Table of Contents

• Fuzzing@Home: Distributed Fuzzing on Untrusted Heterogeneous ClientsDaeHee Jang, Ammar Askar, Insu Yun, Stephen Tong, Yiqin Cai, Taesoo Kim. 1-16 [doi]
• Exploiting Metaobjects to Reinforce Data Leakage AttacksHoyong Jeong, Hodong Kim, Junbeom Hur. 17-29 [doi]
• RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64Tobias Cloosters, David Paaßen, Jianqiang Wang, Oussama Draissi, Patrick Jauernig, Emmanuel Stapf, Lucas Davi, Ahmad-Reza Sadeghi. 30-42 [doi]
• Towards Deceptive Defense in Software Security with Chaff BugsZhenghao Hu, Yu Hu, Brendan Dolan-Gavitt. 43-55 [doi]
• TrustedGateway: TEE-Assisted Routing and Firewall Enforcement Using ARM TrustZoneFabian Schwarz. 56-71 [doi]
• Write Me and I'll Tell You Secrets - Write-After-Write Effects On Intel CPUsJan Philipp Thoma, Tim Güneysu. 72-85 [doi]
• On the Challenges of Detecting Side-Channel Attacks in SGXJianyu Jiang, Claudio Soriente, Ghassan Karame. 86-98 [doi]
• Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on EthereumDabao Wang, Hang Feng, Siwei Wu, Yajin Zhou, Lei Wu 0012, Xingliang Yuan. 99-114 [doi]
• Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart ContractsChristof Ferreira Torres, Hugo Jonker, Radu State. 115-128 [doi]
• Threshold EdDSA Signature for Blockchain-based Decentralized Finance ApplicationsYang Shi 0002, Junqing Liang, Mianhong Li, Tianchen Ma, Guodong Ye, Jiangfeng Li, Qinpei Zhao. 129-142 [doi]
• Understanding the Behavior Transparency of Voice Assistant Applications Using the ChatterBox FrameworkAtsuko Natatsuka, Ryo Iijima, Takuya Watanabe 0001, Mitsuaki Akiyama, Tetsuya Sakai, Tatsuya Mori. 143-159 [doi]
• New Cloaking Region Obfuscation for Road Network-Indistinguishability and Location PrivacyBaihe Ma, Xiaojie Lin, Xu Wang, Bin Liu 0028, Ying He, Wei N 0001i, Ren Ping Liu. 160-170 [doi]
• Detection of Electromagnetic Signal Injection Attacks on Actuator SystemsYouqian Zhang, Kasper Rasmussen. 171-184 [doi]
• HALC: A Real-time In-sensor Defense against the Magnetic Spoofing Attack on Hall SensorsAnomadarshi Barua, Mohammad Abdullah Al Faruque. 185-199 [doi]
• What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral ModelingJun Yeon Won, Haohuang Wen, Zhiqiang Lin. 200-213 [doi]
• Katana: Robust, Automated, Binary-Only Forensic Analysis of Linux Memory SnapshotsFabian Franzen, Tobias Holl, Manuel Andreas, Julian Kirsch, Jens Grossklags. 214-231 [doi]
• ULTRA: Ultimate Rootkit Detection over the AirDuy-Phuc Pham, Damien Marion 0001, Annelie Heuser. 232-251 [doi]
• Odile: A scalable tracing tool for non-rooted and on-device Android phonesAlain Tchana, Lavoisier Lavoisier Wapet, Yérom-David Bromberg. 252-262 [doi]
• Mirrors in the Sky: On the Potential of Clouds in DNS Reflection-based Denial-of-Service AttacksRamin Yazdani, Alden Hilton, Jeroen van der Ham, Roland van Rijswijk-Deij, Casey T. Deccio, Anna Sperotto, Mattijs Jonker. 263-275 [doi]
• Harm-DoS: Hash Algorithm Replacement for Mitigating Denial-of-Service Vulnerabilities in Binary ExecutablesNicolaas Weideman, Haoda Wang, Tyler Kann, Spencer Zahabizadeh, Wei-Cheng Wu, Rajat Tandon, Jelena Mirkovic, Christophe Hauser. 276-291 [doi]
• Zigbee's Network Rejoin Procedure for IoT Systems: Vulnerabilities and ImplicationsJincheng Wang, Zhuohua Li, Mingshen Sun, John C. S. Lui. 292-307 [doi]
• Systematically Evaluating the Robustness of ML-based IoT Malware Detection SystemsAhmed Abusnaina, Afsah Anwar, Sultan Alshamrani, Abdulrahman Alabduljabbar, RhongHo Jang, DaeHun Nyang, David Mohaisen. 308-320 [doi]
• Transferable Graph Backdoor AttackShuiqiao Yang, Bao Gia Doan, Paul Montague, Olivier Y. de Vel, Tamas Abraham, Seyit Camtepe, Damith C. Ranasinghe, Salil S. Kanhere. 321-332 [doi]
• Automated Runtime Mitigation for Misconfiguration Vulnerabilities in Industrial Control SystemsQingzhao Zhang, Xiao Zhu 0001, Mu Zhang 0001, Z. Morley Mao. 333-349 [doi]
• BinProv: Binary Code Provenance Identification without DisassemblyXu He, Shu Wang, Yunlong Xing, Pengbin Feng, Haining Wang, Qi Li, Songqing Chen, Kun Sun 0001. 350-363 [doi]
• LiCA: A Fine-grained and Path-sensitive Linux Capability Analysis FrameworkMenghan Sun, Zirui Song, Xiaoxi Ren, Daoyuan Wu, Kehuan Zhang. 364-379 [doi]
• Script Tainting Was Doomed From The Start (By Type Conversion): Converting Script Engines into Dynamic Taint Analysis FrameworksToshinori Usui, Yuto Otsuki, Yuhei Kawakoya, Makoto Iwamura, Kanta Matsuura. 380-394 [doi]
• Decap: Deprivileging Programs by Reducing Their CapabilitiesMd Mehedi Hasan, Seyedhamed Ghavamnia, Michalis Polychronakis. 395-408 [doi]
• Viopolicy-Detector: An Automated Approach to Detecting GDPR Suspected Compliance Violations in WebsitesHaoran Ou, Yong Fang 0002, Yongyan Guo, Wenbo Guo 0011, Cheng Huang 0003. 409-430 [doi]
• Context-Auditor: Context-sensitive Content Injection MitigationFaezeh Kalantari, Mehrnoosh Zaeifi, Tiffany Bao, Ruoyu Wang 0001, Yan Shoshitaishvili, Adam Doupé. 431-445 [doi]
• Content-Agnostic Detection of Phishing Domains using Certificate Transparency and Passive DNSMashael Al Sabah, Mohamed Nabeel, Yazan Boshmaf, Euijin Choo. 446-459 [doi]
• OAuch: Exploring Security Compliance in the OAuth 2.0 EcosystemPieter Philippaerts, Davy Preuveneers, Wouter Joosen. 460-481 [doi]
• CJ-Sniffer: Measurement and Content-Agnostic Detection of Cryptojacking TrafficYebo Feng, Jun Li, Devkishen Sisodia. 482-494 [doi]
• Encrypted Malware Traffic Detection via Graph-based Network AnalysisZhuoqun Fu, Mingxuan Liu, Yue Qin, Jia Zhang, Yuan Zou, Qilei Yin, Qi Li, Haixin Duan. 495-509 [doi]
• IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection SystemsKonrad Wolsing, Eric Wagner 0003, Antoine Saillard, Martin Henze. 510-525 [doi]