Abstract is missing.
- Pseudo-Randomness and the Crystal BallCynthia Dwork. 1-2 [doi]
- Towards Building a Responsible Data EconomyDawn Song. 3 [doi]
- Are we done yet? Our Journey to Fight against Memory-safety BugsTaesoo Kim. 4 [doi]
- Chunk-Level Password Guessing: Towards Modeling Refined Password Composition RepresentationsMing Xu 0006, Chuanwang Wang, Jitao Yu, Junjie Zhang, Kai Zhang, Weili Han. 5-20 [doi]
- Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-ScaleStijn Pletinckx, Kevin Borgolte, Tobias Fiebig. 21-35 [doi]
- Catching Transparent Phish: Analyzing and Detecting MITM Phishing ToolkitsBrian Kondracki, Babak Amin Azad, Oleksii Starov, Nick Nikiforakis. 36-50 [doi]
- Reverse Attack: Black-box Attacks on Collaborative RecommendationYihe Zhang, Xu Yuan, Jin Li, Jiadong Lou, Li Chen, Nian-Feng Tzeng. 51-68 [doi]
- It's Not What It Looks Like: Manipulating Perceptual Hashing based ApplicationsQingying Hao, Licheng Luo, Steve T. K. Jan, Gang Wang 0011. 69-85 [doi]
- Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal InformationBaolin Zheng, Peipei Jiang, Qian Wang, Qi Li 0002, Chao Shen, Cong Wang 0001, Yunjie Ge, Qingyang Teng, Shenyi Zhang. 86-107 [doi]
- A Hard Label Black-box Adversarial Attack Against Graph Neural NetworksJiaming Mu, Binghui Wang, Qi Li 0002, Kun Sun 0001, Mingwei Xu, Zhuotao Liu. 108-125 [doi]
- Robust Adversarial Attacks Against DNN-Based Wireless Communication SystemsAlireza Bahramali, Milad Nasr, Amir Houmansadr, Dennis Goeckel, Don Towsley. 126-140 [doi]
- AI-Lancet: Locating Error-inducing Neurons to Optimize Neural NetworksYue Zhao 0018, Hong Zhu, Kai Chen 0012, Shengzhi Zhang. 141-158 [doi]
- Doubly Efficient Interactive Proofs for General Arithmetic Circuits with Linear Prover TimeJiaheng Zhang, Tianyi Liu, Weijie Wang, Yinuo Zhang, Dawn Song, Xiang Xie, Yupeng Zhang. 159-177 [doi]
- Constant-Overhead Zero-Knowledge for RAM ProgramsNicholas Franzese, Jonathan Katz, Steve Lu, Rafail Ostrovsky, Xiao Wang 0012, Chenkai Weng. 178-191 [doi]
- Appenzeller to Brie: Efficient Zero-Knowledge Proofs for Mixed-Mode Arithmetic and Z2kCarsten Baum, Lennart Braun, Alexander Munch-Hansen, Benoît Razet, Peter Scholl. 192-211 [doi]
- Shorter and Faster Post-Quantum Designated-Verifier zkSNARKs from LatticesYuval Ishai, Hang Su, David J. Wu. 212-234 [doi]
- "Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real WorldEmily Wenger, Max Bronckers, Christian Cianfarani, Jenna Cryan, Angela Sha, Haitao Zheng 0001, Ben Y. Zhao. 235-251 [doi]
- Don't Forget the Stuffing! Revisiting the Security Impact of Typo-Tolerant Password AuthenticationSena Sahin, Frank Li 0001. 252-270 [doi]
- Dissecting Click Fraud Autonomy in the WildTong Zhu, Yan Meng, Haotian Hu, Xiaokuan Zhang, Minhui Xue, Haojin Zhu. 271-286 [doi]
- Understanding and Detecting Mobile Ad Fraud Through the Lens of Invalid TrafficSuibin Sun, Le Yu, Xiaokuan Zhang, Minhui Xue, Ren Zhou, Haojin Zhu, Shuang Hao, Xiaodong Lin. 287-303 [doi]
- Usable User Authentication on a Smartwatch using VibrationSunWoo Lee, Wonsuk Choi, Dong Hoon Lee 0001. 304-319 [doi]
- Automated Bug Hunting With Data-Driven Symbolic Root Cause AnalysisCarter Yagemann, Simon P. Chung, Brendan Saltaformaggio, Wenke Lee. 320-336 [doi]
- Snipuzz: Black-box Fuzzing of IoT Firmware via Message Snippet InferenceXiaotao Feng, Ruoxi Sun, Xiaogang Zhu, Minhui Xue, Sheng Wen, Dongxi Liu, Surya Nepal, Yang Xiang 0001. 337-350 [doi]
- Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided TracingStefan Nagy, Anh Nguyen-Tuong, Jason D. Hiser, Jack W. Davidson, Matthew Hicks. 351-365 [doi]
- HyperFuzzer: An Efficient Hybrid Fuzzer for Virtual CPUsXinyang Ge, Ben Niu, Robert Brotzman, Yaohui Chen, Hyungseok Han, Patrice Godefroid, Weidong Cui. 366-378 [doi]
- HardsHeap: A Universal and Extensible Framework for Evaluating Secure AllocatorsInsu Yun, Woosun Song, Seunggi Min, Taesoo Kim. 379-392 [doi]
- DPGen: Automated Program Synthesis for Differential PrivacyYuxin Wang, Zeyu Ding, Yingtai Xiao, Daniel Kifer, Danfeng Zhang. 393-411 [doi]
- A Formally Verified Configuration for Hardware Security Modules in the CloudRiccardo Focardi, Flaminia L. Luccio. 412-428 [doi]
- Solver-Aided Constant-Time Hardware VerificationKlaus von Gleissenthall, Rami Gökhan Kici, Deian Stefan, Ranjit Jhala. 429-444 [doi]
- Exorcising Spectres with Secure CompilersMarco Patrignani, Marco Guarnieri. 445-461 [doi]
- Structured Leakage and Applications to Cryptographic Constant-Time and CostGilles Barthe, Benjamin Grégoire, Vincent Laporte, Swarn Priya. 462-476 [doi]
- Learning Security Classifiers with Verified Global Robustness PropertiesYizheng Chen, Shiqi Wang 0002, Yue Qin, Xiaojing Liao, Suman Jana, David A. Wagner 0001. 477-494 [doi]
- On the Robustness of Domain ConstraintsRyan Sheatsley, Blaine Hoak, Eric Pauley, Yohan Beugin, Michael J. Weisman, Patrick D. McDaniel. 495-515 [doi]
- Cert-RNN: Towards Certifying the Robustness of Recurrent Neural NetworksTianyu Du, Shouling Ji, Lujia Shen, Yao Zhang, Jinfeng Li, Jie Shi, Chengfang Fang, Jianwei Yin, Raheem Beyah, Ting Wang 0006. 516-534 [doi]
- TSS: Transformation-Specific Smoothing for Robustness CertificationLinyi Li, Maurice Weber, Xiaojun Xu, Luka Rimanic, Bhavya Kailkhura, Tao Xie 0001, Ce Zhang 0001, Bo Li 0026. 535-557 [doi]
- Efficient Online-friendly Two-Party ECDSA SignatureHaiyang Xue, Man Ho Au, Xiang Xie, Tsz Hon Yuen, Handong Cui. 558-573 [doi]
- One Hot GarblingDavid Heath, Vladimir Kolesnikov. 574-593 [doi]
- The Return of Eratosthenes: Secure Generation of RSA Moduli using Distributed SievingCyprien Delpech de Saint Guilhem, Eleftheria Makri, Dragos Rotaru, Titouan Tanguy. 594-609 [doi]
- Secure Graph Analysis at ScaleToshinori Araki, Jun Furukawa 0001, Kazuma Ohara, Benny Pinkas, Hanan Rosemarin, Hikaru Tsuchida. 610-629 [doi]
- Oblivious Linear Group Actions and ApplicationsNuttapong Attrapadung, Goichiro Hanaoka, Takahiro Matsuda 0002, Hiraku Morita, Kazuma Ohara, Jacob C. N. Schuldt, Tadanori Teruya, Kazunari Tozawa. 630-650 [doi]
- Wireless Charging Power Side-Channel AttacksAlexander S. La Cour, Khurram K. Afridi, G. Edward Suh. 651-665 [doi]
- Indistinguishability Prevents Scheduler Side Channels in Real-Time SystemsChien-Ying Chen, Debopam Sanyal, Sibin Mohan. 666-684 [doi]
- Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic CodeMadura A. Shelton, Lukasz Chmielewski, Niels Samwel, Markus Wagner 0007, Lejla Batina, Yuval Yarom. 685-699 [doi]
- Periscope: A Keystroke Inference Attack Using Human Coupled Electromagnetic EmanationsWenqiang Jin, Srinivasan Murali, Huadi Zhu, Ming Li. 700-714 [doi]
- Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow LinearizationPietro Borrello, Daniele Cono D'Elia, Leonardo Querzoni, Cristiano Giuffrida. 715-733 [doi]
- ECMO: Peripheral Transplantation to Rehost Embedded Linux KernelsMuhui Jiang, Lin Ma, Yajin Zhou, Qiang Liu, Cen Zhang, Zhi Wang, Xiapu Luo, Lei Wu, Kui Ren 0001. 734-748 [doi]
- SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS DriversWeiteng Chen, Yu Wang, Zheng Zhang, Zhiyun Qian. 749-763 [doi]
- Demons in the Shared Kernel: Abstract Resource Attacks Against OS-level VirtualizationNanzi Yang, Wenbo Shen, Jinku Li, Yutian Yang, Kangjie Lu, Jietao Xiao, Tianyu Zhou, Chenggang Qin, Wang Yu, Jianfeng Ma 0001, Kui Ren 0001. 764-778 [doi]
- SmashEx: Smashing SGX Enclaves Using ExceptionsJinhua Cui, Jason Zhijingcheng Yu, Shweta Shinde, Prateek Saxena, Zhiping Cai. 779-793 [doi]
- CPscan: Detecting Bugs Caused by Code Pruning in IoT KernelsLirong Fu, Shouling Ji, Kangjie Lu, Peiyu Liu, Xuhong Zhang 0005, Yuxuan Duan, Zihui Zhang, Wenzhi Chen, Yanjun Wu. 794-810 [doi]
- Statically Discovering High-Order Taint Style Vulnerabilities in OS KernelsHang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, Zhiyun Qian. 811-824 [doi]
- Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' OutputsMohammad Malekzadeh, Anastasia Borovykh, Deniz Gündüz. 825-844 [doi]
- Quantifying and Mitigating Privacy Risks of Contrastive LearningXinlei He, Yang Zhang. 845-863 [doi]
- Membership Inference Attacks Against Recommender SystemsMinxing Zhang, Zhaochun Ren, Zihan Wang, Pengjie Ren, Zhumin Chen, Pengfei Hu, Yang Zhang. 864-879 [doi]
- Membership Leakage in Label-Only ExposuresZheng Li, Yang Zhang. 880-895 [doi]
- When Machine Unlearning Jeopardizes PrivacyMin Chen 0032, Zhikun Zhang 0001, Tianhao Wang 0001, Michael Backes 0001, Mathias Humbert, Yang Zhang. 896-911 [doi]
- Deterrence of Intelligent DDoS via Multi-Hop Traffic DivergenceYuanjie Li, Hewu Li, Zhizheng Lv, Xingkun Yao, Qianru Li, Jianping Wu. 923-939 [doi]
- Scan, Test, Execute: Adversarial Tactics in Amplification DDoS AttacksHarm Griffioen, Kris Oosthoek, Paul van der Knaap, Christian Doerr. 940-954 [doi]
- Warmonger: Inflicting Denial-of-Service via Serverless Functions in the CloudJunjie Xiong, Mingkui Wei, Zhuo Lu, Yao Liu. 955-969 [doi]
- United We Stand: Collaborative Detection and Mitigation of Amplification DDoS Attacks at ScaleDaniel Wagner, Daniel Kopp, Matthias Wichtlhuber, Christoph Dietzel, Oliver Hohlfeld, Georgios Smaragdakis, Anja Feldmann. 970-987 [doi]
- Revisiting Nakamoto Consensus in Asynchronous Networks: A Comprehensive Analysis of Bitcoin Safety and ChainQualityMuhammad Saad, Afsah Anwar, Srivatsan Ravi, David Mohaisen. 988-1005 [doi]
- How Does Blockchain Security Dictate Blockchain Implementation?Andrew Lewis-Pye, Tim Roughgarden. 1006-1019 [doi]
- The Exact Security of BIP32 WalletsPoulami Das 0003, Andreas Erwig, Sebastian Faust, Julian Loss, Siavash Riahi 0002. 1020-1042 [doi]
- A Security Framework for Distributed LedgersMike Graf 0001, Daniel Rausch 0001, Viktoria Ronge, Christoph Egger 0001, Ralf Küsters, Dominique Schröder. 1043-1064 [doi]
- This Sneaky Piggy Went to the Android Ad Market: Misusing Mobile Sensors for Stealthy Data ExfiltrationMichalis Diamantaris, Serafeim Moustakas, Lichao Sun, Sotiris Ioannidis, Jason Polakis. 1065-1081 [doi]
- Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular DevicesSyed Rafiul Hussain, Imtiaz Karim, Abdullah Al Ishtiaq, Omar Chowdhury, Elisa Bertino. 1082-1099 [doi]
- All your Credentials are Belong to Us: On Insecure WPA2-Enterprise ConfigurationsMan Hong Hue, Joyanta Debnath, Kin Man Leung, Li Li, Mohsen Minaei, M. Hammad Mazhar, Kailiang Xian, Md. Endadul Hoque, Omar Chowdhury, Sze Yiu Chau. 1100-1117 [doi]
- On-device IoT Certificate Revocation Checking with Small Memory and Low LatencyXiaofeng Shi, Shouqian Shi, Minmei Wang, Jonne Kaunisto, Chen Qian 0001. 1118-1134 [doi]
- Labeled PSI from Homomorphic Encryption with Reduced Computation and CommunicationKelong Cong, Radames Cruz Moreno, Mariana Botelho da Gama, Wei Dai, Ilia Iliashenko, Kim Laine, Michael Rosenberg. 1135-1150 [doi]
- Simple, Fast Malicious Multiparty Private Set IntersectionOfri Nevo, Ni Trieu, Avishay Yanai. 1151-1165 [doi]
- Compact and Malicious Private Set Intersection for Small SetsMike Rosulek, Ni Trieu. 1166-1181 [doi]
- Efficient Linear Multiparty PSI and Extensions to Circuit/Quorum PSINishanth Chandran, Nishka Dasgupta, Divya Gupta 0001, Sai Lakshmi Bhavana Obbattu, Sruthi Sekar, Akash Shah. 1182-1204 [doi]
- Differential Privacy for Directional DataBenjamin Weggenmann, Florian Kerschbaum. 1205-1222 [doi]
- Differentially Private Sparse Vectors with Low Error, Optimal Space, and Fast AccessMartin Aumüller 0001, Christian Janos Lebeda, Rasmus Pagh. 1223-1236 [doi]
- Continuous Release of Data Streams under both Centralized and Local Differential PrivacyTianhao Wang 0001, Joann Qiongna Chen, Zhikun Zhang 0001, Dong Su, Yueqiang Cheng, Zhou Li 0001, Ninghui Li, Somesh Jha. 1237-1253 [doi]
- Side-Channel Attacks on Query-Based Data AnonymizationFranziska Boenisch, Reinhard Munz, Marcel Tiepelt, Simon Hanisch, Christiane Kuhn, Paul Francis. 1254-1265 [doi]
- AHEAD: Adaptive Hierarchical Decomposition for Range Query under Local Differential PrivacyLinkang Du, Zhikun Zhang 0001, Shaojie Bai, Changchang Liu, Shouling Ji, Peng Cheng 0001, Jiming Chen 0001. 1266-1288 [doi]
- Who's In Control? On Security Risks of Disjointed IoT Device Management ChannelsYan Jia, Bin Yuan, Luyi Xing, Dongfang Zhao 0010, Yifan Zhang 0010, Xiaofeng Wang 0001, Yijing Liu, Kaimin Zheng, Peyton Crnjak, Yuqing Zhang, Deqing Zou, Hai Jin 0001. 1289-1305 [doi]
- DroneKey: A Drone-Aided Group-Key Generation Scheme for Large-Scale IoT NetworksDianqi Han, Ang Li, Jiawei Li, Yan Zhang, Tao Li, Yanchao Zhang. 1306-1319 [doi]
- You Make Me Tremble: A First Look at Attacks Against Structural Control SystemsAbel Zambrano, Alejandro Palacio Betancur, Luis Burbano, Andres Felipe Niño, Luis Felipe Giraldo, Mariantonieta Gutierrez Soto, Jairo Giraldo, Alvaro A. Cárdenas. 1320-1337 [doi]
- MaMIoT: Manipulation of Energy Market Leveraging High Wattage IoT BotnetsTohid Shekari, Celine Irvene, Alvaro A. Cárdenas, Raheem Beyah. 1338-1356 [doi]
- Aion: Enabling Open Systems through Strong Availability Guarantees for EnclavesFritz Alder, Jo Van Bulck, Frank Piessens, Jan Tobias Mühlberg. 1357-1372 [doi]
- Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI EcosystemYiming Zhang 0009, Baojun Liu, Chaoyi Lu, Zhou Li 0001, Haixin Duan, Jiachen Li, Zaifeng Zhang. 1373-1387 [doi]
- On Re-engineering the X.509 PKI with Executable Specification for Better Implementation GuaranteesJoyanta Debnath, Sze Yiu Chau, Omar Chowdhury. 1388-1404 [doi]
- APECS: A Distributed Access Control Framework for Pervasive Edge Computing ServicesSean Dougherty, Reza Tourani, Gaurav Panwar, Roopa Vishwanathan, Satyajayant Misra, Srikathyayani Srikanteswara. 1405-1420 [doi]
- Let's Downgrade Let's EncryptTianxiang Dai, Haya Shulman, Michael Waidner. 1421-1440 [doi]
- A Concrete Treatment of Efficient Continuous Group Key Agreement via Multi-Recipient PKEsKeitaro Hashimoto, Shuichi Katsumata, Eamonn Postlethwaite, Thomas Prest, Bas Westerbaan. 1441-1462 [doi]
- Modular Design of Secure Group Messaging Protocols and the Security of MLSJoël Alwen, Sandro Coretti, Yevgeniy Dodis, Yiannis Tselekounis. 1463-1483 [doi]
- Secure Complaint-Enabled Source-Tracking for Encrypted MessagingCharlotte Peale, Saba Eskandarian, Dan Boneh. 1484-1506 [doi]
- Fuzzy Message DetectionGabrielle Beck, Julia Len, Ian Miers, Matthew Green 0001. 1507-1528 [doi]
- Meteor: Cryptographically Secure Steganography for Realistic DistributionsGabriel Kaptchuk, Tushar M. Jois, Matthew Green 0001, Aviel D. Rubin. 1529-1548 [doi]
- Hiding the Lengths of Encrypted Messages via Gaussian PaddingJean Paul Degabriele. 1549-1565 [doi]
- Android on PC: On the Security of End-user Android EmulatorsFenghao Xu, Siyu Shen, Wenrui Diao, Zhou Li 0001, Yi Chen, Rui Li, Kehuan Zhang. 1566-1580 [doi]
- Ghost in the Binder: Binder Transaction Redirection Attacks in Android System ServicesXiaobo Xiang, Ren Zhang, Hanxiang Wen, Xiaorui Gong, Baoxu Liu. 1581-1597 [doi]
- Dissecting Residual APIs in Custom Android ROMsZeinab El-Rewini, Yousra Aafer. 1598-1611 [doi]
- VIP: Safeguard Value Invariant Property for Thwarting Critical Memory Corruption AttacksMohannad Ismail, Jinwoo Yom, Christopher Jelesnianski, Yeongjin Jang, Changwoo Min. 1612-1626 [doi]
- Detecting Missed Security Operations Through Differential Checking of Object-based Similar PathsDinghao Liu, Qiushi Wu, Shouling Ji, Kangjie Lu, Zhenguang Liu, Jianhai Chen, Qinming He. 1627-1644 [doi]
- DETER: Denial of Ethereum Txpool sERvicesKai Li, Yibo Wang, Yuzhe Tang. 1645-1667 [doi]
- SyncAttack: Double-spending in Bitcoin Without Mining PowerMuhammad Saad, Songqing Chen, David Mohaisen. 1668-1685 [doi]
- Multi-Threshold Byzantine Fault ToleranceAtsuki Momose, Ling Ren 0001. 1686-1699 [doi]
- Securing Parallel-chain Protocols under Variable Mining PowerXuechao Wang, Viswa Virinchi Muppirala, Lei Yang, Sreeram Kannan, Pramod Viswanath. 1700-1721 [doi]
- BFT Protocol ForensicsPeiyao Sheng, Gerui Wang, Kartik Nayak, Sreeram Kannan, Pramod Viswanath. 1722-1743 [doi]
- Supply-Chain Vulnerability Elimination via Active Learning and RegenerationNikos Vasilakis, Achilles Benetopoulos, Shivam Handa, Alizee Schoen, Jiasi Shen 0001, Martin C. Rinard. 1755-1770 [doi]
- XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web BrowsersLukas Knittel, Christian Mainka, Marcus Niemietz, Dominik Trevor Noß, Jörg Schwenk. 1771-1788 [doi]
- DoubleX: Statically Detecting Vulnerable Data Flows in Browser Extensions at ScaleAurore Fass, Dolière Francis Somé, Michael Backes 0001, Ben Stock. 1789-1804 [doi]
- T-Reqs: HTTP Request Smuggling with Differential FuzzingBahruz Jabiyev, Steven Sprecher, Kaan Onarlioglu, Engin Kirda. 1805-1820 [doi]
- Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege ReductionNikos Vasilakis, Cristian-Alexandru Staicu, Grigoris Ntousakis, Konstantinos Kallas, Ben Karel, André DeHon, Michael Pradel. 1821-1838 [doi]
- Spinner: Automated Dynamic Command Subsystem PerturbationMeng Wang, Chijung Jung, Ali Ahad, Yonghwi Kwon 0001. 1839-1860 [doi]
- FakeWake: Understanding and Mitigating Fake Wake-up Words of Voice AssistantsYanjiao Chen, Yijie Bai, Richard Mitev, Kaibo Wang, Ahmad-Reza Sadeghi, Wenyuan Xu. 1861-1883 [doi]
- Robust Detection of Machine-induced Audio Attacks in Intelligent Audio Systems with Microphone ArrayZhuohang Li, Cong Shi 0004, Tianfang Zhang, Yi Xie 0001, Jian Liu 0001, Bo Yuan 0001, Yingying Chen 0001. 1884-1899 [doi]
- Glowworm Attack: Optical TEMPEST Sound Recovery via a Device's Power Indicator LEDBen Nassi, Yaron Pirutin, Tomer Cohen Galor, Yuval Elovici, Boris Zadov. 1900-1914 [doi]
- CapSpeaker: Injecting Voices to Microphones via CapacitorsXiaoyu Ji 0001, Juchuan Zhang, Shui Jiang, Jishen Li, Wenyuan Xu. 1915-1929 [doi]
- I Can See the Light: Attacks on Autonomous Vehicles Using Invisible LightsWei Wang 0190, Yao Yao 0009, Xin Liu, Xiang Li, Pei Hao, Ting Zhu. 1930-1944 [doi]
- Can We Use Arbitrary Objects to Attack LiDAR Perception in Autonomous Driving?Yi Zhu, Chenglin Miao, Tianhang Zheng, Foad Hajiaghajani, Lu Su, Chunming Qiao. 1945-1960 [doi]
- A PKI-based Framework for Establishing Efficient MPC ChannelsDaniel Masny, Gaven Watson. 1961-1980 [doi]
- The Security of ChaCha20-Poly1305 in the Multi-User SettingJean Paul Degabriele, Jérôme Govinden, Felix Günther 0001, Kenneth G. Paterson. 1981-2003 [doi]
- With a Little Help from My Friends: Constructing Practical Anonymous CredentialsLucjan Hanzlik, Daniel Slamanig. 2004-2023 [doi]
- Key Agreement for Decentralized Secure Group Messaging with Strong Security GuaranteesMatthew Weidner, Martin Kleppmann, Daniel Hugenroth, Alastair R. Beresford. 2024-2045 [doi]
- Revisiting Fuzzy Signatures: Towards a More Risk-Free Cryptographic Authentication System based on BiometricsShuichi Katsumata, Takahiro Matsuda 0002, Wataru Nakamura, Kazuma Ohara, Kenta Takahashi. 2046-2065 [doi]
- On the (In)Security of ElGamal in OpenPGPLuca De Feo, Bertram Poettering, Alessandro Sorniotti. 2066-2080 [doi]
- EncoderMI: Membership Inference against Pre-trained Encoders in Contrastive LearningHongbin Liu, Jinyuan Jia, Wenjie Qu, Neil Zhenqiang Gong. 2081-2095 [doi]
- TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data ReleasingAoting Hu, Renjie Xie, Zhigang Lu, Aiqun Hu, Minhui Xue. 2096-2112 [doi]
- Unleashing the Tiger: Inference Attacks on Split LearningDario Pasquini, Giuseppe Ateniese, Massimo Bernaschi. 2113-2129 [doi]
- Locally Private Graph Neural NetworksSina Sajadmanesh, Daniel Gatica-Perez. 2130-2145 [doi]
- DataLens: Scalable Privacy Preserving Training via Gradient Compression and AggregationBoxin Wang, Fan Wu, Yunhui Long, Luka Rimanic, Ce Zhang 0001, Bo Li. 2146-2168 [doi]
- Regression Greybox FuzzingXiaogang Zhu, Marcel Böhme. 2169-2182 [doi]
- MirChecker: Detecting Bugs in Rust Programs via Static AnalysisZhuohua Li, Jincheng Wang, Mingshen Sun, John C. S. Lui. 2183-2196 [doi]
- V-Shuttle: Scalable and Semantics-Aware Hypervisor Virtual Device FuzzingGaoning Pan, Xingwei Lin, Xuhong Zhang 0005, Yongkang Jia, Shouling Ji, Chunming Wu, Xinlei Ying, Jiashui Wang, Yanjun Wu. 2197-2213 [doi]
- Hardware Support to Improve Fuzzing Performance and PrecisionRen Ding 0001, Yonghae Kim, Fan Sang, Wen Xu 0002, Gururaj Saileshwar, Taesoo Kim. 2214-2228 [doi]
- SoFi: Reflection-Augmented Fuzzing for JavaScript EnginesXiaoyu He, Xiaofei Xie, Yuekang Li, Jianwen Sun, Feng Li, Wei Zou, Yang Liu, Lei Yu, Jianhua Zhou, Wenchang Shi, Wei Huo. 2229-2242 [doi]
- Reconstructing with Less: Leakage Abuse Attacks in Two DimensionsEvangelia Anna Markatou, Francesca Falzon, Roberto Tamassia, William Schor. 2243-2261 [doi]
- εpsolute: Efficiently Querying Databases While Providing Differential PrivacyDmytro Bogatov, Georgios Kellaris, George Kollios, Kobbi Nissim, Adam O'Neill. 2262-2276 [doi]
- Compressed Oblivious Encoding for Homomorphically Encrypted SearchSeung Geol Choi, Dana Dachman-Soled, S. Dov Gordon, Linsheng Liu, Arkady Yerukhimovich. 2277-2291 [doi]
- OnionPIR: Response Efficient Single-Server PIRMuhammad Haris Mughees, Hao Chen, Ling Ren 0001. 2292-2306 [doi]
- LEAP: Leakage-Abuse Attack on Efficiently Deployable, Efficiently Searchable Encryption with Partially Known DatasetJianting Ning, Xinyi Huang, Geong Sen Poh, Jiaming Yuan, Yingjiu Li, Jian Weng 0001, Robert H. Deng. 2307-2320 [doi]
- On the Rényi Differential Privacy of the Shuffle ModelAntonious M. Girgis, Deepesh Data, Suhas N. Diggavi, Ananda Theertha Suresh, Peter Kairouz. 2321-2341 [doi]
- Private Hierarchical Clustering in Federated NetworksAashish Kolluri, Teodora Baluta, Prateek Saxena. 2342-2360 [doi]
- Secure Multi-party Computation of Differentially Private Heavy HittersJonas Böhler, Florian Kerschbaum. 2361-2377 [doi]
- Automated Privacy Policy Annotation with Information Highlighting Made Practical Using Deep RepresentationsAbdulrahman Alabduljabbar, Ahmed Abusnaina, Ülkü Meteriz-Yildiran, David Mohaisen. 2378-2380 [doi]
- POSTER: Recovering Songs from a Hanging Light BulbBen Nassi, Yaron Pirutin, Raz Swissa, Adi Shamir, Yuval Elovici, Boris Zadov. 2381-2383 [doi]
- Search-Based Local Black-Box Deobfuscation: Understand, Improve and Mitigate (Poster)Grégoire Menguy, Sébastien Bardin, Richard Bonichon, Cauim de Souza Lima. 2384-2386 [doi]
- Membership Inference Attacks against GANs by Leveraging Over-representation RegionsHailong Hu, Jun Pang 0001. 2387-2389 [doi]
- Earable Authentication via Acoustic ToothprintZi Wang, Yili Ren, Yingying Chen 0001, Jie Yang 0003. 2390-2392 [doi]
- POSTER: An Open-Source Framework for Developing Heterogeneous Distributed Enclave ApplicationsGianluca Scopelliti, Sepideh Pouyanrad, Job Noorman, Fritz Alder, Frank Piessens, Jan Tobias Mühlberg. 2393-2395 [doi]
- Towards Automated Computational Auditing of mHealth Security and Privacy RegulationsBrian Tung, Zhiyuan Yu, Ning Zhang 0017. 2396-2398 [doi]
- DEMO: A Secure Voting System for Score Based ElectionsLihi Dery, Tamir Tassa, Avishay Yanai, Arthur Zamarin. 2399-2401 [doi]
- POSTER: A Tough Nut to Crack: Attempting to Break Modulation ObfuscationNaureen Hoque, Hanif Rahbari. 2402-2404 [doi]
- POSTER: ReAvatar: Virtual Reality De-anonymization Attack Through Correlating Movement SignaturesBrandon Falk, Yan Meng, Yuxia Zhan, Haojin Zhu. 2405-2407 [doi]
- Revisiting Hybrid Private Information RetrievalDaniel Günther 0004, Thomas Schneider 0003, Felix Wiegand. 2408-2410 [doi]
- POSTER: How Dangerous is My Click? Boosting Website Fingerprinting By Considering Sequences of WebpagesAsya Mitseva, Jan Pennekamp, Johannes Lohmöller, Torsten Ziemann, Carl Hoerchner, Klaus Wehrle, Andriy Panchenko 0001. 2411-2413 [doi]
- Human and Organizational Factors in Public Key Certificate Authority FailuresSkyler Johnson, Katherine Ferro, L. Jean Camp, Hilda Hadan. 2414-2416 [doi]
- On Adoptability and Use Case Exploration of Threat Modeling for Mobile Communication SystemsHsin-Yi Chen, Siddharth Prakash Rao. 2417-2419 [doi]
- Enabling Visual Analytics via Alert-driven Attack GraphsAzqa Nadeem, Sicco Verwer, Stephen Moskal, Shanchieh Jay Yang. 2420-2422 [doi]
- Predictive Cipher-Suite Negotiation for Boosting Deployment of New CiphersElias Heftrig, Jean-Pierre Seifert, Haya Shulman, Michael Waidner, Nils Wisiol. 2423-2425 [doi]
- Chronos: Timing Interference as a New Attack Vector on Autonomous Cyber-physical SystemsAo Li, Jinwen Wang, Ning Zhang 0017. 2426-2428 [doi]
- Demo: Detecting Third-Party Library Problems with Combined Program AnalysisGrigoris Ntousakis, Sotiris Ioannidis, Nikos Vasilakis. 2429-2431 [doi]
- CyberBunker 2.0 - A Domain and Traffic Perspective on a Bulletproof HosterDaniel Kopp, Eric Strehle, Oliver Hohlfeld. 2432-2434 [doi]
- An Ontology-driven Knowledge Graph for Android MalwareChristian Ryan, Sharmishtha Dutta, Youngja Park, Nidhi Rastogi. 2435-2437 [doi]
- De-identification of Unstructured Clinical Texts from Sequence to Sequence PerspectiveMd. Monowar Anjum, Noman Mohammed, Xiaoqian Jiang. 2438-2440 [doi]
- MANIAC: A Man-Machine Collaborative System for Classifying Malware Author GroupsEujeanne Kim, Sung-Jun Park, Seokwoo Choi, Dong-Kyu Chae, Sang-Wook Kim. 2441-2443 [doi]
- Evaluating Resilience of Domains in PKIMarkus Brandt, Haya Shulman, Michael Waidner. 2444-2446 [doi]
- Demo: Large Scale Analysis on Vulnerability Remediation in Open-source JavaScript ProjectsVinuri Bandara, Thisura Rathnayake, Nipuna Weerasekara, Charitha Elvitigala, Kenneth Thilakarathna, Primal Wijesekera, Kasun De Zoysa, Chamath Keppitiyagama. 2447-2449 [doi]
- Optimized Predictive Control for AGC Cyber ResiliencyMuhammad Nouman Nafees, Neetesh Saxena, Pete Burnap. 2450-2452 [doi]
- POSTER: OS Independent Fuzz Testing of I/O BoundaryMasanori Misono, Takahiro Shinagawa. 2453-2455 [doi]
- Util: : Lookup: Exploiting Key Decoding in Cryptographic LibrariesFlorian Sieck, Sebastian Berndt, Jan Wichelmann, Thomas Eisenbarth 0001. 2456-2473 [doi]
- Morpheus: Bringing The (PKCS) One To Meet the OracleMoosa Yahyazadeh, Sze Yiu Chau, Li Li, Man Hong Hue, Joyanta Debnath, Sheung Chiu Ip, Chun Ngai Li, Md. Endadul Hoque, Omar Chowdhury. 2474-2496 [doi]
- PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wildDaniel De Almeida Braga, Pierre-Alain Fouque, Mohamed Sabt. 2497-2512 [doi]
- Search-Based Local Black-Box Deobfuscation: Understand, Improve and MitigateGrégoire Menguy, Sébastien Bardin, Richard Bonichon, Cauim de Souza Lima. 2513-2525 [doi]
- Learning to Explore Paths for Symbolic ExecutionJingxuan He, Gishor Sivanrupan, Petar Tsankov, Martin T. Vechev. 2526-2540 [doi]
- Mechanized Proofs of Adversarial Complexity and Application to Universal ComposabilityManuel Barbosa, Gilles Barthe, Benjamin Grégoire, Adrien Koutsos, Pierre-Yves Strub. 2541-2563 [doi]
- EasyPQC: Verifying Post-Quantum CryptographyManuel Barbosa, Gilles Barthe, Xiong Fan, Benjamin Grégoire, Shih-Han Hung, Jonathan Katz, Pierre-Yves Strub, Xiaodi Wu, Li Zhou. 2564-2586 [doi]
- Machine-checked ZKP for NP relations: Formally Verified Security Proofs and Implementations of MPC-in-the-HeadJosé Bacelar Almeida, Manuel Barbosa, Manuel L. Correia, Karim Eldefrawy, Stéphane Graham-Lengrand, Hugo Pacheco 0001, Vitor Pereira. 2587-2600 [doi]
- An In-Depth Symbolic Security Analysis of the ACME StandardKarthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do 0001, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Tim Würtele. 2601-2617 [doi]
- Biometrics-Authenticated Key Exchange for Secure MessagingMei Wang, Kun He 0008, Jing Chen 0003, Zengpeng Li, Wei Zhao, RuiYing Du. 2618-2631 [doi]
- Verifying Table-Based ElectionsDavid A. Basin, Jannik Dreier, Sofia Giampietro, Sasa Radomirovic. 2632-2652 [doi]
- Efficient CCA Timed Commitments in Class GroupsSri Aravinda Krishnan Thyagarajan, Guilhem Castagnos, Fabien Laguillaumie, Giulio Malavolta. 2663-2684 [doi]
- MPC-Friendly Commitments for Publicly Verifiable Covert SecurityNitin Agrawal 0002, James Bell 0001, Adrià Gascón, Matt J. Kusner. 2685-2704 [doi]
- Asynchronous Data Dissemination and its ApplicationsSourav Das, Zhuolun Xiang, Ling Ren 0001. 2705-2721 [doi]
- Faster Lattice-Based KEMs via a Generic Fujisaki-Okamoto Transform Using Prefix HashingJulien Duman, Kathrin Hövelmanns, Eike Kiltz, Vadim Lyubashevsky, Gregor Seiler. 2722-2737 [doi]
- PPE Circuits for Rational PolynomialsSusan Hohenberger, Satyanarayana Vusirikala. 2738-2757 [doi]
- Amortized Threshold Symmetric-key EncryptionMihai Christodorescu, Sivanarayana Gaddam, Pratyay Mukherjee, Rohit Sinha 0001. 2758-2779 [doi]
- The Invisible Shadow: How Security Cameras Leak Private ActivitiesJian Gong, Xinyu Zhang, Ju Ren, Yaoxue Zhang. 2780-2793 [doi]
- The One-Page Setting: A Higher Standard for Evaluating Website Fingerprinting DefensesTao Wang. 2794-2806 [doi]
- WristPrint: Characterizing User Re-identification Risks from Wrist-worn Accelerometry DataNazir Saleheen, Md. Azim Ullah, Supriyo Chakraborty, Deniz S. Ones, Mani B. Srivastava, Santosh Kumar 0001. 2807-2823 [doi]
- Consistency Analysis of Data-Usage Purposes in Mobile AppsDuc Bui, Yuan Yao, Kang G. Shin, Jong Min Choi, Junbum Shin. 2824-2843 [doi]
- SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content BlockingMichael Smith, Peter Snyder, Benjamin Livshits, Deian Stefan. 2844-2857 [doi]
- Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based VirtualizationWenna Song, Jiang Ming 0002, Lin Jiang, Yi Xiang, Xuanchen Pan, Jianming Fu, Guojun Peng. 2858-2874 [doi]
- One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted VirtualizationRobert Buhren, Hans Niklas Jacob, Thilo Krachenfels, Jean-Pierre Seifert. 2875-2889 [doi]
- RealSWATT: Remote Software-based Attestation for Embedded Devices under Realtime ConstraintsSebastian Surminski, Christian Niesler, Ferdinand Brasser, Lucas Davi, Ahmad-Reza Sadeghi. 2890-2905 [doi]
- Prime+Scope: Overcoming the Observer Effect for High-Precision Cache Contention AttacksAntoon Purnal, Furkan Turan, Ingrid Verbauwhede. 2906-2920 [doi]
- On the TOCTOU Problem in Remote AttestationIvan De Oliveira Nunes, Sashidhar Jakkamsetti, Norrathep Rattanavipanon, Gene Tsudik. 2921-2936 [doi]
- CrossLine: Breaking "Security-by-Crash" based Memory Isolation in AMD SEVMengyuan Li, Yinqian Zhang, Zhiqiang Lin. 2937-2950 [doi]
- Zero Knowledge Static Program AnalysisZhiyong Fang, David Darais, Joseph P. Near, Yupeng Zhang. 2951-2967 [doi]
- zkCNN: Zero Knowledge Proofs for Convolutional Neural Network Predictions and AccuracyTianyi Liu, Xiang Xie, Yupeng Zhang. 2968-2985 [doi]
- QuickSilver: Efficient and Affordable Zero-Knowledge Proofs for Circuits and Polynomials over Any FieldKang Yang 0002, Pratik Sarkar, Chenkai Weng, Xiao Wang 0012. 2986-3001 [doi]
- ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data ExchangeYun Li, Cun Ye, Yuguang Hu, Ivring Morpheus, Yu Guo, Chao Zhang, Yupeng Zhang, Zhipeng Sun, Yiwen Lu, Haodi Wang. 3002-3021 [doi]
- Limbo: Efficient Zero-knowledge MPCitH-based ArgumentsCyprien Delpech de Saint Guilhem, Emmanuela Orsini, Titouan Tanguy. 3022-3036 [doi]
- "I need a better description": An Investigation Into User Expectations For Differential PrivacyRachel Cummings, Gabriel Kaptchuk, Elissa M. Redmiles. 3037-3052 [doi]
- An Inside Look into the Practice of Malware AnalysisMiuyin Yong Wong, Matthew Landen, Manos Antonakakis, Douglas M. Blough, Elissa M. Redmiles, Mustaque Ahamad. 3053-3069 [doi]
- The Effect of Google Search on Software Security: Unobtrusive Security Interventions via Content Re-rankingFelix Fischer 0001, Yannick Stachelscheid, Jens Grossklags. 3070-3084 [doi]
- 12 Angry Developers - A Qualitative Study on Developers' Struggles with CSPSebastian Roth, Lea Gröber, Michael Backes 0001, Katharina Krombholz, Ben Stock. 3085-3103 [doi]
- Subpopulation Data Poisoning AttacksMatthew Jagielski, Giorgio Severi, Niklas Pousette Harger, Alina Oprea. 3104-3122 [doi]
- Hidden Backdoors in Human-Centric Language ModelsShaofeng Li, Hui Liu, Tian Dong, Benjamin Zi Hao Zhao, Minhui Xue, Haojin Zhu, Jialiang Lu. 3123-3140 [doi]
- Backdoor Pre-trained Models Can Transfer to AllLujia Shen, Shouling Ji, Xuhong Zhang 0005, Jinfeng Li, Jing Chen, Jie Shi, Chengfang Fang, Jianwei Yin, Ting Wang. 3141-3158 [doi]
- Feature-Indistinguishable Attack to Circumvent Trapdoor-Enabled DefenseChaoxiang He, Bin Benjamin Zhu, Xiaojing Ma 0002, Hai Jin 0001, Shengshan Hu. 3159-3176 [doi]
- DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding AttacksChong Xiang 0001, Prateek Mittal. 3177-3196 [doi]
- DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security ApplicationsDongqi Han, Zhiliang Wang, Wenqi Chen, Ying Zhong, Su Wang, Han Zhang, Jiahai Yang, Xingang Shi, Xia Yin. 3197-3217 [doi]
- Structural Attack against Graph Based Android Malware DetectionKaifa Zhao, Hao Zhou, Yulin Zhu, Xian Zhan, Kai Zhou, Jianfeng Li, Le Yu, Wei Yuan, Xiapu Luo. 3218-3235 [doi]
- PalmTree: Learning an Assembly Language Model for Instruction EmbeddingXuezixiang Li, Yu Qu, Heng Yin. 3236-3251 [doi]
- A One-Pass Distributed and Private Sketch for Kernel Sums with Applications to Machine Learning at ScaleBenjamin Coleman, Anshumali Shrivastava. 3252-3265 [doi]
- COINN: Crypto/ML Codesign for Oblivious Inference via Neural NetworksSiam Umar Hussain, Mojan Javaheripi, Mohammad Samragh, Farinaz Koushanfar. 3266-3281 [doi]
- Locating the Security Patches for Disclosed OSS Vulnerabilities with Vulnerability-Commit Correlation RankingXin Tan, Yuan Zhang, Chenyuan Mi, Jiajun Cao, Kun Sun, Yifan Lin, Min Yang. 3282-3299 [doi]
- Facilitating Vulnerability Assessment through PoC MigrationJiarun Dai, Yuan Zhang 0009, Hailong Xu, Haiming Lyu, Zicheng Wu, Xinyu Xing, Min Yang 0002. 3300-3317 [doi]
- Igor: Crash Deduplication Through Root-Cause ClusteringZhiyuan Jiang, Xiyue Jiang, Ahmad Hazimeh, Chaojing Tang, Chao Zhang, Mathias Payer. 3318-3336 [doi]
- Validating the Integrity of Audit Logs Against Execution Repartitioning AttacksCarter Yagemann, Mohammad A. Noureddine, Wajih Ul Hassan, Simon Chung, Adam Bates 0001, Wenke Lee. 3337-3351 [doi]
- C3PO: Large-Scale Study Of Covert Monitoring of C&C Servers via Over-Permissioned Protocol InfiltrationJonathan Fuller, Ranjita Pai Kasturi, Amit Sikder, Haichuan Xu, Berat Arik, Vivek Verma, Ehsan Asdar, Brendan Saltaformaggio. 3352-3365 [doi]
- New Directions in Automated Traffic AnalysisJordan Holland, Paul Schmitt, Nick Feamster, Prateek Mittal. 3366-3383 [doi]
- Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model ComparisonZhongjie Wang 0002, Shitong Zhu, Keyu Man, Pengxiong Zhu, Yu Hao, Zhiyun Qian, Srikanth V. Krishnamurthy, Tom La Porta, Michael J. De Lucia. 3384-3399 [doi]
- DNS Cache Poisoning Attack: Resurrections with Side ChannelsKeyu Man, Xin'an Zhou, Zhiyun Qian. 3400-3414 [doi]
- Packet Scheduling with Optional Client PrivacyAndrew Beams, Sampath Kannan, Sebastian Angel. 3415-3430 [doi]
- Realtime Robust Malicious Traffic Detection via Frequency Domain AnalysisChuanpu Fu, Qi Li 0002, Meng Shen, Ke Xu. 3431-3446 [doi]
- OpenSquare: Decentralized Repeated Modular Squaring ServiceSri Aravinda Krishnan Thyagarajan, Tiantian Gong, Adithya Bhat, Aniket Kate, Dominique Schröder. 3447-3464 [doi]
- Generalized Proof of LiabilitiesYan Ji, Konstantinos Chalkias. 3465-3486 [doi]
- Mining in Logarithmic SpaceAggelos Kiayias, Nikos Leonardos, Dionysis Zindros. 3487-3501 [doi]
- RandPiper - Reconfiguration-Friendly Random Beacons with Quadratic CommunicationAdithya Bhat, Nibesh Shrestha, Zhongtang Luo, Aniket Kate, Kartik Nayak. 3502-3524 [doi]