Table of Contents

• Android, Notify Me When It Is Time To Go PhishingAntonio Ruggia, Andrea Possemato, Alessio Merlo, Dario Nisi, Simone Aonzo. 1-17 [doi]
• Understanding, Measuring, and Detecting Modern Technical Support ScamsJienan Liu, Pooja Pun, Phani Vadrevu, Roberto Perdisci. 18-38 [doi]
• Active Countermeasures for Email FraudWentao Chen, Fuzhou Wang, Matthew Edwards. 39-55 [doi]
• Multi-Factor Credential Hashing for Asymmetric Brute-Force Attack ResistanceVivek Nair, Dawn Song. 56-72 [doi]
• Chex-Mix: Combining Homomorphic Encryption with Trusted Execution Environments for Oblivious Inference in the CloudDeepika Natarajan, Andrew D. Loveless, Wei Dai, Ronald G. Dreslinski. 73-91 [doi]
• A Generic Obfuscation Framework for Preventing ML-Attacks on Strong-PUFs through Exploitation of DRAM-PUFsOwen Millwood, Meltem Kurt Pehlivanoglu, Aryan Mohammadi Pasikhani, Jack Miskelly, Prosanta Gope, Elif Bilge Kavun. 92-106 [doi]
• Automatic verification of transparency protocolsVincent Cheval, José Moreira, Mark Ryan 0001. 107-121 [doi]
• SoK: Data SovereigntyJens Ernstberger, Jan Lauinger, Fatima Elsheimy, Liyi Zhou, Sebastian Steinhorst, Ran Canetti, Andrew Miller 0001, Arthur Gervais, Dawn Song. 122-143 [doi]
• An Unbiased Transformer Source Code Learning with Semantic Vulnerability GraphNafis Tanveer Islam, Gonzalo De La Torre Parra, Dylan Manuel, Elias Bou-Harb, Peyman Najafirad. 144-159 [doi]
• Protecting Voice-Controllable Devices Against Self-Issued Voice CommandsSergio Esposito, Daniele Sgandurra, Giampaolo Bella. 160-174 [doi]
• When the Curious Abandon Honesty: Federated Learning Is Not PrivateFranziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot. 175-199 [doi]
• A Certified Radius-Guided Attack Framework to Image Segmentation ModelsWenjie Qu 0001, Youqi Li, Binghui Wang. 200-220 [doi]
• SoK: Explainable Machine Learning for Computer Security ApplicationsAzqa Nadeem, Daniël Vos, Clinton Cao, Luca Pajola, Simon Dieck, Robert Baumgartner, Sicco Verwer. 221-240 [doi]
• Reconstructing Individual Data Points in Federated Learning Hardened with Differential Privacy and Secure AggregationFranziska Boenisch, Adam Dziedzic, Roei Schuster, Ali Shahin Shamsabadi, Ilia Shumailov, Nicolas Papernot. 241-257 [doi]
• Towards Fine-Grained Localization of Privacy BehaviorsVijayanta Jain, Sepideh Ghanavati, Sai Teja Peddinti, Collin McMillan. 258-277 [doi]
• Masterkey attacks against free-text keystroke dynamics and security implications of demographic factorsTim Van hamme, Giuseppe Garofalo, Davy Preuveneers, Wouter Joosen. 278-291 [doi]
• "Act natural!": Exchanging Private Messages on Public BlockchainsThore Tiemann, Sebastian Berndt 0001, Thomas Eisenbarth 0001, Maciej Liskiewicz. 292-308 [doi]
• smartFHE: Privacy-Preserving Smart Contracts from Fully Homomorphic EncryptionRavital Solomon, Rick Weber, Ghada Almashaqbeh. 309-331 [doi]
• Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the WildJiaqi Chen, Yibo Wang, Yuxuan Zhou, Wanning Ding, Yuzhe Tang, Xiaofeng Wang, Kai Li. 332-351 [doi]
• MISO: Legacy-compatible Privacy-preserving Single Sign-on using Trusted Execution EnvironmentsRongwu Xu, Sen Yang, Fan Zhang, Zhixuan Fang. 352-372 [doi]
• Forward Pass: On the Security Implications of Email Forwarding Mechanism and PolicyEnze Liu 0001, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey M. Voelker, Stefan Savage. 373-391 [doi]
• Privformer: Privacy-preserving Transformer with MPCYoshimasa Akimoto, Kazuto Fukuchi, Youhei Akimoto, Jun Sakuma. 392-410 [doi]
• Coverage and Secure Use Analysis of Content Security Policies via ClusteringMengxia Ren, Chuan Yue. 411-428 [doi]
• CommiTEE : An Efficient and Secure Commit-Chain Protocol using TEEsAndreas Erwig, Sebastian Faust, Siavash Riahi 0002, Tobias Stöcker. 429-448 [doi]
• EF↯CF: High Performance Smart Contract Fuzzing for Exploit GenerationMichael Rodler, David Paaßen, Wenting Li, Lukas Bernhard, Thorsten Holz, Ghassan Karame, Lucas Davi. 449-471 [doi]
• Fuzzing SGX Enclaves via Host Program MutationsArslan Khan, Muqi Zou, Kyungtae Kim, Dongyan Xu, Antonio Bianchi, Dave Jing Tian. 472-488 [doi]
• Finding Fixed Vulnerabilities with Off-the-Shelf Static AnalysisTrevor Dunlap, Seaver Thorn, William Enck, Bradley Reaves. 489-505 [doi]
• Code Vulnerability Detection via Signal-Aware LearningSahil Suneja, Yufan Zhuang, Yunhui Zheng, Jim Laredo, Alessandro Morari, Udayan Khurana. 506-523 [doi]
• Hunting for Truth: Analyzing Explanation Methods in Learning-based Vulnerability DiscoveryTom Ganz, Philipp Rall, Martin Härterich, Konrad Rieck. 524-541 [doi]
• Systematic Improvement of Access-Stratum Security in Mobile NetworksRhys Miller, Ioana Boureanu, Stephan Wesemeyer, Zhili Sun, Hemant Zope. 542-557 [doi]
• Anomaly-based Filtering of Application-Layer DDoS Against DNS AuthoritativesJonas Bushart, Christian Rossow. 558-575 [doi]
• SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using HoneypotsMarcin Nawrocki, John Kristoff, Raphael Hiesgen, Chris Kanich, Thomas C. Schmidt, Matthias Wählisch. 576-591 [doi]
• SoK: Pragmatic Assessment of Machine Learning for Network Intrusion DetectionGiovanni Apruzzese, Pavel Laskov, Johannes Schneider 0002. 592-614 [doi]
• GNN4IFA: Interest Flooding Attack Detection With Graph Neural NetworksAndrea Agiollo, Enkeleda Bardhi, Mauro Conti, Riccardo Lazzeretti, Eleonora Losiouk, Andrea Omicini. 615-630 [doi]
• SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural OptimizationsNadja Ramhöj Holtryd, Madhavan Manivannan, Per Stenström. 631-650 [doi]
• MicroProfiler: Principled Side-Channel Mitigation through Microarchitectural ProfilingMarton Bognar, Hans Winderix, Jo Van Bulck, Frank Piessens. 651-670 [doi]
• You Cannot Always Win the Race: Analyzing mitigations for branch target prediction attacksAlyssa Milburn, Ke Sun, Henrique Kawakami. 671-686 [doi]
• Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic CodeFerhat Erata, Ruzica Piskac, Víctor Mateu, Jakub Szefer. 687-706 [doi]
• From Dragondoom to Dragonstar: Side-channel Attacks and Formally Verified Implementation of WPA3 Dragonfly HandshakeDaniel De Almeida Braga, Natalia Kulatova, Mohamed Sabt, Pierre-Alain Fouque, Karthikeyan Bhargavan. 707-723 [doi]
• Recurring Contingent Service PaymentAydin Abadi, Steven J. Murdoch, Thomas Zacharias 0001. 724-756 [doi]
• SIM: Secure Interval Membership Testing and Applications to Secure ComparisonAlbert Yu 0003, Donghang Lu, Aniket Kate, Hemanta K. Maji. 757-772 [doi]
• Careful with MAc-then-SIGn: A Computational Analysis of the EDHOC Lightweight Authenticated Key Exchange ProtocolFelix Günther 0001, Marc Ilunga Tshibumbu Mukendi. 773-796 [doi]
• Proof-of-Learning is Currently More Broken Than You ThinkCongyu Fang, Hengrui Jia, Anvith Thudi, Mohammad Yaghini, Christopher A. Choquette-Choo, Natalie Dullerud, Varun Chandrasekaran, Nicolas Papernot. 797-816 [doi]
• Certifiably Vulnerable: Using Certificate Transparency Logs for Target ReconnaissanceStijn Pletinckx, Thanh-Dat Nguyen, Tobias Fiebig, Christopher Kruegel, Giovanni Vigna. 817-831 [doi]
• Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger APIJosé Miguel Moreno, Narseo Vallina-Rodriguez, Juan Tapiador. 832-846 [doi]
• DarkDialogs: Automated detection of 10 dark patterns on cookie dialogsDaniel Kirkman, Kami Vaniea, Daniel W. Woods. 847-867 [doi]
• SoK: Content Moderation in Social Media, from Guidelines to Enforcement, and Research to PracticeMohit Singhal, Chen Ling, Pujan Paudel, Poojitha Thota, Nihal Kumarswamy, Gianluca Stringhini, Shirin Nilizadeh. 868-895 [doi]
• SMART Credentials in the Multi-queue of Slackness (or Secure Management of Anonymous Reputation Traits without Global Halting)Jack P. K. Ma, Sherman S. M. Chow. 896-912 [doi]
• Been Here Already? Detecting Synchronized Browsers in the WildPantelina Ioannou, Elias Athanasopoulos. 913-927 [doi]
• Asynchronous Remote Key Generation for Post-Quantum Cryptosystems from LatticesNick Frymann, Daniel Gardham, Mark Manulis. 928-941 [doi]
• Revelio: A Network-Level Privacy Attack in the Lightning NetworkTheo von Arx, Muoi Tran, Laurent Vanbever. 942-957 [doi]
• Conjunctive Searchable Symmetric Encryption from Hard LatticesDebadrita Talapatra, Sikhar Patranabis, Debdeep Mukhopadhyay. 958-978 [doi]
• Provable Adversarial Safety in Cyber-Physical SystemsJohn Henry Castellanos, Mohamed Maghenem, Alvaro A. Cárdenas, Ricardo G. Sanfelice, Jianying Zhou 0001. 979-1012 [doi]
• Privately Evaluating Region Overlaps with Applications to Collaborative Sensor Output ValidationAnrin Chakraborti, Michael K. Reiter. 1013-1029 [doi]
• Exploring Smart Commercial Building Occupants' Perceptions and Notification Preferences of Internet of Things Data Collection in the United StatesTu Le, Alan Wang, Yaxing Yao, Yuanyuan Feng, Arsalan Heydarian, Norman M. Sadeh, Yuan Tian 0001. 1030-1046 [doi]
• AoT - Attack on Things: A security analysis of IoT firmware updatesMuhammad Ibrahim, Andrea Continella, Antonio Bianchi. 1047-1064 [doi]
• Comprehensively Analyzing the Impact of Cyberattacks on Power GridsLennart Bader, Martin Serror, Olav Lamberts, Ömer Sen, Dennis van der Velde, Immanuel Hacker, Julian Filter, Elmar Padilla, Martin Henze. 1065-1081 [doi]
• SoK: Rethinking Sensor Spoofing Attacks against Robotic Vehicles from a Systematic ViewYuan Xu, Xingshuo Han, Gelei Deng, Jiwei Li 0001, Yang Liu 0003, Tianwei Zhang 0004. 1082-1100 [doi]
• NodeMedic: End-to-End Analysis of Node.js Vulnerabilities with Provenance GraphsDarion Cassel, Wai Tuck Wong, Limin Jia 0001. 1101-1127 [doi]
• faulTPM: Exposing AMD fTPMs' Deepest SecretsHans Niklas Jacob, Christian Werling, Robert Buhren, Jean-Pierre Seifert. 1128-1142 [doi]
• CHERI-TrEE: Flexible enclaves on capability machinesThomas Van Strydonck, Job Noorman, Jennifer Jackson, Leonardo Alves Dias, Robin Vanderstraeten, David F. Oswald, Frank Piessens, Dominique Devriese. 1143-1159 [doi]
• SOK: Side Channel Monitoring for Additive Manufacturing - Bridging Cybersecurity and Quality Assurance CommunitiesMuhammad Ahsan, Muhammad Haris Rais, Irfan Ahmed 0001. 1160-1178 [doi]
• Watermarking Graph Neural Networks based on Backdoor AttacksJing Xu, Stefanos Koffas, Oguzhan Ersoy, Stjepan Picek. 1179-1197 [doi]