Annual Computer Security Applications Conference, ACSAC 2024, Honolulu, HI, USA, December 9-13, 2024 - researchr publication

researchr

You are not signed in
Sign in
Sign up

Annual Computer Security Applications Conference, ACSAC 2024, Honolulu, HI, USA, December 9-13, 2024. IEEE, 2024. [doi]

Conference: acsac2024

Abstract is missing.

IoC Stalker: Early detection of Indicators of CompromiseMariella Mischinger, Sergio Pastrana, Guillermo Suarez-Tangil. [doi]

Enhancing Database Encryption: Adaptive Measures for Digital Assets Against LLMs-Based Reverse EngineeringKerou Zhou, Jiakang Qiu, Yuehua Wang, Xiaojun Ye. 1-14 [doi]

CubeVisor: A Multi-realm Architecture Design for Running VM with ARM CCAJiayun Chen, Qihang Zhou, Xiaolong Yan, Nan Jiang, Xiaoqi Jia, Weijuan Zhang. 1-13 [doi]

SECURE: Benchmarking Large Language Models for CybersecurityDipkamal Bhusal, Md Tanvirul Alam, Le-Nguyen, Ashim Mahara, Zachary Lightcap, Rodney Frazier, Romy Fieblinger, Grace Long Torales, Benjamin A. Blakely, Nidhi Rastogi. 15-30 [doi]

Not All Tokens Are Equal: Membership Inference Attacks Against Fine-tuned Language ModelsChangtian Song, Dongdong Zhao 0001, Jianwen Xiang. 31-45 [doi]

Stealing Watermarks of Large Language Models via Mixed Integer ProgrammingZhaoxi Zhang, Xiaomei Zhang, Yanjun Zhang, Leo Yu Zhang, Chao Chen 0015, Shengshan Hu, Asif Gill, Shirui Pan. 46-60 [doi]

Towards a Taxonomy of Challenges in Security Control ImplementationMd. Rayhanur Rahman, Brandon Wroblewski, Mahzabin Tamanna, Imranur Rahman, Andrew Anufryienak, Laurie A. Williams. 61-75 [doi]

ConProv: A Container-Aware Provenance System for Attack InvestigationQiqing Deng, Yanqiang Zhang, Zhen Xu 0009, Qian Tan, Yan Zhang 0014. 89-101 [doi]

Confidential Computing with Heterogeneous Devices at Cloud-ScaleAritra Dhar, Supraja Sridhara, Shweta Shinde, Srdjan Capkun, Renzo Andri. 102-116 [doi]

Hypervisor Dissociative Execution: Programming Guests for Monitoring, Management, and SecurityAndrew Fasano, Zak Estrada, Tim Leek, William K. Robertson. 117-130 [doi]

T-Edge: Trusted Heterogeneous Edge ComputingJiamin Shen, Yao Chen 0008, Weng-Fai Wong, Ee-Chien Chang. 131-143 [doi]

Web-Armour: Mitigating Reconnaissance and Vulnerability Scanning with Scan-Impeding Delays in Web DeploymentsYousif Dafalla, Dalton A. Brucker-Hahn, Drew Davidson, Alexandru G. Bardas. 144-160 [doi]

Harnessing Multiplicity: Granular Browser Extension Fingerprinting through User ConfigurationsKonstantinos Solomos, Nick Nikiforakis, Jason Polakis. 161-174 [doi]

Ready or Not, Here I Come: Characterizing the Security of Prematurely-public Web ApplicationsBrian Kondracki, Michael Ferdman, Nick Nikiforakis. 175-189 [doi]

You Only Perturb Once: Bypassing (Robust) Ad-Blockers Using Universal Adversarial PerturbationsDongwon Shin, Suyoung Lee, Sanghyun Hong, Sooel Son. 190-206 [doi]

A Longitudinal Analysis of Corporate Data Portability Practices Across IndustriesEmmanuel Syrmoudis, Stefan A. Mager, Jens Grossklags. 207-223 [doi]

Assault and Battery: Evaluating the Security of Power Conversion Systems Against Electromagnetic Injection AttacksMarcell Szakály, Sebastian Köhler 0005, Martin Strohmeier, Ivan Martinovic. 224-239 [doi]

A Fly on the Wall - Exploiting Acoustic Side-Channels in Differential Pressure SensorsYonatan Gizachew Achamyeleh, Mohamad Habib Fakih, Gabriel Garcia, Anomadarshi Barua, Mohammad Abdullah Al Faruque. 240-256 [doi]

TRACES: TEE-based Runtime Auditing for Commodity Embedded SystemsAdam Caulfield, Antonio Joia Neto, Norrathep Rattanavipanon, Ivan De Oliveira Nunes. 257-270 [doi]

BioSaFe: Bioprinting Security Framework for Detecting Sabotage Attacks on Printability and Cell ViabilityMuhammad Ahsan, Eunice Pak, Kate Jackson, Muhammad Haris Rais, Barry Najarro-Blancas, Nastassja Lewinski, Irfan Ahmed 0001. 271-287 [doi]

Leaky Autofill: An Empirical Study on the Privacy Threat of Password Managers' Autofill FunctionalityYanduo Fu, Ding Wang. 288-303 [doi]

Passwords To-Go: Investigating Multifaceted Challenges for Password Managers in the Android EcosystemNicolas Huaman, Marten Oltrogge, Sabrina Klivan, Yannick Evers, Sascha Fahl. 304-320 [doi]

Single Sign-On Privacy: We Still Know What You Did Last SummerMaximilian Westers, Andreas Mayer, Louis Jannett. 321-335 [doi]

FreeAuth: Privacy-Preserving Email Ownership Authentication with Verification-Email-FreeYijia Fang, Bingyu Li, Jiale Xiao, Bo Qin, Zhijintong Zhang, Qianhong Wu. 336-352 [doi]

Securing PUFs via a Predictive Adversarial Machine Learning System by Modeling of AttackersMieszko Ferens, Edlira Dushku, Shreyas Srinivasa, Sokol Kosta. 353-365 [doi]

No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural AttacksDaniel Weber, Leonard Niemann, Lukas Gerlach, Jan Reineke, Michael Schwarz. 366-379 [doi]

Faking deduplication to prevent timing side-channel attacks on memory deduplicationJens Lindemann. 380-392 [doi]

R+R: Demystifying ML-Assisted Side-Channel Analysis Framework: A Case of Image ReconstructionZhiyuan Zhang, Zhenzhi Lai, Udaya Parampalli. 393-409 [doi]

Reading It like an Open Book: Single-trace Blind Side-channel Attacks on Garbled Circuit FrameworksSirui Shen, Chenglu Jin. 410-424 [doi]

SecurityHub: Electromagnetic Fingerprinting USB Peripherals using Backscatter-assisted Commodity HardwareSi Liao, Huangxun Chen, Zhice Yang. 425-438 [doi]

Breaking the Privacy Barrier: On the Feasibility of Reorganization Attacks on Ethereum Private TransactionsMengya Zhang, Xingyu Lyu, Jianyu Niu, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin 0001. 439-455 [doi]

RouTEE: Secure, Scalable, and Efficient Off-Chain Payments using Trusted Execution EnvironmentsJunmo Lee, Seongjun Kim, Sanghyeon Park, Soo-Mook Moon. 456-472 [doi]

Practical Light Clients for Committee-Based BlockchainsFrederik Armknecht, Ghassan Karame, Malcom Mohamed, Christiane Weis. 473-487 [doi]

Janus: Enhancing Asynchronous Common Subset with Trusted HardwareLiangrong Zhao, Hans Schmiedel, Qin Wang, Jiangshan Yu. 488-504 [doi]

Verifying Loot-box Probability Without Source-code DisclosureJing-Jie Wang, An-Jie Li, Ting-Yu Fang, Hsu-Chun Hsiao. 505-519 [doi]

8 MVX SystemAndré Rösti, Stijn Volckaert, Michael Franz, Alexios Voulimeneas. 520-533 [doi]

Sidecar: Leveraging Debugging Extensions in Commodity Processors to Secure SoftwareKonstantinos Kleftogiorgos, Patrick Zielinski, Shan Huang, Jun Xu 0024, Georgios Portokalidis. 534-547 [doi]

Rust for Linux: Understanding the Security Impact of Rust in the Linux KernelZhaofeng Li 0004, Vikram Narayanan, Xiangdong Chen, Jerry Zhang, Anton Burtsev. 548-562 [doi]

SpecCFA: Enhancing Control Flow Attestation/Auditing via Application-Aware Sub-Path SpeculationAdam Caulfield, Liam Tyler, Ivan De Oliveira Nunes. 563-578 [doi]

SECvma: Virtualization-based Linux Kernel Protection for ArmTeh Beng Yen, Joey Li, Shih-wei Li. 579-592 [doi]

WiShield: Fine-grained Countermeasure Against Malicious Wi-Fi Sensing in Smart HomeYihui Yan, Zhice Yang. 593-606 [doi]

AirBugCatcher: Automated Wireless Reproduction of IoT BugsGuoqiang Hua, Matheus E. Garbelini, Sudipta Chattopadhyay 0001. 607-620 [doi]

VaktBLE: A Benevolent Man-in-the-Middle Bridge to Guard against Malevolent BLE ConnectionsGeovani Benita, Leonardo Sestrem, Matheus E. Garbelini, Sudipta Chattopadhyay 0001, Sumei Sun, Ernest Kurniawan. 621-635 [doi]

BlueScream: Screaming Channels on Bluetooth Low EnergyPierre Ayoub, Romain Cayre, Aurélien Francillon, Clémentine Maurice. 636-649 [doi]

Eunomia: A Real-time Privacy Compliance Firewall for Alexa SkillsJavaria Ahmad, FengJun Li, Razvan Beuran, Bo Luo. 650-665 [doi]

R+R: Towards Reliable and Generalizable Differentially Private Machine LearningWenxuan Bao, Vincent Bindschaedler. 666-682 [doi]

Privacy-Preserving Verifiable Neural Network Inference ServiceArman Riasi, Jorge Guajardo, Thang Hoang. 683-698 [doi]

R+R: Revisiting Graph Matching Attacks on Privacy-Preserving Record LinkageJochen Schäfer, Frederik Armknecht, Youzhe Heng. 699-715 [doi]

FA-SEAL: Forensically Analyzable Symmetric Encryption for Audit LogsBasanta Chaulagain, Kyu Hyung Lee. 716-732 [doi]

FLUENT: A Tool for Efficient Mixed-Protocol Semi-Private Function EvaluationDaniel Günther 0004, Joachim Schmidt 0006, Thomas Schneider 0003, Hossein Yalame. 733-746 [doi]

FedCAP: Robust Federated Learning via Customized Aggregation and PersonalizationYoupeng Li, Xinda Wang 0001, Fuxun Yu, Lichao Sun 0001, Wenbin Zhang 0002, Xuyu Wang. 747-760 [doi]

Link Inference Attacks in Vertical Federated Graph LearningOualid Zari, Chuan Xu 0002, Javier Parra-Arnau, Ayse Ünsal, Melek Önen. 761-777 [doi]

Efficient Secure Aggregation for Privacy-Preserving Federated Machine LearningRouzbeh Behnia, Arman Riasi, Reza Ebrahimi, Sherman S. M. Chow, Balaji Padmanabhan, Thang Hoang. 778-793 [doi]

Adversarially Guided Stateful Defense Against Backdoor Attacks in Federated Deep LearningHassan Ali 0001, Surya Nepal, Salil S. Kanhere, Sanjay K. Jha. 794-809 [doi]

Lightweight Secure Aggregation for Personalized Federated Learning with Backdoor ResistanceTingyu Fan, Xiaojun Chen, Ye Dong, Xudong Chen, Yuexin Xuan, Weizhan Jing. 810-825 [doi]

DEEPCAPA: Identifying Malicious Capabilities in Windows MalwareSaastha Vasan, Hojjat Aghakhani, Stefano Ortolani, Roman Vasilenko, Ilya Grishchenko, Christopher Kruegel, Giovanni Vigna. 826-842 [doi]

R+R: Matrioska: A User-Centric Defense Against Virtualization-Based Repackaging Malware on AndroidSimone Zerbini, Samuele Doria, Primal Wijesekera, Serge Egelman, Eleonora Losiouk. 843-856 [doi]

Madeline: Continuous and Low-cost Monitoring with Graph-free Representations to Combat Cyber ThreatsWenjia Song, Hailun Ding, Na Meng 0001, Peng Gao, Danfeng Yao. 874-889 [doi]

A Security Alert Investigation Tool Supporting Tier 1 Analysts in Contextualizing and Understanding Network Security EventsLeon Kersten, Santiago Darré, Tom Mulders, Emmanuele Zambon, Marco Caselli, Chris Snijders 0001, Luca Allodi. 890-905 [doi]

Evil from Within: Machine Learning Backdoors Through Dormant Hardware TrojansAlexander Warnecke, Julian Speith, Jan-Niklas Möller, Konrad Rieck, Christof Paar. 906-922 [doi]

Exploring Inherent Backdoors in Deep Learning ModelsGuanhong Tao 0001, Siyuan Cheng 0005, Zhenting Wang, ShiQing Ma, Shengwei An, Yingqi Liu, Guangyu Shen, Zhuo Zhang 0002, Yunshu Mao, Xiangyu Zhang 0001. 923-939 [doi]

On the Credibility of Backdoor Attacks Against Object Detectors in the Physical WorldBao Gia Doan, Dang Quang Nguyen, Callum Lindquist, Paul Montague, Tamas Abraham, Olivier De Vel, Seyit Camtepe, Salil S. Kanhere, Ehsan Abbasnejad, Damith C. Ranasinghe. 940-956 [doi]

Physical ID-Transfer Attacks against Multi-Object Tracking via Adversarial TrajectoryChenyi Wang, Yanmao Man, Raymond Muller, Ming Li, Z. Berkay Celik, Ryan M. Gerdes, Jonathan Petit. 957-973 [doi]

Model-Manipulation Attacks Against Black-Box ExplanationsAchyut Hegde, Maximilian Noppel, Christian Wressnegger. 974-987 [doi]

Moiré Injection Attack (MIA) : Compromising Autonomous Vehicle Safety via Exploiting Camera's Color Filter Array (CFA) to Inject Hidden Traffic SignQi Xia, Qian Chen. 988-1001 [doi]

Leveraging Intensity as a New Feature to Detect Physical Adversarial Attacks Against LiDARsYeji Park, Hyunsu Cho, Dong-Hoon Lee, Wonsuk Choi. 1002-1014 [doi]

VIMU: Effective Physics-based Realtime Detection and Recovery against Stealthy Attacks on UAVsYunbo Wang, Cong Sun 0001, Qiaosen Liu, Bingnan Su, Zongxu Zhang, Michael Norris, Gang Tan, Jianfeng Ma 0001. 1015-1031 [doi]

Assessing UAV Sensor Spoofing: More Than A GNSS ProblemBailey Srimoungchanh, J. Garrett Morris, Drew Davidson. 1032-1046 [doi]

R+R: Security Vulnerability Dataset Quality Is CriticalAnurag Swarnim Yadav, Joseph N. Wilson. 1047-1061 [doi]

*Sima Arasteh, Jelena Mirkovic, Mukund Raghothaman, Christophe Hauser. 1062-1074 [doi]

CryptoPyt: Unraveling Python Cryptographic APIs Misuse with Precise Static Taint AnalysisXiangxin Guo, Shijie Jia 0001, Jingqiang Lin 0001, Yuan Ma, Fangyu Zheng, Guangzheng Li, Bowen Xu, Yueqiang Cheng, Kailiang Ji. 1075-1091 [doi]

R+R: A Systematic Study of Cryptographic Function Identification Approaches in BinariesYongming Fan, Priyam Biswas, Christina Garman. 1092-1108 [doi]

Manifest Problems: Analyzing Code Transparency for Android Application BundlesFlorian Draschbacher, Lukas Maar. 1109-1122 [doi]

I Can Show You the World (of Censorship): Extracting Insights from Censorship Measurement Data Using Statistical TechniquesAnna Crowder, Daniel Olszewski, Patrick Traynor, Kevin R. B. Butler. 1123-1138 [doi]

Dissecting Open Edge Computing Platforms: Ecosystem, Usage, and Security RisksYu Bi, Mingshuo Yang, Yong Fang, Xianghang Mi, Shanqing Guo, Shujun Tang, Haixin Duan. 1139-1155 [doi]

Assessing the Silent Frontlines: Exploring the Impact of DDoS Hacktivism in the Russo-Ukrainian WarYagiz Yilmaz, Orçun Çetin, Omer Said Ozturk, Emre Ekmekcioglu, Budi Arief, Julio C. Hernandez-Castro. 1156-1171 [doi]

Robust Device Authentication in Multi-Node Networks: ML-Assisted Hybrid PLA Exploiting Hardware ImpairmentsIldi Alla, Selma Yahia, Valeria Loscrì, Hossien B. Eldeeb. 1172-1185 [doi]

CloudCover: Enforcement of Multi-Hop Network Connections in Microservice DeploymentsDalton A. Brucker-Hahn, Wang Feng, Shanchao Li, Matthew Petillo, Alexandru G. Bardas, Drew Davidson, Yuede Ji. 1186-1202 [doi]

TILE: Input Structure Optimization for Neural Networks to Accelerate Secure InferenceYizhou Feng, Qiao Zhang 0002, Yifei Cai, Hongyi Wu, Chunsheng Xin. 1203-1216 [doi]

R+R: Understanding Hyperparameter Effects in DP-SGDFelix Morsbach, Jan Reubold, Thorsten Strufe. 1217-1230 [doi]

CIGA: Detecting Adversarial Samples via Critical Inference Graph AnalysisFei Zhang, Zhe Li, Yahang Hu, Yaohua Wang. 1231-1244 [doi]

TATTOOED: A Robust Deep Neural Network Watermarking Scheme based on Spread-Spectrum Channel CodingGiulio Pagnotta, Dorjan Hitaj, Briland Hitaj, Fernando Pérez-Cruz, Luigi V. Mancini. 1245-1258 [doi]

ViTGuard: Attention-aware Detection against Adversarial Examples for Vision TransformerShihua Sun, Kenechukwu Nwodo, Shridatt Sugrim, Angelos Stavrou, Haining Wang 0001. 1259-1275 [doi]

runs on WebDSL