Table of Contents

• Exceptional Interprocedural Control Flow Graphs for x86-64 BinariesJoshua A. Bockenek, Freek Verbeek, Binoy Ravindran. 3-22 [doi]
• S2malloc: Statistically Secure Allocator for Use-After-Free Protection and MoreRuizhe Wang, Meng Xu, N. Asokan. 23-43 [doi]
• Acoustic Side-Channel Attacks on a Computer MouseMauro Conti, Marin Duroyon, Gabriele Orazi, Gene Tsudik. 44-63 [doi]
• Using Semgrep OSS to Find OWASP Top 10 Weaknesses in PHP Applications: A Case StudyLukas Kree, René Helmke, Eugen Winter. 64-83 [doi]
• Modularizing Directed Greybox Fuzzing for Binaries over Multiple CPU ArchitecturesSofiane Benahmed, Abdullah Qasem, Anis Lounis, Mourad Debbabi. 84-103 [doi]
• Constructs of Deceit: Exploring Nuances in Modern Social Engineering AttacksMohammad Ali Tofighi, Behzad Ousat, Javad Zandi, Esteban Schafir, Amin Kharraz. 107-127 [doi]
• Tarallo: Evading Behavioral Malware Detectors in the Problem SpaceGabriele Digregorio, Salvatore Maccarrone, Mario D'Onghia, Luigi Gallo, Michele Carminati, Mario Polino, Stefano Zanero. 128-149 [doi]
• Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense MethodCristian Assaiante, Simone Nicchi, Daniele Cono D'Elia, Leonardo Querzoni. 150-173 [doi]
• Extended Abstract: Evading Packing Detection: Breaking Heuristic-Based Static DetectorsAlexandre D'Hondt, Charles-Henry Bertrand Van Ouytsel, Axel Legay. 174-183 [doi]
• Listening Between the Bits: Privacy Leaks in Audio FingerprintsMoritz Pfister, Robert Michael, Max Boll, Cosima Körfer, Konrad Rieck, Daniel Arp. 184-204 [doi]
• Bringing UFUs Back into the Air with FUEL: A Framework for Evaluating the Effectiveness of Unrestricted File Upload Vulnerability ScannersSebastian Neef, Maath Oudeh. 207-226 [doi]
• SandPuppy: Deep-State Fuzzing Guided by Automatic Detection of State-Representative VariablesVivin Paliath, Erik Trickel, Tiffany Bao, Ruoyu Wang 0001, Adam Doupé, Yan Shoshitaishvili. 227-250 [doi]
• Extended Abstract - Tracking Manifests - Persistent Identifiers in Progressive Web AppsDolière Francis Somé. 251-260 [doi]
• PayRide: Secure Transport e-Ticketing with Untrusted Smartphone LocationMichele Marazzi, Patrick Jattke, Jason Zibung, Kaveh Razavi. 261-282 [doi]
• Knocking on Admin's Door: Protecting Critical Web Applications with DeceptionBilly Tsouvalas, Nick Nikiforakis. 283-306 [doi]
• Approach for the Optimization of Machine Learning Models for Calculating Binary Function SimilaritySuguru Horimoto, Keane Lucas, Lujo Bauer. 309-329 [doi]
• Inferring Recovery Steps from Cyber Threat Intelligence ReportsZsolt Levente Kucsván, Marco Caselli, Andreas Peter, Andrea Continella. 330-349 [doi]
• Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMsTrevor Dunlap, John Speed Meyers, Bradley Reaves, William Enck. 350-369 [doi]
• Extended Abstract: Assessing Language Models for Semantic Textual Similarity in CybersecurityArian Soltani, D'Jeff K. Nkashama, Jordan F. Masakuna, Marc Frappier, Pierre-Martin Tardif, Froduald Kabanza. 370-380 [doi]
• Extended Abstract: A Transfer Learning-Based Training Approach for DGA ClassificationArthur Drichel, Benedikt von Querfurth, Ulrike Meyer. 381-391 [doi]
• Seum Spread: Discerning Security Flaws in IoT Firmware via Call Sequence SemanticsAnis Lounis, Anthony Andreoli, Mourad Debbabi, Aiman Hanna. 395-415 [doi]
• GlueZilla: Efficient and Scalable Software to Hardware Binding using RowhammerRuben Mechelinck, Daniel Dorfmeister, Bernhard Fischer, Stijn Volckaert, Stefan Brunthaler 0001. 416-438 [doi]
• SmmPack: Obfuscation for SMM Modules with TPM Sealed KeyKazuki Matsuo, Satoshi Tanda, Kuniyasu Suzaki, Yuhei Kawakoya, Tatsuya Mori. 439-459 [doi]
• Presshammer: Rowhammer and Rowpress Without Physical Address InformationJonas Juffinger, Sudheendra Raghav Neela, Martin Heckel, Lukas Schwarz, Florian Adamsky, Daniel Gruss. 460-479 [doi]
• SecMonS: A Security Monitoring Framework for IEC 61850 Substations Based on Configuration Files and LogsOnur Duman, Mengyuan Zhang 0001, Lingyu Wang 0001, Mourad Debbabi. 483-502 [doi]
• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical GridsEmad Efatinasab, Francesco Marchiori, Alessandro Brighente, Mirco Rampazzo, Mauro Conti. 503-524 [doi]
• Wireless Modulation Identification: Filling the Gap in IoT Networks Security AuditFlorent Galtier, Guillaume Auriol, Vincent Nicomette, Paul L. R. Olivier, Romain Cayre, Mohamed Kaâniche. 525-544 [doi]
• Extended Abstract: Assessing GNSS Vulnerabilities in Smart GridsSine Canbolat, Clemens Fruböse, Ghada Elbez, Veit Hagenmeyer. 545-555 [doi]