Table of Contents

• Leveraging Deep Reinforcement Learning for Cyber-Attack Paths Prediction: Formulation, Generalization, and EvaluationFranco Terranova, Abdelkader Lahmadi, Isabelle Chrisment. 1-16 [doi]
• Understanding Web Fingerprinting with a Protocol-Centric ApproachBogdan Cebere, Christian Rossow. 17-34 [doi]
• Blocklist-Forecast: Proactive Domain Blocklisting by Identifying Malicious Hosting InfrastructureUdesh Kumarasinghe, Mohamed Nabeel, Charitha Elvitigala. 35-48 [doi]
• From Victims to Defenders: An Exploration of the Phishing Attack Reporting EcosystemZhibo Sun, Faris Bugra Kokulu, Penghui Zhang, Adam Oest, Gianluca Stringhini, Tiffany Bao, Ruoyu Wang 0001, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn. 49-64 [doi]
• Hidden Web Caches DiscoveryMatteo Golinelli, Bruno Crispo. 65-76 [doi]
• What do malware analysts want from academia? A survey on the state-of-the-practice to guide research developmentsMarcus Botacin. 77-96 [doi]
• Cross-Regional Malware Detection via Model Distilling and Federated LearningMarcus Botacin, Heitor Murilo Gomes. 97-113 [doi]
• ADAPT it! Automating APT Campaign and Group Attribution by Leveraging and Linking Heterogeneous FilesAakanksha Saha, Jorge Blasco, Lorenzo Cavallaro, Martina Lindorfer. 114-129 [doi]
• How to Train your Antivirus: RL-based Hardening through the Problem SpaceIlias Tsingenopoulos, Jacopo Cortellazzi, Branislav Bosanský, Simone Aonzo, Davy Preuveneers, Wouter Joosen, Fabio Pierazzi, Lorenzo Cavallaro. 130-146 [doi]
• Down to earth! Guidelines for DGA-based Malware DetectionBogdan-Constantin Cebere, Jonathan Lasse Bennet Flueren, Silvia Sebastián, Daniel Plohmann, Christian Rossow. 147-165 [doi]
• Encrypted Endpoints: Defending Online Services from Illegitimate Bot AutomationRichard August See, Kevin Röbert, Mathias Fischer 0001. 166-180 [doi]
• Extending C2 Traffic Detection Methodologies: From TLS 1.2 to TLS 1.3-enabled MalwareDiogo Barradas, Carlos Novo, Bernardo Portela, Sofia Romeiro, Nuno Santos 0001. 181-196 [doi]
• BluePrint: Automatic Malware Signature Generation for Internet ScanningKevin Stevens, Mert Erdemir, Hang Zhang, Taesoo Kim, Paul Pearce. 197-214 [doi]
• Mateen: Adaptive Ensemble Learning for Network Anomaly DetectionFahad Alotaibi, Sergio Maffeis. 215-234 [doi]
• Gudifu: Guided Differential Fuzzing for HTTP Request Parsing DiscrepanciesBahruz Jabiyev, Anthony Gavazzi, Kaan Onarlioglu, Engin Kirda. 235-247 [doi]
• Obfuscating Provenance-Based Forensic Investigations with Mapping System Meta-BehaviorAnyuan Sang, Yuchen Wang, Li Yang 0005, Junbo Jia, Lu Zhou. 248-262 [doi]
• AudiTrim: A Real-time, General, Efficient, and Low-overhead Data Compaction System for Intrusion DetectionHongbin Sun, Su Wang, Zhiliang Wang, Zheyu Jiang, Dongqi Han, Jiahai Yang 0001. 263-277 [doi]
• No Need for Details: Effective Anomaly Detection for Process Control Traffic in Absence of Protocol and Attack KnowledgeFranka Schuster, Hartmut König. 278-297 [doi]
• Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open ProblemsMengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin. 298-316 [doi]
• Honeyquest: Rapidly Measuring the Enticingness of Cyber Deception Techniques with Code-based QuestionnairesMario Kahlhofer, Stefan Achleitner, Stefan Rass, René Mayrhofer. 317-336 [doi]
• The "Big Beast to Tackle": Practices in Quality Assurance for Cyber Threat IntelligenceThomas Geras, Thomas Schreck. 337-352 [doi]
• Unraveling the Web of Disinformation: Exploring the Larger Context of State-Sponsored Influence Campaigns on TwitterMohammad Hammas Saeed, Shiza Ali, Pujan Paudel, Jeremy Blackburn, Gianluca Stringhini. 353-367 [doi]
• You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat IntelligenceTommaso Paladini, Lara Ferro, Mario Polino, Stefano Zanero, Michele Carminati. 368-383 [doi]
• KernJC: Automated Vulnerable Environment Generation for Linux Kernel VulnerabilitiesBonan Ruan, Jiahao Liu, Chuqi Zhang, Zhenkai Liang. 384-402 [doi]
• Tango: Extracting Higher-Order Feedback through State InferenceAhmad Hazimeh, Duo Xu, Qiang Liu 0034, Yan Wang, Mathias Payer. 403-418 [doi]
• Integrating Static Analyses for High-Precision Control-Flow IntegrityFlorian Kasten, Philipp Zieris, Julian Horsch. 419-434 [doi]
• Beyond REST: Introducing APIF for Comprehensive API Vulnerability FuzzingYu Wang, Yue Xu. 435-449 [doi]
• Efficiently Rebuilding Coverage in Hardware-Assisted Greybox FuzzingTai Yue, Yibo Jin 0006, Fengwei Zhang, Zhenyu Ning, Pengfei Wang 0010, Xu Zhou, Kai Lu. 450-464 [doi]
• Breaking Privacy in Model-Heterogeneous Federated LearningAtharva Haldankar, Arman Riasi, Hoang-Dung Nguyen, Tran-Phuong, Thang Hoang. 465-479 [doi]
• KGDist: A Prompt-Based Distillation Attack against LMs Augmented with Knowledge GraphsHualong Ma, Peizhuo Lv, Kai Chen 0012, Jiachen Zhou. 480-495 [doi]
• Enhancing Model Poisoning Attacks to Byzantine-Robust Federated Learning via Critical Learning PeriodsGang Yan, Hao Wang 0022, Xu Yuan 0001, Jian Li 0008. 496-512 [doi]
• AI-Generated Faces in the Real World: A Large-Scale Case Study of Twitter Profile ImagesJonas Ricker, Dennis Assenmacher, Thorsten Holz, Asja Fischer, Erwin Quiring. 513-530 [doi]
• Context-Aware Anomaly Detection Using Vehicle DynamicsChun-Yu Chen, Kang G. Shin, Soodeh Dadras. 531-545 [doi]
• Deception-Resistant Stochastic Manufacturing for Automated Production LinesZeyu Yang 0001, Hongyi Pu, Liang He 0002, Chengtao Yao, Jianying Zhou 0001, Peng Cheng 0001, Jiming Chen 0001. 546-560 [doi]
• Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused ProtocolsCarlotta Tagliaro, Martina Komsic, Andrea Continella, Kevin Borgolte, Martina Lindorfer. 561-578 [doi]
• CrypTody: Cryptographic Misuse Analysis of IoT Firmware via Data-flow ReasoningJianing Wang, Shanqing Guo, Wenrui Diao, Yue Liu, Haixin Duan, Yichen Liu, Zhenkai Liang. 579-593 [doi]
• A Comprehensive, Automated Security Analysis of the Uptane Automotive Over-the-Air Update FrameworkRobert Lorch, Daniel Larraz, Cesare Tinelli, Omar Chowdhury. 594-612 [doi]
• Catch You Cause I Can: Busting Rogue Base Stations using CellGuard and the Apple Cell Location DatabaseLukas Arnold, Matthias Hollick, Jiska Classen. 613-629 [doi]
• A Second Look at the Portability of Deep Learning Side-Channel Attacks over EM TracesMabon Ninan, Evan Nimmo, Shane Reilly, Channing Smith, Wenhai Sun, Boyang Wang, John Marty Emmert. 630-643 [doi]
• VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel ExtensionsLuis Gerhorst, Henriette Herzog, Peter Wägemann, Maximilian Ott, Rüdiger Kapitza, Timo Hönig. 644-659 [doi]
• Replay-resistant Disk Fingerprinting via Unintentional Electromagnetic EmanationsWenfan Song, Jianwei Liu 0008, Yajie Liu, Jinsong Han. 660-673 [doi]
• Prob-Hashcat: Accelerating Probabilistic Password Guessing with Hashcat by Hundreds of TimesZiyi Huang, Ding Wang 0002, Yunkai Zou. 674-692 [doi]
• Fixing Insecure Cellular System Information Broadcasts For GoodAlexander J. Ross, Bradley Reaves, Yomna Nasser, Gil Cukierman, Roger Piqueras Jover. 693-708 [doi]