IEEE Symposium on Security and Privacy, SP 2025, San Francisco, CA, USA, May 12-15, 2025 - researchr publication

researchr

You are not signed in
Sign in
Sign up

IEEE Symposium on Security and Privacy, SP 2025, San Francisco, CA, USA, May 12-15, 2025. IEEE, 2025. [doi]

Conference: sp

Abstract is missing.

SoK: Dataset Copyright Auditing in Machine Learning SystemsLinkang Du, Xuanru Zhou, Min Chen 0032, Chusong Zhang, Zhou Su, Peng Cheng, Jiming Chen 0001, Zhikun Zhang 0001. 1-19 [doi]

Restricting the Link: Effects of Focused Attention and Time Delay on Phishing Warning EffectivenessJustin Petelka, Benjamin Berens, Carlo Sugatan, Melanie Volkamer, Florian Schaub. 1-19 [doi]

SoK: Digging into the Digital Underworld of Stolen Data MarketsTina Marjanov, Alice Hutchings. 1-18 [doi]

Towards ML-KEM & ML-DSA on OpenTitanAmin Abdulrahman, Felix Oberhansl, Hoang Nguyen Hien Pham, Jade Philipoom, Peter Schwabe, Tobias Stelzer, Andreas Zankl. 1-19 [doi]

Secure Transfer Learning: Training Clean Model Against Backdoor in Pre-Trained Encoder and Downstream DatasetYechao Zhang, Yuxuan Zhou, Tianyu Li, Minghui Li, Shengshan Hu, Wei Luo, Leo Yu Zhang. 1-19 [doi]

TypeForge: Synthesizing and Selecting Best-Fit Composite Data Types for Stripped BinariesYanzhong Wang, Ruigang Liang, Yilin Li, Peiwei Hu, Kai Chen 0012, Bolun Zhang. 1-18 [doi]

Characterizing Robocalls with Multiple Vantage PointsSathvik Prasad, Aleksandr Nahapetyan, Bradley Reaves. 19-36 [doi]

Understanding the Efficacy of Phishing Training in PracticeGrant Ho, Ariana Mirian, Elisa Luo, Khang Tong, Euyhyun Lee, Lin Liu, Christopher A. Longhurst, Christian Dameff, Stefan Savage, Geoffrey M. Voelker. 37-54 [doi]

(Blind) Users Really Do Heed Aural Telephone Scam WarningsFilipo Sharevski, Jennifer Vander Loop, Bill Evans, Alexander Ponticello. 74-92 [doi]

Identifying Incoherent Search Sessions: Search Click Fraud Remediation Under Real-World ConstraintsRunze Zhang, Ranjita Pai Sridhar, Mingxuan Yao, Zheng Yang, David Oygenblik, Haichuan Xu, Vacha Dave, Cormac Herley, Paul England, Brendan Saltaformaggio. 93-111 [doi]

What We Talk About When We Talk About Logs: Understanding the Effects of Dataset Quality on Endpoint Threat Detection ResearchJason Liu 0002, Muhammad Adil Inam, Akul Goyal, Andy Riddle, Kim Westfall, Adam Bates 0001. 112-129 [doi]

Connecting the Extra Dots (Contexts): Correlating External Information about Point of Interest for Attack InvestigationSareh Mohammadi, Hugo Kermabon-Bobinnec, Azadeh Tabiban, Lingyu Wang 0001, Tomás Navarro Múnera, Yosr Jarraya. 130-148 [doi]

Ringtail: Practical Two-Round Threshold Signatures from Learning with ErrorsCecilia Boschini, Darya Kaviani, Russell W. F. Lai, Giulio Malavolta, Akira Takahashi 0002, Mehdi Tibouchi. 149-164 [doi]

Groundhog: A Restart-Based Systems Framework for Increasing Availability in Threshold CryptosystemsAshish Kashinath, Disha Agarwala, Gabriel Kulp, Sourav Das, Sibin Mohan, Radha Venkatagiri. 165-183 [doi]

Ring Referral: Efficient Publicly Verifiable Ad hoc Credential Scheme with Issuer and Strong User Anonymity for Decentralized Identity and MoreThe-Anh Ta, Xiangyu Hui, Sid Chi-Kin Chau. 184-202 [doi]

Robust Threshold ECDSA with Online-Friendly Design in Three RoundsGuoFeng Tang, Haiyang Xue. 203-221 [doi]

Security Attacks Abusing Pulse-level Quantum CircuitsChuanqi Xu, Jakub Szefer. 222-239 [doi]

Phecda: Post-Quantum Transparent zkSNARKs from Improved Polynomial Commitment and VOLE-in-the-Head with Application in Publicly Verifiable AESChangchang Ding, Yan Huang 0001. 240-258 [doi]

Gold OPRF: Post-Quantum Oblivious Power-Residue PRFYibin Yang, Fabrice Benhamouda, Shai Halevi, Hugo Krawczyk, Tal Rabin. 259-278 [doi]

Benchmarking Attacks on Learning with ErrorsEmily Wenger, Eshika Saxena, Mohamed Malhou, Ellie Thieu, Kristin E. Lauter. 279-297 [doi]

Understanding Users' Security and Privacy Concerns and Attitudes Towards Conversational AI PlatformsMutahar Ali, Arjun Arunasalam, Habiba Farrukh. 298-316 [doi]

On the (In)Security of LLM App StoresXinyi Hou, Yanjie Zhao, Haoyu Wang. 317-335 [doi]

GPTracker: A Large-Scale Measurement of Misused GPTsXinyue Shen 0001, Yun Shen, Michael Backes 0001, Yang Zhang. 336-354 [doi]

Modifier Unlocked: Jailbreaking Text-to-Image Models Through PromptsShuofeng Liu, Mengyao Ma, Minhui Xue 0001, Guangdong Bai. 355-372 [doi]

Fuzz-Testing Meets LLM-Based Agents: An Automated and Efficient Framework for Jailbreaking Text-to-Image Generation ModelsYingkai Dong, Xiangtao Meng, Ning Yu 0006, Zheng Li 0023, Shanqing Guo. 373-391 [doi]

On the Effectiveness of Prompt Stealing Attacks on In-the-Wild PromptsYicong Tan, Xinyue Shen 0001, Yun Shen, Michael Backes 0001, Yang Zhang 0016. 392-410 [doi]

Fun-tuning: Characterizing the Vulnerability of Proprietary LLMs to Optimization-Based Prompt Injection Attacks via the Fine-Tuning InterfaceAndrey Labunets, Nishit V. Pandya, Ashish Hooda, Xiaohan Fu, Earlence Fernandes. 411-429 [doi]

Harmonycloak: Making Music Unlearnable for Generative AISyed Irfan Ali Meerza, Lichao Sun 0001, Jian Liu. 430-448 [doi]

Hey, Your Secrets Leaked! Detecting and Characterizing Secret Leakage in the WildJiawei Zhou, Zidong Zhang, Lingyun Ying, Huajun Chai, Jiuxin Cao, Haixin Duan. 449-467 [doi]

Unveiling Security Vulnerabilities in Git Large File Storage ProtocolYuan Chen, Qinying Wang, Yong Yang, Yuanchao Chen, Yuwei Li, Shouling Ji. 468-485 [doi]

My Model is Malware to You: Transforming AI Models into Malware by Abusing TensorFlow APIsRuofan Zhu, Ganhao Chen, Wenbo Shen, Xiaofei Xie, Rui Chang. 486-503 [doi]

Speedrunning the Maze: Meeting Regulatory Patching Deadlines in a Large Enterprise EnvironmentGerbrand ten Napel, Michel van Eeten, Simon Parkin. 504-521 [doi]

A Deep Dive into How Open-Source Project Maintainers Review and Resolve Bug Bounty ReportsJessy Ayala, Steven Ngo, Joshua Garcia. 522-538 [doi]

Study Club, Labor Union or Start-Up? Characterizing Teams and Collaboration in the Bug Bounty EcosystemYangheran Piao, Temima Hrle, Daniel W. Woods, Ross Anderson. 539-558 [doi]

Codebreaker: Dynamic Extraction Attacks on Code Language ModelsChangzhou Han, Zehang Deng, Wanlun Ma, Xiaogang Zhu 0001, Minhui Xue 0001, Tianqing Zhu, Sheng Wen, Yang Xiang 0001. 559-575 [doi]

Make a Feint to the East While Attacking in the West: Blinding LLM-Based Code Auditors with Flashboom AttacksXiao Li, Yue Li, Hao Wu, Yue Zhang, Kaidi Xu, Xiuzhen Cheng 0001, Sheng Zhong 0002, Fengyuan Xu. 576-594 [doi]

Post-Quantum Cryptographic Analysis of SSHBenjamin Bencina, Benjamin Dowling, Varun Maram, Keita Xagawa. 595-613 [doi]

SoK: Dlog-Based Distributed Key GenerationRenas Bacho, Alireza Kavousi. 614-632 [doi]

Verifiable Secret Sharing SimplifiedSourav Das 0001, Zhuolun Xiang, Alin Tomescu, Alexander Spiegelman, Benny Pinkas, Ling Ren 0001. 633-651 [doi]

Clubcards for the WebPKI: Smaller Certificate Revocation Tests in Theory and PracticeJohn M. Schanck. 652-663 [doi]

AccuRevoke: Enhancing Certificate Revocation with Distributed Cryptographic AccumulatorsMunshi Rejwan Ala Muid, Taejoong Chung, Thang Hoang. 664-681 [doi]

RankGuess: Password Guessing Using Adversarial RankingTao Yang, Ding Wang. 682-700 [doi]

Security Analysis of Master-Password-Protected Password Management ProtocolsYihe Duan, Ding Wang, Yanduo Fu. 701-719 [doi]

Open Sesame! On the Security and Memorability of Verbal PasswordsEunsoo Kim, Kiho Lee, Doowon Kim, Hyoungshick Kim. 720-739 [doi]

CMASan: Custom Memory Allocator-Aware Address SanitizerJunwha Hong, Wonil Jang, Mijung Kim, Lei Yu, Yonghwi Kwon 0001, Yuseok Jeon. 740-757 [doi]

CMASan: Custom Memory Allocator-aware Address SanitizerJunwha Hong, Wonil Jang, Mijung Kim, Lei Yu, Yonghwi Kwon 0001, Yuseok Jeon. 740-757 [doi]

GoSonar: Detecting Logical Vulnerabilities in Memory Safe Language Using Inductive Constraint ReasoningMd Sakib Anwar, Carter Yagemann, Zhiqiang Lin 0001. 758-773 [doi]

Evaluating the Effectiveness of Memory Safety SanitizersEmanuel Q. Vintila, Philipp Zieris, Julian Horsch. 774-792 [doi]

SwiftSweeper: Defeating Use-After-Free Bugs Using Memory Sweeper Without Stop-the-WorldJunho Ahn, Kanghyuk Lee, Chanyoung Park, Hyungon Moon, Youngjin Kwon. 793-809 [doi]

BridgeRouter: Automated Capability Upgrading of Out-Of-Bounds Write Vulnerabilities to Arbitrary Memory Write Primitives in the Linux KernelDongchen Xie, Dongnan He, Wei You 0001, Jianjun Huang 0001, Bin Liang 0002, Shuitao Gan, Wenchang Shi. 810-828 [doi]

Mon CHERI: Mitigating Uninitialized Memory Access with Conditional CapabilitiesMerve Gülmez, Håkan Englund, Jan Tobias Mühlberg, Thomas Nyman. 829-847 [doi]

SoK: Challenges and Paths Toward Memory Safety for eBPFKaiming Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan, Trent Jaeger. 848-866 [doi]

IUBIK: Isolating User Bytes in Commodity Operating System Kernels via Memory Tagging ExtensionsMarius Momeu, Alexander J. Gaidis, Jasper v. d. Heidt, Vasileios P. Kemerlis. 867-885 [doi]

Predator: Directed Web Application Fuzzing for Efficient Vulnerability ValidationChenlin Wang, Wei Meng 0001, Changhua Luo, Penghui Li 0001. 886-902 [doi]

MOCGuard: Automatically Detecting Missing-Owner-Check Vulnerabilities in Java Web ApplicationsFengyu Liu, Youkun Shi, Yuan Zhang 0009, Guangliang Yang 0001, Enhao Li, Min Yang 0002. 903-919 [doi]

RGFuzz: Rule-Guided Fuzzer for WebAssembly RuntimesJunyoung Park, Yunho Kim, Insu Yun. 920-938 [doi]

Racedb: Detecting Request Race Vulnerabilities in Database-Backed Web ApplicationsAn Chen, Yonghwi Kwon 0001, Kyu Hyung Lee. 939-955 [doi]

PFortifier: Mitigating PHP Object Injection Through Automatic Patch GenerationBo Pang, Yiheng Zhang, Mingzhe Gao, Junzhe Zhang, Ligeng Chen, Mingxue Zhangt, Gang Liang. 956-971 [doi]

Detecting Taint-Style Vulnerabilities in Microservice-Structured Web ApplicationsFengyu Liu, Yuan Zhang 0009, Tian Chen, Youkun Shi, Guangliang Yang 0001, Zihan Lin, Min Yang 0002, Junyao He, Qi Li. 972-990 [doi]

Follow My Flow: Unveiling Client-Side Prototype Pollution Gadgets from One Million Real-World WebsitesZifeng Kang, Muxi Lyu, Zhengyu Liu, Jianjia Yu, Runqi Fan, Song Li, Yinzhi Cao. 991-1008 [doi]

"Only as Strong as the Weakest Link": On the Security of Brokered Single Sign-On on the WebTommaso Innocenti, Louis Jannett, Christian Mainka, Vladislav Mladenov, Engin Kirda. 1009-1027 [doi]

SoK: Space Infrastructures Vulnerabilities, Attacks and DefensesJose Luis Castanon Remy, Ekzhin Ear, Caleb Chang, Antonia Feffer, Shouhuai Xu. 1028-1046 [doi]

Space RADSIM: Binary-Agnostic Fault Injection to Evaluate Cosmic Radiation Impact on Exploit Mitigation Techniques in SpaceJohannes Willbold, Tobias Cloosters, Simon Wörner, Felix Buchmann, Moritz Schloegel, Lucas Davi, Thorsten Holz. 1047-1063 [doi]

Mind the Location Leakage in LEO Direct-to-Cell Satellite NetworksWeisen Liu, Zeqi Lai, Qian Wu, Hewu Li, Yuxuan Weng, Wei Liu, Qi Zhang, Jihao Li, Yuanjie Li, Jun Liu 0063. 1064-1080 [doi]

From Control to Chaos: A Comprehensive Formal Analysis of 5G's Access ControlMujtahid Akon, Md. Toufikuzzaman, Syed Rafiul Hussain. 1081-1100 [doi]

BaseBridge: Bridging the Gap Between Over-the-Air and Emulation Testing for Cellular Baseband FirmwareDaniel Klischies, Dyon Goos, David Hirsch, Alyssa Milburn, Marius Muench, Veelasha Moonsamy. 1101-1119 [doi]

Stateful Analysis and Fuzzing of Commercial Baseband FirmwareAli Ranjbar, Tianchang Yang, Kai Tu, Saaman Khalilollahi, Syed Rafiul Hussain. 1120-1139 [doi]

PGUS: Pretty Good User Security for Thick MVNOs with a Novel Sanitizable Blind SignatureYang Yang, Quan Shi, Prosanta Gope 0001, Behzad Abdolmaleki, Biplab Sikdar 0001. 1140-1158 [doi]

Invade the Walled Garden: Evaluating GTP Security in Cellular NetworksYiming Zhang, Tao Wan 0004, Yaru Yang, Haixin Duan, Yichen Wang, Jianjun Chen 0005, Zixiang Wei, Xiang Li 0108. 1159-1177 [doi]

SoK: A Privacy Framework for Security Research Using Social Media DataKyle Beadle, Kieron Ivy Turk, Aliai Eusebi, Mindy Tran, Marilyne Ordekian, Enrico Mariconti, Yixin Zou, Marie Vasek. 1178-1196 [doi]

GDPR in the Small: A Field Study of Privacy and Security Challenges in SchoolsFrancesco Ciclosi, Giovanna Varni, Fabio Massacci. 1197-1214 [doi]

"Sorry for Bugging you so much." Exploring Developers' Behavior Towards Privacy-Compliant ImplementationStefan Albert Horstmann, Sandy Hong, David Klein 0001, Raphael Serafini, Martin Degeling, Martin Johns, Veelasha Moonsamy, Alena Naiakshina. 1215-1233 [doi]

A Low-Cost Privacy-Preserving Digital Wallet for Humanitarian Aid DistributionEva Luvison, Sylvain Chatel, Justinas Sukaitis, Vincent Graf Narbel, Carmela Troncoso, Wouter Lueks. 1234-1250 [doi]

Teaching Data Science Students to Sketch Privacy Designs Through HeuristicsJinhe Wen, Yingxi Zhao, Wenqian Xu, Yaxing Yao, Haojian Jin. 1251-1269 [doi]

Characterizing the Usability and Usefulness of U.S. Ad Transparency SystemsKevin Bryson, Arthur Borem, Phoebe Moh, Omer Akgul, Laura Edelson, Tobias Lauinger, Michelle L. Mazurek, Damon McCoy, Blase Ur. 1270-1287 [doi]

Supporting Family Discussions About Digital Privacy Through Perspective-Taking: An Empirical InvestigationZikai Wen, Lanjing Liu, Yaxing Yao. 1288-1305 [doi]

The Importance of Being Earnest: Shedding Light on Johnny's (False) Sense of PrivacyWirawan Agahari, Alexandra Dirksen, Martin Johns, Mark de Reuver, Tobias Fiebig. 1306-1324 [doi]

Learning from Censored Experiences: Social Media Discussions around Censorship Circumvention TechnologiesElham Pourabbas Vafa, Mohit Singhal, Poojitha Thota, Sayak Saha Roy. 1325-1343 [doi]

Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-LayerNiklas Niere, Felix Lange, Robert Merget, Juraj Somorovsky. 1344-1362 [doi]

A Wall Behind A Wall: Emerging Regional Censorship in ChinaMingshi Wu, Ali Zohaib, Zakir Durumeric, Amir Houmansadr, Eric Wustrow. 1363-1380 [doi]

Anix: Anonymous Blackout-Resistant Microblogging with Message EndorsingSina Kamali, Diogo Barradas. 1381-1399 [doi]

Is Nobody There? Good! Globally Measuring Connection Tampering Without Responsive EndhostsSadia Nourin, Erik C. Rye, Kevin Bock 0001, Nguyen Phong Hoang, Dave Levin. 1400-1418 [doi]

Countmamba: A Generalized Website Fingerprinting Attack via Coarse-Grained Representation and Fine-Grained PredictionXianwen Deng, Ruijie Zhao 0001, Yanhao Wang, Mingwei Zhan, Zhi Xue, Yijun Wang. 1419-1437 [doi]

Provably Robust and Secure Steganography in Asymmetric Resource ScenarioMinhao Bai, Jinshuai Yang, Kaiyi Pang, Xin Xu, Zhen Yang, Yongfeng Huang 0001. 1438-1456 [doi]

Sparta: Practical Anonymity with Long-Term Resistance to Traffic AnalysisKyle Fredrickson, Ioannis Demertzis, James P. Hughes, Darrell D. E. Long. 1457-1473 [doi]

P2C2T: Preserving the Privacy of Cross-Chain TransferPanpan Han, Zheng Yan 0002, Laurence T. Yang, Elisa Bertino. 1474-1492 [doi]

Liquefaction: Privately Liquefying Blockchain AssetsJames Austgen, Andrés Fábrega, Mahimna Kelkar, Dani Vilardell, Sarah Allen, Kushal Babel, Jay Yu, Ari Juels. 1493-1511 [doi]

Decentralization of Ethereum's Builder MarketSen Yang, Kartik Nayak, Fan Zhang 0022. 1512-1530 [doi]

A Composability Analysis Framework for Web3 Wallet Recovery MechanismsPanagiotis Chatzigiannis, Ke Coby Wang, Sunpreet S. Arora, Mohsen Minaei. 1531-1546 [doi]

Signature-Free Atomic Broadcast with Optimal $O(n^{2})$ Messages and $O(1)$ Expected TimeXiao Sui, Xin Wang, Sisi Duan. 1547-1565 [doi]

Warning! The Timeout T Cannot Protect You From Losing Coins: PipeSwap: Forcing the Timely Release of a Secret for Atomic Cross-Chain SwapsPeifang Ni, Anqi Tian, Jing Xu 0002. 1566-1583 [doi]

Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure DesignsWanning Ding, Yuzhe Tang, Yibo Wang 0006. 1584-1602 [doi]

Papercraft: Lattice-Based Verifiable Delay Function ImplementedMichal Osadnik, Darya Kaviani, Valerio Cini, Russell W. F. Lai, Giulio Malavolta. 1603-1621 [doi]

Preference Poisoning Attacks on Reward Model LearningJunlin Wu 0001, Jiongxiao Wang, Chaowei Xiao, Chenguang Wang, Ning Zhang, Yevgeniy Vorobeychik. 1622-1640 [doi]

Query Provenance Analysis: Efficient and Robust Defense Against Query-Based Black-Box AttacksShaofei Li, Ziqi Zhang, Haomin Jia, Yao Guo 0001, Xiangqun Chen, Ding Li 0001. 1641-1656 [doi]

Architectural Neural Backdoors from First PrinciplesHarry Langford, Ilia Shumailov, Yiren Zhao, Robert D. Mullins, Nicolas Papernot. 1657-1675 [doi]

BAIT: Large Language Model Backdoor Scanning by Inverting Attack TargetGuangyu Shen, Siyuan Cheng 0005, Zhuo Zhang 0002, Guanhong Tao 0001, Kaiyuan Zhang 0001, Hanxi Guo, Lu Yan, Xiaolong Jin 0002, Shengwei An, ShiQing Ma, Xiangyu Zhang 0001. 1676-1694 [doi]

Prompt Inversion Attack Against Collaborative Inference of Large Language ModelsWenjie Qu 0004, Yuguang Zhou, Yongji Wu, Tingsong Xiao, Binhang Yuan, Yiming Li, Jiaheng Zhang. 1695-1712 [doi]

PEFTGuard: Detecting Backdoor Attacks Against Parameter-Efficient Fine-TuningZhen Sun 0001, Tianshuo Cong, Yule Liu, Chenhao Lin, Xinlei He 0001, Rongmao Chen, Xingshuo Han, Xinyi Huang 0001. 1713-1731 [doi]

Practical Poisoning Attacks with Limited Byzantine Clients in Clustered Federated LearningViet Vo, Mengyao Ma, Guangdong Bai, Ryan K. L. Ko, Surya Nepal. 1751-1769 [doi]

Beyond the Horizon: Uncovering Hosts and Services Behind Misconfigured FirewallsQing Deng, Juefei Pu, Zhaowei Tan, Zhiyun Qian, Srikanth V. Krishnamurthy. 1770-1788 [doi]

MANTIS: Detection of Zero-Day Malicious Domains Leveraging Low Reputed Hosting InfrastructureFatih Deniz, Mohamed Nabeel, Ting Yu 0001, Issa Khalil. 1789-1807 [doi]

Resolution Without Dissent: In-Path Per-Query Sanitization to Defeat Surreptitious Communication Over DNSDaiping Liu, Ruian Duan, Jun Wang. 1808-1824 [doi]

SoK: Decoding the Enigma of Encrypted Network Traffic ClassifiersNimesha Wickramasinghe, Arash Shaghaghi, Gene Tsudik, Sanjay K. Jha. 1825-1843 [doi]

TrafficFormer: An Efficient Pre-trained Model for Traffic DataGuangmeng Zhou, Xiongwen Guo, Zhuotao Liu, Tong Li 0014, Qi Li 0002, Ke Xu 0002. 1844-1860 [doi]

SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability DetectionKeyu Man, Zhongjie Wang 0002, Yu Hao 0006, Shenghan Zheng, Xin'an Zhou, Yue Cao 0003, Zhiyun Qian. 1861-1876 [doi]

SYN Proof-of- Work: Improving Volumetric DoS Resilience in TCPSamuel DeLaughter, Karen R. Sollins. 1877-1890 [doi]

Low-Cost and Robust Global Time SynchronizationMarc Wyss, Marc Frei, Jonghoon Kwon, Adrian Perrig. 1891-1909 [doi]

Constant Latency and Finality for Dynamically Available DAGHans Schmiedel, Runchao Han, Qiang Tang 0005, Ron Steinfeld, Jiangshan Yu. 1910-1927 [doi]

Sailfish: Towards Improving the Latency of DAG-Based BFTNibesh Shrestha, Rohan Shrothrium, Aniket Kate, Kartik Nayak. 1928-1946 [doi]

Cauchyproofs: Batch-Updatable Vector Commitment with Easy Aggregation and Application to Stateless BlockchainsZhongtang Luo, Yanxue Jia, Alejandra Victoria Ospina Gracia, Aniket Kate. 1947-1963 [doi]

MicroNova: Folding-Based Arguments with Efficient (On-Chain) VerificationJiaxing Zhao, Srinath T. V. Setty, Weidong Cui, Greg Zaverucha. 1964-1982 [doi]

Permissionless Verifiable Information Dispersal (Data Availability for Bitcoin Rollups)Ben Fisch, Arthur Lazzaretti, Zeyu Liu 0004, Lei Yang. 1983-2001 [doi]

An Attack on TON's ADNL Secure Channel ProtocolAviv Frenkel, Dmitry Kogan. 2002-2017 [doi]

Vitārit: Paying for Threshold Services on Bitcoin and FriendsSri Aravinda Krishnan Thyagarajan, Easwar Vivek Mangipudi, Lucjan Hanzlik, Aniket Kate, Pratyay Mukherjee. 2018-2036 [doi]

"Check-Before-you-Solve": Verifiable Time-Lock PuzzlesJiajun Xin, Dimitrios Papadopoulos 0001. 2037-2056 [doi]

Verifiable Boosted Tree EnsemblesStefano Calzavara, Lorenzo Cazzaro, Claudio Lucchese, Giulio Ermanno Pibiri. 2057-2075 [doi]

GRID: Protecting Training Graph from Link Stealing Attacks on GNN ModelsJiadong Lou, Xu Yuan 0001, Rui Zhang, Xingliang Yuan, Neil Zhenqiang Gong, Nian-Feng Tzeng. 2095-2113 [doi]

TSQP: Safeguarding Real-Time Inference for Quantization Neural Networks on Edge DevicesYu Sun 0015, Gaojian Xiong, Jianhua Liu, Zheng Liu, Jian Cui. 2114-2132 [doi]

Fight Fire with Fire: Combating Adversarial Patch Attacks using Pattern-randomized Defensive PatchesJianan Feng, Jiachun Li, Changqing Miao, Jianjun Huang 0001, Wei You 0001, Wenchang Shi, Bin Liang 0002. 2133-2151 [doi]

Alleviating the Fear of Losing Alignment in LLM Fine-tuningKang Yang, Guanhong Tao 0001, Xun Chen, Jun Xu. 2152-2170 [doi]

On the Conflict Between Robustness and Learning in Collaborative Machine LearningMathilde Raynal, Carmela Troncoso. 2171-2189 [doi]

DataSentinel: A Game-Theoretic Detection of Prompt Injection AttacksYupei Liu, Yuqi Jia, Jinyuan Jia 0001, Dawn Song, Neil Zhenqiang Gong. 2190-2208 [doi]

Ownership and Gatekeeping vs. Safeguarding and Consent: How Migrant Parents Navigate Child Data Management ComplexitiesRui Huan, Kopo M. Ramokapane, Awais Rashid. 2209-2227 [doi]

"It's Time. Time for Digital Security.": An End User Study on Actionable Security and Privacy AdviceAnna Lena Rotthaler, Harshini Sri Ramulu, Lucy Simko, Sascha Fahl, Yasemin Acar. 2228-2245 [doi]

"Not the Right Question?" A Study on Attitudes Toward Client-Side Scanning with Security and Privacy Researchers and a U.S. Population SampleLisa Geierhaas, Florin Martius, Arthi Arumugam, Matthew Smith 0001. 2246-2263 [doi]

"Why Would Money Protect me from Cyber Bullying?": A Mixed-Methods Study of Personal Cyber InsuranceRachiyta Jain, Temima Hrle, Margherita Marinetti, Adam Jenkins, Rainer Böhme, Daniel W. Woods. 2264-2283 [doi]

Security and Privacy Experiences of First- and Second-Generation Pakistani Immigrants to the US: Perceptions, Practices, Challenges, and Parent-Child DynamicsWarda Usman, John Sadik, Taha, Ran Elgedawy, Scott Ruoti, Daniel Zappala. 2284-2302 [doi]

Let's Get Visual - Testing Visual Analogies and Metaphors for Conveying Privacy Policies and Data Handling InformationVerena Zimmermann, Adrienn Toth, Hannah Sievers, Linda Fanconi, Yanis Isenring, Mona Henz, Alina Stöver, Nina Gerber. 2303-2321 [doi]

"I'm Pretty Expert and I Still Screw It Up": Qualitative Insights into Experiences and Challenges of Designing and Implementing Cryptographic Library APIsJuliane Schmüser, Philip Klostermeyer, Kay Friedrich, Sascha Fahl. 2322-2340 [doi]

"We can't Change it Overnight": Understanding Industry Perspectives on IoT Product Security Compliance and CertificationPrianka Mandal, Adwait Nadkarni. 2341-2359 [doi]

Opera: Achieving Secure and High-Performance OLAP with Parallelized Homomorphic ComparisonsQi Hu, Wei Chen, Tianxiang Shen, Xin Yao, Nicholas Zhang, Heming Cui, Siu-Ming Yiu. 2360-2377 [doi]

DataSeal: Ensuring the Verifiability of Private Computation on Encrypted DataMuhammad Husni Santriaji, Jiaqi Xue, Yancheng Zhang, Qian Lou, Yan Solihin. 2378-2394 [doi]

CHLOE: Loop Transformation over Fully Homomorphic Encryption via Multi-Level Vectorization and Control-Path ReductionSong Bian 0001, Zian Zhao, Ruiyu Shen, Zhou Zhang 0016, Ran Mao, Dawei Li 0009, Yizhong Liu, Masaki Waga, Kohei Suenaga, Zhenyu Guan, Jiafeng Hua, Yier Jin, Jianwei Liu 0001. 2395-2413 [doi]

Improved Constructions for Distributed Multi-Point FunctionsElette Boyle, Niv Gilboa, Matan Hamilis, Yuval Ishai, Yaxin Tu. 2414-2432 [doi]

Preprocessing for Life: Dishonest-Majority MPC with a Trusted or Untrusted DealerElette Boyle, Niv Gilboa, Matan Hamilis, Yuval Ishai, Ariel Nof. 2433-2452 [doi]

MatriGear: Accelerating Authenticated Matrix Triple Generation with Scalable Prime Fields via Optimized HE PackingHyunHo Cha, Intak Hwang, Seonhong Min, Jinyeong Seo, Yongsoo Song. 2453-2471 [doi]

SHARK: Actively Secure Inference Using Function Secret SharingKanav Gupta, Nishanth Chandran, Divya Gupta 0001, Jonathan Katz, Rahul Sharma 0001. 2472-2490 [doi]

Rushing at SPDZ: On the Practical Security of Malicious MPC ImplementationsAlexander Kyster, Frederik Huss Nielsen, Sabine Oechsner, Peter Scholl. 2491-2508 [doi]

Rigging the Foundation: Manipulating Pre-training for Advanced Membership Inference AttacksZihao Wang, Rui Zhu, Zhikun Zhang 0001, Haixu Tang, Xiaofeng Wang 0001. 2509-2526 [doi]

Not All Edges are Equally Robust: Evaluating the Robustness of Ranking-Based Federated LearningZirui Gong, Yanjun Zhang, Leo Yu Zhang, Zhaoxi Zhang, Yong Xiang 0001, Shirui Pan. 2527-2545 [doi]

Edge Unlearning is Not "on Edge"! an Adaptive Exact Unlearning System on Resource-Constrained DevicesXiaoyu Xia 0001, Ziqi Wang, Ruoxi Sun, Bowen Liu, Ibrahim Khalil, Minhui Xue 0001. 2546-2563 [doi]

Towards Reliable Verification of Unauthorized Data Usage in Personalized Text-to-Image Diffusion ModelsBoheng Li, Yanhao Wei, Yankai Fu, Zhenting Wang, Yiming Li, Jie Zhang, Run Wang 0001, Tianwei Zhang 0004. 2564-2582 [doi]

Watermarking Language Models for Many Adaptive UsersAloni Cohen, Alexander Hoover 0001, Gabe Schoenbach. 2583-2601 [doi]

UnMarker: A Universal Attack on Defensive Image WatermarkingAndre Kassis, Urs Hengartner. 2602-2620 [doi]

SoK: Watermarking for AI-Generated ContentXuandong Zhao, Sam Gunn, Miranda Christ, Jaiden Fairoze, Andres Fabrega, Nicholas Carlini, Sanjam Garg, Sanghyun Hong 0001, Milad Nasr, Florian Tramèr, Somesh Jha, Lei Li, Yu-Xiang Wang 0003, Dawn Song. 2621-2639 [doi]

Machine Learning with Privacy for Protected AttributesSaeed Mahloujifar, Chuan Guo 0001, G. Edward Suh, Kamalika Chaudhuri. 2640-2657 [doi]

Transparency in Usable Privacy and Security Research: Scholars' Perspectives, Practices, and RecommendationsJan H. Klemmer, Juliane Schmüser, Byron M. Lowens, Fabian Fischer 0009, Lea Schmüser, Florian Schaub, Sascha Fahl. 2658-2677 [doi]

Data to Infinity and Beyond: Examining Data Sharing and Reuse Practices in the Computer Security CommunityAnna Crowder, Allison Lu, Kevin Childs, Carson Stillman, Patrick Traynor, Kevin R. B. Butler. 2678-2696 [doi]

SoK: A Framework and Guide for Human-Centered Threat Modeling in Security and Privacy ResearchWarda Usman, Daniel Zappala. 2697-2715 [doi]

Prevalence Overshadows Concerns? Understanding Chinese Users' Privacy Awareness and Expectations Towards LLM-Based Healthcare ConsultationZhihuang Liu, Ling Hu, Tongqing Zhou, Yonghao Tang, Zhiping Cai. 2716-2734 [doi]

Exploring Parent-Child Perceptions on Safety in Generative AI: Concerns, Mitigation Strategies, and Design ImplicationsYaman Yu, Tanusree Sharma, Melinda Hu, Justin Wang, Yang Wang. 2735-2752 [doi]

Security Perceptions of Users in Stablecoins: Advantages and Risks within the Cryptocurrency EcosystemMaggie Yongqi Guan, Yaman Yu, Tanusree Sharma, Molly Zhuangtong Huang, Kaihua Qin, Yang Wang, Kanye Ye Wang. 2753-2771 [doi]

Supporting Human Raters with the Detection of Harmful Content Using Large Language ModelsKurt Thomas, Patrick Gage Kelley, David Tao, Sarah Meiklejohn, Owen Vallis, Shunwen Tan, Blaz Bratanic, Felipe Tiengo Ferreira, Vijay Kumar Eranti, Elie Bursztein. 2772-2789 [doi]

"It's been Lovely Watching you": Institutional Decision-Making on Online Proctoring SoftwareElisa Shioji, Ani Meliksetyan, Lucy Simko, Ryan Watkins, Adam J. Aviv, Shaanan Cohney. 2790-2808 [doi]

Is MPC Secure? Leveraging Neural Network Classifiers to Detect Data Leakage Vulnerabilities in MPC ImplementationsGuopeng Lin, Xiaoning Du, Lushan Song, Weili Han, Jin Tan, Junming Ma, Wenjing Fang, Lei Wang. 2809-2826 [doi]

Comet: Accelerating Private Inference for Large Language Model by Predicting Activation SparsityGuang Yan, Yuhui Zhang, Zimu Guo, Lutan Zhao, Xiaojun Chen, Chen Wang, Wenhao Wang 0001, Dan Meng, Rui Hou 0001. 2827-2845 [doi]

Highly Efficient Actively Secure Two-Party Computation with One-Bit Advantage BoundYi Liu, Junzuo Lai, Peng Yang, Qi Wang, Anjia Yang, Siu-Ming Yiu, Jian Weng 0001. 2846-2864 [doi]

Hermes: Efficient and Secure Multi-Writer Encrypted DatabaseTung Le, Thang Hoang. 2865-2884 [doi]

Towards Efficient and Practical Multi-party Computation under Inconsistent Trust in TEEsXuanwei Hu, Rujia Li, Yi Liu, Qi Wang. 2885-2902 [doi]

Hash-Prune-Invert: Improved Differentially Private Heavy-Hitter Detection in the Two-Server ModelBorja Balle, James Bell-Clark, Albert Cheu, Adrià Gascón, Jonathan Katz, Mariana Raykova 0001, Phillipp Schoppmann, Thomas Steinke 0002. 2903-2918 [doi]

Click Without Compromise: Online Advertising Measurement via Per User Differential PrivacyYingtai Xiao, Jian Du, Shikun Zhang, Wanrong Zhang 0004, Qian Yang, Danfeng Zhang, Daniel Kifer. 2919-2937 [doi]

Smaug: Modular Augmentation of LLVM for MPCRadhika Garg 0002, Xiao Wang 0012. 2938-2956 [doi]

Redefining Indirect Call Analysis with KallGraphGuoren Li, Manu Sridharan, Zhiyun Qian. 2957-2975 [doi]

PyLingual: Toward Perfect Decompilation of Evolving High-Level LanguagesJoshua Wiedemeier, Elliot Tarbet, Max Zheng, Sangsoo Ko, Jessica Ouyang 0001, Sang Kil Cha, Kangkook Jee. 2976-2994 [doi]

Empc: Effective Path Prioritization for Symbolic Execution with Path CoverShuangjie Yao, Dongdong She. 2995-3013 [doi]

SV-TrustEval-C: Evaluating Structure and Semantic Reasoning in Large Language Models for Source Code Vulnerability AnalysisYansong Li, Paula Branco, Alexander M. Hoole, Manish Marwah, Hari Manassery Koduvely, Guy-Vincent Jourdan, Stephan Jou. 3014-3032 [doi]

Disassembly as Weighted Interval Scheduling with Learned WeightsAntonio Flores-Montoya, Junghee Lim, Adam Seitz, Akshay Sood, Edward Raff, James Holt. 3033-3050 [doi]

Inspecting Virtual Machine Diversification Inside Virtualization ObfuscationNaiqian Zhang, Dongpeng Xu 0001, Jiang Ming 0002, Jun Xu, Qiaoyan Yu. 3051-3069 [doi]

Chimera: Fuzzing P4 Network Infrastructure for Multi-Plane Bug Detection and Vulnerability DiscoveryJiwon Kim, Dave Jing Tian, Benjamin E. Ujcich. 3088-3106 [doi]

SoK: Software CompartmentalizationHugo Lefeuvre, Nathan Dautenhahn, David Chisnall, Pierre Olivier. 3107-3126 [doi]

CoinDef: A Comprehensive Code Injection Defense for the Electron FrameworkZheng Yang, Simon P. Chung, Jizhou Chen, Runze Zhang, Brendan Saltaformaggio, Wenke Lee. 3127-3144 [doi]

Efficient Storage Integrity in Adversarial SettingsQuinn Burke 0002, Ryan Sheatsley, Yohan Beugin, Eric Pauley, Owen Hines, Michael Swift, Patrick D. McDaniel. 3145-3160 [doi]

Growlithe: A Developer-Centric Compliance Tool for Serverless ApplicationsPraveen Gupta, Arshia Moghimi, Devam Sisodraker, Mohammad Shahrad, Aastha Mehta. 3161-3179 [doi]

The File That Contained the Keys Has Been Removed: An Empirical Analysis of Secret Leaks in Cloud Buckets and Responsible Disclosure OutcomesSoufian El Yadmani, Olga Gadyatskaya, Yury Zhauniarovich. 3180-3198 [doi]

EPScan: Automated Detection of Excessive RBAC Permissions in Kubernetes ApplicationsYue Gu, Xin Tan, Yuan Zhang, Siyan Gao, Min Yang. 3199-3217 [doi]

403 Forbidden? Ethically Evaluating Broken Access Control in the WildSaiid El Hajj Chehade, Florian Hantke, Ben Stock. 3218-3235 [doi]

"It's almost like Frankenstein": Investigating the Complexities of Scientific Collaboration and Privilege Management within Research Computing InfrastructuresSouradip Nath, Ananta Soneji, JaeJong Baek, Tiffany Bao, Adam Doupé, Carlos E. Rubio-Medrano, Gail-Joon Ahn. 3236-3254 [doi]

SoK: Integrity, Attestation, and Auditing of Program ExecutionMahmoud Ammar, Adam Caulfield, Ivan De Oliveira Nunes. 3255-3272 [doi]

The Digital Cybersecurity Expert: How Far Have We Come?Dawei Wang, Geng Zhou, Xianglong Li, Yu Bai, Li Chen, Ting Qin, Jian Sun, Dan Li. 3273-3290 [doi]

Efficient Proofs of Possession for Legacy SignaturesAnna P. Y. Woo, Alex Ozdemir, Chad Sharp, Thomas Pornin, Paul Grubbs. 3291-3308 [doi]

Volatile and Persistent Memory for zkSNARKs via Algebraic Interactive ProofsAlex Ozdemir, Evan Laufer, Dan Boneh. 3309-3327 [doi]

ZHE: Efficient Zero-Knowledge Proofs for HE EvaluationsZhelei Zhou, Yun Li 0010, Yuchen Wang, Zhaomin Yang, Bingsheng Zhang, Cheng Hong 0001, Tao Wei 0002, Wenguang Chen. 3328-3346 [doi]

CoBBL: Dynamic Constraint Generation for SNARKsKunming Jiang, Fraser Brown, Riad S. Wahby. 3347-3363 [doi]

ALPACA: Anonymous Blocklisting with Constant-Sized Updatable ProofsJiwon Kim, Abhiram Kothapalli, Orestis Chardouvelis, Riad S. Wahby, Paul Grubbs. 3364-3382 [doi]

HyperPianist: Pianist with Linear-Time Prover and Logarithmic Communication CostChongrong Li, Pengfei Zhu, Yun Li, Cheng Hong, Wenjie Qu 0004, Jiaheng Zhang. 3383-3401 [doi]

JesseQ: Efficient Zero-Knowledge Proofs for Circuits Over Any FieldMengling Liu, Yang Heng, Xingye Lu, Man Ho Au. 3402-3420 [doi]

HydraProofs: Optimally Computing All Proofs in a Vector Commitment (With Applications to Efficient zkSNARKs Over Data from Multiple Users)Christodoulos Pappas, Dimitrios Papadopoulos 0001, Charalampos Papamanthou. 3421-3439 [doi]

Zero-Knowledge Location Privacy via Accurate Floating-Point SNARKsJens Ernstberger, Chengru Zhang, Luca Ciprian, Philipp Jovanovic, Sebastian Steinhorst. 3440-3459 [doi]

FairZK: A Scalable System to Prove Machine Learning Fairness in Zero-KnowledgeTianyu Zhang, Shen Dong, Oyku Deniz Kose, Yanning Shen, Yupeng Zhang. 3460-3478 [doi]

Slice+Slice Baby: Generating Last-Level Cache Eviction Sets in the Blink of an EyeBradley Morgan, Gal Horowitz, Sioli O'Connell, Stephan van Schaik, Chitchanok Chuengsatiansup, Daniel Genkin, Olaf Maennel, Paul Montague, Eyal Ronen, Yuval Yarom. 3479-3496 [doi]

Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address LeakageMikka Rainer, Lorenz Hetterich, Fabian Thomas, Tristan Hornetz, Leon Trampert, Lukas Gerlach 0001, Michael Schwarz 0001. 3497-3515 [doi]

Breaking the Barrier: Post-Barrier Spectre AttacksJohannes Wikner, Kaveh Razavi. 3516-3533 [doi]

Peek-a-Walk: Leaking Secrets via Page Walk Side ChannelsAlan Wang 0004, Boru Chen, Yingchen Wang, Christopher W. Fletcher, Daniel Genkin, David Kohlbrenner, Riccardo Paccagnella. 3534-3548 [doi]

SLAP: Data Speculation Attacks via Load Address Prediction on Apple SiliconJason Kim 0007, Daniel Genkin, Yuval Yarom. 3549-3566 [doi]

PQ-Hammer: End-to-End Key Recovery Attacks on Post-Quantum Cryptography Using RowhammerSamy Amer, Yingchen Wang, Hunter Kippen, Thinh Dang, Daniel Genkin, Andrew Kwong, Alexander Nelson 0001, Arkady Yerukhimovich. 3567-3582 [doi]

Half Spectre, Full Exploit: Hardening Rowhammer Attacks with Half-Spectre GadgetsAndrea Di Dio, Mathé Hertogh, Cristiano Giuffrida. 3583-3598 [doi]

Training Solo: On the Limitations of Domain Isolation Against Spectre-v2 AttacksSander Wiebing, Cristiano Giuffrida. 3599-3616 [doi]

Scheduled Disclosure: Turning Power into Timing Without Frequency ScalingInwhan Chun, Isabella Siu, Riccardo Paccagnella. 3617-3635 [doi]

I know What You Sync: Covert and Side Channel Attacks on File Systems via syncfsCheng Gu, Yicheng Zhang, Nael B. Abu-Ghazaleh. 3636-3652 [doi]

CamLopa: A Hidden Wireless Camera Localization Framework via Signal Propagation Path AnalysisXiang Zhang, Jie Zhang, Zehua Ma, Jinyang Huang, Meng Li, Huan Yan, Peng Zhao, Zijian Zhang, Bin Liu, Qing Guo, Tianwei Zhang, Nenghai Yu. 3653-3671 [doi]

Adversarial Robust ViT-Based Automatic Modulation Recognition in Practical Deep Learning-Based Wireless SystemsGen Li 0012, ChunChih Lin, Xiaonan Zhang 0001, Xiaolong Ma, Linke Guo. 3672-3690 [doi]

Saecred: A State-Aware, Over-the-Air Protocol Testing Approach for Discovering Parsing Bugs in SAE Handshake Implementations of COTS Wi-Fi Access PointsMuhammad Daniyal Pirwani Dar, Robert Lorch, AliAkbar Sadeghi, Vincenzo Sorcigli, Héloïse Gollier, Cesare Tinelli, Mathy Vanhoef, Omar Chowdhury. 3691-3709 [doi]

Your Cable, My Antenna: Eavesdropping Serial Communication via Backscatter SignalsLina Pu, Yu Luo 0001, Song Han, Junming Diao. 3710-3726 [doi]

You Can't Judge a Binary by Its Header: Data-Code Separation for Non-Standard ARM Binaries Using Pseudo LabelsHadjer Benkraouda, Nirav Diwan, Gang Wang 0011. 3727-3745 [doi]

"We can't Allow IoT Vendors to Pass off all Such Liability to the Consumer": Investigating the U.S. Legal Perspectives on Liability for IoT Product SecurityPrianka Mandal, Amit Seal Ami, Iria Giuffrida, Daniel Shin, Ella Sullivan, Adwait Nadkarni. 3746-3764 [doi]

PEARTS: Provable Execution in Real-Time Embedded SystemsAntonio Joia Neto, Norrathep Rattanavipanon, Ivan De Oliveira Nunes. 3765-3782 [doi]

Firmrca: Towards Post-Fuzzing Analysis on ARM Embedded Firmware with Efficient Event-Based Fault LocalizationBoyu Chang, Binbin Zhao, Qiao Zhang, Peiyu Liu 0003, Yuan Tian 0001, Raheem Beyah, Shouling Ji. 3783-3800 [doi]

HouseFuzz: Service-Aware Grey-Box Fuzzing for Vulnerability Detection in Linux-Based FirmwareHaoyu Xiao, Ziqi Wei, Jiarun Dai, Bowen Li, Yuan Zhang, Min Yang. 3801-3819 [doi]

Faster Verification of Faster Implementations: Combining Deductive and Circuit-Based Reasoning in EasyCryptJosé Bacelar Almeida, Gustavo Xavier Delerue Marinho Alves, Manuel Barbosa, Gilles Barthe, Luís Esquível, Vincent Hwang, Tiago Oliveira 0004, Hugo Pacheco 0001, Peter Schwabe, Pierre-Yves Strub. 3820-3838 [doi]

PAC-Private AlgorithmsMayuri Sridhar, Hanshen Xiao, Srinivas Devadas. 3839-3857 [doi]

An Attack-Agnostic Defense Framework Against Manipulation Attacks Under Local Differential PrivacyPuning Zhao, Zhikun Zhang, Jiawei Dong, Jiafei Wu, Zhe Liu, Shaowei Wang, Yunjun Gao. 3858-3876 [doi]

From Randomized Response to Randomized Index: Answering Subset Counting Queries with Local Differential PrivacyQingqing Ye 0001, Liantong Yu, Kai Huang, Xiaokui Xiao, Weiran Liu, Haibo Hu 0001. 3877-3891 [doi]

Augmented Shuffle Protocols for Accurate and Robust Frequency Estimation Under Differential PrivacyTakao Murakami, Yuichi Sei, Reo Eriguchi. 3892-3911 [doi]

Differentially Private Release of Israel's National Registry of Live BirthsShlomi Hod, Ran Canetti. 3912-3930 [doi]

Meeting Utility Constraints in Differential Privacy: A Privacy-Boosting ApproachBo Jiang, Wanrong Zhang 0004, Donghang Lu, Jian Du, Sagar Sharma, Qiang Yan. 3931-3949 [doi]

DPolicy: Managing Privacy Risks Across Multiple Releases with Differential PrivacyNicolas Küchler, Alexander Viand, Hidde Lycklama, Anwar Hithnawi. 3950-3968 [doi]

Differentially Private Selection Using Smooth SensitivityIago C. Chaves, Victor A. E. de Farias, Amanda Perez, Diego Mesquita, Javam C. Machado. 3969-3987 [doi]

From Easy to Hard: Building a Shortcut for Differentially Private Image SynthesisKecen Li, Chen Gong 0005, Xiaochen Li, YuZhong Zhao, Xinwen Hou, Tianhao Wang. 3988-4006 [doi]

The Inadequacy of Similarity-Based Privacy Metrics: Privacy Attacks Against "Truly Anonymous" Synthetic DatasetsGeorgi Ganev, Emiliano De Cristofaro. 4007-4025 [doi]

EUCLEAK Side-Channel Attack on the YubiKey 5 Series (Revealing and Breaking Infineon ECDSA Implementation on the Way)Thomas Roche. 4026-4043 [doi]

Tiktag: Breaking ARM's Memory Tagging Extension with Speculative ExecutionJuhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, Youngjoo Lee, Taesoo Kim, Byoungyoung Lee. 4063-4081 [doi]

Ceviche: Capability-Enhanced Secure Virtualization of CachesArnabjyoti Kalita, Yilong Yang, Alenkruth Krishnan Murali, Ashish Venkat. 4082-4098 [doi]

Portal: Fast and Secure Device Access with Arm CCA for Modern Arm Mobile System-on-Chips (SoCs)Fan Sang, Jaehyuk Lee, Xiaokuan Zhang, Taesoo Kim. 4099-4116 [doi]

BadRAM: Practical Memory Aliasing Attacks on Trusted Execution EnvironmentsJesse De Meulemeester, Luca Wilke, David F. Oswald, Thomas Eisenbarth 0001, Ingrid Verbauwhede, Jo Van Bulck. 4117-4135 [doi]

CipherSteal: Stealing Input Data from TEE-Shielded Neural Networks with Ciphertext Side ChannelsYuanyuan Yuan, Zhibo Liu, Sen Deng, Yanzuo Chen, Shuai Wang, Yinqian Zhang, Zhendong Su 0001. 4136-4154 [doi]

Guardain: Protecting Emerging Generative AI Workloads on Heterogeneous NPUAritra Dhar, Clément Thorens, Lara Magdalena Lazier, Lukas Cavigelli. 4155-4172 [doi]

Token Weaver: Privacy Preserving and Post-Compromise Secure AttestationCas Cremers, Gal Horowitz, Charlie Jacomme, Eyal Ronen. 4173-4191 [doi]

INCOGNITOS: A Practical Unikernel Design for Full-System Obfuscation in Confidential Virtual MachinesKha Dinh Duy, Jaeyoon Kim, Hajeong Lim, Hojoon Lee 0001. 4192-4209 [doi]

A Big Step Forward? A User-Centric Examination of iOS App Privacy Report and EnhancementsLiu Wang, Dong Wang, Shidong Pan, Zheng Jiang, Haoyu Wang, Yi Wang. 4210-4228 [doi]

Analyzing the iOS Local Network Permission from a Technical and User PerspectiveDavid Schmidt, Alexander Ponticello, Magdalena Steinböck, Katharina Krombholz, Martina Lindorfer. 4229-4247 [doi]

WireWatch: Measuring the Security of Proprietary Network Encryption in the Global Android EcosystemMona Wang, Jeffrey Knockel, Zoë Reichert, Prateek Mittal, Jonathan R. Mayer. 4248-4266 [doi]

Born with a Silver Spoon: On the (In)Security of Native Granted App Privileges in Custom Android ROMsChao Wang, Yanjie Zhao, Jiapeng Deng, Haoyu Wang. 4267-4283 [doi]

Code Speaks Louder: Exploring Security and Privacy Relevant Regional Variations in Mobile ApplicationsJiawei Guo, Yu Nong, Zhiqiang Lin, Haipeng Cai. 4284-4302 [doi]

Lombard-VLD: Voice Liveness Detection Based on Human Auditory FeedbackHongcheng Zhu, Zongkun Sun, Yanzhen Ren, Kun He, Yongpeng Yan, Zixuan Wang, Wuyang Liu, Yuhong Yang 0001, Weiping Tu. 4303-4320 [doi]

Analyzing Ad Prevalence, Characteristics, and Compliance in Alexa SkillsAafaq Sabir, Abhinaya S. B., Dilawer Ahmed, Anupam Das 0001. 4321-4339 [doi]

Eyes on your Typing: Snooping Finger Motions on Virtual KeyboardsSunWoo Lee, Wonsuk Choi. 4340-4355 [doi]

BPSniff: Continuously Surveilling Private Blood Pressure Information in the Metaverse via Unrestricted Inbuilt Motion SensorsZhengkun Ye, Ahmed Tanvir Mahdad, Yan Wang, Cong Shi, Yingying Chen, Nitesh Saxena. 4356-4374 [doi]

TreeKEM: A Modular Machine-Checked Symbolic Security Analysis of Group Key Agreement in Messaging Layer SecurityThéophile Wallez, Jonathan Protzenko, Karthikeyan Bhargavan. 4375-4390 [doi]

Impossibility Results for Post-Compromise Security in Real-World Communication SystemsCas Cremers, Niklas Medinger, Aurora Naska. 4391-4405 [doi]

Extended Diffie-Hellman Encryption for Secure and Efficient Real-Time Beacon NotificationsLiron David, Omer Berkman, Avinatan Hassidim, David Lazarov, Yossi Matias, Moti Yung. 4406-4418 [doi]

Myco: Unlocking Polylogarithmic Accesses in Metadata-Private MessagingDarya Kaviani, Deevashwer Rathee, Bhargav Annem, Raluca Ada Popa. 4419-4437 [doi]

Peer2PIR: Private Queries for IPFSMiti Mazmudar, Shannon Veitch, Rasoul Akhavan Mahdavi. 4438-4456 [doi]

Mixnets on a Tightrope: Quantifying the Leakage of Mix Networks Using a Provably Optimal Heuristic AdversarySebastian Meiser 0001, Debajyoti Das 0001, Moritz Kirschte, Esfandiar Mohammadi, Aniket Kate. 4457-4475 [doi]

TreePIR: Efficient Private Retrieval of Merkle Proofs via Tree Colorings with Fast Indexing and Zero Storage OverheadQuang Cao, Son Hoang Dau, Rinaldo Gagiano, Duy Huynh, Xun Yi, Phuc-Lu Le, Quang-Hung Luu, Emanuele Viterbo, Yu-Chih Huang, Jingge Zhu, Mohammad M. Jalalzai, Chen Feng 0001. 4476-4494 [doi]

SoK: Self-Generated Nudes over Private Chats: How can Technology Contribute to a Safer Sexting?Joel Samper, Bernardo Ferreira. 4495-4514 [doi]

"You Have to Ignore the Dangers": User Perceptions of the Security and Privacy Benefits of WhatsApp ModsCollins W. Munyendo, Kentrell Owens, Faith Strong, Shaoqi Wang, Adam J. Aviv, Tadayoshi Kohno, Franziska Roesner. 4515-4533 [doi]

EveGuard: Defeating Vibration-based Side-Channel Eavesdropping with Audio Adversarial PerturbationsJung-Woo Chang, Ke Sun, David Xia, Xinyu Zhang, Farinaz Koushanfar. 4534-4552 [doi]

Spoofing Eavesdroppers with Audio MisinformationZhambyl Shaikhanov, Mahmoud Al-Madi, Hou-Tong Chen, Chun-Chieh Chang, Sadhvikas Addamane, Daniel M. Mittleman, Edward W. Knightly. 4553-4568 [doi]

EvilHarmony: Stealthy Adversarial Attacks Against Black-Box Speech Recognition SystemsXuejing Yuan, Jiangshan Zhang, Feng Guo, Kai Chen, Xiaofeng Wang, Shengzhi Zhang, Yuxuan Chen, Dun Liu, Pan Li, Zihao Wang, Runnan Zhu. 4569-4587 [doi]

Investigating Physical Latency Attacks Against Camera-Based PerceptionRaymond Muller, Ruoyu Song, Chenyi Wang, Yuxia Zhan, Jean Philippe Monteuuis, Yanmao Man, Ming Li 0003, Ryan M. Gerdes, Jonathan Petit, Z. Berkay Celik. 4588-4605 [doi]

VerITAS: Verifying Image Transformations at ScaleTrisha Datta, Binyi Chen, Dan Boneh. 4606-4623 [doi]

Trust Nobody: Privacy-Preserving Proofs for Edited Photos with Your LaptopPierpaolo Della Monica, Ivan Visconti, Andrea Vitaletti, Marco Zecchini. 4624-4642 [doi]

Eva: Efficient Privacy-Preserving Proof of Authenticity for Lossily Encoded VideosChengru Zhang, Xiao Yang, David F. Oswald, Mark Ryan 0001, Philipp Jovanovic. 4643-4662 [doi]

From One Stolen Utterance: Assessing the Risks of Voice Cloning in the AIGC EraKun Wang, Meng Chen 0011, Li Lu 0008, Jingwen Feng, Qianniu Chen, Zhongjie Ba, Kui Ren 0001, Chun Chen. 4663-4681 [doi]

Sniffing Location Privacy of Video Conference Users Using Free Audio ChannelsLong Huang, Chen Wang 0009. 4682-4698 [doi]

runs on WebDSL