32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023

researchr

You are not signed in
Sign in
Sign up

Joseph A. Calandrino, Carmela Troncoso, editors, 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association, 2023. [doi]

Conference: uss2023

Abstract is missing.

PhyAuth: Physical-Layer Message Authentication for ZigBee NetworksAng Li, Jiawei Li, Dianqi Han, Yan Zhang 0091, Tao Li, Ting Zhu 0001, Yanchao Zhang. 1-18 [doi]

Time for Change: How Clocks Break UWB Secure RangingClaudio Anliker, Giovanni Camurati, Srdjan Capkun. 19-36 [doi]

Formal Analysis and Patching of BLE-SC PairingMin Shi, Jing Chen 0003, Kun He 0008, Haoran Zhao, Meng Jia, RuiYing Du. 37-52 [doi]

Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit QueuesDomien Schepers, Aanjhan Ranganathan, Mathy Vanhoef. 53-68 [doi]

Abuse Vectors: A Framework for Conceptualizing IoT-Enabled Interpersonal AbuseSophie Stephenson, Majed Almansoori, Pardis Emami Naeini, Danny Yuxing Huang, Rahul Chatterjee 0001. 69-86 [doi]

The Digital-Safety Risks of Financial Technologies for Survivors of Intimate Partner ViolenceRosanna Bellini, Kevin Lee, Megan A. Brown, Jeremy Shaffer, Rasika Bhalerao, Thomas Ristenpart. 87-104 [doi]

"It's the Equivalent of Feeling Like You're in Jail": Lessons from Firsthand and Secondhand Accounts of IoT-Enabled Intimate Partner AbuseSophie Stephenson, Majed Almansoori, Pardis Emami Naeini, Rahul Chatterjee 0001. 105-122 [doi]

Sneaky Spy Devices and Defective Detectors: The Ecosystem of Intimate Partner Surveillance with Covert DevicesRose Ceccio, Sophie Stephenson, Varun Chadha, Danny Yuxing Huang, Rahul Chatterjee 0001. 123-140 [doi]

Towards a General Video-based Keystroke Inference AttackZhuolin Yang, Yuxin Chen 0001, Zain Sarwar, Hadleigh Schwartz, Ben Y. Zhao, Haitao Zheng 0001. 141-158 [doi]

Going through the motions: AR/VR keylogging from user head motionsCarter Slocum, Yicheng Zhang, Nael B. Abu-Ghazaleh, Jiasi Chen. 159-174 [doi]

Auditory Eyesight: Demystifying μs-Precision Keystroke Tracking Attacks on Unconstrained Keyboard InputsYazhou Tu, Liqun Shan, Md. Imran Hossen, Sara Rampazzi, Kevin R. B. Butler, Xiali Hei 0001. 175-192 [doi]

Watch your Watch: Inferring Personality Traits from Wearable Activity TrackersNoé Zufferey, Mathias Humbert, Romain Tavenard, Kévin Huguenin. 193-210 [doi]

Squint Hard Enough: Attacking Perceptual Hashing with Adversarial Machine LearningJonathan Prokos, Neil Fendley, Matthew Green 0001, Roei Schuster, Eran Tromer, Tushar M. Jois, Yinzhi Cao. 211-228 [doi]

How to Cover up Anomalous Accesses to Electronic Health RecordsXiaojun Xu, Qingying Hao, Zhuolin Yang, Bo Li 0026, David M. Liebovitz, Gang Wang 0011, Carl A. Gunter. 229-246 [doi]

KENKU: Towards Efficient and Stealthy Black-box Adversarial Attacks against ASR SystemsXinghui Wu, ShiQing Ma, Chao Shen 0001, Chenhao Lin, Qian Wang 0002, Qi Li 0002, Yuan Rao. 247-264 [doi]

Tubes Among Us: Analog Attack on Automatic Speaker IdentificationShimaa Ahmed, Yash Wani, Ali Shahin Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz. 265-282 [doi]

Efficient Unbalanced Private Set Intersection Cardinality and User-friendly Privacy-preserving Contact TracingMingli Wu, Tsz Hon Yuen. 283-300 [doi]

Near-Optimal Oblivious Key-Value Stores for Efficient PSI, PSU and Volume-Hiding Multi-MapsAlexander Bienstock, Sarvar Patel, Joon Young Seo, Kevin Yeo. 301-318 [doi]

Distance-Aware Private Set IntersectionAnrin Chakraborti, Giulia Fanti, Michael K. Reiter. 319-336 [doi]

Linear Private Set Union from Multi-Query Reverse Private Membership TestCong Zhang, Yu Chen 0003, Weiran Liu, Min Zhang, Dongdai Lin. 337-354 [doi]

Auditing Frameworks Need Resource Isolation: A Systematic Study on the Super Producer Threat to System Auditing and Its MitigationPeng Jiang, Ruizhe Huang, Ding Li 0001, Yao Guo 0001, Xiangqun Chen, Jianhai Luan, Yuxin Ren, Xinwei Hu. 355-372 [doi]

AIRTAG: Towards Automated Attack Investigation by Unsupervised Learning with Log TextsHailun Ding, Juan Zhai, Yuhong Nan, ShiQing Ma. 373-390 [doi]

Rethinking System Audit Architectures for High Event Coverage and Synchronous Log AvailabilityVarun Gandhi, Sarbartha Banerjee, Aniket Agrawal, Adil Ahmad, Sangho Lee 0001, Marcus Peinado. 391-408 [doi]

Improving Logging to Reduce Permission Over-Granting MistakesBingyu Shen 0002, Tianyi Shan, Yuanyuan Zhou 0001. 409-426 [doi]

Diving into Robocall Content with SnorCallSathvik Prasad, Trevor Dunlap, Alexander J. Ross, Bradley Reaves. 427-444 [doi]

UCBlocker: Unwanted Call Blocking Using Anonymous AuthenticationChanglai Du, Hexuan Yu, Yang Xiao 0010, Y. Thomas Hou 0001, Angelos D. Keromytis, Wenjing Lou. 445-462 [doi]

Combating Robocalls with Phone Virtual Assistant Mediated InteractionSharbani Pandit, Krishanu Sarker, Roberto Perdisci, Mustaque Ahamad, Diyi Yang. 463-479 [doi]

BotScreen: Trust Everybody, but Cut the Aimbots YourselfMinyeop Choi, Gihyuk Ko, Sang Kil Cha. 481-498 [doi]

"If I could do this, I feel anyone could: " The Design and Evaluation of a Secondary Authentication Factor ManagerGarrett Smith, Tarun Kumar Yadav, Jonathan Dutson, Scott Ruoti, Kent E. Seamons. 499-515 [doi]

Exploring Privacy and Incentives Considerations in Adoption of COVID-19 Contact Tracing AppsOshrat Ayalon, Dana Turjeman, Elissa M. Redmiles. 517-534 [doi]

Exploring Tenants' Preferences of Privacy Negotiation in AirbnbZixin Wang, Danny Yuxing Huang, Yaxing Yao. 535-551 [doi]

Know Your Cybercriminal: Evaluating Attacker Preferences by Measuring Profile Sales on an Active, Leading Criminal Market for User Impersonation at ScaleMichele Campobasso, Luca Allodi. 553-570 [doi]

HorusEye: A Realtime IoT Malicious Traffic Detection Framework using Programmable SwitchesYutao Dong, Qing Li 0006, Kaidong Wu, Ruoyu Li, Dan Zhao, Gareth Tyson, Junkun Peng, Yong Jiang 0001, Shutao Xia, Mingwei Xu. 571-588 [doi]

An Input-Agnostic Hierarchical Deep Learning Framework for Traffic FingerprintingJian Qu, Xiaobo Ma, Jianfeng Li, Xiapu Luo, Lei Xue 0001, Junjie Zhang 0004, Zhenhua Li 0001, Li Feng, Xiaohong Guan. 589-606 [doi]

Subverting Website Fingerprinting Defenses with Robust Traffic RepresentationMeng Shen 0001, Kexin Ji, Zhenbo Gao, Qi Li 0002, Liehuang Zhu, Ke Xu 0002. 607-624 [doi]

Rosetta: Enabling Robust TLS Encrypted Traffic Classification in Diverse Network Environments with TCP-Aware Traffic AugmentationRenjie Xie, Jiahao Cao, Enhuan Dong, Mingwei Xu, Kun Sun 0001, Qi Li 0002, Licheng Shen, Menghao Zhang. 625-642 [doi]

Towards Targeted Obfuscation of Adversarial Unsafe Images using Reconstruction and Counterfactual Super Region Attribution ExplainabilityMazal Bethany, Andrew Seong, Samuel Henrique Silva, Nicole Beebe, Nishant Vishwamitra, Peyman Najafirad. 643-660 [doi]

TPatch: A Triggered Physical Adversarial PatchWenjun Zhu, Xiaoyu Ji 0001, Yushi Cheng, Shibo Zhang, Wenyuan Xu 0001. 661-678 [doi]

CAPatch: Physical Adversarial Patch against Image Captioning SystemsShibo Zhang, Yushi Cheng, Wenjun Zhu, Xiaoyu Ji 0001, Wenyuan Xu 0001. 679-696 [doi]

Hard-label Black-box Universal Adversarial Patch AttackGuanhong Tao, Shengwei An, Siyuan Cheng 0005, Guangyu Shen, Xiangyu Zhang 0001. 697-714 [doi]

Anatomy of a High-Profile Data Breach: Dissecting the Aftermath of a Crypto-Wallet CaseSvetlana Abramova, Rainer Böhme. 715-732 [doi]

Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFiGiulia Scaffino, Lukas Aumayr, Zeta Avarikioti, Matteo Maffei. 733-750 [doi]

Mixed Signals: Analyzing Ground-Truth Data on the Users and Economics of a Bitcoin Mixing ServiceFieke Miedema, Kelvin Lubbertsen, Verena Schrama, Rolf van Wegberg. 751-768 [doi]

Is Your Wallet Snitching On You? An Analysis on the Privacy Implications of Web3Christof Ferreira Torres, Fiona Willi, Shweta Shinde. 769-786 [doi]

Capstone: A Capability-based Foundation for Trustless Secure Memory AccessJason Zhijingcheng Yu, Conrad Watt, Aditya Badole, Trevor E. Carlson, Prateek Saxena. 787-804 [doi]

FloatZone: Accelerating Memory Error Detection using the Floating Point UnitFloris Gorter, Enrico Barberis, Raphael Isemann, Erik van der Kouwe, Cristiano Giuffrida, Herbert Bos. 805-822 [doi]

PUMM: Preventing Use-After-Free Using Execution Unit PartitioningCarter Yagemann, Simon P. Chung, Brendan Saltaformaggio, Wenke Lee. 823-840 [doi]

MTSan: A Feasible and Practical Memory Sanitizer for Fuzzing COTS BinariesXingman Chen, Yinghao Shi, Zheyu Jiang, Yuan Li, Ruoyu Wang 0001, Haixin Duan, Haoyu Wang, Chao Zhang 0008. 841-858 [doi]

Hidden Reality: Caution, Your Hand Gesture Inputs in the Immersive Virtual World are Visible to All!Sindhu Reddy Kalathur Gopal, Diksha Shukla, James David Wheelock, Nitesh Saxena. 859-876 [doi]

LocIn: Inferring Semantic Location from Spatial Maps in Mixed RealityHabiba Farrukh, Reham Mohamed 0004, Aniket Nare, Antonio Bianchi, Z. Berkay Celik. 877-894 [doi]

Unique Identification of 50, 000+ Virtual Reality Users from Head & Hand Motion DataVivek Nair, Wenbo Guo 0002, Justus Mattern, Rui Wang, James F. O'Brien, Louis-Rosenberg, Dawn Song. 895-910 [doi]

Exploring User Reactions and Mental Models Towards Perceptual Manipulation Attacks in Mixed RealityKaiming Cheng, Jeffery F. Tian, Tadayoshi Kohno, Franziska Roesner. 911-928 [doi]

Erebus: Access Control for Augmented Reality SystemsYoonSang Kim, Sanket Goutam, Amir Rahmati, Arie E. Kaufman. 929-946 [doi]

No Single Silver Bullet: Measuring the Accuracy of Password Strength MetersDing Wang 0002, Xuan Shan, Qiying Dong, Yaosheng Shen, Chunfu Jia. 947-964 [doi]

Password Guessing Using Random ForestDing Wang 0002, Yunkai Zou, Zijian Zhang 0003, Kedong Xiu. 965-982 [doi]

Pass2Edit: A Multi-Step Generative Model for Guessing Edited PasswordsDing Wang 0002, Yunkai Zou, Yuan-an Xiao, Siqi Ma, Xiaofeng Chen 0001. 983-1000 [doi]

Improving Real-world Password Guessing Attacks via Bi-directional TransformersMing Xu 0006, Jitao Yu, Xinyi Zhang, Chuanwang Wang, Shenghao Zhang, Haoqi Wu, Weili Han. 1001-1018 [doi]

Araña: Discovering and Characterizing Password Guessing Attacks in PracticeMazharul Islam, Marina Sanusi Bohuk, Paul Chung, Thomas Ristenpart, Rahul Chatterjee 0001. 1019-1036 [doi]

PoliGraph: Automated Privacy Policy Analysis using Knowledge GraphsHao Cui, Rahmadi Trimananda, Athina Markopoulou, Scott Jordan. 1037-1054 [doi]

Calpric: Inclusive and Fine-grain Labeling of Privacy Policies with Crowdsourcing and Active LearningWenjun Qiu, David Lie, Lisa M. Austin. 1055-1072 [doi]

POLICYCOMP: Counterpart Comparison of Privacy Policies Uncovers Overbroad Personal Data Collection PracticesLu Zhou, Chengyongxiao Wei, Tong Zhu, Guoxing Chen, Xiaokuan Zhang, Suguo Du, Hui Cao, Haojin Zhu. 1073-1090 [doi]

Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy LabelsYue Xiao, Zhengyi Li, Yue Qin, Xiaolong Bai, Jiale Guan, Xiaojing Liao, Luyi Xing. 1091-1108 [doi]

Automated Cookie Notice Analysis and EnforcementRishabh Khandelwal, Asmit Nayak, Hamza Harkous, Kassem Fawaz. 1109-1126 [doi]

Continuous Learning for Android Malware DetectionYizheng Chen 0001, Zhoujie Ding, David A. Wagner 0001. 1127-1144 [doi]

Humans vs. Machines in Malware ClassificationSimone Aonzo, Yufei Han, Alessandro Mantovani, Davide Balzarotti. 1145-1162 [doi]

Adversarial Training for Raw-Binary Malware ClassifiersKeane Lucas, Samruddhi Pai, Weiran Lin, Lujo Bauer, Michael K. Reiter, Mahmood Sharif. 1163-1180 [doi]

Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature InformationHeng Li 0008, Zhang Cheng, Bang Wu, Liheng Yuan, Cuiying Gao, Wei Yuan, Xiapu Luo. 1181-1198 [doi]

Evading Provenance-Based ML Detectors with Adversarial System ActionsKunal Mukherjee, Joshua Wiedemeier, Tianhao Wang 0026, James Wei, Feng Chen, Muhyun Kim, Murat Kantarcioglu, Kangkook Jee. 1199-1216 [doi]

TreeSync: Authenticated Group Management for Messaging Layer SecurityThéophile Wallez, Jonathan Protzenko, Benjamin Beurdouche, Karthikeyan Bhargavan. 1217-1233 [doi]

Formal Analysis of Session-Handling in Secure Messaging: Lifting Security from Sessions to ConversationsCas Cremers, Charlie Jacomme, Aurora Naska. 1235-1252 [doi]

Cryptographic Administration for Secure Group MessagingDavid Balbás, Daniel Collins 0001, Serge Vaudenay. 1253-1270 [doi]

Wink: Deniable Secure MessagingAnrin Chakraborti, Darius Suciu, Radu Sion. 1271-1288 [doi]

Three Lessons From Threema: Analysis of a Secure MessengerKenneth G. Paterson, Matteo Scarlata, Kien T. Truong. 1289-1306 [doi]

MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulationJinyan Xu, Yiyuan Liu, Sirui He, Haoran Lin, Yajin Zhou, Cong Wang 0001. 1307-1324 [doi]

µFUZZ: Redesign of Parallel Fuzzing using Microservice ArchitectureYongheng Chen, Rui Zhong, Yupeng Yang, Hong Hu 0004, Dinghao Wu, Wenke Lee. 1325-1342 [doi]

FISHFUZZ: Catch Deeper Bugs by Throwing Larger NetsHan Zheng, Jiayuan Zhang, Yuhang Huang, Zezhong Ren, He Wang, Chunjie Cao, Yuqing Zhang 0001, Flavio Toffalini, Mathias Payer. 1343-1360 [doi]

HyPFuzz: Formal-Assisted Processor FuzzingChen Chen, Rahul Kande, Nathan Nguyen, Flemming Andersen, Aakash Tyagi, Ahmad-Reza Sadeghi, Jeyavijayan Rajendran. 1361-1378 [doi]

PolyFuzz: Holistic Greybox Fuzzing of Multi-Language SystemsWen Li, Jinyang Ruan, Guangbei Yi, Long Cheng 0005, Xiapu Luo, Haipeng Cai. 1379-1396 [doi]

VIPER: Spotting Syscall-Guard Variables for Data-Only AttacksHengkai Ye, Song Liu, Zhechang Zhang, Hong Hu 0004. 1397-1414 [doi]

AURC: Detecting Errors in Program Code and DocumentationPeiwei Hu, Ruigang Liang, Ying Cao, Kai Chen 0012, Runze Zhang. 1415-1432 [doi]

Not All Data are Created Equal: Data and Pointer Prioritization for Scalable Protection Against Data-Oriented AttacksSalman Ahmed 0001, Hans Liljestrand, Hani Jamjoom, Matthew Hicks, N. Asokan, Danfeng Yao. 1433-1450 [doi]

SAFER: Efficient and Error-Tolerant Binary InstrumentationSoumyakant Priyadarshan, Huan Nguyen 0004, Rohit Chouhan, R. Sekar 0001. 1451-1468 [doi]

Reassembly is Hard: A Reflection on Challenges and StrategiesHyungseok Kim 0002, Soomin Kim 0002, Junoh Lee, Kangkook Jee, Sang Kil Cha. 1469-1486 [doi]

Measuring Up to (Reasonable) Consumer Expectations: Providing an Empirical Basis for Holding IoT Manufacturers Legally ResponsibleLorenz Kustosch, Carlos Gañán, Mattis van 't Schip, Michel van Eeten, Simon Parkin. 1487-1504 [doi]

Are Consumers Willing to Pay for Security and Privacy of IoT Devices?Pardis Emami Naeini, Janarth Dheenadhayalan, Yuvraj Agarwal, Lorrie Faith Cranor. 1505-1522 [doi]

Examining Consumer Reviews to Understand Security and Privacy Issues in the Market of Smart Home DevicesSwaathi Vetrivel, Veerle van Harten, Carlos Hernandez Gañán, Michel van Eeten, Simon Parkin. 1523-1540 [doi]

Internet Service Providers' and Individuals' Attitudes, Barriers, and Incentives to Secure IoTNissy Sombatruang, Tristan Caulfield, Ingolf Becker, Akira Fujita, Takahiro Kasama, Koji Nakao, Daisuke Inoue. 1541-1558 [doi]

Detecting and Handling IoT Interaction Threats in Multi-Platform Multi-Control-Channel Smart HomesHaotian Chi, Qiang Zeng 0001, Xiaojiang Du. 1559-1576 [doi]

Private Proof-of-Stake Blockchains using Differentially-Private Stake DistortionChenghong Wang, David Pujol, Kartik Nayak, Ashwin Machanavajjhala. 1577-1594 [doi]

PrivateFL: Accurate, Differentially Private Federated Learning via Personalized Data TransformationYuchen Yang, Bo Hui, Haolin Yuan, Neil Zhenqiang Gong, Yinzhi Cao. 1595-1612 [doi]

What Are the Chances? Explaining the Epsilon Parameter in Differential PrivacyPriyanka Nanayakkara, Mary Anne Smart, Rachel Cummings, Gabriel Kaptchuk, Elissa M. Redmiles. 1613-1630 [doi]

Tight Auditing of Differentially Private Machine LearningMilad Nasr, Jamie Hayes, Thomas Steinke 0002, Borja Balle, Florian Tramèr, Matthew Jagielski, Nicholas Carlini, Andreas Terzis. 1631-1648 [doi]

PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov ModelsHaiming Wang, Zhikun Zhang 0001, Tianhao Wang 0001, Shibo He, Michael Backes 0001, Jiming Chen 0001, Yang Zhang 0016. 1649-1666 [doi]

Meta-Sift: How to Sift Out a Clean Subset in the Presence of Data Poisoning?Yi Zeng, Minzhou Pan, Himanshu Jahagirdar, Ming Jin 0002, Lingjuan Lyu, Ruoxi Jia. 1667-1684 [doi]

Towards A Proactive ML Approach for Detecting Backdoor Poison SamplesXiangyu Qi, Tinghao Xie, Jiachen T. Wang, Tong Wu, Saeed Mahloujifar, Prateek Mittal. 1685-1702 [doi]

PORE: Provably Robust Recommender Systems against Data Poisoning AttacksJinyuan Jia, Yupei Liu, Yuepeng Hu, Neil Zhenqiang Gong. 1703-1720 [doi]

Every Vote Counts: Ranking-Based Training of Federated Learning to Resist Poisoning AttacksHamid Mozaffari, Virat Shejwalkar, Amir Houmansadr. 1721-1738 [doi]

Fine-grained Poisoning Attack to Local Differential Privacy Protocols for Mean and Variance EstimationXiaoguang Li, Ninghui Li, Wenhai Sun, Neil Zhenqiang Gong, Hui Li 0006. 1739-1756 [doi]

Your Exploit is Mine: Instantly Synthesizing Counterattack Smart ContractZhuo Zhang 0002, Zhiqiang Lin, Marcelo Morales, Xiangyu Zhang 0001, Kaiyuan Zhang 0002. 1757-1774 [doi]

Smart Learning to Find Dumb ContractsTamer Abdelaziz, Aquinas Hobor. 1775-1792 [doi]

Confusum Contractum: Confused Deputy Vulnerabilities in Ethereum Smart ContractsFabio Gritti, Nicola Ruaro, Robert McLaughlin, Priyanka Bose, Dipanjan Das 0002, Ilya Grishchenko, Christopher Kruegel, Giovanni Vigna. 1793-1810 [doi]

Panda: Security Analysis of Algorand Smart ContractsZhiyuan Sun, Xiapu Luo, Yinqian Zhang. 1811-1828 [doi]

Proxy Hunting: Understanding and Characterizing Proxy-based Upgradeable Smart Contracts in BlockchainsWilliam Edward Bodell III, Sajad Meisami, Yue Duan. 1829-1846 [doi]

Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain KnowledgeNils Bars, Moritz Schloegel, Tobias Scharnowski, Nico Schiller, Thorsten Holz. 1847-1864 [doi]

FuzzJIT: Oracle-Enhanced Fuzzing for JavaScript Engine JIT CompilerJunjie Wang 0008, Zhiyi Zhang, Shuang Liu, Xiaoning Du 0001, Junjie Chen. 1865-1882 [doi]

GLeeFuzz: Fuzzing WebGL Through Error Message Guided MutationHui Peng, Zhihao Yao, Ardalan Amiri Sani, Dave Tian, Mathias Payer. 1883-1899 [doi]

autofz: Automated Fuzzer Composition at RuntimeYu-Fu Fu, Jae-Hyuk Lee, Taesoo Kim. 1901-1918 [doi]

CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for FuzzingDawei Wang, Ying Li, Zhiyu Zhang, Kai Chen 0012. 1919-1936 [doi]

SCARF - A Low-Latency Block Cipher for Secure Cache-RandomizationFederico Canale, Tim Güneysu, Gregor Leander, Jan Philipp Thoma, Yosuke Todo, Rei Ueno. 1937-1954 [doi]

The Gates of Time: Improving Cache Attacks with Transient ExecutionDaniel Katzman, William Kosasih, Chitchanok Chuengsatiansup, Eyal Ronen, Yuval Yarom. 1955-1972 [doi]

Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization InstructionsJiyong Yu, Aishani Dutta, Trent Jaeger, David Kohlbrenner, Christopher W. Fletcher. 1973-1990 [doi]

ClepsydraCache - Preventing Cache Attacks with Time-Based EvictionsJan Philipp Thoma, Christian Niesler, Dominic A. Funke, Gregor Leander, Pierre Mayr, Nils Pohl, Lucas Davi, Tim Güneysu. 1991-2008 [doi]

CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production SoftwareYuanyuan Yuan, Zhibo Liu, Shuai Wang 0011. 2009-2026 [doi]

InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force AttackYu Chen, Yang Yu, Lidong Zhai. 2027-2041 [doi]

A Study of Multi-Factor and Risk-Based Authentication AvailabilityAnthony Gavazzi, Ryan Williams, Engin Kirda, Long Lu, Andre King, Andy Davis, Tim Leek. 2043-2060 [doi]

A Large-Scale Measurement of Website Login PoliciesSuood Abdulaziz Al-Roomi, Frank Li 0001. 2061-2078 [doi]

Security and Privacy Failures in Popular 2FA AppsConor Gilsenan, Fuzail Shakir, Noura Alomar, Serge Egelman. 2079-2096 [doi]

Multi-Factor Key Derivation Function (MFKDF) for Fast, Flexible, Secure, & Practical Key ManagementVivek Nair, Dawn Song. 2097-2114 [doi]

Log: It's Big, It's Heavy, It's Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android EcosystemAllan Lyons, Julien Gamba, Austin Shawaga, Joel Reardon, Juan Tapiador, Serge Egelman, Narseo Vallina-Rodriguez. 2115-2132 [doi]

CodexLeaks: Privacy Leaks from Code Generation Language Models in GitHub CopilotLiang Niu, Muhammad Shujaat Mirza, Zayd Maradni, Christina Pöpper. 2133-2150 [doi]

Freaky Leaky SMS: Extracting User Locations by Analyzing SMS TimingsEvangelos Bitsikas, Theodor Schnitzler, Christina Pöpper, Aanjhan Ranganathan. 2151-2168 [doi]

The Writing on the Wall and 3D Digital Twins: Personal Information in (not so) Private Real EstateRachel McAmis, Tadayoshi Kohno. 2169-2186 [doi]

Glaze: Protecting Artists from Style Mimicry by Text-to-Image ModelsShawn Shan, Jenna Cryan, Emily Wenger, Haitao Zheng 0001, Rana Hanocka, Ben Y. Zhao. 2187-2204 [doi]

Lost at C: A User Study on the Security Implications of Large Language Model Code AssistantsGustavo Sandoval, Hammond Pearce, Teo Nys, Ramesh Karri, Siddharth Garg, Brendan Dolan-Gavitt. 2205-2222 [doi]

Two-in-One: A Model Hijacking Attack Against Text Generation ModelsWai Man Si, Michael Backes 0001, Yang Zhang 0016, Ahmed Salem 0001. 2223-2240 [doi]

PTW: Pivotal Tuning Watermarking for Pre-Trained Image GeneratorsNils Lukas, Florian Kerschbaum. 2241-2258 [doi]

Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach AttorneysDaniel W. Woods, Rainer Böhme, Josephine Wolff, Daniel Schwarcz. 2259-2273 [doi]

Bug Hunters' Perspectives on the Challenges and Benefits of the Bug Bounty EcosystemOmer Akgul, Taha Eghtesad, Amit Elazari, Omprakash Gnawali, Jens Grossklags, Michelle L. Mazurek, Daniel Votipka, Aron Laszka. 2275-2291 [doi]

Work-From-Home and COVID-19: Trajectories of Endpoint Security Management in a Security Operations CenterKailani R. Jones, Dalton A. Brucker-Hahn, Bradley Fidler, Alexandru G. Bardas. 2293-2310 [doi]

"Employees Who Don't Accept the Time Security Takes Are Not Aware Enough": The CISO View of Human-Centred SecurityJonas Hielscher, Uta Menges, Simon Parkin, Annette Kluge, M. Angela Sasse. 2311-2328 [doi]

Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural NetworksJialai Wang, Ziyuan Zhang, Meiqi Wang, Han Qiu 0001, Tianwei Zhang 0004, Qi Li 0002, Zongpeng Li, Tao Wei, Chao Zhang 0008. 2329-2346 [doi]

Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural ObfuscationYifan Yan, Xudong Pan, Mi Zhang 0001, Min Yang 0002. 2347-2364 [doi]

PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code AnalysisZhuo Zhang 0002, Guanhong Tao, Guangyu Shen, Shengwei An, Qiuling Xu, Yingqi Liu, Yapeng Ye, Yaoxuan Wu, Xiangyu Zhang 0001. 2365-2382 [doi]

IvySyn: Automated Vulnerability Discovery in Deep Learning FrameworksNeophytos Christou, Di Jin, Vaggelis Atlidakis, Baishakhi Ray, Vasileios P. Kemerlis. 2383-2400 [doi]

Hey Kimya, Is My Smart Speaker Spying on Me? Taking Control of Sensor Privacy Through Isolation and AmnesiaPiet De Vaere, Adrian Perrig. 2401-2418 [doi]

Spying through Your Voice Assistants: Realistic Voice Command FingerprintingDilawer Ahmed, Aafaq Sabir, Anupam Das 0001. 2419-2436 [doi]

QFA2SR: Query-Free Adversarial Transfer Attacks to Speaker Recognition SystemsGuangke Chen, Yedi Zhang, Zhe Zhao, Fu Song. 2437-2454 [doi]

Learning Normality is Enough: A Software-based Mitigation against Inaudible Voice AttacksXinfeng Li, Xiaoyu Ji, Chen Yan 0001, Chaohao Li, Yichen Li, Zhenning Zhang, Wenyuan Xu. 2455-2472 [doi]

Powering for Privacy: Improving User Trust in Smart Speaker Microphones with Intentional Powering and Perceptible AssuranceYoungwook Do, Nivedita Arora, Ali Mirzazadeh, Injoo Moon, Eryue Xu, Zhihan Zhang, Gregory D. Abowd, Sauvik Das. 2473-2490 [doi]

To Cloud or not to Cloud: A Qualitative Study on Self-Hosters' Motivation, Operation, and Security MindsetLea Gröber, Rafael Mrowczynski, Nimisha Vijay, Daphne A. Muller, Adrian Dabrowski, Katharina Krombholz. 2491-2508 [doi]

"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe RustSandra Höltervennhoff, Philip Klostermeyer, Noah Wöhler, Yasemin Acar, Sascha Fahl. 2509-2525 [doi]

Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code RepositoriesAlexander Krause, Jan H. Klemmer, Nicolas Huaman, Dominik Wermke, Yasemin Acar, Sascha Fahl. 2527-2544 [doi]

A Mixed-Methods Study of Security Practices of Smart Contract DevelopersTanusree Sharma, Zhixuan Zhou, Andrew Miller 0001, Yang Wang 0005. 2545-2562 [doi]

The Role of Professional Product Reviewers in Evaluating Security and PrivacyWentao Guo, Jason Walter, Michelle L. Mazurek. 2563-2580 [doi]

Network Responses to Russia's Invasion of Ukraine in 2022: A Cautionary Tale for Internet FreedomReethika Ramesh, Ram Sundara Raman, Apurva Virkud, Alexandra Dirksen, Armin Huremagic, David Fifield, Dirk Rodenburg, Rod Hynes, Douglas Madory, Roya Ensafi. 2581-2598 [doi]

A Study of China's Censorship and Its Evasion Through the Lens of Online GamingYuzhou Feng, Ruyu Zhai, Radu Sion, Bogdan Carbunar. 2599-2616 [doi]

DeResistor: Toward Detection-Resistant Probing for Evasion of Internet CensorshipAbderrahmen Amich, Birhanu Eshete, Vinod Yegneswaran, Nguyen Phong Hoang. 2617-2633 [doi]

Timeless Timing Attacks and Preload Defenses in Tor's DNS CacheRasmus Dahlberg, Tobias Pulls. 2635-2652 [doi]

How the Great Firewall of China Detects and Blocks Fully Encrypted TrafficMingshi Wu, Jackson Sippe, Danesh Sivakumar, Jack Burg, Peter Anderson, Xiaokang Wang, Kevin Bock 0001, Amir Houmansadr, Dave Levin, Eric Wustrow. 2653-2670 [doi]

A Data-free Backdoor Injection Approach in Neural NetworksPeizhuo Lv, Chang Yue, Ruigang Liang, Yunfei Yang, Shengzhi Zhang, Hualong Ma, Kai Chen 0012. 2671-2688 [doi]

Sparsity Brings Vulnerabilities: Exploring New Metrics in Backdoor AttacksJianwen Tian, Kefan Qiu, Debin Gao, Zhi Wang 0014, Xiaohui Kuang, Gang Zhao. 2689-2706 [doi]

Aliasing Backdoor Attacks on Pre-trained ModelsCheng'an Wei, Yeonjoon Lee, Kai Chen 0012, Guozhu Meng, Peizhuo Lv. 2707-2724 [doi]

ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning ParadigmsMinzhou Pan, Yi Zeng, Lingjuan Lyu, Xue Lin, Ruoxi Jia. 2725-2742 [doi]

VILLAIN: Backdoor Attacks Against Vertical Split LearningYijie Bai, Yanjiao Chen, Hanlei Zhang, Wenyuan Xu 0001, Haiqin Weng, Dou Goodman. 2743-2760 [doi]

ARI: Attestation of Real-time Mission Execution IntegrityJinwen Wang, Yujie Wang, Ao Li 0006, Yang Xiao 0010, Ruide Zhang, Wenjing Lou, Y. Thomas Hou 0001, Ning Zhang 0017. 2761-2778 [doi]

Design of Access Control Mechanisms in Systems-on-Chip with Formal Integrity GuaranteesDino Mehmedagic, Mohammad Rahmani Fadiheh, Johannes Müller, Anna Lena Duque Antón, Dominik Stoffel, Wolfgang Kunz. 2779-2796 [doi]

HashTag: Hash-based Integrity Protection for Tagged ArchitecturesLukas Lamster, Martin Unterguggenberger, David Schrammel, Stefan Mangard. 2797-2814 [doi]

XCheck: Verifying Integrity of 3D Printed Patient-Specific Devices via Computing TomographyZhiyuan Yu, Yuanhaur Chang, Shixuan Zhai, Nicholas Deily, Tao Ju, Xiaofeng Wang 0001, Uday Jammalamadaka, Ning Zhang 0017. 2815-2832 [doi]

Demystifying Pointer Authentication on Apple M1Zechao Cai, Jiaxun Zhu, Wenbo Shen, Yutian Yang, Rui Chang, Yu Wang, Jinku Li, Kui Ren 0001. 2833-2848 [doi]

DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed FuzzingMing Yuan, Bodong Zhao, Penghui Li, Jiashuo Liang, Xinhui Han, Xiapu Luo, Chao Zhang 0008. 2849-2866 [doi]

Automata-Guided Control-Flow-Sensitive Fuzz Driver GenerationCen Zhang, Yuekang Li, Hao Zhou, Xiaohan Zhang, Yaowen Zheng, Xian Zhan, Xiaofei Xie, Xiapu Luo, Xinghua Li, Yang Liu 0003, Sheikh Mahbub Habib. 2867-2884 [doi]

Hoedur: Embedded Firmware Fuzzing using Multi-Stream InputsTobias Scharnowski, Simon Wörner, Felix Buchmann, Nils Bars, Moritz Schloegel, Thorsten Holz. 2885-2902 [doi]

Forming Faster Firmware FuzzersLukas Seidel, Dominik Christian Maier, Marius Muench. 2903-2920 [doi]

ReUSB: Replay-Guided USB Driver FuzzingJisoo Jang, Minsuk Kang, Dokyung Song. 2921-2938 [doi]

Exorcising "Wraith": Protecting LiDAR-based Object Detector in Automated Driving System from Appearing AttacksQifan Xiao, Xudong Pan, Yifan Lu, Mi Zhang 0001, Jiarun Dai, Min Yang 0002. 2939-2956 [doi]

Discovering Adversarial Driving Maneuvers against Autonomous VehiclesRuoyu Song, Muslum Ozgur Ozmen, Hyungsub Kim, Raymond Muller, Z. Berkay Celik, Antonio Bianchi. 2957-2974 [doi]

Understand Users' Privacy Perception and Decision of V2X Communication in Connected Autonomous VehiclesZekun Cai, Aiping Xiong. 2975-2992 [doi]

You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving FrameworksYulong Cao, S. Hrushikesh Bhupathiraju, Pirouz Naghavi, Takeshi Sugawara 0001, Z. Morley Mao, Sara Rampazzi. 2993-3010 [doi]

PatchVerif: Discovering Faulty Patches in Robotic VehiclesHyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu. 3011-3028 [doi]

Fast IDentity Online with Anonymous Credentials (FIDO-AC)Wei-Zhu Yeoh, Michal Kepkowski, Gunnar Heide, Dali Kaafar, Lucjan Hanzlik. 3029-3046 [doi]

How to Bind Anonymous Credentials to HumansJulia Hesse, Nitin Singh, Alessandro Sorniotti. 3047-3064 [doi]

Inducing Authentication Failures to Bypass Credit Card PINsDavid A. Basin, Patrick Schaller, Jorge Toro-Pozo. 3065-3079 [doi]

An Empirical Study & Evaluation of Modern CAPTCHAsAndrew Searles, Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, Gene Tsudik, Ai Enkoji. 3081-3097 [doi]

Account Verification on Social Media: User Perceptions and Paid EnrollmentMadelyne Xiao, Mona Wang, Anunay Kulshrestha, Jonathan R. Mayer. 3099-3116 [doi]

User Awareness and Behaviors Concerning Encrypted DNS Settings in Web BrowsersAlexandra Nisenoff, Ranya Sharma, Nick Feamster. 3117-3133 [doi]

Two Sides of the Shield: Understanding Protective DNS adoption factorsElsa Rodríguez, Radu Anghel, Simon Parkin, Michel van Eeten, Carlos Gañán. 3135-3152 [doi]

The Maginot Line: Attacking the Boundary of DNS Caching ProtectionXiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li 0001, Haixin Duan, Qi Li 0002. 3153-3170 [doi]

Fourteen Years in the Life: A Root Server's Perspective on DNS Resolver SecurityAlden Hilton, Casey T. Deccio, Jacob Davis. 3171-3186 [doi]

NRDelegationAttack: Complexity DDoS attack on DNS Recursive ResolversYehuda Afek, Anat Bremler-Barr, Shani Stajnrod. 3187-3204 [doi]

Inductive Graph UnlearningCheng-Long Wang, Mengdi Huai, Di Wang 0015. 3205-3222 [doi]

GAP: Differentially Private Graph Neural Networks with Aggregation PerturbationSina Sajadmanesh, Ali Shahin Shamsabadi, Aurélien Bellet, Daniel Gatica-Perez. 3223-3240 [doi]

PrivGraph: Differentially Private Graph Data Publication by Exploiting Community InformationQuan Yuan, Zhikun Zhang 0001, Linkang Du, Min Chen, Peng Cheng 0001, Mingyang Sun. 3241-3258 [doi]

On the Security Risks of Knowledge Graph ReasoningZhaohan Xi, Tianyu Du, Changjiang Li, Ren Pang, Shouling Ji, Xiapu Luo, Xusheng Xiao, Fenglong Ma, Ting Wang 0006. 3259-3276 [doi]

The Case for Learned Provenance Graph Storage SystemsHailun Ding, Juan Zhai, Dong Deng 0001, ShiQing Ma. 3277-3294 [doi]

A Large Scale Study of the Ethereum Arbitrage EcosystemRobert McLaughlin, Christopher Kruegel, Giovanni Vigna. 3295-3312 [doi]

2: Adaptive Conformal Consensus for Provable Blockchain OraclesSangdon Park 0001, Osbert Bastani, Taesoo Kim. 3313-3330 [doi]

Snapping Snap Sync: Practical Attacks on Go Ethereum Synchronising NodesMassimiliano Taverna, Kenneth G. Paterson. 3331-3348 [doi]

Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)Federico Cernera, Massimo La Morgia, Alessandro Mei, Francesco Sassi. 3349-3366 [doi]

Automated Inference on Financial Security of Ethereum Smart ContractsWansen Wang, Wenchao Huang, Zhaoyi Meng, Yan Xiong, Fuyou Miao, Xianjin Fang, Caichang Tu, Renjie Ji. 3367-3383 [doi]

LibScan: Towards More Precise Third-Party Library Identification for Android ApplicationsYafei Wu, Cong Sun 0001, Dongrui Zeng, Gang Tan, Siqi Ma, Peicheng Wang. 3385-3402 [doi]

Union under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android Software Supply ChainXueqiang Wang, Yifan Zhang 0010, Xiaofeng Wang 0001, Yan Jia, Luyi Xing. 3403-3420 [doi]

UVSCAN: Detecting Third-Party Component Usage Violations in IoT FirmwareBinbin Zhao, Shouling Ji, Xuhong Zhang 0002, Yuan Tian 0001, Qinying Wang, Yuwen Pu, Chenyang Lyu, Raheem Beyah. 3421-3438 [doi]

Beyond Typosquatting: An In-depth Look at Package ConfusionShradha Neupane, Grant Holmes, Elizabeth Wyss, Drew Davidson, Lorenzo De Carli. 3439-3456 [doi]

SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript SandboxesAbdullah AlHamdan, Cristian-Alexandru Staicu. 3457-3474 [doi]

Instructions Unclear: Undefined Behaviour in Cellular Network SpecificationsDaniel Klischies, Moritz Schloegel, Tobias Scharnowski, Mikhail Bogodukhov, David Rupprecht, Veelasha Moonsamy. 3475-3492 [doi]

MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy ResearchGabriel K. Gegenhuber, Wilfried Mayer, Edgar R. Weippl, Adrian Dabrowski. 3493-3510 [doi]

Eavesdropping Mobile App Activity via Radio-Frequency Energy HarvestingTao Ni, Guohao Lan, Jia Wang 0008, Qingchuan Zhao, Weitao Xu. 3511-3528 [doi]

Sherlock on Specs: Building LTE Conformance Tests through Automated ReasoningYi Chen, Di Tang, Yepeng Yao, Mingming Zha, Xiaofeng Wang 0001, Xiaozhong Liu, Haixu Tang, Baoxu Liu. 3529-3545 [doi]

BASECOMP: A Comparative Analysis for Integrity Protection in Cellular Baseband SoftwareEunsoo Kim, Min Woo Baek, CheolJun Park, Dongkwan Kim, Yongdae Kim, Insu Yun. 3547-3563 [doi]

Investigating Verification Behavior and Perceptions of Visual Digital CertificatesDañiel Gerhardt, Alexander Ponticello, Adrian Dabrowski, Katharina Krombholz. 3565-3582 [doi]

"My Privacy for their Security": Employees' Privacy Perspectives and Expectations when using Enterprise Security SoftwareJonah Stegman, Patrick J. Trottier, Caroline Hillier, Hassan Khan, Mohammad Mannan. 3583-3600 [doi]

Account Security Interfaces: Important, Unintuitive, and UntrustworthyAlaa Daffalla, Marina Sanusi Bohuk, Nicola Dell, Rosanna Bellini, Thomas Ristenpart. 3601-3618 [doi]

Defining "Broken": User Experiences and Remediation Tactics When Ad-Blocking or Tracking-Protection Tools Break a Website's User ExperienceAlexandra Nisenoff, Arthur Borem, Madison Pickering, Grant Nakanishi, Maya Thumpasery, Blase Ur. 3619-3636 [doi]

Cryptographic Deniability: A Multi-perspective Study of User Perceptions and ExpectationsTarun Kumar Yadav, Devashish Gosain, Kent E. Seamons. 3637-3654 [doi]

Silent Bugs Matter: A Study of Compiler-Introduced Security BugsJianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li, Qiushi Wu, Mathias Payer, Bing Mao. 3655-3672 [doi]

A Bug's Life: Analyzing the Lifecycle and Mitigation Process of Content Security Policy BugsGertjan Franken, Tom van Goethem, Lieven Desmet, Wouter Joosen. 3673-3690 [doi]

Remote Code Execution from SSTI in the Sandbox: Automatically Detecting and Exploiting Template Escape BugsYudi Zhao, Yuan Zhang 0009, Min Yang 0002. 3691-3708 [doi]

Detecting API Post-Handling Bugs Using Code and Description in PatchesMiaoqian Lin, Kai Chen 0012, Yang Xiao 0011. 3709-3726 [doi]

Place Your Locks Well: Understanding and Detecting Lock Misuse BugsYuandao Cai, Peisen Yao, Chengfeng Ye, Charles Zhang. 3727-3744 [doi]

The Space of Adversarial StrategiesRyan Sheatsley, Blaine Hoak, Eric Pauley, Patrick D. McDaniel. 3745-3761 [doi]

"Security is not my field, I'm a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in IndustryJaron Mink, Harjot Kaur, Juliane Schmüser, Sascha Fahl, Yasemin Acar. 3763-3780 [doi]

X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item DetectionAishan Liu, Jun Guo, Jiakai Wang, Siyuan Liang, Renshuai Tao, Wenbo Zhou, Cong Liu, Xianglong Liu 0001, Dacheng Tao. 3781-3798 [doi]

SMACK: Semantically Meaningful Adversarial Audio AttackZhiyuan Yu, Yuanhaur Chang, Ning Zhang 0017, Chaowei Xiao. 3799-3816 [doi]

URET: Universal Robustness Evaluation Toolkit (for Evasion)Kevin Eykholt, Taesung Lee, Douglas Lee Schales, Jiyong Jang, Ian M. Molloy, Masha Zorin. 3817-3833 [doi]

Authenticated private information retrievalSimone Colombo 0002, Kirill Nikitin 0001, Henry Corrigan-Gibbs, David J. Wu 0001, Bryan Ford. 3835-3851 [doi]

Don't be Dense: Efficient Keyword PIR for Sparse DatabasesSarvar Patel, Joon Young Seo, Kevin Yeo. 3853-3870 [doi]

GigaDORAM: Breaking the Billion Address BarrierBrett Hemenway Falk, Rafail Ostrovsky, Matan Shtepel, Jacob Zhang. 3871-3888 [doi]

One Server for the Price of Two: Simple and Fast Single-Server Private Information RetrievalAlexandra Henzinger, Matthew M. Hong, Henry Corrigan-Gibbs, Sarah Meiklejohn, Vinod Vaikuntanathan. 3889-3905 [doi]

Duoram: A Bandwidth-Efficient Distributed ORAM for 2- and 3-Party ComputationAdithya Vadapalli, Ryan Henry, Ian Goldberg. 3907-3924 [doi]

A Peek into the Metaverse: Detecting 3D Model Clones in Mobile GamesChaoshun Zuo, Chao Wang, Zhiqiang Lin. 3925-3942 [doi]

PATROL: Provable Defense against Adversarial Policy in Two-player GamesWenbo Guo 0002, Xian Wu, Lun Wang, Xinyu Xing, Dawn Song. 3943-3960 [doi]

The Blockchain Imitation GameKaihua Qin, Stefanos Chaliasos, Liyi Zhou, Benjamin Livshits, Dawn Song, Arthur Gervais. 3961-3978 [doi]

It's all in your head(set): Side-channel attacks on AR/VR systemsYicheng Zhang, Carter Slocum, Jiasi Chen, Nael B. Abu-Ghazaleh. 3979-3996 [doi]

Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt BinariesHaohuang Wen, Zhiqiang Lin. 3997-4014 [doi]

Reusable Enclaves for Confidential Serverless ComputingShixuan Zhao 0002, Pinshen Xu, Guoxing Chen, Mengya Zhang, Yinqian Zhang, Zhiqiang Lin. 4015-4032 [doi]

EnigMap: External-Memory Oblivious Map for Secure EnclavesAfonso Tinoco, Sixiang Gao, Elaine Shi. 4033-4050 [doi]

AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX EnclavesScott Constable, Jo Van Bulck, Xiang Cheng, Yuan Xiao, Cedric Xing, Ilya Alexandrovich, Taesoo Kim, Frank Piessens, Mona Vij, Mark Silberstein. 4051-4068 [doi]

Controlled Data Races in Enclaves: Attacks and DetectionSanchuan Chen, Zhiqiang Lin, Yinqian Zhang. 4069-4086 [doi]

Guarding Serverless Applications with KaliumDeepak Sirone Jegan, Liang Wang 0023, Siddhant Bhagat, Michael M. Swift. 4087-4104 [doi]

"To Do This Properly, You Need More Resources": The Hidden Costs of Introducing Simulated Phishing CampaignsLina Brunken, Annalina Buckmann, Jonas Hielscher, M. Angela Sasse. 4105-4122 [doi]

You've Got Report: Measurement and Security Implications of DMARC ReportingMd. Ishtiaq Ashiq, Weitong Li, Tobias Fiebig, Taejoong Chung. 4123-4137 [doi]

Knowledge Expansion and Counterfactual Interaction for Reference-Based Phishing DetectionRuofan Liu, Yun Lin 0001, Yifan Zhang, Penn Han Lee, Jin Song Dong. 4139-4156 [doi]

Rods with Laser Beams: Understanding Browser Fingerprinting on Phishing PagesIskander Sánchez-Rola, Leyla Bilge, Davide Balzarotti, Armin Buescher, Petros Efstathopoulos. 4157-4173 [doi]

Content-Type: multipart/oracle - Tapping into Format Oracles in Email End-to-End EncryptionFabian Ising, Damian Poddebniak, Tobias Kappert, Christoph Saatjohann, Sebastian Schinzel. 4175-4192 [doi]

PET: Prevent Discovered Errors from Being Triggered in the Linux KernelZiCheng Wang, Yueqi Chen, Qingkai Zeng 0002. 4193-4210 [doi]

A Hybrid Alias Analysis and Its Application to Global Variable Protection in the Linux KernelGuoren Li, Hang Zhang 0012, Jinmeng Zhou, Wenbo Shen, Yulei Sui, Zhiyun Qian. 4211-4228 [doi]

AlphaEXP: An Expert System for Identifying Security-Sensitive Kernel ObjectsRuipeng Wang, Kaixiang Chen, Chao Zhang 0008, Zulie Pan, Qianyu Li, Siliang Qin, Shenglin Xu, Min Zhang, Yang Li. 4229-4246 [doi]

Mitigating Security Risks in Linux with KLAUS: A Method for Evaluating Patch CorrectnessYuhang Wu, Zhenpeng Lin, Yueqi Chen, Dang K. Le, Dongliang Mu, Xinyu Xing. 4247-4264 [doi]

Detecting Union Type Confusion in Component Object ModelYuxing Zhang, Xiaogang Zhu, Daojing He, Minhui Xue, Shouling Ji, Mohammad Sayad Haghighi, Sheng Wen, Zhiniang Peng. 4265-4281 [doi]

Network Detection of Interactive SSH Impostors Using Deep LearningJulien Piet, Aashish Sharma, Vern Paxson, David A. Wagner 0001. 4283-4300 [doi]

ARGUS: Context-Based Detection of Stealthy IoT Infiltration AttacksPhillip Rieger, Marco Chilese, Reham Mohamed 0002, Markus Miettinen, Hossein Fereidooni, Ahmad-Reza Sadeghi. 4301-4318 [doi]

Generative Intrusion Detection and Prevention on Data StreamHyungBin Seo, MyungKeun Yoon. 4319-4335 [doi]

xNIDS: Explaining Deep Learning-based Network Intrusion Detection Systems for Active Intrusion ResponsesFeng Wei, Hongda Li 0002, Ziming Zhao 0001, Hongxin Hu. 4337-4354 [doi]

PROGRAPHER: An Anomaly Detection System based on Provenance Graph EmbeddingFan Yang, Jiacen Xu, Chunlin Xiong, Zhou Li, Kehuan Zhang. 4355-4372 [doi]

Dubhe: Succinct Zero-Knowledge Proofs for Standard AES and related ApplicationsChangchang Ding, Yan Huang 0001. 4373-4390 [doi]

Curve Trees: Practical and Transparent Zero-Knowledge AccumulatorsMatteo Campanelli, Mathias Hall-Andersen, Simon Holmgaard Kamp. 4391-4408 [doi]

BalanceProofs: Maintainable Vector Commitments with Fast AggregationWeijie Wang, Annie Ulichney, Charalampos Papamanthou. 4409-4426 [doi]

zkSaaS: Zero-Knowledge SNARKs as a ServiceSanjam Garg, Aarushi Goel, Abhishek Jain 0002, Guru-Vamsi Policharla, Sruthi Sekar. 4427-4444 [doi]

VeriZexe: Decentralized Private Computation with Universal SetupAlex Luoyuan Xiong, Binyi Chen, Zhenfei Zhang, Benedikt Bünz, Ben Fisch, Fernando Krell, Philippe Camacho. 4445-4462 [doi]

Intender: Fuzzing Intent-Based Networking with Intent-State Transition GuidanceJiwon Kim, Benjamin E. Ujcich, Dave Tian. 4463-4480 [doi]

Bleem: Packet Sequence Oriented Fuzzing for Protocol ImplementationsZhengxiong Luo, Junze Yu, Feilong Zuo, Jianzhong Liu, Yu Jiang 0001, Ting Chen 0002, Abhik Roychoudhury, Jiaguang Sun 0001. 4481-4498 [doi]

Automated Exploitable Heap Layout Generation for Heap Overflows Through Manipulation Distance-Guided FuzzingBin Zhang, Jiongyi Chen, Runhao Li, Chao Feng, Ruilin Li, Chaojing Tang. 4499-4515 [doi]

MINER: A Hybrid Data-Driven Approach for REST API FuzzingChenyang Lyu, Jiacheng Xu, Shouling Ji, Xuhong Zhang 0002, Qinying Wang, Binbin Zhao, Gaoning Pan, Wei Cao, Peng Cheng 0001, Raheem Beyah. 4517-4534 [doi]

Systematic Assessment of Fuzzers using Mutation AnalysisPhilipp Görz, Björn Mathis, Keno Hassler, Emre Güler, Thorsten Holz, Andreas Zeller, Rahul Gopinath. 4535-4552 [doi]

HOMESPY: The Invisible Sniffer of Infrared Remote Control of Smart TVsKong Huang, Yutong Zhou, Ke Zhang, Jiacen Xu, Jiongyi Chen, Di Tang, Kehuan Zhang. 4553-4570 [doi]

Remote Attacks on Speech Recognition Systems Using Sound from Power SupplyLanqing Yang, Xinqi Chen, Xiangyong Jian, Leping Yang, Yijie Li, Qianfei Ren, Yi-Chao Chen 0001, Guangtao Xue, Xiaoyu Ji 0001. 4571-4588 [doi]

Near-Ultrasound Inaudible Trojan (Nuit): Exploiting Your Speaker to Attack Your MicrophoneQi Xia, Qian Chen, Shouhuai Xu. 4589-4606 [doi]

Medusa Attack: Exploring Security Hazards of In-App QR Code ScanningXing Han, Yuheng Zhang, Xue Zhang, Zeyuan Chen, Mingzhe Wang, YiWei Zhang, Siqi Ma, Yu Yu, Elisa Bertino, Juanru Li. 4607-4624 [doi]

Othered, Silenced and Scapegoated: Understanding the Situated Security of Marginalised Populations in LebanonJessica McClearn, Rikke Bjerg Jensen, Reem Talhouk. 4625-4642 [doi]

Examining Power Dynamics and User Privacy in Smart Technology Use Among Jordanian HouseholdsWael S. Albayaydh, Ivan Flechais. 4643-4659 [doi]

"If sighted people know, I should be able to know: " Privacy Perceptions of Bystanders with Visual Impairments around Camera-based TechnologyYuhang Zhao 0001, Yaxing Yao, Jiaru Fu, Nihan Zhou. 4661-4678 [doi]

A Research Framework and Initial Study of Browser Security for the Visually ImpairedElaine Lau, Zachary Peterson. 4679-4696 [doi]

ELASM: Error-Latency-Aware Scale Management for Fully Homomorphic EncryptionYongwoo Lee, Seonyoung Cheon, Dongkwan Kim, Dongyoon Lee, Hanjun Kim 0001. 4697-4714 [doi]

HECO: Fully Homomorphic Encryption CompilerAlexander Viand, Patrick Jattke, Miro Haller, Anwar Hithnawi. 4715-4732 [doi]

A Verified Confidential Computing as a Service Framework for Privacy PreservationHongbo Chen, Haobin Hiroki Chen, Mingshen Sun, Kang Li, Zhaofeng Chen, Xiaofeng Wang 0001. 4733-4750 [doi]

CSHER: A System for Compact Storage with HE-RetrievalAdi Akavia, Neta Oren, Boaz Sapir, Margarita Vald. 4751-4768 [doi]

Precise and Generalized Robustness Certification for Neural NetworksYuanyuan Yuan, Shuai Wang 0011, Zhendong Su 0001. 4769-4786 [doi]

DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local SmoothingJiawei Zhang, Zhongzhu Chen, Huan Zhang, Chaowei Xiao, Bo Li 0026. 4787-4804 [doi]

ACORN: Input Validation for Secure AggregationJames Bell 0001, Adrià Gascón, Tancrède Lepoint, Baiyu Li, Sarah Meiklejohn, Mariana Raykova 0001, Cathie Yun. 4805-4822 [doi]

HOLMES: Efficient Distribution Testing for Secure Collaborative LearningIan Chang, Katerina Sotiraki, Weikeng Chen, Murat Kantarcioglu, Raluca A. Popa. 4823-4840 [doi]

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the InternetTomas Hlavacek, Haya Shulman, Niklas Vogel, Michael Waidner. 4841-4858 [doi]

Exploring the Unknown DTLS Universe: Analysis of the DTLS Server Ecosystem on the InternetNurullah Erinola, Marcel Maehren, Robert Merget, Juraj Somorovsky, Jörg Schwenk. 4859-4876 [doi]

We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session TicketsSven Hebrok, Simon Nachtigall, Marcel Maehren, Nurullah Erinola, Robert Merget, Juraj Somorovsky, Jörg Schwenk. 4877-4894 [doi]

Extended Hell(o): A Comprehensive Large-Scale Study on Email Confidentiality and Integrity Mechanisms in the WildBirk Blechschmidt, Ben Stock. 4895-4912 [doi]

No Linux, No Problem: Fast and Correct Windows Binary Fuzzing via Target-embedded SnapshottingLeo Stone, Rishi Ranjan, Stefan Nagy, Matthew Hicks. 4913-4929 [doi]

DAFL: Directed Grey-box Fuzzing guided by Data DependencyTae-eun Kim, Jaeseung Choi 0002, Kihong Heo, Sang Kil Cha. 4931-4948 [doi]

DynSQL: Stateful Fuzzing for Database Management Systems with Complex and Valid SQL Query GenerationZu-Ming Jiang, Jia-Ju Bai, Zhendong Su 0001. 4949-4965 [doi]

AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse EngineeringJi Shi, Zhun Wang, Zhiyao Feng, Yang Lan, Shisong Qin, Wei You, Wei Zou, Mathias Payer, Chao Zhang 0008. 4967-4984 [doi]

BoKASAN: Binary-only Kernel Address Sanitizer for Effective Kernel FuzzingMingi Cho, Dohyeon An, Hoyong Jin, Taekyoung Kwon 0002. 4985-5002 [doi]

ACTOR: Action-Guided Kernel FuzzingMarius Fleischer, Dipanjan Das 0002, Priyanka Bose, Weiheng Bai, Kangjie Lu, Mathias Payer, Christopher Kruegel, Giovanni Vigna. 5003-5020 [doi]

FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modulesIoannis Angelakopoulos, Gianluca Stringhini, Manuel Egele. 5021-5038 [doi]

KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting MitigationsTingting Yin, Zicong Gao, Zhenghang Xiao, Zheyu Ma, Min Zheng, Chao Zhang 0008. 5039-5054 [doi]

Uncontained: Uncovering Container Confusion in the Linux KernelJakob Koschel, Pietro Borrello, Daniele Cono D'Elia, Herbert Bos, Cristiano Giuffrida. 5055-5072 [doi]

"I'm going to trust this until it burns me" Parents' Privacy Concerns and Delegation of Trust in K-8 Educational TechnologyVictoria Zhong, Susan McGregor, Rachel Greenstadt. 5073-5090 [doi]

Educators' Perspectives of Using (or Not Using) Online Exam ProctoringDavid G. Balash, Elena Korkes, Miles Grant, Adam J. Aviv, Rahel A. Fainchtein, Micah Sherr. 5091-5108 [doi]

No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial LearningThorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz, Konrad Rieck. 5109-5126 [doi]

A Two-Decade Retrospective Analysis of a University's Vulnerability to Attacks Exploiting Reused PasswordsAlexandra Nisenoff, Maximilian Golla, Miranda Wei, Juliette Hainline, Hayley Szymanek, Annika Braun, Annika Hildebrandt, Blair Christensen, David Langenberg, Blase Ur. 5127-5144 [doi]

Ethical Frameworks and Computer Security Trolley Problems: Foundations for ConversationsTadayoshi Kohno, Yasemin Acar, Wulf Loh. 5145-5162 [doi]

Catch You and I Can: Revealing Source Voiceprint Against Voice ConversionJiangyi Deng, Yanjiao Chen, Yinan Zhong, Qianhao Miao, Xueluan Gong, Wenyuan Xu 0001. 5163-5180 [doi]

V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice AnonymizationJiangyi Deng, Fei Teng, Yanjiao Chen, Xiaofu Chen, Zhaohui Wang, Wenyuan Xu 0001. 5181-5198 [doi]

Assessing Anonymity Techniques Employed in German Court Decisions: A De-Anonymization ExperimentDominic Deuber, Michael Keuchen, Nicolas Christin. 5199-5216 [doi]

Person Re-identification in 3D Space: A WiFi Vision-based ApproachYili Ren, Yichao Wang, Sheng Tan, Yingying Chen 0001, Jie Yang 0003. 5217-5234 [doi]

In the Quest to Protect Users from Side-Channel Attacks - A User-Centred Design Space to Mitigate Thermal Attacks on Public Payment TerminalsKarola Marky, Shaun Alexander Macdonald, Yasmeen Abdrabou, Mohamed Khamis. 5235-5252 [doi]

Extracting Training Data from Diffusion ModelsNicholas Carlini, Jamie Hayes, Milad Nasr, Matthew Jagielski, Vikash Sehwag, Florian Tramèr, Borja Balle, Daphne Ippolito, Eric Wallace. 5253-5270 [doi]

PCAT: Functionality and Data Stealing from Split Learning by Pseudo-Client AttackXinben Gao, Lan Zhang. 5271-5288 [doi]

A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific PlotsBoyang Zhang, Xinlei He, Yun Shen, Tianhao Wang 0001, Yang Zhang 0016. 5289-5306 [doi]

Beyond The Gates: An Empirical Analysis of HTTP-Managed Password Stealers and OperatorsAthanasios Avgetidis, Omar Alrawi, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos D. Keromytis, Fabian Monrose, Manos Antonakakis. 5307-5324 [doi]

LightThief: Your Optical Communication Information is Stolen behind the WallXin Liu, Wei Wang, Guanqun Song, Ting Zhu. 5325-5339 [doi]

WaterBear: Practical Asynchronous BFT Matching Security Guarantees of Partially Synchronous BFTHaibin Zhang, Sisi Duan, Boxin Zhao, Liehuang Zhu. 5341-5357 [doi]

Practical Asynchronous High-threshold Distributed Key Generation and Distributed Polynomial SamplingSourav Das, Zhuolun Xiang, Lefteris Kokoris-Kogias, Ling Ren 0001. 5359-5376 [doi]

Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN InferenceYun Li, Yufei Duan, Zhicong Huang, Cheng Hong, Chao Zhang, Yifan Song. 5377-5394 [doi]

TVA: A multi-party computation system for secure and expressive time series analyticsMuhammad Faisal, Jerry Zhang, John Liagouris, Vasiliki Kalavri, Mayank Varia. 5395-5412 [doi]

Long Live The Honey Badger: Robust Asynchronous DPSS and its ApplicationsThomas Yurek, Zhuolun Xiang, Yu Xia 0005, Andrew Miller 0001. 5413-5430 [doi]

Powering Privacy: On the Energy Demand and Feasibility of Anonymity Networks on SmartphonesDaniel Hugenroth, Alastair R. Beresford. 5431-5448 [doi]

Eye-Shield: Real-Time Protection of Mobile Device Screen Information from Shoulder SurfingBrian Tang, Kang G. Shin. 5449-5466 [doi]

The OK Is Not Enough: A Large Scale Study of Consent Dialogs in Smartphone ApplicationsSimon Koch, Benjamin Altpeter, Martin Johns. 5467-5484 [doi]

Notice the Imposter! A Study on User Tag Spoofing Attack in Mobile AppsShuai Li, Zhemin Yang, Guangliang Yang 0001, Hange Zhang, Nan Hua, YuRui Huang, Min Yang 0002. 5485-5501 [doi]

Lost in Conversion: Exploit Data Structure Conversion with Attribute Loss to Break Android SystemsRui Li, Wenrui Diao, Shishuai Yang, Xiangyu Liu, Shanqing Guo, Kehuan Zhang. 5503-5520 [doi]

Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.jsMikhail Shcherbakov, Musard Balliu, Cristian-Alexandru Staicu. 5521-5538 [doi]

Cookie Crumbles: Breaking and Fixing Web Session IntegrityMarco Squarcina, Pedro Adão, Lorenzo Veronese, Matteo Maffei. 5539-5556 [doi]

Minimalist: Semi-automated Debloating of PHP Web Applications through Static AnalysisRasoul Jahanshahi, Babak Amin Azad, Nick Nikiforakis, Manuel Egele. 5557-5573 [doi]

AnimateDead: Debloating Web Applications Using Concolic ExecutionBabak Amin Azad, Rasoul Jahanshahi, Chris Tsoukaladelis, Manuel Egele, Nick Nikiforakis. 5575-5591 [doi]

NAUTILUS: Automated RESTful API Vulnerability DetectionGelei Deng, Zhiyi Zhang, Yuekang Li, Yi Liu, Tianwei Zhang 0004, Yang Liu 0003, Guo Yu, Dongjin Wang. 5593-5609 [doi]

"Un-Equal Online Safety?" A Gender Analysis of Security and Privacy Protection Advice and Behaviour PatternsKovila P. L. Coopamootoo, Magdalene Ng. 5611-5628 [doi]

"Millions of people are watching you": Understanding the Digital-Safety Needs and Practices of CreatorsPatrawat Samermit, Anna Turner, Patrick Gage Kelley, Tara Matthews, Vanessia Wu, Sunny Consolvo, Kurt Thomas. 5629-5645 [doi]

How Library IT Staff Navigate Privacy and Security Challenges and ResponsibilitiesAlan F. Luo, Noel Warford, Samuel Dooley, Rachel Greenstadt, Michelle L. Mazurek, Nora McDonald. 5647-5664 [doi]

Problematic Advertising and its Disparate Exposure on FacebookMuhammad Ali, Angelica Goetzen, Alan Mislove, Elissa M. Redmiles, Piotr Sapiezynski. 5665-5682 [doi]

One Size Does not Fit All: Quantifying the Risk of Malicious App Encounters for Different Android User ProfilesSavino Dambra, Leyla Bilge, Platon Kotzias, Yun Shen, Juan Caballero. 5683-5700 [doi]

How Effective is Multiple-Vantage-Point Domain Control Validation?Grace H. Cimaszewski, Henry Birge-Lee, Liang Wang 0054, Jennifer Rexford, Prateek Mittal. 5701-5718 [doi]

Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing TablesNian Xue, Yashaswi Malla, Zihang Xia, Christina Pöpper, Mathy Vanhoef. 5719-5736 [doi]

Back to School: On the (In)Security of Academic VPNsKa Lok Wu, Man Hong Hue, Ngai Man Poon, Kin Man Leung, Wai Yin Po, Kin Ting Wong, Sze Ho Hui, Sze Yiu Chau. 5737-5754 [doi]

FABRID: Flexible Attestation-Based Routing for Inter-Domain NetworksCyrill Krähenbühl, Marc Wyss, David A. Basin, Vincent Lenders, Adrian Perrig, Martin Strohmeier. 5755-5772 [doi]

"All of them claim to be the best": Multi-perspective study of VPN users and VPN providersReethika Ramesh, Anjali Vyas, Roya Ensafi. 5773-5789 [doi]

Greenhouse: Single-Service Rehosting of Linux-Based Firmware Binaries in User-Space EmulationHui Jun Tay, Kyle Zeng, Jayakrishna Menon Vadayath, Arvind S. Raj, Audrey Dutcher, Tejesh Reddy, Wil Gibbs, Zion Leonahenahe Basque, Fangzhou Dong, Zack Smith, Adam Doupé, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang 0001. 5791-5808 [doi]

FuncTeller: How Well Does eFPGA Hide Functionality?Zhaokun Han, Mohammed Shayan, Aneesh Dixit, Mustafa M. Shihab, Yiorgos Makris, Jeyavijayan Rajendran. 5809-5826 [doi]

ACFA: Secure Runtime Auditing & Guaranteed Device Healing via Active Control Flow AttestationAdam Caulfield, Norrathep Rattanavipanon, Ivan De Oliveira Nunes. 5827-5844 [doi]

Fuzz The Power: Dual-role State Guided Black-box Fuzzing for USB Power DeliveryKyungtae Kim, SungWoo Kim, Kevin R. B. Butler, Antonio Bianchi, Rick Kennell, Dave Tian. 5845-5861 [doi]

The Impostor Among US(B): Off-Path Injection Attacks on USB CommunicationsRobert Dumitru 0002, Daniel Genkin, Andrew Wabnitz, Yuval Yarom. 5863-5880 [doi]

A comprehensive, formal and automated analysis of the EDHOC protocolCharlie Jacomme, Elise Klein 0002, Steve Kremer, Maïwenn Racouchot. 5881-5898 [doi]

Hash Gone Bad: Automated discovery of protocol attacks that exploit hash function weaknessesVincent Cheval, Cas Cremers, Alexander Dax, Lucca Hirschi, Charlie Jacomme, Steve Kremer. 5899-5916 [doi]

How fast do you heal? A taxonomy for post-compromise security in secure-channel establishmentOlivier Blazy, Ioana Boureanu, Pascal Lafourcade 0001, Cristina Onete, Léo Robert. 5917-5934 [doi]

Automated Analysis of Protocols that use Authenticated Encryption: How Subtle AEAD Differences can impact Protocol SecurityCas Cremers, Alexander Dax, Charlie Jacomme, Mang Zhao. 5935-5952 [doi]

High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable EncryptionXianglong Zhang, Wei Wang 0088, Peng Xu 0003, Laurence T. Yang, Kaitai Liang. 5953-5970 [doi]

Cross Container Attacks: The Bewildered eBPF on CloudsYi He, Roland Guo, Yunlong Xing, Xijia Che, Kun Sun 0001, Zhuotao Liu, Ke Xu 0002, Qi Li 0002. 5971-5988 [doi]

DScope: A Cloud-Native Internet TelescopeEric Pauley, Paul Barford, Patrick D. McDaniel. 5989-6006 [doi]

Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability InferenceXueqiang Wang, Yuqiong Sun, Susanta Nanda, Xiaofeng Wang 0001. 6007-6024 [doi]

Detecting Multi-Step IAM Attacks in AWS Environments via Model CheckingIlia Shevrin, Oded Margalit. 6025-6042 [doi]

Remote Direct Memory IntrospectionHongyi Liu, Jiarong Xing, Yibo Huang, Danyang Zhuo, Srinivas Devadas, Ang Chen 0001. 6043-6060 [doi]

Auditing Framework APIs via Inferred App-side Security SpecificationsParjanya Vyas, Asim Waheed, Yousra Aafer, N. Asokan. 6061-6077 [doi]

WHIP: Improving Static Vulnerability Detection in Web Application by Forcing tools to CollaborateFeras Al Kassar, Luca Compagna, Davide Balzarotti. 6079-6096 [doi]

SQIRL: Grey-Box Detection of SQL Injection Vulnerabilities Using Reinforcement LearningSalim Al Wahaibi, Myles Foley, Sergio Maffeis. 6097-6114 [doi]

Hiding in Plain Sight: An Empirical Study of Web Application Abuse in MalwareMingxuan Yao, Jonathan Fuller, Ranjita Pai Kasturi, Saumya Agarwal, Amit Kumar Sikder, Brendan Saltaformaggio. 6115-6132 [doi]

Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting LanguagesCristian-Alexandru Staicu, Sazzadur Rahaman, Ágnes Kiss, Michael Backes 0001. 6133-6150 [doi]

Did the Shark Eat the Watchdog in the NTP Pool? Deceiving the NTP Pool's Monitoring SystemJonghoon Kwon, Jeonggyu Song, Junbeom Hur, Adrian Perrig. 6151-6166 [doi]

Device Tracking via Linux's New TCP Source Port Selection AlgorithmMoshe Kol, Amit Klein 0001, Yossi Gilad. 6167-6183 [doi]

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS AttackRun Guo, Jianjun Chen 0005, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang 0008, Haixin Duan, Jianping Wu. 6185-6202 [doi]

An Efficient Design of Intelligent Network Data PlaneGuangmeng Zhou, Zhuotao Liu, Chuanpu Fu, Qi Li 0002, Ke Xu 0002. 6203-6220 [doi]

Glowing in the Dark: Uncovering IPv6 Address Discovery and Scanning Strategies in the WildHammas Bin Tanveer, Rachee Singh, Paul Pearce, Rishab Nithyanand. 6221-6237 [doi]

Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-MXhani Marvin Saß, Richard Mitev, Ahmad-Reza Sadeghi. 6239-6256 [doi]

SHELTER: Extending Arm CCA with Isolation in User SpaceYiming Zhang, Yuxin Hu, Zhenyu Ning, Fengwei Zhang, Xiapu Luo, Haoyang Huang, Shoumeng Yan, Zhengyu He. 6257-6274 [doi]

Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and Arm SoCsHritvik Taneja, Jason Kim 0007, Jie Jeff Xu, Stephan van Schaik, Daniel Genkin, Yuval Yarom. 6275-6292 [doi]

SpectrEM: Exploiting Electromagnetic Emanations During Transient ExecutionJesse De Meulemeester, Antoon Purnal, Lennert Wouters, Arthur Beckers, Ingrid Verbauwhede. 6293-6310 [doi]

ARMore: Pushing Love Back Into BinariesLuca Di Bartolomeo, Hossein Moghaddas, Mathias Payer. 6311-6328 [doi]

Secure Floating-Point TrainingDeevashwer Rathee, Anwesh Bhattacharya, Divya Gupta 0001, Rahul Sharma 0001, Dawn Song. 6329-6346 [doi]

NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural NetworksQi Liu 0017, Jieming Yin, Wujie Wen, Chengmo Yang, Shi Sha. 6347-6364 [doi]

FedVal: Different good or different bad in federated learningViktor Valadi, Xinchi Qiu, Pedro Porto Buarque de Gusmão, Nicholas D. Lane, Mina Alibeigi. 6365-6380 [doi]

Gradient Obfuscation Gives a False Sense of Security in Federated LearningKai Yue, Richeng Jin, Chau-Wai Wong, Dror Baron, Huaiyu Dai. 6381-6398 [doi]

FreeEagle: Detecting Complex Neural Trojans in Data-Free CasesChong Fu, Xuhong Zhang 0002, Shouling Ji, Ting Wang 0006, Peng Lin, Yanghe Feng, Jianwei Yin. 6399-6416 [doi]

Prime Match: A Privacy-Preserving Inventory Matching SystemAntigoni Polychroniadou, Gilad Asharov, Benjamin E. Diamond, Tucker Balch, Hans Buehler, Richard Hua, Suwen Gu, Greg Gimler, Manuela Veloso. 6417-6434 [doi]

Squirrel: A Scalable Secure Two-Party Computation Framework for Training Gradient Boosting Decision TreeWen-Jie Lu, Zhicong Huang, Qizhi Zhang, Yuchen Wang, Cheng Hong. 6435-6451 [doi]

Eos: Efficient Private Delegation of zkSNARK ProversAlessandro Chiesa, Ryan Lehmkuhl, Pratyush Mishra, Yinuo Zhang. 6453-6469 [doi]

Machine-checking Multi-Round Proofs of Shuffle: Terelius-Wikstrom and Bayer-GrothThomas Haines, Rajeev Goré, Mukesh Tiwari. 6471-6488 [doi]

TAP: Transparent and Privacy-Preserving Data ServicesDaniël Reijsbergen, Aung Maw, Zheng Yang 0001, Tien Tuan Anh Dinh, Jianying Zhou 0001. 6489-6506 [doi]

Trojan Source: Invisible VulnerabilitiesNicholas Boucher, Ross Anderson 0001. 6507-6524 [doi]

Cheesecloth: Zero-Knowledge Proofs of Real World VulnerabilitiesSantiago Cuéllar, Bill Harris, James Parker, Stuart Pernsteiner, Eran Tromer. 6525-6540 [doi]

V1SCAN: Discovering 1-day Vulnerabilities in Reused C/C++ Open-source Software Components Using Code Classification TechniquesSeunghoon Woo, Eunjin Choi, Heejo Lee, Hakjoo Oh. 6541-6556 [doi]

VulChecker: Graph-based Vulnerability Localization in Source CodeYisroel Mirsky, George Macon, Michael D. Brown, Carter Yagemann, Matthew Pruett, Evan Downing, Sukarno Mertoguno, Wenke Lee. 6557-6574 [doi]

DISTDET: A Cost-Effective Distributed Cyber Threat Detection SystemFeng Dong, Liu Wang 0002, Xu Nie, Fei Shao, Haoyu Wang 0001, Ding Li, Xiapu Luo, Xusheng Xiao. 6575-6592 [doi]

Automated Security Analysis of Exposure Notification SystemsKevin Morio, Ilkan Esiyok, Dennis Jackson, Robert Künnemann. 6593-6610 [doi]

Formal Analysis of SPDM: Security Protocol and Data Model version 1.2Cas Cremers, Alexander Dax, Aurora Naska. 6611-6628 [doi]

One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant APIs in WeChatChao Wang, Yue Zhang, Zhiqiang Lin. 6629-6646 [doi]

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 DecodersWilly R. Vasquez, Stephen Checkoway, Hovav Shacham. 6647-6664 [doi]

Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion AppsYuhong Nan, Xueqiang Wang, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang 0010, Xiaofeng Wang 0001. 6665-6682 [doi]

Strategies and Vulnerabilities of Participants in Venezuelan Influence OperationsRuben Recabarren, Bogdan Carbunar, Nestor Hernandez, Ashfaq Ali Shafin. 6683-6700 [doi]

TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering AttacksZheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee. 6701-6718 [doi]

Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification SystemsSahar Abdelnabi, Mario Fritz. 6719-6736 [doi]

Reversing, Breaking, and Fixing the French Legislative Election E-Voting ProtocolAlexandre Debant, Lucca Hirschi. 6737-6752 [doi]

PROVIDENCE: a Flexible Round-by-Round Risk-Limiting AuditOliver Broadrick, Poorvi L. Vora, Filip Zagórski. 6753-6770 [doi]

NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory SystemsZixuan Wang, Mohammadkazem Taram, Daniel Moghimi, Steven Swanson, Dean M. Tullsen, Jishen Zhao. 6771-6788 [doi]

Cipherfix: Mitigating Ciphertext Side-Channel Attacks in SoftwareJan Wichelmann, Anna Pätschke, Luca Wilke, Thomas Eisenbarth 0001. 6789-6806 [doi]

Side-Channel Attacks on Optane Persistent MemorySihang Liu, Suraaj Kanniwadi, Martin Schwarzl, Andreas Kogler, Daniel Gruss, Samira Khan. 6807-6824 [doi]

Pspray: Timing Side-Channel based Linux Kernel Heap Exploitation TechniqueYoochan Lee, Jinhan Kwak, Junesoo Kang, Yuseok Jeon, Byoungyoung Lee. 6825-6842 [doi]

CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic ImplementationsSen Deng, Mengyuan Li, Yining Tang, Shuai Wang, Shoumeng Yan, Yinqian Zhang. 6843-6860 [doi]

ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence GraphsPrashant Hari Narayan Rajput, Constantine Doumanidis, Michail Maniatakos. 6861-6876 [doi]

Access Denied: Assessing Physical Risks to Internet Access NetworksAlexander Marder, Zesen Zhang, Ricky K. P. Mok, Ramakrishna Padmanabhan, Bradley Huffaker, Matthew Luckie, Alberto Dainotti, kc claffy, Alex C. Snoeren, Aaron Schulman. 6877-6892 [doi]

ZBCAN: A Zero-Byte CAN Defense SystemKhaled Serag, Rohit Bhatia, Akram Faqih, Muslum Ozgur Ozmen, Vireshwar Kumar, Z. Berkay Celik, Dongyan Xu. 6893-6910 [doi]

RIDAS: Real-time identification of attack sources on controller area networksJiwoo Shin, Hyunghoon Kim, Seyoung Lee 0003, Wonsuk Choi, Dong Hoon Lee 0001, Hyo Jin Jo. 6911-6928 [doi]

That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal ConsistencyYanmao Man, Raymond Muller, Ming Li 0003, Z. Berkay Celik, Ryan M. Gerdes. 6929-6946 [doi]

TRust: A Compilation Framework for In-process Isolation to Protect Safe Rust against Untrusted CodeInyoung Bang, Martin Kayondo, Hyungon Moon, Yunheung Paek. 6947-6964 [doi]

Jinn: Hijacking Safe Programs with TrojansKomail Dharsee, John Criswell. 6965-6982 [doi]

ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and ActionsSiddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Bradley Reaves, Antonio Bianchi, William Enck, Alexandros Kapravelos, Aravind Machiry. 6983-7000 [doi]

McFIL: Model Counting Functionality-Inherent LeakageMaximilian Zinkus, Yinzhi Cao, Matthew D. Green. 7001-7018 [doi]

Extracting Protocol Format as State Machine via Controlled Static Loop AnalysisQingkai Shi, Xiangzhe Xu, Xiangyu Zhang 0001. 7019-7036 [doi]

Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the BrowserMatthias Gierlings, Marcus Brinkmann, Jörg Schwenk. 7037-7054 [doi]

Extending a Hand to Attackers: Browser Privilege Escalation Attacks via ExtensionsYoung-Min Kim, Byoungyoung Lee. 7055-7071 [doi]

RøB: Ransomware over Modern Web BrowsersHarun Oz, Ahmet Aris, Abbas Acar, Güliz Seray Tuncay, Leonardo Babun, A. Selcuk Uluagac. 7073-7090 [doi]

Pool-Party: Exploiting Browser Resource Pools for Web TrackingPeter Snyder, Soroush Karami, Arthur Edelstein, Benjamin Livshits, Hamed Haddadi. 7091-7105 [doi]

Checking Passwords on Leaky Computers: A Side Channel Analysis of Chrome's Password Leak Detect ProtocolAndrew Kwong, Walter Wang, Jason Kim 0007, Jonathan Berger, Daniel Genkin, Eyal Ronen, Hovav Shacham, Riad S. Wahby, Yuval Yarom. 7107-7124 [doi]

Ultimate SLH: Taking Speculative Load Hardening to the Next LevelZhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, Yuval Yarom. 7125-7142 [doi]

Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU ExceptionsJana Hofmann, Emanuele Vannacci, Cédric Fournet, Boris Köpf, Oleksii Oleksenko. 7143-7160 [doi]

ProSpeCT: Provably Secure Speculation for the Constant-Time PolicyLesly-Ann Daniel, Marton Bognar, Job Noorman, Sébastien Bardin, Tamara Rezk, Frank Piessens. 7161-7178 [doi]

Title Redacted Due to Vulnerability EmbargoDaniel Moghimi. 7179-7193 [doi]

FACE-AUDITOR: Data Auditing in Facial Recognition SystemsMin Chen 0032, Zhikun Zhang 0001, Tianhao Wang 0001, Michael Backes 0001, Yang Zhang 0016. 7195-7212 [doi]

UnGANable: Defending Against GAN-based Face ManipulationZheng Li, Ning Yu, Ahmed Salem 0001, Michael Backes 0001, Mario Fritz, Yang Zhang 0016. 7213-7230 [doi]

Fairness Properties of Face Recognition and Obfuscation SystemsHarrison Rosenberg, Brian Tang, Kassem Fawaz, Somesh Jha. 7231-7248 [doi]

GlitchHiker: Uncovering Vulnerabilities of Image Signal Transmission with IEMIQinhong Jiang, Xiaoyu Ji 0001, Chen Yan 0001, Zhixin Xie, Haina Lou, Wenyuan Xu 0001. 7249-7266 [doi]

(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side ChannelsRuiyi Zhang, Taehyun Kim, Daniel Weber 0007, Michael Schwarz 0001. 7267-7284 [doi]

Collide+Power: Leaking Inaccessible Data with Software-based Power Side ChannelsAndreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach 0001, Martin Schwarzl, Michael Schwarz 0001, Daniel Gruss, Stefan Mangard. 7285-7302 [doi]

Inception: Exposing New Attack Surfaces with Training in Transient ExecutionDaniël Trujillo, Johannes Wikner, Kaveh Razavi. 7303-7320 [doi]

BunnyHop: Exploiting the Instruction PrefetcherZhiyuan Zhang, Mingtian Tao, Sioli O'Connell, Chitchanok Chuengsatiansup, Daniel Genkin, Yuval Yarom. 7321-7337 [doi]

Can a Deep Learning Model for One Architecture Be Used for Others? Retargeted-Architecture Binary Code AnalysisJunzhe Wang, Matthew Sharp, Chuxiong Wu, Qiang Zeng 0001, Lannan Luo. 7339-7356 [doi]

Decompiling x86 Deep Neural Network ExecutablesZhibo Liu, Yuanyuan Yuan, Shuai Wang 0011, Xiaofei Xie, Lei Ma 0003. 7357-7374 [doi]

AIRS: Explanation for Deep Reinforcement Learning based Security ApplicationsJiahao Yu, Wenbo Guo 0002, Qi Qin, Gang Wang 0011, Ting Wang 0006, Xinyu Xing. 7375-7392 [doi]

Differential Testing of Cross Deep Learning Framework APIs: Revealing Inconsistencies and VulnerabilitiesZizhuang Deng, Guozhu Meng, Kai Chen 0012, Tong Liu, Lu Xiang, Chunyang Chen. 7393-7410 [doi]

Every Signature is Broken: On the Insecurity of Microsoft Office's OOXML SignaturesSimon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, Jörg Schwenk. 7411-7428 [doi]

Downgrading DNSSEC: How to Exploit Crypto Agility for Hijacking Signed ZonesElias Heftrig, Haya Shulman, Michael Waidner. 7429-7444 [doi]

Security Analysis of MongoDB Queryable EncryptionZichen Gui, Kenneth G. Paterson, Tianxin Tang. 7445-7462 [doi]

All cops are broadcasting: TETRA under scrutinyCarlo Meijer, Wouter Bokslag, Jos Wetzels. 7463-7479 [doi]

On the Feasibility of Malware Unpacking via Hardware-assisted Loop ProfilingBinlin Cheng, Erika A. Leal, Haotian Zhang, Jiang Ming 0002. 7481-7498 [doi]

Multiview: Finding Blind Spots in Access-Deny Issues DiagnosisBingyu Shen 0002, Tianyi Shan, Yuanyuan Zhou 0001. 7499-7516 [doi]

Attacks are Forwarded: Breaking the Isolation of MicroVM-based Containers Through Operation ForwardingJietao Xiao, Nanzi Yang, Wenbo Shen, Jinku Li, Xin Guo, Zhiqiang Dong, Fei Xie, Jianfeng Ma 0001. 7517-7534 [doi]

AutoFR: Automated Filter Rule Generation for AdblockingHieu Le, Salma Elmalaki, Athina Markopoulou, Zubair Shafiq. 7535-7552 [doi]

External Links

Cite Key

Statistics

PDF

Researchr

32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023

Abstract

Table of Contents