Table of Contents

• PhishReplicant: A Language Model-based Approach to Detect Generated Squatting Domain NamesTakashi Koide, Naoki Fukushi, Hiroki Nakano, Daiki Chiba 0001. 1-13 [doi]
• From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!Giada Stivala, Sahar Abdelnabi, Andrea Mengascini, Mariano Graziano, Mario Fritz, Giancarlo Pellegrino. 14-28 [doi]
• Scamdog Millionaire: Detecting E-commerce Scams in the WildPlaton Kotzias, Kevin Roundy, Michalis Pachilakis, Iskander Sánchez-Rola, Leyla Bilge. 29-43 [doi]
• When Push Comes to Shove: Empirical Analysis of Web Push Implementations in the WildAlberto Carboneri, Mohammad Ghasemisharif, Soroush Karami, Jason Polakis. 44-55 [doi]
• Triereme: Speeding up hybrid fuzzing through efficient query schedulingElia Geretto, Julius Hohnerlein, Cristiano Giuffrida, Herbert Bos, Erik van der Kouwe, Klaus von Gleissenthall. 56-70 [doi]
• On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPIPiergiorgio Ladisa, Serena Elisa Ponta, Nicola Ronzoni, Matias Martinez, Olivier Barais. 71-82 [doi]
• Artemis: Defanging Software Supply Chain Attacks in Multi-repository Update SystemsMarina Moore, Trishank Karthik Kuppusamy, Justin Cappos. 83-97 [doi]
• ANDetect: A Third-party Ad Network Libraries Detection Framework for Android ApplicationsXinyu Liu, Ze Jin, Jiaxi Liu, Wei Liu, Xiaoxi Wang, Qixu Liu. 98-112 [doi]
• Delegation of TLS Authentication to CDNs using Revocable Delegated CredentialsDaegeun Yoon, Taejoong Chung, Yongdae Kim. 113-123 [doi]
• Domain and Website Attribution beyond WHOISSilvia Sebastián, Raluca-Georgia Diugan, Juan Caballero, Iskander Sánchez-Rola, Leyla Bilge. 124-137 [doi]
• FS3: Few-Shot and Self-Supervised Framework for Efficient Intrusion Detection in Internet of Things NetworksAyesha S. Dina, A. B. Siddique, D. Manivannan 0001. 138-149 [doi]
• An Empirical Analysis of Enterprise-Wide Mandatory Password UpdatesAriana Mirian, Grant Ho, Stefan Savage, Geoffrey M. Voelker. 150-162 [doi]
• SealClub: Computer-aided Paper Document AuthenticationMartín Ochoa, Hernán Vanegas, Jorge Toro-Pozo, David Basin. 163-177 [doi]
• Lightweight Privacy-Preserving Proximity Discovery for Remotely-Controlled DronesPietro Tedeschi, Savio Sciancalepore, Roberto Di Pietro. 178-189 [doi]
• Unleashing IoT Security: Assessing the Effectiveness of Best Practices in Protecting Against ThreatsPhilipp Pütz, Richard Mitev, Markus Miettinen, Ahmad-Reza Sadeghi. 190-204 [doi]
• A Tagging Solution to Discover IoT Devices in ApartmentsBerkay Kaplan, Israel J. Lopez-Toledo, Carl A. Gunter, Jingyu Qian. 205-215 [doi]
• Hades: Practical Decentralized Identity with Full Accountability and Fine-grained Sybil-resistanceKe Wang, Jianbo Gao, Qiao Wang, Jiashuo Zhang, Yue Li, Zhi Guan, Zhong Chen 0001. 216-228 [doi]
• Log2Policy: An Approach to Generate Fine-Grained Access Control Rules for Microservices from ScratchShaowen Xu, Qihang Zhou, Heqing Huang, Xiaoqi Jia, Haichao Du, Yang Chen, Yamin Xie. 229-240 [doi]
• The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics PlatformsFahad Shaon, Sazzadur Rahaman, Murat Kantarcioglu. 241-255 [doi]
• OAuth 2.0 Redirect URI Validation Falls Short, LiterallyTommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Seyed Ali Mirheidari, Bruno Crispo, Engin Kirda. 256-267 [doi]
• Secure and Lightweight Over-the-Air Software Update Distribution for Connected VehiclesChristian Plappert, Andreas Fuchs 0002. 268-282 [doi]
• Secure and Lightweight ECU Attestations for Resilient Over-the-Air Updates in Connected VehiclesChristian Plappert, Andreas Fuchs 0002. 283-297 [doi]
• Detection of Anomalies in Electric Vehicle Charging SessionsDustin Kern, Christoph Krauß, Matthias Hollick. 298-309 [doi]
• SePanner: Analyzing Semantics of Controller Variables in Industrial Control Systems based on Network TrafficJie Meng, Zeyu Yang, Zhenyong Zhang, Yangyang Geng, Ruilong Deng, Peng Cheng, Jiming Chen 0001, Jianying Zhou. 310-323 [doi]
• FraudLens: Graph Structural Learning for Bitcoin Illicit Activity IdentificationJack Nicholls, Aditya Kuppa, Nhien-An Le-Khac. 324-336 [doi]
• Poisoning Network Flow ClassifiersGiorgio Severi, Simona Boboila, Alina Oprea, John T. Holodnak, Kendra Kratkiewicz, Jason Matterer. 337-351 [doi]
• TGC: Transaction Graph Contrast Network for Ethereum Phishing Scam DetectionSijia Li, Gaopeng Gou, Chang Liu, Gang Xiong 0001, Zhen Li, Junchao Xiao, Xinyu Xing. 352-365 [doi]
• Can Large Language Models Provide Security & Privacy Advice? Measuring the Ability of LLMs to Refute MisconceptionsYufan Chen, Arjun Arunasalam, Z. Berkay Celik. 366-378 [doi]
• DefWeb: Defending User Privacy against Cache-based Website Fingerprinting Attacks with Intelligent Noise InjectionSon Seonghun, Dipta Debopriya Roy, Gulmezoglu Berk. 379-393 [doi]
• Protecting Your Voice from Speech Synthesis AttacksZihao Liu, Yan Zhang, Chenglin Miao. 394-408 [doi]
• Continuous Authentication Using Human-Induced Electric PotentialSrinivasan Murali, Wenqiang Jin, Vighnesh Sivaraman, Huadi Zhu, Tianxi Ji, Pan Li 0001, Ming Li 0006. 409-423 [doi]
• Cross Body Signal Pairing (CBSP): A Key Generation Protocol for Pairing Wearable Devices with Cardiac and Respiratory SensorsJafar Pourbemany, Ye Zhu 0001. 424-438 [doi]
• The Day-After-Tomorrow: On the Performance of Radio Fingerprinting over TimeAlhazbi Saeif, Sciancalepore Savio, Oligeri Gabriele. 439-450 [doi]
• Enhanced In-air Signature Verification via Hand Skeleton Tracking to Defeat Robot-level ReplaysZeyu Deng, Long Huang, Chen Wang. 451-462 [doi]
• Secure Softmax/Sigmoid for Machine-learning ComputationYu Zheng 0021, Qizhi Zhang, Sherman S. M. Chow, Yuxiang Peng, Sijun Tan, Lichun Li, Shan Yin. 463-476 [doi]
• Link Membership Inference Attacks against Unsupervised Graph Representation LearningXiuling Wang, Wendy Hui Wang. 477-491 [doi]
• FLARE: Fingerprinting Deep Reinforcement Learning Agents using Universal Adversarial MasksBuse G. A. Tekgul, N. Asokan. 492-505 [doi]
• On the Detection of Image-Scaling Attacks in Machine LearningErwin Quiring, Andreas Müller, Konrad Rieck. 506-520 [doi]
• A First Look at Toxicity Injection Attacks on Open-domain ChatbotsConnor Weeks, Aravind Cheruvu, Sifat Muhammad Abdullah, Shravya Kanchi, Daphne Yao, Bimal Viswanath. 521-534 [doi]
• DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietary Dataset Use in Deep Neural NetworksSeonhye Park, Alsharif Abuadbba, Shuo Wang, Kristen Moore, Yansong Gao, Hyoungshick Kim, Surya Nepal. 535-549 [doi]
• Prioritizing Remediation of Enterprise Hosts by Malware Execution RiskAndrew Chi, Blake Anderson, Michael K. Reiter. 550-564 [doi]
• Global Analysis with Aggregation-based Beaconing Detection across Large Campus NetworksYizhe Zhang, Hongying Dong, Alastair Nottingham, Molly Buchanan, Donald E. Brown, Yixin Sun. 565-579 [doi]
• PSP-Mal: Evading Malware Detection via Prioritized Experience-based Reinforcement Learning with Shapley PriorDazhi Zhan, Wei Bai, Xin Liu, Yue Hu, Lei Zhang, Shize Guo, Zhisong Pan. 580-593 [doi]
• Binary Sight-Seeing: Accelerating Reverse Engineering via Point-of-Interest-BeaconsRichard August See, Maximilian Gehring, Mathias Fischer 0001, Shankar Karuppayah. 594-608 [doi]
• DeepContract: Controllable Authorization of Deep Learning ModelsXirong Zhuang, Lan Zhang, Chen Tang, Huiqi Liu, Bin Wang, Yan Zheng, Bo Ren 0002. 609-620 [doi]
• Secure MLaaS with Temper: Trusted and Efficient Model Partitioning and Enclave ReuseFabing Li, Xiang Li, Mingyu Gao. 621-635 [doi]
• ABFL: A Blockchain-enabled Robust Framework for Secure and Trustworthy Federated LearningBo Cui, Tianyu Mei. 636-646 [doi]
• FLEDGE: Ledger-based Federated Learning Resilient to Inference and Backdoor AttacksJorge Castillo, Phillip Rieger, Hossein Fereidooni, Qian Chen 0019, Ahmad Sadeghi. 647-661 [doi]
• DOPE: DOmain Protection Enforcement with PKSLukas Maar, Martin Schwarzl, Fabian Rauscher, Daniel Gruss, Stefan Mangard. 662-676 [doi]
• RandCompile: Removing Forensic Gadgets from the Linux Kernel to Combat its AnalysisFabian Franzen, Andreas Chris Wilhelmer, Jens Grossklags. 677-690 [doi]
• Attack of the Knights: Non Uniform Cache Side Channel AttackFarabi Mahmud, Sungkeun Kim, Harpreet Singh Chawla, Eun Jung Kim 0001, Chia-che Tsai, Abdullah Muzahid. 691-703 [doi]
• PAVUDI: Patch-based Vulnerability Discovery using Machine LearningTom Ganz, Erik Imgrund, Martin Härterich, Konrad Rieck. 704-717 [doi]
• Remote Attestation with Constrained DisclosureMichael Eckel, Dominik Roy George, Björn Grohmann, Christoph Krauß. 718-731 [doi]
• Remote attestation of confidential VMs using ephemeral vTPMsVikram Narayanan, Cláudio Carvalho, Angelo Ruocco, Gheorghe Almási, James Bottomley, Mengmei Ye, Tobin Feldman-Fitzthum, Daniele Buono, Hubertus Franke, Anton Burtsev. 732-743 [doi]
• No Forking Way: Detecting Cloning Attacks on Intel SGX ApplicationsSamira Briongos, Ghassan Karame, Claudio Soriente, Annika Wilde. 744-758 [doi]
• Detecting Weak Keys in Manufacturing Certificates: A Case StudyAndrew Chi, Brandon Enright, David A. McGrew. 759-771 [doi]
• Differentially Private Resource AllocationJoann Qiongna Chen, Tianhao Wang 0001, Zhikun Zhang 0001, Yang Zhang, Somesh Jha, Zhou Li. 772-786 [doi]
• Mitigating Membership Inference Attacks via Weighted SmoothingMingtian Tan, Xiaofei Xie, Jun Sun 0001, Tianhao Wang 0001. 787-798 [doi]
• Mostree: Malicious Secure Private Decision Tree Evaluation with Sublinear CommunicationJianli Bai, Xiangfu Song, Xiaowu Zhang, Qifan Wang, Shujie Cui, Ee-Chien Chang, Giovanni Russello. 799-813 [doi]