2025Efficient Multi-Party Private Set Union Without Non-Collusion Assumptions.
Minglang Dong, Cong Zhang, Yujie Bai, Yu Chen
2025Efficient Ranking, Order Statistics, and Sorting under CKKS.
Federico Mazzone, Maarten H. Everts, Florian Hahn, Andreas Peter
2025Email Spoofing with SMTP Smuggling: How the Shared Email Infrastructures Magnify this Vulnerability.
Chuhan Wang, Chenkai Wang, Songyi Yang, Sophia Liu, Jianjun Chen, Haixin Duan, Gang Wang
2025EmbedX: Embedding-Based Cross-Trigger Backdoor Attack Against Large Language Models.
Nan Yan, Yuqing Li, Xiong Wang, Jing Chen, Kun He, Bo Li
2025Enabling Low-Cost Secure Computing on Untrusted In-Memory Architectures.
Sahar Ghoflsaz Ghinani, Jingyao Zhang, Elaheh Sadredini
2025Encarsia: Evaluating CPU Fuzzers via Automatic Bug Injection.
Matej Bölcskei, Flavien Solt, Katharina Ceesay-Seitz, Kaveh Razavi
2025Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking.
Carolina Ortega Pérez, Alaa Daffalla
2025Endangered Privacy: Large-Scale Monitoring of Video Streaming Services.
Martin Björklund, Romaric Duvignau
2025Engorgio: An Arbitrary-Precision Unbounded-Size Hybrid Encrypted Database via Quantized Fully Homomorphic Encryption.
Song Bian, Haowen Pan, Jiaqi Hu, Zhou Zhang, Yunhao Fu, Jiafeng Hua, Yunyi Chen, Bo Zhang, Yier Jin, Jin Dong, Zhenyu Guan
2025Enhanced Label-Only Membership Inference Attacks with Fewer Queries.
Hao Li, Zheng Li, Siyuan Wu, Yutong Ye, Min Zhang, Dengguo Feng, Yang Zhang
2025Evaluating LLM-based Personal Information Extraction and Countermeasures.
Yupei Liu, Yuqi Jia, Jinyuan Jia, Neil Zhenqiang Gong
2025Evaluating Privacy Policies under Modern Privacy Laws At Scale: An LLM-Based Automated Approach.
Qinge Xie, Karthik Ramakrishnan, Frank Li
2025Evaluating the Effectiveness and Robustness of Visual Similarity-based Phishing Detection Models.
Fujiao Ji, Kiho Lee, Hyungjoon Koo, Wenhao You, Euijin Choo, Hyoungshick Kim, Doowon Kim
2025EvilEDR: Repurposing EDR as an Offensive Tool.
Kotaiba Alachkar, Dirk Gaastra, Eduardo Barbaro, Michel van Eeten, Yury Zhauniarovich
2025Expert Insights into Advanced Persistent Threats: Analysis, Attribution, and Challenges.
Aakanksha Saha, James Mattei, Jorge Blasco, Lorenzo Cavallaro, Daniel Votipka, Martina Lindorfer
2025Exploiting Inaccurate Branch History in Side-Channel Attacks.
Yuhui Zhu, Alessandro Biondi
2025Exploiting Task-Level Vulnerabilities: An Automatic Jailbreak Attack and Defense Benchmarking for LLMs.
Lan Zhang, Xinben Gao, Liuyi Yao, Jinke Song, Yaliang Li
2025Exploring How to Authenticate Application Messages in MLS: More Efficient, Post-Quantum, and Anonymous Blocklistable.
Keitaro Hashimoto, Shuichi Katsumata, Guillermo Pascual-Perez
2025Exploring User Security and Privacy Attitudes and Concerns Toward the Use of General-Purpose LLM Chatbots for Mental Health.
Jabari Kwesi, Jiaxun Cao, Riya Manchanda, Pardis Emami Naeini
2025Exploring and Exploiting the Resource Isolation Attack Surface of WebAssembly Containers.
Zhaofeng Yu, Dongyang Zhan, Lin Ye, Haining Yu, Hongli Zhang, Zhihong Tian
2025Exposing and Circumventing SNI-based QUIC Censorship of the Great Firewall of China.
Ali Zohaib, Qiang Zao, Jackson Sippe, Abdulrahman Alaraj, Amir Houmansadr, Zakir Durumeric, Eric Wustrow
2025Exposing the Guardrails: Reverse-Engineering and Jailbreaking Safety Filters in DALL·E Text-to-Image Pipelines.
Corban Villa, Muhammad Shujaat Mirza, Christina Pöpper
2025FABLE: Batched Evaluation on Confidential Lookup Tables in 2PC.
Zhengyuan Su, Qi Pang, Simon Beyzerov, Wenting Zheng
2025FIXX: FInding eXploits from eXamples.
Neil P. Thimmaiah, Yashashvi J. Dave, Rigel Gjomemo, V. N. Venkatakrishnan
2025FLOP: Breaking the Apple M3 CPU via False Load Output Predictions.
Jason Kim, Jalen Chuang, Daniel Genkin, Yuval Yarom
2025Fast Enhanced Private Set Union in the Balanced and Unbalanced Scenarios.
Binbin Tu, Yujie Bai, Cong Zhang, Yang Cao, Yu Chen
2025FastLloyd: Federated, Accurate, Secure, and Tunable k-Means Clustering with Differential Privacy.
Abdulrahman Diaa, Thomas Humphries, Florian Kerschbaum
2025Fighting Fire with Fire: Continuous Attack for Adversarial Android Malware Detection.
Yinyuan Zhang, Cuiying Gao, Yueming Wu, Shihan Dou, Cong Wu, Ying Zhang, Wei Yuan, Yang Liu
2025Finding Metadata Inconsistencies in Distributed File Systems via Cross-Node Operation Modeling.
Fuchen Ma, Yuanliang Chen, Yuanhang Zhou, Zhen Yan, Hao Sun, Yu Jiang
2025Flexway O-Sort: Enclave-Friendly and Optimal Oblivious Sorting.
Tianyao Gu, Yilei Wang, Afonso Tinoco, Bingnan Chen, Ke Yi, Elaine Shi
2025Following Devils' Footprint: Towards Real-time Detection of Price Manipulation Attacks.
Bosi Zhang, Ningyu He, Xiaohui Hu, Kai Ma, Haoyu Wang
2025For Human Ears Only: Preventing Automated Monitoring on Voice Data.
Irtaza Shahid, Nirupam Roy
2025Found in Translation: A Generative Language Modeling Approach to Memory Access Pattern Attacks.
Grace Jia, Alex Wong, Anurag Khandelwal
2025Free Record-Level Privacy Risk Evaluation Through Artifact-Based Methods.
Joseph Pollock, Igor Shilov, Euodia Dodd, Yves-Alexandre de Montjoye
2025From Alarms to Real Bugs: Multi-target Multi-step Directed Greybox Fuzzing for Static Analysis Result Verification.
Andrew Bao, Wenjia Zhao, Yanhao Wang, Yueqiang Cheng, Stephen McCamant, Pen-Chung Yew
2025From Constraints to Cracks: Constraint Semantic Inconsistencies as Vulnerability Beacons for Embedded Systems.
Jiaxu Zhao, Yuekang Li, Yanyan Zou, Yang Xiao, Naijia Jiang, Yeting Li, Nanyu Zhong, Bingwei Peng, Kunpeng Jian, Wei Huo
2025From Meme to Threat: On the Hateful Meme Understanding and Induced Hateful Content Generation in Open-Source Vision Language Models.
Yihan Ma, Xinyue Shen, Yiting Qu, Ning Yu, Michael Backes, Savvas Zannettou, Yang Zhang
2025From Purity to Peril: Backdooring Merged Models From "Harmless" Benign Components.
Lijin Wang, Jingjing Wang, Tianshuo Cong, Xinlei He, Zhan Qin, Xinyi Huang
2025From Risk to Resilience: Towards Assessing and Mitigating the Risk of Data Reconstruction Attacks in Federated Learning.
Xiangrui Xu, Zhize Li, Yufei Han, Bin Wang, Jiqiang Liu, Wei Wang
2025From Threat to Trust: Exploiting Attention Mechanisms for Attacks and Defenses in Cooperative Perception.
Chenyi Wang, Raymond Muller, Ruoyu Song, Jean-Philippe Monteuuis, Jonathan Petit, Yanmao Man, Ryan M. Gerdes, Z. Berkay Celik, Ming Li
2025Further Study on Frequency Estimation under Local Differential Privacy.
Huiyu Fang, Liquan Chen, Suhui Liu
2025Fuzzing the PHP Interpreter via Dataflow Fusion.
Yuancheng Jiang, Chuqi Zhang, Bonan Ruan, Jiahao Liu, Manuel Rigger, Roland H. C. Yap, Zhenkai Liang
2025GDMA: Fully Automated DMA Rehosting via Iterative Type Overlays.
Tobias Scharnowski, Simeon Hoffmann, Moritz Bley, Simon Wörner, Daniel Klischies, Felix Buchmann, Nils Ole Tippenhauer, Thorsten Holz, Marius Muench
2025GLaDoS: Location-aware Denial-of-Service of Cellular Networks.
Simon Erni, Martin Kotuliak, Richard Baker, Ivan Martinovic, Srdjan Capkun
2025GNSS-WASP: GNSS Wide Area SPoofing.
Christopher Tibaldo, Harshad Sathaye, Giovanni Camurati, Srdjan Capkun
2025GPUHammer: Rowhammer Attacks on GPU Memories are Practical.
Chris S. Lin, Joyce Qu, Gururaj Saileshwar
2025Game of Arrows: On the (In-)Security of Weight Obfuscation for On-Device TEE-Shielded LLM Partition Algorithms.
Pengli Wang, Bingyou Dong, Yifeng Cai, Zheng Zhang, Junlin Liu, Huanran Xue, Ye Wu, Yao Zhang, Ziqi Zhang
2025GeCos Replacing Experts: Generalizable and Comprehensible Industrial Intrusion Detection.
Konrad Wolsing, Eric Wagner, Luisa Lux, Klaus Wehrle, Martin Henze
2025GenHuzz: An Efficient Generative Hardware Fuzzer.
Lichao Wu, Mohamadreza Rostami, Huimin Li, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
2025General-Purpose f-DP Estimation and Auditing in a Black-Box Setting.
Önder Askin, Holger Dette, Martin Dunsche, Tim Kutta, Yun Lu, Yu Wei, Vassilis Zikas
2025Generated Data with Fake Privacy: Hidden Dangers of Fine-tuning Large Language Models on Generated Data.
Atilla Akkus, Masoud Poorghaffar Aghdam, Mingjie Li, Junjie Chu, Michael Backes, Yang Zhang, Sinem Sav
2025Ghost Clusters: Evaluating Attribution of Illicit Services through Cryptocurrency Tracing.
Kelvin Lubbertsen, Michel van Eeten, Rolf van Wegberg
2025GlitchFHE: Attacking Fully Homomorphic Encryption Using Fault Injection.
Lakshmi Likhitha Mankali, Mohammed Nabeel, Faiq Raees, Michail Maniatakos, Ozgur Sinanoglu, Johann Knechtel
2025Gotta Detect 'Em All: Fake Base Station and Multi-Step Attack Detection in Cellular Networks.
Kazi Samin Mubasshir, Imtiaz Karim, Elisa Bertino
2025GradEscape: A Gradient-Based Evader Against AI-Generated Text Detectors.
Wenlong Meng, Shuguo Fan, Chengkun Wei, Min Chen, Yuwei Li, Yuanchao Zhang, Zhikun Zhang, Wenzhi Chen
2025GraphAce: Secure Two-Party Graph Analysis Achieving Communication Efficiency.
Jiping Yu, Kun Chen, Yunyi Chen, Xiaoyu Fan, Xiaowei Zhu, Cheng Hong, Wenguang Chen
2025Great, Now Write an Article About That: The Crescendo Multi-Turn LLM Jailbreak Attack.
Mark Russinovich, Ahmed Salem, Ronen Eldan
2025H2O2RAM: A High-Performance Hierarchical Doubly Oblivious RAM.
Leqian Zheng, Zheng Zhang, Wentao Dong, Yao Zhang, Ye Wu, Cong Wang
2025Harness: Transparent and Lightweight Protection of Vehicle Control on Untrusted Android Automotive Operating System.
Haochen Gong, Siyu Hong, Shenyi Yang, Rui Chang, Wenbo Shen, Ziqi Yuan, Chenyang Yu, Yajin Zhou
2025HateBench: Benchmarking Hate Speech Detectors on LLM-Generated Content and Hate Campaigns.
Xinyue Shen, Yixin Wu, Yiting Qu, Michael Backes, Savvas Zannettou, Yang Zhang
2025Haunted by Legacy: Discovering and Exploiting Vulnerable Tunnelling Hosts.
Angelos Beitis, Mathy Vanhoef
2025HawkEye: Statically and Accurately Profiling the Communication Cost of Models in Multi-party Learning.
Wenqiang Ruan, Xin Lin, Ruisheng Zhou, Guopeng Lin, Shui Yu, Weili Han
2025Hercules Droidot and the murder on the JNI Express.
Luca Di Bartolomeo, Philipp Mao, Yu-Jye Tung, Jessy Ayala, Samuele Doria, Paolo Celada, Marcel Busch, Joshua Garcia, Eleonora Losiouk, Mathias Payer
2025High Stakes, Low Certainty: Evaluating the Efficacy of High-Level Indicators of Compromise in Ransomware Attribution.
Max van der Horst, Ricky Kho, Olga Gadyatskaya, Michel Mollema, Michel van Eeten, Yury Zhauniarovich
2025Hobbit: Space-Efficient zkSNARK with Optimal Prover Time.
Christodoulos Pappas, Dimitrios Papadopoulos
2025How Researchers De-Identify Data in Practice.
Wentao Guo, Paige Pepitone, Adam J. Aviv, Michelle L. Mazurek
2025How Transparent is Usable Privacy and Security Research? A Meta-Study on Current Research Transparency Practices.
Jan H. Klemmer, Juliane Schmüser, Fabian Fischer, Jacques Suray, Jan-Ulrich Holtgrave, Simon Lenau, Byron M. Lowens, Florian Schaub, Sascha Fahl
2025How to Compare Bandwidth Constrained Two-Party Secure Messaging Protocols: A Quest for A More Efficient and Secure Post-Quantum Protocol.
Benedikt Auerbach, Yevgeniy Dodis, Daniel Jost, Shuichi Katsumata, Rolfe Schmidt
2025HubBub: Contention-Based Side-Channel Attacks on USB Hubs.
Junpeng Wan, Yanxiang Bi, Han Gao, Dave (Jing) Tian
2025HyTrack: Resurrectable and Persistent Tracking Across Android Apps and the Web.
Malte Wessels, Simon Koch, Jan Drescher, Louis Bettels, David Klein, Martin Johns
2025Hybrid Language Processor Fuzzing via LLM-Based Constraint Solving.
Yupeng Yang, Shenglong Yao, Jizhou Chen, Wenke Lee
2025I Can Tell Your Secrets: Inferring Privacy Attributes from Mini-app Interaction History in Super-apps.
Yifeng Cai, Ziqi Zhang, Mengyu Yao, Junlin Liu, Xiaoke Zhao, Xinyi Fu, Ruoyu Li, Zhe Liu, Xiangqun Chen, Yao Guo, Ding Li
2025I Know What You Said: Unveiling Hardware Cache Side-Channels in Local Large Language Model Inference.
Zibo Gao, Junjie Hu, Feng Guo, Yixin Zhang, Yinglong Han, Siyuan Liu, Haiyang Li, Zhiqiang Lv
2025IDFuzz: Intelligent Directed Grey-box Fuzzing.
Yiyang Chen, Chao Zhang, Long Wang, Wenyu Zhu, Changhua Luo, Nuoqi Gui, Zheyu Ma, Xingjian Zhang, Bingkai Su
2025IRBlock: A Large-Scale Measurement Study of the Great Firewall of Iran.
Jonas Tai, Karthik Nishanth Sengottuvelavan, Peter Whiting, Nguyen Phong Hoang
2025ImpROV: Measurement and Practical Mitigation of Collateral Damage in RPKI Route Origin Validation.
Weitong Li, Yuze Li, Taejoong Chung
2025Improved Secure Two-party Computation from a Geometric Perspective.
Hao Guo, Liqiang Peng, Haiyang Xue, Li Peng, Weiran Liu, Zhe Liu, Lei Hu
2025Investigating the Impact of Online Community Involvement on Safety Practices and Perceived Risks Among People Who Use Drugs.
Jiliang Li, Nora Sinong Lu, Isaak Hanimann, Janice Jianing Si, Dazhao Cheng, Xiaobo Zhou, Kanye Ye Wang
2025Invisible but Detected: Physical Adversarial Shadow Attack and Defense on LiDAR Object Detection.
Ryunosuke Kobayashi, Kazuki Nomoto, Yuna Tanaka, Go Tsuruoka, Tatsuya Mori
2025JBShield: Defending Large Language Models from Jailbreak Attacks through Activated Concept Analysis and Manipulation.
Shenyi Zhang, Yuchen Zhai, Keyan Guo, Hongxin Hu, Shengnan Guo, Zheng Fang, Lingchen Zhao, Chao Shen, Cong Wang, Qian Wang
2025Kintsugi: Secure Hotpatching for Code-Shadowing Real-Time Embedded Systems.
Philipp Mackensen, Christian Niesler, Roberto Blanco, Lucas Davi, Veelasha Moonsamy
2025LEMIX: Enabling Testing of Embedded Applications as Linux Applications.
Sai Ritvik Tanksalkar, Siddharth Muralee, Srihari Danduri, Paschal C. Amusuo, Antonio Bianchi, James C. Davis, Aravind Kumar Machiry
2025LEO-Range: Physical Layer Design for Secure Ranging with Low Earth Orbiting Satellites.
Daniele Coppola, Arslan Mumtaz, Giovanni Camurati, Harshad Sathaye, Mridula Singh, Srdjan Capkun
2025LLFuzz: An Over-the-Air Dynamic Testing Framework for Cellular Baseband Lower Layers.
Tuan Dinh Hoang, Taekkyung Oh, CheolJun Park, Insu Yun, Yongdae Kim
2025LLMmap: Fingerprinting for Large Language Models.
Dario Pasquini, Evgenios M. Kornaropoulos, Giuseppe Ateniese
2025LLMxCPG: Context-Aware Vulnerability Detection Through Code Property Graph-Guided Large Language Models.
Ahmed Lekssays, Hamza Mouhcine, Khang Tran, Ting Yu, Issa Khalil
2025LOHEN: Layer-wise Optimizations for Neural Network Inferences over Encrypted Data with High Performance or Accuracy.
Kevin Nam, Youyeon Joo, Dongju Lee, Seungjin Ha, Hyunyoung Oh, Hyungon Moon, Yunheung Paek
2025Lancet: A Formalization Framework for Crash and Exploit Pathology.
Qinrun Dai, Kirby Linvill, Yueqi Chen, Gowtham Kaki
2025Learning from Functionality Outputs: Private Join and Compute in the Real World.
Francesca Falzon, Tianxin Tang
2025Lemon: Network-Wide DDoS Detection with Routing-Oblivious Per-Flow Measurement.
Wenhao Wu, Zhenyu Li, Xilai Liu, Zhaohua Wang, Heng Pan, Guangxing Zhang, Gaogang Xie
2025Let's Move2EVM.
Lorenzo Benetollo, Andreas Lackner, Matteo Maffei, Markus Scherer
2025Leuvenshtein: Efficient FHE-based Edit Distance Computation with Single Bootstrap per Cell.
Wouter Legiest, Jan-Pieter D'Anvers, Bojan Spasic, Nam-Luc Tran, Ingrid Verbauwhede
2025LightShed: Defeating Perturbation-based Image Copyright Protections.
Hanna Foerster, Sasha Behrouzi, Phillip Rieger, Murtuza Jadliwala, Ahmad-Reza Sadeghi
2025Logs In, Patches Out: Automated Vulnerability Repair via Tree-of-Thought LLM Analysis.
Youngjoon Kim, Sunguk Shin, Hyoungshick Kim, Jiwon Yoon
2025Lost in Translation: Enabling Confused Deputy Attacks on EDA Software with TransFuzz.
Flavien Solt, Kaveh Razavi
2025Lost in the Mists of Time: Expirations in DNS Footprints of Mobile Apps.
Johnny So, Iskander Sánchez-Rola, Nick Nikiforakis
2025Low-Cost and Comprehensive Non-textual Input Fuzzing with LLM-Synthesized Input Generators.
Kunpeng Zhang, Zongjie Li, Daoyuan Wu, Shuai Wang, Xin Xia
2025MAESTRO: Multi-Party AES Using Lookup Tables.
Hiraku Morita, Erik Pohle, Kunihiko Sadakane, Peter Scholl, Kazunari Tozawa, Daniel Tschudi
2025MBFuzzer: A Multi-Party Protocol Fuzzer for MQTT Brokers.
Xiangpu Song, Jianliang Wu, Yingpei Zeng, Hao Pan, Chaoshun Zuo, Qingchuan Zhao, Shanqing Guo
2025Machine Against the RAG: Jamming Retrieval-Augmented Generation with Blocker Documents.
Avital Shafran, Roei Schuster, Vitaly Shmatikov
2025Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents.
Fengyu Liu, Yuan Zhang, Jiaqi Luo, Jiarun Dai, Tian Chen, Letian Yuan, Zhengmin Yu, Youkun Shi, Ke Li, Chengyuan Zhou, Hao Chen, Min Yang
2025MalGuard: Towards Real-Time, Accurate, and Actionable Detection of Malicious Packages in PyPI Ecosystem.
Xingan Gao, Xiaobing Sun, Sicong Cao, Kaifeng Huang, Di Wu, Xiaolei Liu, Xingwei Lin, Yang Xiang
2025Malicious LLM-Based Conversational AI Makes Users Reveal Personal Information.
Xiao Zhan, Juan Carlos Carrillo, William Seymour, Jose Such
2025McSee: Evaluating Advanced Rowhammer Attacks and Defenses via Automated DRAM Traffic Analysis.
Patrick Jattke, Michele Marazzi, Flavien Solt, Max Wipfli, Stefan Gloor, Kaveh Razavi
2025Membership Inference Attacks Against Vision-Language Models.
Yuke Hu, Zheng Li, Zhihao Liu, Yang Zhang, Zhan Qin, Kui Ren, Chun Chen
2025Mind the Inconspicuous: Revealing the Hidden Weakness in Aligned LLMs' Refusal Boundaries.
Jiahao Yu, Haozheng Luo, Jerry Yao-Chieh Hu, Yan Chen, Wenbo Guo, Han Liu, Xinyu Xing
2025Mirage in the Eyes: Hallucination Attack on Multi-modal Large Language Models with Only Attention Sink.
Yining Wang, Mi Zhang, Junjie Sun, Chenyue Wang, Min Yang, Hui Xue, Jialing Tao, Ranjie Duan, Jiexi Liu
2025Misty Registry: An Empirical Study of Flawed Domain Registry Operation.
Mingming Zhang, Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu
2025Mitigating Injection Attacks against E2EE Applications via View-Based Partitioning.
Andrés Fábrega, Samuel Breckenridge, Armin Namavari, Thomas Ristenpart
2025More is Less: Extra Features in Contactless Payments Break Security.
George Pavlides, Anna Clee, Ioana Boureanu, Tom Chothia
2025My ZIP isn't your ZIP: Identifying and Exploiting Semantic Gaps Between ZIP Parsers.
Yufan You, Jianjun Chen, Qi Wang, Haixin Duan
2025NASS: Fuzzing All Native Android System Services with Interface Awareness and Coverage.
Philipp Mao, Marcel Busch, Mathias Payer
2025NOKEScam: Understanding and Rectifying Non-Sense Keywords Spear Scam in Search Engines.
Mingxuan Liu, Yunyi Zhang, Lijie Wu, Baojun Liu, Geng Hong, Yiming Zhang, Hui Jiang, Jia Zhang, Haixin Duan, Min Zhang, Wei Guan, Fan Shi, Min Yang
2025Narrowbeer: A Practical Replay Attack Against the Widevine DRM.
Florian Roudot, Mohamed Sabt
2025Navigating Cookie Consent Violations Across the Globe.
Brian Tang, Duc Bui, Kang G. Shin
2025Navigating Security and Privacy Threats in Homeless Service Provision.
Yuxi Wu, Ruoxi Zhang, Shiyue Liu, Mufei He, Aidan Hong, Jeremy J. Northup, Calla Kainaroi, Fei Fang, Hong Shen
2025Neural Invisibility Cloak: Concealing Adversary in Images via Compromised AI-driven Image Signal Processing.
Wenjun Zhu, Xiaoyu Ji, Xinfeng Li, Qihang Chen, Kun Wang, Xinyu Li, Ruoyan Xu, Wenyuan Xu
2025NeuroScope: Reverse Engineering Deep Neural Network on Edge Devices using Dynamic Analysis.
Ruoyu Wu, Muqi Zou, Arslan Khan, Taegyu Kim, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi
2025No Way to Sign Out? Unpacking Non-Compliance with Google Play's App Account Deletion Requirements.
Jingwen Yan, Song Liao, Jin Ma, Mohammed Aldeen, Salish Kumar, Long Cheng
2025Not so Refreshing: Attacking GPUs using RFM Rowhammer Mitigation.
Ravan Nazaraliyev, Yicheng Zhang, Sankha Baran Dutta, Andrés Márquez, Kevin J. Barker, Nael B. Abu-Ghazaleh
2025Nothing is Unreachable: Automated Synthesis of Robust Code-Reuse Gadget Chains for Arbitrary Exploitation Primitives.
Nicolas Bailluet, Emmanuel Fleury, Isabelle Puaut, Erven Rohou
2025OBLIVIATOR: OBLIVIous Parallel Joins and other OperATORs in Shared Memory Environments.
Apostolos Mavrogiannakis, Xian Wang, Ioannis Demertzis, Dimitrios Papadopoulos, Minos N. Garofalakis
2025ORTHRUS: Achieving High Quality of Attribution in Provenance-based Intrusion Detection Systems.
Baoxiang Jiang, Tristan Bilot, Nour El Madhoun, Khaldoun Al Agha, Anis Zouaoui, Shahrear Iqbal, Xueyuan Han, Thomas Pasquier
2025Oblivious Digital Tokens.
Mihael Liskij, Xuhua Ding, Gene Tsudik, David A. Basin
2025On the Atomicity and Efficiency of Blockchain Payment Channels.
Di Wu, Shoupeng Ren, Yuman Bai, Lipeng He, Jian Liu, Wu Wen, Kui Ren, Chun Chen
2025On the Proactive Generation of Unsafe Images From Text-To-Image Models Using Benign Prompts.
Yixin Wu, Ning Yu, Michael Backes, Yun Shen, Yang Zhang
2025On the Virtues of Information Security in the UK Climate Movement.
Mikaela Brough, Rikke Bjerg Jensen, Martin R. Albrecht
2025OneTouch: Effortless 2FA Scheme to Secure Fingerprint Authentication with Wearable OTP Token.
Yihui Yan, Zhice Yang
2025Onions Got Puzzled: On the Challenges of Mitigating Denial-of-Service Problems in Tor Onion Services.
Jinseo Lee, Hobin Kim, Min Suk Kang
2025OwlC: Compiling Security Protocols to Verified, Secure, High-Performance Libraries.
Pratap Singh, Joshua Gancher, Bryan Parno
2025PAPILLON: Efficient and Stealthy Fuzz Testing-Powered Jailbreaks for LLMs.
Xueluan Gong, Mingzhe Li, Yilin Zhang, Fengyuan Ran, Chen Chen, Yanjiao Chen, Qian Wang, Kwok-Yan Lam
2025PATCHAGENT: A Practical Program Repair Agent Mimicking Human Expertise.
Zheng Yu, Ziyi Guo, Yuhang Wu, Jiahao Yu, Meng Xu, Dongliang Mu, Yan Chen, Xinyu Xing
2025PICACHV: Formally Verified Data Use Policy Enforcement for Secure Data Analytics.
Haobin Hiroki Chen, Hongbo Chen, Mingshen Sun, Chenghong Wang, Xiaofeng Wang
2025POPS: From History to Mitigation of DNS Cache Poisoning Attacks.
Yehuda Afek, Harel Berger, Anat Bremler-Barr
2025PRSA: Prompt Stealing Attacks against Real-World Prompt Services.
Yong Yang, Changjiang Li, Qingming Li, Oubo Ma, Haoyu Wang, Zonghui Wang, Yandong Gao, Wenzhi Chen, Shouling Ji
2025Parallelizing Universal Atomic Swaps for Multi-Chain Cryptocurrency Exchanges.
Danlei Xiao, Chuan Zhang, Haotian Deng, Jinwen Liang, Licheng Wang, Liehuang Zhu
2025Password Guessing Using Large Language Models.
Yunkai Zou, Maoxiang An, Ding Wang
2025Patching Up: Stakeholder Experiences of Security Updates for Connected Medical Devices.
Lorenz Kustosch, Carlos Gañán, Michel van Eeten, Simon Parkin
2025Persistent Backdoor Attacks in Continual Learning.
Zhen Guo, Abhinav Kumar, Reza Tourani
2025Phantom Trails: Practical Pre-Silicon Discovery of Transient Data Leaks.
Alvise de Faveri Tron, Raphael Isemann, Hany Ragab, Cristiano Giuffrida, Klaus von Gleissenthall, Herbert Bos
2025Phantom: Privacy-Preserving Deep Neural Network Model Obfuscation in Heterogeneous TEE and GPU System.
Juyang Bai, Md Hafizul Islam Chowdhuryy, Jingtao Li, Fan Yao, Chaitali Chakrabarti, Deliang Fan
2025Phishing Attacks against Password Manager Browser Extensions.
Claudio Anliker, Daniele Lain, Srdjan Capkun
2025Pig in a Poke: Automatically Detecting and Exploiting Link Following Vulnerabilities in Windows File Operations.
Bocheng Xiang, Yuan Zhang, Fengyu Liu, Hao Huang, Zihan Lin, Min Yang
2025Place Protections at the Right Place: Targeted Hardening for Cryptographic Code against Spectre v1.
Yiming Zhu, Wenchao Huang, Yan Xiong
2025PoiSAFL: Scalable Poisoning Attack Framework to Byzantine-resilient Semi-asynchronous Federated Learning.
Xiaoyi Pang, Chenxu Zhao, Zhibo Wang, Jiahui Hu, Yinggui Wang, Lei Wang, Tao Wei, Kui Ren, Chun Chen
2025PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Models.
Wei Zou, Runpeng Geng, Binghui Wang, Jinyuan Jia
2025PolySys: an Algebraic Leakage Attack Engine.
Zachary Espiritu, Seny Kamara, Tarik Moataz, Andrew Park
2025Posthammer: Pervasive Browser-based Rowhammer Attacks with Postponed Refresh Commands.
Finn de Ridder, Patrick Jattke, Kaveh Razavi
2025Practical Keyword Private Information Retrieval from Key-to-Index Mappings.
Meng Hao, Weiran Liu, Liqiang Peng, Cong Zhang, Pengfei Wu, Lei Zhang, Hongwei Li, Robert H. Deng
2025Practical Mempool Privacy via One-time Setup Batched Threshold Encryption.
Arka Rai Choudhuri, Sanjam Garg, Guru-Vamsi Policharla, Mingyuan Wang
2025Practically Secure Honey Password Vaults: New Design and New Evaluation against Online Guessing.
Haibo Cheng, Fugeng Huang, Jiahong Yang, Wenting Li, Ping Wang
2025Precise and Effective Gadget Chain Mining through Deserialization Guided Call Graph Construction.
Yiheng Zhang, Ming Wen, Shunjie Liu, Dongjie He, Hai Jin
2025Predictive Response Optimization: Using Reinforcement Learning to Fight Online Social Network Abuse.
Garrett Wilson, Geoffrey Goh, Yan Jiang, Ajay Gupta, Jiaxuan Wang, David Freeman, Francesco Dinuzzo
2025Pretender: Universal Active Defense against Diffusion Finetuning Attacks.
Zekun Sun, Zijian Liu, Shouling Ji, Chenhao Lin, Na Ruan
2025Preventing Artificially Inflated SMS Attacks through Large-Scale Traffic Inspection.
Jun Ho Huh, Hyejin Shin, Sunwoo Ahn, Hayoon Yi, Joonho Cho, Taewoo Kim, Minchae Lim, Nu-El Choi
2025Principled and Automated Approach for Investigating AR/VR Attacks.
Muhammad Shoaib, Alex Suh, Wajih Ul Hassan
2025PrivaCI in VR: Exploring Perceptions and Acceptability of Data Sharing in Virtual Reality Through Contextual Integrity.
Emiram Kablo, Melina Kleber, Patricia Arias Cabarcos
2025Privacy Audit as Bits Transmission: (Im)possibilities for Audit by One Run.
Zihang Xiang, Tianhao Wang, Di Wang
2025Privacy Law Enforcement Under Centralized Governance: A Qualitative Analysis of Four Years' Special Privacy Rectification Campaigns.
Tao Jing, Yao Li, Jingzhou Ye, Jie Wang, Xueqiang Wang
2025Privacy Solution or Menace? Investigating Perceptions of Radio-Frequency Sensing.
Maximiliane Windl, Omer Akgul, Nathan Malkin, Lorrie Faith Cranor
2025PrivacyXray: Detecting Privacy Breaches in LLMs through Semantic Consistency and Probability Certainty.
Jinwen He, Yiyang Lu, Zijin Lin, Kai Chen, Yue Zhao
2025Private Investigator: Extracting Personally Identifiable Information from Large Language Models Using Optimized Prompts.
Seongho Keum, Dongwon Shin, Leo Marchyok, Sanghyun Hong, Sooel Son
2025Private Set Intersection and other Set Operations in the Third Party Setting.
Foo Yee Yeo, Jason H. M. Ying
2025Prompt Obfuscation for Large Language Models.
David Pape, Sina Mavali, Thorsten Eisenhofer, Lea Schönherr
2025Provably Robust Multi-bit Watermarking for AI-generated Text.
Wenjie Qu, Wengrui Zheng, Tianyang Tao, Dong Yin, Yanze Jiang, Zhihua Tian, Wei Zou, Jinyuan Jia, Jiaheng Zhang
2025Qelect: Lattice-based Single Secret Leader Election Made Practical.
Yunhao Wang, Fan Zhang
2025REVDECODE: Enhancing Binary Function Matching with Context-Aware Graph Representations and Relevance Decoding.
Tongwei Ren, Ronghan Che, Guin Gilman, Lorenzo De Carli, Robert J. Walls
2025RangeSanitizer: Detecting Memory Errors with Efficient Range Checks.
Floris Gorter, Cristiano Giuffrida
2025Recover from Excessive Faults in Partially-Synchronous BFT SMR.
Tiantian Gong, Gustavo Franco Camilo, Kartik Nayak, Andrew Lewis-Pye, Aniket Kate
2025Rectifying Privacy and Efficacy Measurements in Machine Unlearning: A New Inference Attack Perspective.
Nima Naderloui, Shenao Yan, Binghui Wang, Jie Fu, Wendy Hui Wang, Weiran Liu, Yuan Hong
2025Red Bleed: A Pragmatic Near-Infrared Presentation Attack on Facial Biometric Authentication Systems.
Bowen Hu, Kuo Wang, Chip-Hong Chang
2025Refiner: Data Refining against Gradient Leakage Attacks in Federated Learning.
Mingyuan Fan, Cen Chen, Chengyu Wang, Xiaodan Li, Wenmeng Zhou
2025Refusal Is Not an Option: Unlearning Safety Alignment of Large Language Models.
Minkyoo Song, Hanna Kim, Jaehan Kim, Seungwon Shin, Sooel Son
2025Regulating Smart Device Support Periods: User Expectations and the European Cyber Resilience Act.
Lorenz Kustosch, Carlos Gañán, Mattis van 't Schip, Michel van Eeten, Simon Parkin
2025Relocate-Vote: Using Sparsity Information to Exploit Ciphertext Side-Channels.
Yuqin Yan, Wei Huang, Ilya Grishchenko, Gururaj Saileshwar, Aastha Mehta, David Lie
2025Revisiting Training-Inference Trigger Intensity in Backdoor Attacks.
Chenhao Lin, Chenyang Zhao, Shiwei Wang, Longtian Wang, Chao Shen, Zhengyu Zhao
2025Robust, Efficient, and Widely Available Greybox Fuzzing for COTS Binaries with System Call Pattern Feedback.
Jifan Xiao, Peng Jiang, Zixi Zhao, Ruizhe Huang, Junlin Liu, Ding Li
2025Robustifying ML-powered Network Classifiers with PANTS.
Minhao Jin, Maria Apostolaki
2025RollingEvidence: Autoregressive Video Evidence via Rolling Shutter Effect.
Feng Qian, Lingfeng Zhang, Tao Luo, Shiqi Xu, Zhijun Yu, Wei Wang
2025Rowhammer-Based Trojan Injection: One Bit Flip Is Sufficient for Backdooring DNNs.
Xiang Li, Ying Meng, Junming Chen, Lannan Luo, Qiang Zeng
2025S/MINE: Collecting and Analyzing S/MIME Certificates at Scale.
Gurur Öndarö, Jonas Kaspereit, Samson Umezulike, Christoph Saatjohann, Fabian Ising, Sebastian Schinzel
2025SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution.
Daniel Weber, Lukas Gerlach, Leon Trampert, Youheng Lü, Jo Van Bulck, Michael Schwarz
2025SEAF: Secure Evaluation on Activation Functions with Dynamic Precision for Secure Two-Party Inference.
Hao Guo, Zhaoqian Liu, Ximing Fu, Zhusen Liu
2025SLOTHE : Lazy Approximation of Non-Arithmetic Neural Network Functions over Encrypted Data.
Kevin Nam, Youyeon Joo, Seungjin Ha, Yunheung Paek
2025SNI5GECT: A Practical Approach to Inject aNRchy into 5G NR.
Shijie Luo, Matheus E. Garbelini, Sudipta Chattopadhyay, Jianying Zhou
2025SOFT: Selective Data Obfuscation for Protecting LLM Fine-tuning against Membership Inference Attacks.
Kaiyuan Zhang, Siyuan Cheng, Hanxi Guo, Yuetian Chen, Zian Su, Shengwei An, Yuntao Du, Charles Fleming, Ashish Kundu, Xiangyu Zhang, Ninghui Li
2025STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets.
Sven Hebrok, Tim Leonhard Storm, Felix Matthias Cramer, Maximilian Radoy, Juraj Somorovsky
2025SafeSpeech: Robust and Universal Voice Protection Against Malicious Speech Synthesis.
Zhisheng Zhang, Derui Wang, Qianyi Yang, Pengyang Huang, Junhan Pu, Yuxin Cao, Kai Ye, Jie Hao, Yixian Yang
2025Save what must be saved: Secure context switching with Sailor.
Neelu S. Kalani, Thomas Bourgeat, Guerney D. H. Hunt, Wojciech Ozga
2025Scalable Collaborative zk-SNARK and Its Application to Fully Distributed Proof Delegation.
Xuanming Liu, Zhelei Zhou, Yinghao Wang, Yanxin Pang, Jinye He, Bingsheng Zhang, Xiaohu Yang, Jiaheng Zhang
2025Scanned and Scammed: Insecurity by ObsQRity? Measuring User Susceptibility and Awareness of QR Code-Based Attacks.
Marvin Kowalewski, Leona Lassak, Markus Dürmuth, Theodor Schnitzler
2025Scoop: Mitigation of Recapture Attacks on Provenance-Based Media Authentication.
Yuxin (Myles) Liu, Habiba Farrukh, Ardalan Amiri Sani, Sharad Agarwal, Gene Tsudik
2025Secure Caches for Compartmentalized Software.
Kerem Arikan, Huaxin Tang, Williams Zhang Cen, Yu David Liu, Nael B. Abu-Ghazaleh, Dmitry Ponomarev
2025Secure Information Embedding in Forensic 3D Fingerprinting.
Canran Wang, Jinwen Wang, Mi Zhou, Vinh Pham, Senyue Hao, Chao Zhou, Ning Zhang, Netanel Raviv
2025Security Implications of Malicious G-Codes in 3D Printing.
Jost Rossel, Vladislav Mladenov, Nico Wördenweber, Juraj Somorovsky
2025Security and Privacy Advice for UPI Users in India.
Deepthi Mungara, Harshini Sri Ramulu, Yasemin Acar
2025Seeing Through: Analyzing and Attacking Virtual Backgrounds in Video Calls.
Felix Weissberg, Jan Malte Hilgefort, Steve Grogorick, Daniel Arp, Thorsten Eisenhofer, Martin Eisemann, Konrad Rieck
2025Self-interpreting Adversarial Images.
Tingwei Zhang, Collin Zhang, John X. Morris, Eugene Bagdasarian, Vitaly Shmatikov
2025SelfDefend: LLMs Can Defend Themselves against Jailbreaking in a Practical Manner.
Xunguang Wang, Daoyuan Wu, Zhenlan Ji, Zongjie Li, Pingchuan Ma, Shuai Wang, Yingjiu Li, Yang Liu, Ning Liu, Juergen Rahmel
2025Serverless Functions Made Confidential and Efficient with Split Containers.
Jiacheng Shi, Jinyu Gu, Yubin Xia, Haibo Chen
2025Shadowed Realities: An Investigation of UI Attacks in WebXR.
Chandrika Mukherjee, Reham Mohamed, Arjun Arunasalam, Habiba Farrukh, Z. Berkay Celik
2025Shadows in Cipher Spaces: Exploiting Tweak Repetition in Hardware Memory Encryption.
Wei Peng, Yinshuai Li, Yinqian Zhang
2025Sharpness-Aware Initialization: Improving Differentially Private Machine Learning from First Principles.
Zihao Wang, Rui Zhu, Dongruo Zhou, Zhikun Zhang, Xiaofeng Wang, Haixu Tang
2025Shechi: A Secure Distributed Computation Compiler Based on Multiparty Homomorphic Encryption.
Haris Smajlovic, David Froelicher, Ariya Shajii, Bonnie Berger, Hyunghoon Cho, Ibrahim Numanagic
2025Shimmer: a Provably Secure Steganography Based on Entropy Collecting Mechanism.
Minhao Bai, Kaiyi Pang, Guorui Liao, Jinshuai Yang, Yongfeng Huang
2025SoK: A Security Architect's View of Printed Circuit Board Attacks.
Jacob Harrison, Nathan Jessurun, Mark Tehranipoor
2025SoK: An Introspective Analysis of RPKI Security.
Donika Mirdita, Haya Schulmann, Michael Waidner
2025SoK: Automated TTP Extraction from CTI Reports - Are We There Yet?
Marvin Büchel, Tommaso Paladini, Stefano Longari, Michele Carminati, Stefano Zanero, Hodaya Binyamini, Gal Engelberg, Dan Klein, Giancarlo Guizzardi, Marco Caselli, Andrea Continella, Maarten van Steen, Andreas Peter, Thijs van Ede
2025SoK: Automated Vulnerability Repair: Methods, Tools, and Assessments.
Yiwei Hu, Zhen Li, Kedie Shu, Shenghua Guan, Deqing Zou, Shouhuai Xu, Bin Yuan, Hai Jin
2025SoK: Can Synthetic Images Replace Real Data? A Survey of Utility and Privacy of Synthetic Image Generation.
Yunsung Chung, Yunbei Zhang, Nassir Marrouche, Jihun Hamm
2025SoK: Come Together - Unifying Security, Information Theory, and Cognition for a Mixed Reality Deception Attack Ontology & Analysis Framework.
Ali Teymourian, Andrew M. Webb, Taha Gharaibeh, Arushi Ghildiyal, Ibrahim Baggili
2025SoK: Data Reconstruction Attacks Against Machine Learning Models: Definition, Metrics, and Benchmark.
Rui Wen, Yiyong Liu, Michael Backes, Yang Zhang
2025SoK: Efficiency Robustness of Dynamic Deep Learning Systems.
Ravishka Rathnasuriya, Tingxi Li, Zexin Xu, Zihe Song, Mirazul Haque, Simin Chen, Wei Yang
2025SoK: Gradient Inversion Attacks in Federated Learning.
Vincenzo Carletti, Pasquale Foggia, Carlo Mazzocca, Giuseppe Parrella, Mario Vento
2025SoK: Inaccessible & Insecure: An Exposition of Authentication Challenges Faced by Blind and Visually Impaired Users in State-of-the-Art Academic Proposals.
Md Mojibur Rahman Redoy Akanda, Amanda Lacy, Nitesh Saxena
2025SoK: Machine Learning for Misinformation Detection.
Madelyne Xiao, Jonathan R. Mayer
2025SoK: On Gradient Leakage in Federated Learning.
Jiacheng Du, Jiahui Hu, Zhibo Wang, Peng Sun, Neil Gong, Kui Ren, Chun Chen
2025SoK: So, You Think You Know All About Secure Randomized Caches?
Anubhav Bhatla, Hari Rohit Bhavsar, Sayandeep Saha, Biswabandan Panda
2025SoK: Towards Effective Automated Vulnerability Repair.
Ying Li, Faysal Hossain Shezan, Bomin Wei, Gang Wang, Yuan Tian
2025SoK: Towards a Unified Approach to Applied Replicability for Computer Security.
Daniel Olszewski, Tyler Tucker, Kevin R. B. Butler, Patrick Traynor
2025SoK: Understanding zk-SNARKs: The Gap Between Research and Practice.
Junkai Liang, Daqi Hu, Pengfei Wu, Yunbo Yang, Qingni Shen, Zhonghai Wu
2025Software Availability Protection in Cyber-Physical Systems.
Ao Li, Jinwen Wang, Ning Zhang
2025Sometimes Simpler is Better: A Comprehensive Analysis of State-of-the-Art Provenance-Based Intrusion Detection Systems.
Tristan Bilot, Baoxiang Jiang, Zefeng Li, Nour El Madhoun, Khaldoun Al Agha, Anis Zouaoui, Thomas Pasquier
2025Sound and Efficient Generation of Data-Oriented Exploits via Programming Language Synthesis.
Yuxi Ling, Gokul Rajiv, Kiran Gopinathan, Ilya Sergey
2025Sound of Interference: Electromagnetic Eavesdropping Attack on Digital Microphones Using Pulse Density Modulation.
Arifu Onishi, S. Hrushikesh Bhupathiraju, Rishikesh Bhatt, Sara Rampazzi, Takeshi Sugawara
2025SparSamp: Efficient Provably Secure Steganography Based on Sparse Sampling.
Yaofei Wang, Gang Pei, Kejiang Chen, Jinyang Ding, Chao Pan, Weilong Pang, Donghui Hu, Weiming Zhang
2025SpeechGuard: Recoverable and Customizable Speech Privacy Protection.
Jingmiao Zhang, Suyuan Liu, Jiahui Hou, Zhiqiang Wang, Haikuo Yu, Xiang-Yang Li
2025Stack Overflow Meets Replication: Security Research Amid Evolving Code Snippets.
Alfusainey Jallow, Sven Bugiel
2025StruQ: Defending Against Prompt Injection with Structured Queries.
Sizhe Chen, Julien Piet, Chawin Sitawarin, David A. Wagner
2025Subverting the Secure VM by Exploiting PCIe Devices.
Cheolwoo Myung, Sangho Lee, Byoungyoung Lee
2025Suda: An Efficient and Secure Unbalanced Data Alignment Framework for Vertical Privacy-Preserving Machine Learning.
Lushan Song, Qizhi Zhang, Yu Lin, Haoyu Niu, Daode Zhang, Zheng Qu, Weili Han, Jue Hong, Quanwei Cai, Ye Wu
2025Surviving in Dark Forest: Towards Evading the Attacks from Front-Running Bots in Application Layer.
Zuchao Ma, Muhui Jiang, Feng Luo, Xiapu Luo, Yajin Zhou
2025Synthesis of Code-Reuse Attacks from p-code Programs.
Mark DenHoed, Tom Melham
2025Synthetic Artifact Auditing: Tracing LLM-Generated Synthetic Data Usage in Downstream Applications.
Yixin Wu, Ziqing Yang, Yun Shen, Michael Backes, Yang Zhang
2025System Register Hijacking: Compromising Kernel Integrity By Turning System Registers Against the System.
Jennifer Miller, Manas Ghandat, Kyle Zeng, Hongkai Chen, Abdelouahab Benchikh, Tiffany Bao, Ruoyu Wang, Adam Doupé, Yan Shoshitaishvili
2025Systematic Evaluation of Randomized Cache Designs against Cache Occupancy.
Anirban Chakraborty, Nimish Mishra, Sayandeep Saha, Sarani Bhattacharya, Debdeep Mukhopadhyay
2025TAPAS: An Efficient Online APT Detection with Task-guided Process Provenance Graph Segmentation and Analysis.
Bo Zhang, Yansong Gao, Changlong Yu, Boyu Kuang, Zhi Zhang, Hyoungshick Kim, Anmin Fu
2025TDXploit: Novel Techniques for Single-Stepping and Cache Attacks on Intel TDX.
Fabian Rauscher, Luca Wilke, Hannes Weissteiner, Thomas Eisenbarth, Daniel Gruss
2025TEEcorrelate: An Information-Preserving Defense against Performance-Counter Attacks on TEEs.
Hannes Weissteiner, Fabian Rauscher, Robin Leander Schröder, Jonas Juffinger, Stefan Gast, Jan Wichelmann, Thomas Eisenbarth, Daniel Gruss
2025TETD: Trusted Execution in Trust Domains.
Zhanbo Wang, Jiaxin Zhan, Xuhua Ding, Fengwei Zhang, Ning Hu
2025THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models.
Yujin Huang, Zhi Zhang, Qingchuan Zhao, Xingliang Yuan, Chunyang Chen
2025TLBlur: Compiler-Assisted Automated Hardening against Controlled Channels on Off-the-Shelf Intel SGX Platforms.
Daan Vanoverloop, Andrés Sánchez, Flavio Toffalini, Frank Piessens, Mathias Payer, Jo Van Bulck
2025TORCHLIGHT: Shedding LIGHT on Real-World Attacks on Cloudless IoT Devices Concealed within the Tor Network.
Yumingzhi Pan, Zhen Ling, Yue Zhang, Hongze Wang, Guangchi Liu, Junzhou Luo, Xinwen Fu
2025TRex: Practical Type Reconstruction for Binary Code.
Jay Bosamiya, Maverick Woo, Bryan Parno
2025TYPEPULSE: Detecting Type Confusion Bugs in Rust Programs.
Hung-Mao Chen, Xu He, Shu Wang, Xiaokuan Zhang, Kun Sun
2025Tady: A Neural Disassembler without Structural Constraint Violations.
Siliang Qin, Fengrui Yang, Hao Wang, Bolun Zhang, Zeyu Gao, Chao Zhang, Kai Chen
2025TapTrap: Animation-Driven Tapjacking on Android.
Philipp Beer, Marco Squarcina, Sebastian Roth, Martina Lindorfer
2025Task-Oriented Training Data Privacy Protection for Cloud-based Model Training.
Zhiqiang Wang, Jiahui Hou, Haifeng Sun, Jingmiao Zhang, Yunhao Yao, Haikuo Yu, Xiang-Yang Li
2025The Conspiracy Money Machine: Uncovering Telegram's Conspiracy Channels and their Profit Model.
Vincenzo Imperati, Massimo La Morgia, Alessandro Mei, Alberto Maria Mongardini, Francesco Sassi
2025The Cost of Performance: Breaking ThreadX with Kernel Object Masquerading Attacks.
Xinhui Shao, Zhen Ling, Yue Zhang, Huaiyu Yan, Yumeng Wei, Lan Luo, Zixia Liu, Junzhou Luo, Xinwen Fu
2025The DOMino Effect: Detecting and Exploiting DOM Clobbering Gadgets via Concolic Execution with Symbolic DOM.
Zhengyu Liu, Theo Lee, Jianjia Yu, Zifeng Kang, Yinzhi Cao
2025The Doom of Device Drivers: Your Android Device (Most Likely) has N-Day Kernel Vulnerabilities.
Lukas Maar, Florian Draschbacher, Lorenz Schumm, Ernesto Martínez García, Stefan Mangard
2025The Ghost Navigator: Revisiting the Hidden Vulnerability of Localization in Autonomous Driving.
Junqi Zhang, Shaoyin Cheng, Linqing Hu, Jie Zhang, Chengyu Shi, Xingshuo Han, Tianwei Zhang, Yueqiang Cheng, Weiming Zhang
2025The Ransomware Decade: The Creation of a Fine-Grained Dataset and a Longitudinal Study.
Armin Sarabi, Ziyuan Huang, Chenlan Wang, Tai Karir, Mingyan Liu
2025The Silent Danger in HTTP: Identifying HTTP Desync Vulnerabilities with Gray-box Testing.
Keran Mu, Jianjun Chen, Jianwei Zhuge, Qi Li, Haixin Duan, Nick Feamster
2025Thunderdome: Timelock-Free Rationally-Secure Virtual Channels.
Zeta Avarikioti, Yuheng Wang, Yuyi Wang
2025TimeTravel: Real-time Timing Drift Attack on System Time Using Acoustic Waves.
Jianshuo Liu, Hong Li, Haining Wang, Mengjie Sun, Hui Wen, Jinfa Wang, Limin Sun
2025TockOwl: Asynchronous Consensus with Fault and Network Adaptability.
Minghang Li, Qianhong Wu, Zhipeng Wang, Bo Qin, Bohang Wei, Hang Ruan, Shihong Xiong, Zhenyang Ding
2025Too Much of a Good Thing: (In-)Security of Mandatory Security Software for Financial Services in South Korea.
Taisic Yun, Suhwan Jeong, Yonghwa Lee, Seungjoo Kim, Hyoungshick Kim, Insu Yun, Yongdae Kim
2025Topic-FlipRAG: Topic-Orientated Adversarial Opinion Manipulation Attacks to Retrieval-Augmented Generation Models.
Yuyang Gong, Zhuo Chen, Jiawei Liu, Miaokun Chen, Fengchang Yu, Wei Lu, Xiaofeng Wang, Xiaozhong Liu
2025Towards Automatic Detection and Exploitation of Java Web Application Vulnerabilities via Concolic Execution guided by Cross-thread Object Manipulation.
Xinyou Huang, Lei Zhang, Yongheng Liu, Peng Deng, Yinzhi Cao, Yuan Zhang, Min Yang
2025Towards Internet-Based State Learning of TLS State Machines.
Marcel Maehren, Nurullah Erinola, Robert Merget, Jörg Schwenk, Juraj Somorovsky
2025Towards Label-Only Membership Inference Attack against Pre-trained Large Language Models.
Yu He, Boheng Li, Liu Liu, Zhongjie Ba, Wei Dong, Yiming Li, Zhan Qin, Kui Ren, Chun Chen
2025Towards Lifecycle Unlearning Commitment Management: Measuring Sample-level Unlearning Completeness.
Cheng-Long Wang, Qi Li, Zihang Xiang, Yinzhi Cao, Di Wang
2025Towards Practical, End-to-End Formally Verified X.509 Certificate Validators with Verdict.
Zhengyao Lin, Michael McLoughlin, Pratap Singh, Rory Brennan-Jones, Paul Hitchcox, Joshua Gancher, Bryan Parno
2025Towards Understanding and Enhancing Security of Proof-of-Training for DNN Model Ownership Verification.
Yijia Chang, Hanrui Jiang, Chao Lin, Xinyi Huang, Jian Weng
2025Towards a Re-evaluation of Data Forging Attacks in Practice.
Mohamed Suliman, Anisa Halimi, Swanand Ravindra Kadhe, Nathalie Baracaldo, Douglas J. Leith
2025TracLLM: A Generic Framework for Attributing Long Context LLMs.
Yanting Wang, Wei Zou, Runpeng Geng, Jinyuan Jia
2025Tracking You from a Thousand Miles Away! Turning a Bluetooth Device into an Apple AirTag Without Root Privileges.
Junming Chen, Xiaoyue Ma, Lannan Luo, Qiang Zeng
2025Tracking the Takes and Trajectories of English-Language News Narratives across Trustworthy and Worrisome Websites.
Hans W. A. Hanley, Emily Okabe, Zakir Durumeric
2025Transparent Attested DNS for Confidential Computing Services.
Antoine Delignat-Lavaud, Cédric Fournet, Kapil Vaswani, Manuel Costa, Sylvan Clebsch, Christoph M. Wintersteiger
2025Treebeard: A Scalable and Fault Tolerant ORAM Datastore.
Amin Setayesh, Cheran Mahalingam, Emily Chen, Sujaya Maiyya
2025Trust but Verify: An Assessment of Vulnerability Tagging Services.
Szu-Chun Huang, Harm Griffioen, Max van der Horst, Georgios Smaragdakis, Michel van Eeten, Yury Zhauniarovich
2025TwinBreak: Jailbreaking LLM Security Alignments based on Twin Prompts.
Torsten Krauß, Hamid Dashtbani, Alexandra Dmitrienko
2025URL Inspection Tasks: Helping Users Detect Phishing Links in Emails.
Daniele Lain, Yoshimichi Nakatsuka, Kari Kostiainen, Gene Tsudik, Srdjan Capkun
2025USD: NSFW Content Detection for Text-to-Image Models via Scene Graph.
Yuyang Zhang, Kangjie Chen, Xudong Jiang, Jiahui Wen, Yihui Jin, Ziyou Liang, Yihao Huang, Run Wang, Lina Wang
2025Understanding How Users Prepare for and React to Smartphone Theft.
Divyanshu Bhardwaj, Sumair Ijaz Hashmi, Katharina Krombholz, Maximilian Golla
2025Universal Cross-app Attacks: Exploiting and Securing OAuth 2.0 in Integration Platforms.
Kaixuan Luo, Xianbo Wang, Adonis P. H. Fung, Wing Cheong Lau, Julien Lecomte
2025Unlocking the Power of Differentially Private Zeroth-order Optimization for Fine-tuning LLMs.
Ergute Bao, Yangfan Jiang, Fei Wei, Xiaokui Xiao, Zitao Li, Yaliang Li, Bolin Ding
2025Unsafe LLM-Based Search: Quantitative Analysis and Mitigation of Safety Risks in AI Web Search.
Zeren Luo, Zifan Peng, Yule Liu, Zhen Sun, Mingchen Li, Jingyi Zheng, Xinlei He
2025V-ORAM: A Versatile and Adaptive ORAM Framework with Service Transformation for Dynamic Workloads.
Bo Zhang, Helei Cui, Xingliang Yuan, Zhiwen Yu, Bin Guo
2025VAPD: An Anomaly Detection Model for PDF Malware Forensics with Adversarial Robustness.
Side Liu, Jiang Ming, Yilin Zhou, Jianming Fu, Guojun Peng
2025VULCANBOOST: Boosting ReDoS Fixes through Symbolic Representation and Feature Normalization.
Yeting Li, Yecheng Sun, Zhiwu Xu, Haiming Chen, Xinyi Wang, Hengyu Yang, Huina Chao, Cen Zhang, Yang Xiao, Yanyan Zou, Feng Li, Wei Huo
2025Vest: Verified, Secure, High-Performance Parsing and Serialization for Rust.
Yi Cai, Pratap Singh, Zhengyao Lin, Jay Bosamiya, Joshua Gancher, Milijana Surbatovich, Bryan Parno
2025VoiceWukong: Benchmarking Deepfake Voice Detection.
Ziwei Yan, Yanjie Zhao, Haoyu Wang
2025Voluntary Investment, Mandatory Minimums, or Cyber Insurance: What Minimizes Losses?
Adam Hastings, Simha Sethumadhavan
2025Voting-Bloc Entropy: A New Metric for DAO Decentralization.
Andrés Fábrega, Amy Zhao, Jay Yu, James Austgen, Sarah Allen, Kushal Babel, Mahimna Kelkar, Ari Juels
2025Vulnerability of Text-Matching in ML/AI Conference Reviewer Assignments to Collusions.
Jhih-Yi Hsieh, Aditi Raghunathan, Nihar B. Shah
2025Waltzz: WebAssembly Runtime Fuzzing with Stack-Invariant Transformation.
Lingming Zhang, Binbin Zhao, Jiacheng Xu, Peiyu Liu, Qinge Xie, Yuan Tian, Jianhai Chen, Shouling Ji
2025Watch Out Your TV Box: Reversing and Blocking a P2P-based Illegal Streaming Ecosystem.
Jungun Ahn, Sueun Jung, Seungwan Yoo, Jungheum Park, Sangjin Lee
2025Watch the Watchers! On the Security Risks of Robustness-Enhancing Diffusion Models.
Changjiang Li, Ren Pang, Bochuan Cao, Jinghui Chen, Fenglong Ma, Shouling Ji, Ting Wang
2025We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs.
Joseph Spracklen, Raveen Wijewickrama, A. H. M. Nazmus Sakib, Anindya Maiti, Bimal Viswanath, Murtuza Jadliwala
2025Web Execution Bundles: Reproducible, Accurate, and Archivable Web Measurements.
Florian Hantke, Peter Snyder, Hamed Haddadi, Ben Stock
2025Websites' Global Privacy Control Compliance at Scale and over Time.
Katherine Hausladen, Oliver Wang, Sophie Eng, Jocelyn Wang, Francisca Wijaya, Matthew May, Sebastian Zimmeck
2025When Good Kernel Defenses Go Bad: Reliable and Stable Kernel Exploits via Defense-Amplified TLB Side-Channel Leaks.
Lukas Maar, Lukas Giner, Daniel Gruss, Stefan Mangard
2025When LLMs Go Online: The Emerging Threat of Web-Enabled LLMs.
Hanna Kim, Minkyoo Song, Seung Ho Na, Seungwon Shin, Kimin Lee
2025When Translators Refuse to Translate: A Novel Attack to Speech Translation Systems.
Haolin Wu, Chang Liu, Jing Chen, Ruiying Du, Kun He, Yu Zhang, Cong Wu, Tianwei Zhang, Qing Guo, Jie Zhang
2025Whispering Under the Eaves: Protecting User Privacy Against Commercial and LLM-powered Automatic Speech Recognition Systems.
Weifei Jin, Yuxin Cao, Junjie Su, Derui Wang, Yedi Zhang, Minhui Xue, Jie Hao, Jin Song Dong, Yixian Yang
2025Who Pays Whom? Anonymous EMV-Compliant Contactless Payments.
Charles Olivier-Anclin, Ioana Boureanu, Liqun Chen, Christopher J. P. Newton, Tom Chothia, Anna Clee, Andreas Kokkinis, Pascal Lafourcade
2025X.509DoS: Exploiting and Detecting Denial-of-Service Vulnerabilities in Cryptographic Libraries using Crafted X.509 Certificates.
Bing Shi, Wenchao Li, Yuchen Wang, Xiaolong Bai, Luyi Xing
2025XSSky: Detecting XSS Vulnerabilities through Local Path-Persistent Fuzzing.
Youkun Shi, Yuan Zhang, Tianhao Bai, Feng Xue, Jiarun Dai, Fengyu Liu, Lei Zhang, Xiapu Luo, Min Yang
2025Your Shield is My Sword: A Persistent Denial-of-Service Attack via the Reuse of Unvalidated Caches in DNSSEC Validation.
Shuhan Zhang, Shuai Wang, Li Chen, Dan Li, Baojun Liu
2025ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency.
Xinyi Wang, Yeting Li, Jie Lu, Shizhe Cui, Chenghang Shi, Qin Mai, Yunpei Zhang, Yang Xiao, Feng Li, Wei Huo
2025eSIMplicity or eSIMplification? Privacy and Security Risks in the eSIM Ecosystem.
Maryam Motallebighomi, Jason Veara, Evangelos Bitsikas, Aanjhan Ranganathan
2025zk-promises: Anonymous Moderation, Reputation, and Blocking from Anonymous Credentials with Callbacks.
Maurice Shih, Michael Rosenberg, Hari Kailad, Ian Miers
2025zkGPT: An Efficient Non-interactive Zero-knowledge Proof Framework for LLM Inference.
Wenjie Qu, Yijun Sun, Xuanming Liu, Tao Lu, Yanpei Guo, Kai Chen, Jiaheng Zhang