| Title | Author |
|---|---|
| A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks | Karel Dhondt (imec-DistriNet; KU Leuven); Victor Le Pochat (imec-DistriNet; KU Leuven); Alexios Voulimeneas (imec-DistriNet; KU Leuven); Wouter Joosen (imec-DistriNet; KU Leuven); Stijn Volckaert (imec-DistriNet; KU Leuven) |
| A Scalable and Dynamic ACL System for In-Network Defense | Changhun Jung (Ewha Womans University); Sian Kim (Ewha Womans University); RhongHo Jang (Wayne State University); David Mohaisen (University of Central Florida); DaeHun Nyang (Ewha Womans University) |
| A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello | Karthikeyan Bhargavan (Inria); Vincent Cheval (Inria); Christopher Wood (Cloudflare) |
| A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music | Anomadarshi Barua (University of California; Irvine); Yonatan Gizachew Achamyeleh (University of California; Irvine); Mohammad Abdullah Al Faruque (University of California; Irvine) |
| AI/ML for Network Security: The Emperor has no Clothes | Arthur S. Jacobs (UFRGS); Roman Beltiukov (UCSB); Walter Willinger (NIKSUN Inc.); Ronaldo A. Ferreira (UFMS); Arpit Gupta (UCSB); Lisandro Z. Granville (UFRGS) |
| ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning | Vasudev Gohil (Texas A&M University); Hao Guo (Texas A&M University); Satwik Patnaik (Texas A&M University); Jeyavijayan Rajendran (Texas A&M University) |
| Acquirer: A Hybrid Approach to Detecting Algorithmic Complexity Vulnerabilities | Yinxi Liu (The Chinese University of Hong Kong); Wei Meng (The Chinese University of Hong Kong) |
| Adversarial Correctness and Privacy for Probabilistic Data Structures | Mia Filić (ETH Zurich); Kenneth G. Paterson (ETH Zurich); Anupama Unnikrishnan (ETH Zurich); Fernando Virdia (Intel Labs) |
| Am I Private and If So, how Many? Communicating Privacy Guarantees of Differential Privacy with Risk Communication Formats | Daniel Franzen (Freie Universität Berlin); Saskia Nuñez von Voigt (Technische Universität Berlin); Peter Sörries (Freie Universität Berlin); Florian Tschorsch (Technische Universität Berlin; Humboldt-Universität zu Berlin); Claudia Müller-Birn (Freie Universität Berlin) |
| An Extensive Study of Residential Proxies in China | Mingshuo Yang (Shandong University); Yunnan Yu (University at Buffalo); Xianghang Mi (University of Science and Technology of China); Shujun Tang (QI-ANXIN Technology Research Institute); Shanqing Guo (Shandong University); Yilin Li (Shandong University); Xiaofeng Zheng (Tsinghua University); Haixin Duan (Tsinghua University) |
| AntMan: Interactive Zero-Knowledge Proofs with Sublinear Communication | Chenkai Weng (Northwestern University); Kang Yang (State Key Laboratory of Cryptology); Zhaomin Yang (Shanghai Key Laboratory of Privacy-Preserving Computation and MatrixElements Technologies); Xiang Xie (Shanghai Key Laboratory of Privacy-Preserving Computation and MatrixElements Technologies); Xiao Wang (Northwestern University) |
| Are Attribute Inference Attacks Just Imputation? | Bargav Jayaraman (University of Virginia); David Evans (University of Virginia) |
| Auditing Membership Leakages of Multi-Exit Networks | Zheng Li (CISPA Helmholtz Center for Information Security); Yiyong Liu (CISPA Helmholtz Center for Information Security); Xinlei He (CISPA Helmholtz Center for Information Security); Ning Yu (Salesforce Research); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| Automatic Detection of Fake Key Attacks in Secure Messaging | Tarun Kumar Yadav (Brigham Young University); Devashish Gosain (Max Planck Institute for Informatics); Amir Herzberg (University of Connecticut); Daniel Zappala (Brigham Young University); Kent Seamons (Brigham Young University) |
| Automatic Detection of Speculative Execution Combinations | Xaver Fabian (CISPA Helmholtz Center for Information Security); Marco Guarnieri (IMDEA Software Institute); Marco Patrignani (University of Trento) |
| Batching, Aggregation, and Zero-Knowledge Proofs in Bilinear Accumulators | Shravan Srinivasan (University of Maryland); Ioanna Karantaidou (George Mason University); Foteini Baldimtsi (George Mason University); Charalampos Papamanthou (Yale University) |
| Behind the Scenes of RPKI | Tomas Hlavacek (Fraunhofer SIT; ATHENE); Philipp Jeitner (Fraunhofer SIT; ATHENE); Donika Mirdita (Technische Universität Darmstadt; Fraunhofer SIT; ATHENE); Haya Shulman (Goethe-Universität Frankfurt; Fraunhofer SIT; ATHENE); Michael Waidner (Technische Universität Darmstadt; Fraunhofer SIT; ATHENE) |
| Blacktooth: Breaking through the Defense of Bluetooth in Silence | Mingrui Ai (University of Science and Technology of China); Kaiping Xue (University of Science and Technology of China); Bo Luo (University of Kansas); Lutong Chen (University of Science and Technology of China); Nenghai Yu (University of Science and Technology of China); Qibin Sun (University of Science and Technology of China); Feng Wu (University of Science and Technology of China) |
| Blazing Fast PSI from Improved OKVS and Subfield VOLE | Srinivasan Raghuraman (Visa Research); Peter Rindal (Visa Research) |
| Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT | Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu (The University of Sydney); Qiang Tang (The University of Sydney) |
| Bullshark: DAG BFT Protocols Made Practical | Alexander Spiegelman (Aptos); Neil Giridharan (Berkeley); Alberto Sonnino (Mesten Labs); Lefteris Kokoris-Kogias (IST Austria) |
| C2C: Fine-grained Configuration-driven System Call Filtering | Seyedhamed Ghavamnia (Stony Brook University); Tapti Palit (Purdue University); Michalis Polychronakis (Stony Brook University) |
| CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks | Alvise De Faveri Tron (Politecnico di Milano); Stefano Longari (Politecnico di Milano); Michele Carminati (Politecnico di Milano); Mario Polino (Politecnico di Milano); Stefano Zanero (Politecnico di Milano) |
| CERBERUS: Exploring Federated Prediction of Security Events | Mohammad Naseri (University College London); Yufei Han (Inria Rennes); Enrico Mariconti (University College London); Yun Shen (NetApp); Gianluca Stringhini (Boston University); Emiliano De Cristofaro (University College London) |
| CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation | Mengyao Xie (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Chenggang Wu (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences & Zhongguancun Laboratory); Yinqian Zhang (Research Institute of Trustworthy Autonomous Systems; Southern University of Science and Technology & Department of Computer Science and Engineering; Southern University of Science and Technology); Jiali Xu (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Yuanming Lai (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Yan Kang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Wei Wang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences); Zhe Wang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & Zhongguancun Laboratory) |
| CINI MINIS: Domain Isolation for Fault and Combined Security | Jakob Feldtkeller (Ruhr University Bochum); Jan Richter-Brockmann (Ruhr University Bochum); Pascal Sasdrich (Ruhr University Bochum); Tim Güneysu (Ruhr University Bochum) |
| Cache Refinement Type for Side-Channel Detection of Cryptographic Software | Ke Jiang (Nanyang Technological University); Yuyan Bao (University of Waterloo); Shuai Wang (Hong Kong University of Science and Technology); Zhibo Liu (Hong Kong University of Science and Technology); Tianwei Zhang (Nanyang Technological University) |
| Caulk: Lookup Arguments in Sublinear Time | Arantxa Zapico (Universitat Pompeu Fabra); Vitalik Buterin (Ethereum Foundation); Dmitry Khovratovich (Ethereum Foundation); Mary Maller (Ethereum Foundation); Anca Nitulescu (Protocol Labs); Mark Simkin (Ethereum Foundation) |
| Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing | Dayeol Lee (University of California; Berkeley); Kevin Cheang (University of California; Berkeley); Alexander Thomas (University of California; Berkeley); Catherine Lu (University of California; Berkeley); Pranav Gaddamadugu (University of California; Berkeley); Anjo Vahldiek-Oberwagner (Intel Labs); Mona Vij (Intel Labs); Dawn Song (University of California; Berkeley); Sanjit A. Seshia (University of California; Berkeley); Krste Asanović (University of California; Berkeley) |
| Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations | Tamjid Al Rahat (University of California; Los Angeles); Yu Feng (University of California; Santa Barbara); Yuan Tian (University of California; Los Angeles) |
| Chaghri - An FHE-friendly Block Cipher | Tomer Ashur (Eindhoven University of Technology; KU Leuven); Mohammad Mahzoun (Eindhoven University of Technology); Dilara Toprakhisar (KU Leuven) |
| Characterizing and Detecting Non-Consensual Photo Sharing on Social Networks | Tengfei Zheng (National University of Defense Technology); Tongqing Zhou (National University of Defense Technology); Qiang Liu (National University of Defense Technology); Kui Wu (University of Victoria); Zhiping Cai (National University of Defense Technology) |
| Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam | Siyuan Tang (Indiana University Bloomington); Xianghang Mi (University of Science and Technology of China); Ying Li (Institute of Information Engineering; Chinese Academy of Sciences); XiaoFeng Wang (Indiana University Bloomington); Kai Chen (Institute of Information Engineering; Chinese Academy of Sciences & University of Chinese Academy of Sciences; School of Cyber Security) |
| Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps | Shuai Li (Fudan University); Zhemin Yang (Fudan University); Nan Hua (Fudan University); Peng Liu (The Pennsylvania State University); Xiaohan Zhang (Fudan University); Guangliang Yang (Fudan University); Min Yang (Fudan University) |
| Constant Latency in Sleepy Consensus | Atsuki Momose (University of Illinois at Urbana-Champaign); Ling Ren (University of Illinois at Urbana-Champaign) |
| Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection | Yuqing Yang (The Ohio State University); Yue Zhang (The Ohio State University); Zhiqiang Lin (The Ohio State University) |
| DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On | Louis Jannett (Ruhr University Bochum); Vladislav Mladenov (Ruhr University Bochum); Christian Mainka (Ruhr University Bochum); Jörg Schwenk (Ruhr University Bochum) |
| DPIS: an Enhanced Mechanism for Differentially Private SGD with Importance Sampling | Jianxin Wei (National University of Singapore); Ergute Bao (National University of Singapore); Xiaokui Xiao (National University of Singapore); Yin Yang (Hamad Bin Khalifa University) |
| DangZero: Efficient Use-After-Free Detection via Direct Page Table Access | Floris Gorter (Vrije Universiteit Amsterdam); Koen Koning (Vrije Universiteit Amsterdam); Herbert Bos (Vrije Universiteit Amsterdam); Cristiano Giuffrida (Vrije Universiteit Amsterdam) |
| Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems | Jie Lu (SKLP; Institute of Computing Technology; CAS); Haofeng Li (SKLP; Institute of Computing Technology; CAS); Chen Liu (SKLP; Institute of Computing Technology; CAS); Lian Li (SKLP; Institute of Computing Technology; CAS); Kun Cheng (Huawei Technologies Co. Ltd) |
| Detecting and Measuring Misconfigured Manifest in Android Apps | Yuqing Yang (The Ohio State University); Mohamed Elsabagh (Kryptowire); Chaoshun Zuo (The Ohio State University); Ryan Johnson (Kryptowire); Angelos Stavrou (Kryptowire); Zhiqiang Lin (The Ohio State University) |
| Differentially Private Triangle and 4-Cycle Counting in the Shuffle Model | Jacob Imola (UC San Diego); Takao Murakami (AIST); Kamalika Chaudhuri (UC San Diego) |
| DirtyCred: Escalating Privilege in Linux Kernel | Zhenpeng Lin (Northwestern University); Yuhang Wu (Northwestern University); Xinyu Xing (Northwestern University) |
| Discovering IoT Physical Channel Vulnerabilities | Muslum Ozgur Ozmen (Purdue University); Xuansong Li (Nanjing University of Science and Technology & Nanjing University); Andrew Chu (University of Chicago); Z. Berkay Celik (Purdue University); Bardh Hoxha (Toyota Research Institute North America); Xiangyu Zhang (Purdue University) |
| Distributed, Private, Sparse Histograms in the Two-Server Model | James Bell (Google); Adria Gascon (Google); Badih Ghazi (Google); Ravi Kumar (Google); Pasin Manurangsi (Google); Mariana Raykova (Google); Phillipp Schoppmann (Google) |
| Do Opt-Outs Really Opt Me Out? | Duc Bui (University of Michigan); Brian Tang (University of Michigan); Kang G. Shin (University of Michigan) |
| Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee | Xian Wang (University of Texas at Dallas); Shuang Hao (University of Texas at Dallas) |
| DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing | Seulbae Kim (Georgia Institute of Technology); Major Liu (University of Texas at Dallas); Junghwan "John" Rhee (University of Central Oklahoma); Yuseok Jeon (UNIST); Yonghwi Kwon (University of Virginia); Chung Hwan Kim (University of Texas at Dallas) |
| Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency | Yingzi Gao (Institute of Software Chinese Academy of Sciences; University of Chinese Academy of Sciences); Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu (The University of Sydney); Qiang Tang (The University of Sydney); Jing Xu (Institute of Software Chinese Academy of Sciences); Zhenfeng Zhang (Institute of Software Chinese Academy of Sciences) |
| EIFFeL: Ensuring Integrity for Federated Learning | Amrita Roy Chowdhury (University of Wisconsin-Madison); Chuan Guo (Meta AI); Somesh Jha (University of Wisconsin-Madison); Laurens van der Maaten (Meta AI) |
| ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes | Weili Wang (Southern University of Science and Technology); Sen Deng (Southern University of Science and Technology); Jianyu Niu (Southern University of Science and Technology); Michael K. Reiter (Duke University); Yinqian Zhang (Southern University of Science and Technology) |
| EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices | Cong Wu (Wuhan University); Jing Chen (Wuhan University); Kun He (Wuhan University); Ziming Zhao (University at Buffalo); Ruiying Du (Wuhan University); Chen Zhang (Wuhan University) |
| Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters | Gilad Asharov (Bar-Ilan University); Koki Hamada (NTT Corporation); Dai Ikarashi (NTT Corporation); Ryo Kikuchi (NTT Corporation); Ariel Nof (Technion); Benny Pinkas (Bar-Ilan University); Katsumi Takahashi (NTT Corporation); Junichi Tomida (NTT Corporation) |
| Efficient Zero-Knowledge Proofs on Signed Data with Applications to Verifiable Computation on Data Streams | Dario Fiore (IMDEA Software Institute); Ida Tucker (IMDEA Software Institute) |
| Eluding Secure Aggregation in Federated Learning via Model Inconsistency | Dario Pasquini (SPRING Lab; EPFL); Danilo Francati (Aarhus University); Giuseppe Ateniese (George Mason University) |
| Empirical Analysis of EIP-1559: Transaction Fees, Waiting Times, and Consensus Security | Yulin Liu (SciEcon CIC); Yuxuan Lu (Peking University); Kartik Nayak (Duke University); Fan Zhang (Yale University); Luyao Zhang (Duke Kunshan University); Yinhong Zhao (Duke University) |
| Enforcing Fine-grained Constant-time Policies | Basavesh Ammanaghatta Shivakumar (MPI-SP); Gilles Barthe (MPI-SP and IMDEA Software Institute); Benjamin Gregoire (Inria and Université Côte d'Azur); Vincent Laporte (Université de Lorraine & CNRS & Inria & LORIA); Swarn Priya (Inria & Université Côte d'Azur) |
| Enhanced Membership Inference Attacks against Machine Learning Models | Jiayuan Ye (National University of Singapore (NUS)); Aadyaa Maddi (National University of Singapore (NUS)); Sasi Kumar Murakonda (Privitar Labs); Vincent Bindschaedler (University of Florida); Reza Shokri (National University of Singapore (NUS)) |
| Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications | Konstantinos Solomos (University of Illinois at Chicago); Panagiotis Ilia (University of Illinois at Chicago); Nick Nikiforakis (Stony Brook University); Jason Polakis (University of Illinois at Chicago) |
| Evocatio: Conjuring Bug Capabilities from a Single PoC | Zhiyuan Jiang (National University of Defense Technology); Shuitao Gan (SKL-MEAC; Tsinghua University); Adrian Herrera (Australian National University); Flavio Toffalini (EPFL); Lucio Romerio (EPFL); Chaojing Tang (National University of Defense Technology); Manuel Egele (Boston University); Chao Zhang (Tsinghua University; BNRist Zhongguancun Lab); Mathias Payer (EPFL) |
| Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection | Priyanka Dodia (Qatar Computing Research Institute); Mashael AlSabah (Qatar Computing Research Institute); Omar Alrawi (Georgia Institute of Technology); Tao Wang (Simon Fraser University) |
| FABEO: Fast Attribute-Based Encryption with Optimal Security | Doreen Riepel (Ruhr-Universität Bochum); Hoeteck Wee (NTT Research) |
| Fast Fully Oblivious Compaction and Shuffling | Sajin Sasy (University of Waterloo); Aaron Johnson (U.S. Naval Research Laboratory); Ian Goldberg (University of Waterloo) |
| Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority | Anders Dalskov (Partisia); Daniel Escudero (J.P. Morgan AI Research); Ariel Nof (Technion) |
| FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs | Fabian Schwarz (CISPA Helmholtz Center for Information Security); Khue Do (CISPA Helmholtz Center for Information Security); Gunnar Heide (CISPA Helmholtz Center for Information Security); Lucjan Hanzlik (CISPA Helmholtz Center for Information Security); Christian Rossow (CISPA Helmholtz Center for Information Security) |
| Feature Inference Attack on Shapley Values | Xinjian Luo (National University of Singapore); Yangfan Jiang (National University of Singapore); Xiaokui Xiao (National University of Singapore) |
| Federated Boosted Decision Trees with Differential Privacy | Samuel Maddock (University of Warwick); Graham Cormode (Meta AI); Tianhao Wang (University of Virginia); Carsten Maple (University of Warwick); Somesh Jha (University of Wisconsin-Madison) |
| FenceSitter: Black-box, Content-Agnostic, and Synchronization-Free Enrollment-Phase Attacks on Speaker Recognition Systems | Jiangyi Deng (Zhejiang University); Yanjiao Chen (Zhejiang University); Wenyuan Xu (Zhejiang University) |
| Feta: Efficient Threshold Designated-Verifier Zero-Knowledge Proofs | Carsten Baum (Aarhus University); Robin Jadoul (KU Leuven); Emmanuela Orsini (KU Leuven); Peter Scholl (Aarhus University); Nigel P. Smart (KU Leuven) |
| Finding MNEMON: Reviving Memories of Node Embeddings | Yun Shen (NetApp); Yufei Han (Inria); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Min Chen (CISPA Helmholtz Center for Information Security); Ting Yu (QCRI); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security); Gianluca Stringhini (Boston University) |
| Foundations of Coin Mixing Services | Noemi Glaeser (University of Maryland & Max Planck Institute for Security and Privacy); Matteo Maffei (TU Wien & Christian Doppler Laboratory Blockchain Technologies for the Internet of Things); Giulio Malavolta (Max Planck Institute for Security and Privacy); Pedro Moreno-Sanchez (IMDEA Software Institute); Erkan Tairi (TU Wien & Christian Doppler Laboratory Blockchain Technologies for the Internet of Things); Sri Aravinda Krishnan Thyagarajan (Carnegie Mellon University) |
| Freely Given Consent? Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps | Trung Tin Nguyen (CISPA Helmholtz Center for Information Security; Saarland University); Michael Backes (CISPA Helmholtz Center for Information Security); Ben Stock (CISPA Helmholtz Center for Information Security) |
| Frequency Estimation in the Shuffle Model with Almost a Single Message | Qiyao Luo (Hong Kong University of Science and Technology); Yilei Wang (Alibaba Group); Ke YI (Hong Kong University of Science and Technology) |
| Frequency Throttling Side-Channel Attack | Chen Liu (Intel Corporation); Abhishek Chakraborty (Intel Corporation); Nikhil Chawla (Intel Corporation); Neer Roggel (Intel Corporation) |
| GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy | Bernardo David (ITU); Bernardo Magri (The University of Manchester); Christian Matt (Concordium); Jesper Buus Nielsen (Concordium Blockchain Research Center; Aarhus University); Daniel Tschudi (Concordium) |
| Graph Unlearning | Min Chen (CISPA Helmholtz Center for Information Security); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Tianhao Wang (University of Virginia); Michael Backes (CISPA Helmholtz Center for Information Security); Mathias Humbert (University of Lausanne); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing | Junxian Shen (Tsinghua University & Zhongguancun Laboratory); Han Zhang (Tsinghua University & Zhongguancun Laboratory); Yantao Geng (Tsinghua University & Zhongguancun Laboratory); Jiawei Li (Tsinghua University); Jilong Wang (Tsinghua University & Peng Cheng Laboratory); Mingwei Xu (Tsinghua University & Peng Cheng Laboratory) |
| Group Property Inference Attacks Against Graph Neural Networks | Xiuling Wang (Stevens Institute of Technology); Wendy Hui Wang (Stevens Institute of Technology) |
| HammerScope: Observing DRAM Power Consumption Using Rowhammer | Yaakov Cohen (Ben-Gurion University of the Negev & Intel Corporation); Kevin Sam Tharayil (Georgia Institute of Technology); Arie Haenel (Jerusalem College of Technology & Intel Corporation); Daniel Genkin (Georgia Institute of Technology); Angelos D. Keromytis (Georgia Institute of Technology); Yossi Oren (Ben-Gurion University of the Negev & Intel Corporation); Yuval Yarom (University of Adelaide) |
| Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies | James Larisch (Harvard University); Waqar Aqeel (Duke University); Michael Lum (University of Maryland); Yaelle Goldschlag (University of Maryland); Leah Kannan (University of Maryland); Kasra Torshizi (University of Maryland); Yujie Wang (University of Maryland); Taejoong Chung (Virginia Tech); Dave Levin (University of Maryland); Bruce M. Maggs (Duke University & Emerald Innovations); Alan Mislove (Northeastern University); Bryan Parno (Carnegie Mellon University); Christo Wilson (Northeastern University) |
| Harnessing Perceptual Adversarial Patches for Crowd Counting | Shunchang Liu (Beihang University); Jiakai Wang (Zhongguancun Laboratory); Aishan Liu (Beihang University); Yingwei Li (Johns Hopkins University); Yijie Gao (Beihang University); Xianglong Liu (Beihang University); Dacheng Tao (JD Explore Academy & The University of Sydney) |
| HeatDeCam: Detecting Hidden Spy Cameras via Thermal Emissions | Zhiyuan Yu (Washington University in St. Louis); Zhuohang Li (University of Tennessee; Knoxville); Yuanhaur Chang (Washington University in St. Louis); Skylar Fong (Washington University in St. Louis); Jian Liu (University of Tennessee; Knoxville); Ning Zhang (Washington University in St. Louis) |
| Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud | Xinyang Ge (Microsoft Research); Hsuan-Chi Kuo (University of Illinois Urbana-Champaign); Weidong Cui (Microsoft Research) |
| Helping or Hindering? How Browser Extensions Undermine Security | Shubham Agarwal (CISPA Helmholtz Center for Information Security) |
| Hidden in Plain Sight: Exploring Encrypted Channels in Android apps | Sajjad Pourali (Concordia University); Nayanamana Samarasinghe (Concordia University); Mohammad Mannan (Concordia University) |
| How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum | Keitaro Hashimoto (Tokyo Institute of Technology & AIST); Shuichi Katsumata (AIST & PQShield Ltd.); Thomas Prest (PQShield SAS) |
| HyperDbg: Reinventing Hardware-Assisted Debugging | Mohammad Sina Karvandi (Institute For Research In Fundamental Sciences (IPM)); MohammadHosein Gholamrezaei (Chosun University); Saleh Khalaj Monfared (Worcester Polytechnic Institute); Soroush Meghdadizanjani (Stony Brook University); Behrooz Abbassi (HyperDbg Organization); Ali Amini (HyperDbg Organization); Reza Mortazavi (Damghan University); Saeid Gorgin (Chosun University); Dara Rahmati (Shahid Beheshti University); Michael Schwarz (CISPA Helmholtz Center for Information Security) |
| I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior | Penghui Zhang (Arizona State University); Zhibo Sun (Drexel University); Sukwha Kyung (Arizona State University); Hans Walter Behrens (Arizona State University); Zion Leonahenahe Basque (Arizona State University); Haehyun Cho (Soongsil University); Adam Oest (PayPal; Inc.); Ruoyu Wang (Arizona State University); Tiffany Bao (Arizona State University); Yan Shoshitaishvili (Arizona State University); Gail-Joon Ahn (Arizona State University); Adam Doupé (Arizona State University) |
| Ibex: Privacy-preserving Ad Conversion Tracking and Bidding | Ke Zhong (University of Pennsylvania); Yiping Ma (University of Pennsylvania); Sebastian Angel (University of Pennsylvania & Microsoft Research) |
| Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation | Zayd Hammoudeh (University of Oregon); Daniel Lowd (University of Oregon) |
| Improving Line-Point Zero Knowledge: Two Multiplications for the Price of One | Samuel Dittmer (Stealth Software Technologies; Inc.); Yuval Ishai (Technion - Israel Institute of Technology); Steve Lu (Stealth Software Technologies; Inc.); Rafail Ostrovsky (University of California; Los Angeles) |
| InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution | Shihan Lin (Duke University); Rui Xin (Duke University); Aayush Goel (Cupertino High School); Xiaowei Yang (Duke University) |
| JIT-Picking: Differential Fuzzing of JavaScript Engines | Lukas Bernhard (Ruhr University Bochum); Tobias Scharnowski (Ruhr University Bochum); Moritz Schloegel (Ruhr University Bochum); Tim Blazytko (Ruhr University Bochum); Thorsten Holz (CISPA Helmholtz Center for Information Security) |
| Kryvos: Publicly Tally-Hiding Verifiable E-Voting | Nicolas Huber (University of Stuttgart); Ralf Küsters (University of Stuttgart); Toomas Krips (University of Tartu); Julian Liedtke (University of Stuttgart); Johannes Müller (University of Luxembourg); Daniel Rausch (University of Stuttgart); Pascal Reisert (University of Stuttgart); Andreas Vogt (University of Applied Sciences and Arts Northwestern Switzerland) |
| L-SRR: Local Differential Privacy for Location-Based Services with Staircase Randomized Response | Han Wang (Illinois Institute of Technology); Hanbin Hong (Illinois Institute of Technology); Li Xiong (Emory University); Zhan Qin (Zhejiang University); Yuan Hong (Illinois Institute of Technology & University of Connecticut) |
| LPGNet: Link Private Graph Networks for Node Classification | Aashish Kolluri (National University of Singapore); Teodora Baluta (National University of Singapore); Bryan Hooi (National University of Singapore); Prateek Saxena (National University of Singapore) |
| Laconic Private Set-Intersection From Pairings | Diego F. Aranha (Aarhus University); Chuanwei Lin (Aarhus University); Claudio Orlandi (Aarhus University); Mark Simkin (Ethereum Foundation) |
| Leakage Inversion: Towards Quantifying Privacy in Searchable Encryption | Evgenios M. Kornaropoulos (George Mason University); Nathaniel Moyer (George Mason University); Charalampos Papamanthou (Yale University); Alexandros Psomas (Purdue University) |
| Leakage and Tamper Resilient Permutation-Based Cryptography | Christoph Dobraunig (Graz University of Technology and Lamarr Security Research); Bart Mennink (Digital Security Group; Radboud University); Robert Primas (Graz University of Technology) |
| LibAFL: A Framework to Build Modular and Reusable Fuzzers | Andrea Fioraldi (EURECOM); Dominik Maier (Google Inc.); Dongjia Zhang (The University of Tokyo); Davide Balzarotti (EURECOM) |
| Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API | Xiao Han (University of South Florida); Junjie Xiong (University of South Florida); Wenbo Shen (Zhejiang University); Zhuo Lu (University of South Florida); Yao Liu (University of South Florida) |
| LoneNeuron: a Highly-Effective Feature-Domain Neural Trojan Using Invisible and Polymorphic Watermarks | Zeyan Liu (The University of Kansas); Fengjun Li (The University of Kansas); Zhu Li (University of Missouri-Kansas City); Bo Luo (The University of Kansas) |
| Low-Latency Hardware Private Circuits | David Knichel (Ruhr University Bochum); Amir Moradi (University of Cologne) |
| MC^2: Rigorous and Efficient Directed Greybox Fuzzing | Abhishek Shah (Columbia University); Dongdong She (Columbia University); Samanway Sadhu (Columbia University); Krish Singal (Columbia University); Peter Coffman (Columbia University); Suman Jana (Columbia University) |
| META-BTS: Bootstrapping Precision Beyond the Limit | Youngjin Bae (CryptoLab. Inc.); Jung Hee Cheon (The Seoul National University/CryptoLab. Inc.); Wonhee Cho (The Seoul National University); Jaehyung Kim (CryptoLab. Inc.); Taekyung Kim (CryptoLab. Inc.) |
| Matproofs: Maintainable Matrix Commitment with Efficient Aggregation | Jing Liu (ShanghaiTech University); Liang Feng Zhang (ShanghaiTech University) |
| Membership Inference Attacks and Generalization: A Causal Perspective | Teodora Baluta (National University of Singapore); Shiqi Shen (National University of Singapore); S. Hitarth (National University of Singapore); Shruti Tople (National University of Singapore); Prateek Saxena (National University of Singapore) |
| Membership Inference Attacks by Exploiting Loss Trajectory | Yiyong Liu (CISPA Helmholtz Center for Information Security); Zhengyu Zhao (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware | Zitai Chen (University of Birmingham); Sam L. Thomas (BINARLY); Flavio D. Garcia (University of Birmingham) |
| Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels | Ahmad Ibrahim (CISPA Helmholtz Center for Information Security); Hamed Nemati (Stanford University and CISPA Helmholtz Center for Information Security); Till Schlüter (CISPA Helmholtz Center for Information Security); Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security); Christian Rossow (CISPA Helmholtz Center for Information Security) |
| Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications | Jan Wichelmann (University of Lübeck); Florian Sieck (University of Lübeck); Anna Pätschke (University of Lübeck); Thomas Eisenbarth (University of Lübeck) |
| Minotaur: Multi-Resource Blockchain Consensus | Matthias Fitzi (IOG); Xuechao Wang (University of Illinois Urbana-Champaign); Sreeram Kannan (University of Washington; Seattle); Aggelos Kiayias (University of Edinburgh and IOG); Nikos Leonardos (University of Athens); Pramod Viswanath (Princeton University); Gerui Wang (Beijing Academy of Blockchain and Edge Computing) |
| NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms | Xiaoyu Fan (Tsinghua University); Kun Chen (Tsingjiao Information Technology Co. Ltd.); Guosai Wang (Tsingjiao Information Technology Co. Ltd.); Mingchun Zhuang (Beijing University of Posts and Telecommunications); Yi Li (Tsingjiao Information Technology Co. Ltd.); Wei Xu (Tsinghua University) |
| NTRU-u-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus | Kamil Kluczniak (CISPA Helmholtz Center for Information Security) |
| Narrator: Secure and Practical State Continuity for Trusted Execution in the Cloud | Jianyu Niu (Southern University of Science and Technology); Wei Peng (Southern University of Science and Technology); Xiaokuan Zhang (George Mason University); Yinqian Zhang (Southern University of Science and Technology) |
| NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications | Konstantin Taranov (ETH Zurich); Benjamin Rothenberger (ETH Zurich); Daniele De Sensi (ETH Zurich); Adrian Perrig (ETH Zurich); Torsten Hoefler (ETH Zurich) |
| Non-Distinguishable Inconsistencies as a Deterministic Oracle for Detecting Security Bugs | Qingyang Zhou (University of Minnesota); Qiushi Wu (University of Minnesota); Dinghao Liu (Zhejiang University); Shouling Ji (Zhejiang University); Kangjie Lu (University of Minnesota) |
| On the (In)Security of Secure ROS2 | Gelei Deng (Nanyang Technological University); Guowen Xu (Nanyang Technological University); Yuan Zhou (Nanyang Technological University); Tianwei Zhang (Nanyang Technological University); Yang Liu (Nanyang Technological University) |
| On the Adaptive Security of the Threshold BLS Signature Scheme | Renas Bacho (CISPA Helmoltz Center for Information Security); Julian Loss (CISPA Helmoltz Center for Information Security) |
| On the Privacy Risks of Cell-Based NAS Architectures | Hai Huang (CISPA Helmholtz Center for Information Security); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Yun Shen (NetApp); Michael Backes (CISPA Helmholtz Center for Information Security); Qi Li (Tsinghua University; Zhongguancun Lab); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| On the Success Rate of Side-Channel Attacks on Masked Implementations | Akira Ito (NTT Social Informatics Laboratories); Rei Ueno (Tohoku University); Naofumi Homma (Tohoku University) |
| Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models | Jiawei Liu (Wuhan University); Yangyang Kang (Alibaba Group); Di Tang (Indiana University Bloomington); Kaisong Song (Northeastern University & Alibaba Group); Changlong Sun (Alibaba Group); Xiaofeng Wang (Indiana University Bloomington); Wei Lu (Wuhan University); Xiaozhong Liu (Worcester Polytechnic Institute) |
| Overo: Sharing Private Audio Recordings | Jaemin Lim (Hanyang University); Kiyeon Kim (Hanyang University); Hyunwoo Yu (Hanyang University); Suk-Bok Lee (Hanyang University) |
| P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies | Ze Jin (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Indiana University Bloomington); Luyi Xing (Indiana University Bloomington); Yiwei Fang (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Indiana University Bloomington); Yan Jia (Nankai University); Bin Yuan (HuaZhong University of Science and Technology); Qixu Liu (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences) |
| PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement | Haibin Zhang (Beijing Institute of Technology); Sisi Duan (Tsinghua University) |
| PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication | Yuan Li (Tsinghua University); Wende Tan (Tsinghua University); Zhizheng Lv (Tsinghua University); Songtao Yang (Tsinghua University); Mathias Payer (EPFL); Ying Liu (Tsinghua University; Zhongguancun Lab); Chao Zhang (Tsinghua University; Zhongguancun Lab; BNRist) |
| PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies | Aggelos Kiayias (The University of Edinburgh & IOG); Markulf Kohlweiss (The University of Edinburgh & IOG); Amirreza Sarencheh (The University of Edinburgh & IOG) |
| PSI from Ring-OLE | Wutichai Chongchitmate (Chulalongkorn University); Yuval Ishai (Technion); Steve Lu (Stealth Software Technologies; Inc.); Rafail Ostrovsky (University of California; Los Angeles) |
| PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability | Jun Zeng (National University of Singapore); Chuqi Zhang (National University of Singapore); Zhenkai Liang (National University of Singapore) |
| PentaGOD: Stepping beyond Traditional GOD with Five Parties | Nishat Koti (Indian Institute of Science); Varsha Bhat Kukkala (Indian Institute of Science); Arpita Patra (Indian Institute of Science); Bhavish Raj Gopal (Indian Institute of Science) |
| Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception | Rui Duan (University of South Florida); Zhe Qu (University of South Florida); Shangqing Zhao (University of Oklahoma); Leah Ding (American University); Yao Liu (University of South Florida); Zhuo Lu (University of South Florida) |
| Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT | Xin'an Zhou (University of California; Riverside); Jiale Guan (Indiana University Bloomington); Luyi Xing (Indiana University Bloomington); Zhiyun Qian (University of California; Riverside) |
| Phishing URL Detection: A Network-based Approach Robust to Evasion | Taeri Kim (Hanyang University); Noseong Park (Yonsei University); Jiwon Hong (Hanyang University); Sang-Wook Kim (Hanyang University) |
| Physical Hijacking Attacks against Object Trackers | Raymond Muller (Purdue University); Yanmao Man (University of Arizona); Z. Berkay Celik (Purdue University); Ming Li (University of Arizona); Ryan Gerdes (Virginia Tech) |
| Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation | Karl Wüst (CISPA Helmholtz Center for Information Security); Kari Kostiainen (ETH Zurich); Noah Delius (ETH Zurich); Srdjan Capkun (ETH Zurich) |
| Poirot: Probabilistically Recommending Protections for the Android Framework | Zeinab El-Rewini (University of Waterloo); Zhuo Zhang (Purdue University); Yousra Aafer (University of Waterloo) |
| Post Quantum Noise | Yawning Angel (Oasis Labs); Benjamin Dowling (University of Sheffield); Andreas Hülsing (TU Eindhoven); Peter Schwabe (MPI-SP); Florian Weber (TU Eindhoven) |
| Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models | Shawn Shan (University of Chicago); Wenxin Ding (University of Chicago); Emily Wenger (University of Chicago); Haitao Zheng (University of Chicago); Ben Y. Zhao (University of Chicago) |
| Power Contracts: Provably Complete Power Leakage Models for Processors | Roderick Bloem (Graz University of Technology); Barbara Gigerl (Graz University of Technology); Marc Gourjon (Hamburg University of Technology); Vedad Hadžić (Graz University of Technology); Stefan Mangard (Graz University of Technology); Robert Primas (Graz University of Technology) |
| Practical Settlement Bounds for Proof-of-Work Blockchains | Peter Gaži (IOG); Ling Ren (University of Illinois at Urbana-Champaign); Alexander Russell (University of Connecticut & IOG) |
| Practical Volume-Hiding Encrypted Multi-Maps with Optimal Overhead and Beyond | Jianfeng Wang (Xidian University); Shi-Feng Sun (Shanghai Jiao Tong University); Tianci Li (Xidian University); Saiyu Qi (Xi’an Jiao Tong University); Xiaofeng Chen (Xidian University) |
| Practical, Round-Optimal Lattice-Based Blind Signatures | Shweta Agrawal (IIT Madras); Elena Kirshanova (Technology Innovation Institute; I. Kant BFU); Damien Stehlé (ENS de Lyon and Institut Universitaire de France); Anshu Yadav (IIT Madras) |
| Privacy Limitations of Interest-based Advertising on The Web: A Post-mortem Empirical Analysis of Google's FLoC | Alex Berke (MIT Media Lab); Dan Calacci (MIT Media Lab) |
| Private and Reliable Neural Network Inference | Nikola Jovanović (ETH Zurich); Marc Fischer (ETH Zurich); Samuel Steffen (ETH Zurich); Martin Vechev (ETH Zurich) |
| Proof-of-Possession for KEM Certificates using Verifiable Generation | Tim Güneysu (Ruhr University Bochum; Horst Görtz Institute for IT-Security & DFKI GmbH; Cyber-Physical Systems); Philip Hodges (University of Waterloo); Georg Land (Ruhr University Bochum; Horst Görtz Institute for IT-Security & DFKI GmbH; Cyber-Physical Systems); Mike Ounsworth (Entrust); Douglas Stebila (University of Waterloo); Greg Zaverucha (Microsoft Research) |
| Protecting Critical Inter-Domain Communication through Flyover Reservations | Marc Wyss (ETH Zurich); Giacomo Giuliari (ETH Zurich); Jonas Mohler (ETH Zurich); Adrian Perrig (ETH Zurich) |
| Proving UNSAT in Zero Knowledge | Ning Luo (Yale University); Timos Antonopoulos (Yale University); William R. Harris (Google LLC); Ruzica Piskac (Yale University); Eran Tromer (Columbia University); Xiao Wang (Northwestern University) |
| QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems | Ana-Maria Crețu (Imperial College London); Florimond Houssiau (The Alan Turing Institute); Antoine Cully (Imperial College London); Yves-Alexandre de Montjoye (Imperial College London) |
| ROAST: Robust Asynchronous Schnorr Threshold Signatures | Tim Ruffing (Blockstream); Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg); Elliott Jin (Blockstream); Jonas Schneider-Bensch (CISPA Helmholtz Center for Information Security); Dominique Schröder (Friedrich-Alexander-Universität Erlangen-Nürnberg) |
| Ready Raider One: Exploring the Misuse of Cloud Gaming Services | Guannan Liu (Virginia Tech); Daiping Liu (Palo Alto Networks; Inc. ); Shuai Hao (Old Dominion University); Xing Gao (University of Delaware); Kun Sun (George Mason University); Haining Wang (Virginia Tech) |
| RedShift: Transparent SNARKs from List Polynomial Commitments | Assimakis A. Kattis (New York University); Konstantin Panarin (Matter Labs); Alexander Vlasov (Matter Labs) |
| Reinforced Concrete: A Fast Hash Function for Verifiable Computation | Lorenzo Grassi (Radboud University); Dmitry Khovratovich (Dusk Network); Reinhard Lüftenegger (Graz University of Technology); Christian Rechberger (Graz University of Technology); Markus Schofnegger (Graz University of Technology); Roman Walch (Graz University of Technology;Know-Center GmbH) |
| SFuzz: Slice-based Fuzzing for Real-Time Operating Systems | Libo Chen (Shandong University); Quanpu Cai (Shanghai Jiao Tong University); Zhenbang Ma (QI-ANXIN Technology Research Institute); Yanhao Wang (QI-ANXIN Technology Research Institute); Hong Hu (Pennsylvania State University); Minghang Shen (Tencent Security Xuanwu Lab); Yue Liu (QI-ANXIN Technology Research Institute); Shanqing Guo (Shandong University); Haixin Duan (Tsinghua University); Kaida Jiang (Shanghai Jiao Tong University); Zhi Xue (Shanghai Jiao Tong University) |
| SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders | Tianshuo Cong (Institute for Advanced Study; BNRist; Tsinghua University); Xinlei He (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| STAR: Secret Sharing for Private Threshold Aggregation Reporting | Alex Davidson (Brave Software); Peter Snyder (Brave Software); E. B. Quirk (Brave Software); Joseph Genereux (Brave Software); Benjamin Livshits (Imperial College); Hamed Haddadi (Brave Software & Imperial College) |
| Second-Order Low-Randomness d+1 Hardware Sharing of the AES | Siemen Dhooghe (KU Leuven/ COSIC-imec); Aein Rezaei Shahmirzadi (Ruhr University Bochum; Horst Gortz Institute for IT Security); Amir Moradi (Ruhr University Bochum; Horst Gortz Institute for IT Security) |
| Secret-Shared Joins with Multiplicity from Aggregation Trees | Saikrishna Badrinarayanan (Snap); Sourav Das (UIUC); Gayathri Garimella (Oregon State University); Srinivasan Raghuraman (Visa Research); Peter Rindal (Visa Research) |
| Secure Auctions in the Presence of Rational Adversaries | Chaya Ganesh (Indian Institute of Science); Bhavana Kanukurthi (Indian Institute of Science); Girisha Shankar (Indian Institute of Science) |
| Secure Parallel Computation on Privately Partitioned Data and Applications | Nuttapong Attrapadung (AIST); Hiraku Morita (University of St. Gallen); Kazuma Ohara (AIST); Jacob C. N. Schuldt (AIST); Tadanori Teruya (AIST); Kazunari Tozawa (University of Tokyo) |
| Securing Reset Operations in NISQ Quantum Computers | Allen Mi (Yale University); Shuwen Deng (Yale University); Jakub Szefer (Yale University) |
| Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics | Thomas Humphries (University of Waterloo); Rasoul Akhavan Mahdavi (University of Waterloo); Shannon Veitch (University of Waterloo); Florian Kerschbaum (University of Waterloo) |
| Server-Aided Continuous Group Key Agreement | Joël Alwen (AWS-Wickr); Dominik Hartmann (Ruhr University Bochum); Eike Kiltz (Ruhr University Bochum); Marta Mularczyk (AWS-Wickr) |
| Sharp: Short Relaxed Range Proofs | Geoffroy Couteau (CNRS; IRIF; Université Paris Cité); Dahmun Goudarzi (Unaffiliated); Michael Klooß (Karlsruhe Institute of Technology; KASTEL); Michael Reichle (DIENS; École normale supérieure; PSL University; CNRS; INRIA) |
| Shifted Inverse: A General Mechanism for Monotonic Functions under User Differential Privacy | Juanru Fang (Hong Kong University of Science and Technology); Wei Dong (Hong Kong University of Science and Technology); Ke Yi (Hong Kong University of Science and Technology) |
| Shorter Signatures Based on Tailor-Made Minimalist Symmetric-Key Crypto | Christoph Dobraunig (Lamarr Security Research); Daniel Kales (Graz University of Technology); Christian Rechberger (Graz University of Technology); Markus Schofnegger (Graz University of Technology); Greg Zaverucha (Microsoft Research) |
| Sigstore: Software Signing for Everybody | Zachary Newman (Chainguard); John Speed Meyers (Chainguard); Santiago Torres-Arias (Purdue University) |
| Sleepy Channels: Bi-directional Payment Channels without Watchtowers | Lukas Aumayr (TU Wien); Sri AravindaKrishnan Thyagarajan (Carnegie Mellon University); Giulio Malavolta (Max Planck Institute for Security and Privacy); Pedro Moreno-Sanchez (IMDEA Software Institute); Matteo Maffei (Christian Doppler Laboratory Blockchain Technologies for the Internet of Things & TU Wien) |
| SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering | Kelong Cong (KU Leuven); Debajyoti Das (KU Leuven); Jeongeun Park (KU Leuven); Hilder V.L. Pereira (KU Leuven) |
| SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities | Jaewon Hur (Seoul National University); Suhwan Song (Seoul National University); Sunwoo Kim (Samsung Research); Byoungyoung Lee (Seoul National University) |
| SpecPatch: Human-In-The-Loop Adversarial Audio Spectrogram Patch Attack on Speech Recognition | Hanqing Guo (Michigan State University); Yuanda Wang (Michigan State University); Nikolay Ivanov (Michigan State University); Li Xiao (Michigan State University); Qiben Yan (Michigan State University) |
| Squirrel: Efficient Synchronized Multi-Signatures from Lattices | Nils Fleischhacker (Ruhr University Bochum); Mark Simkin (Ethereum Foundation); Zhenfei Zhang (Ethereum Foundation) |
| StolenEncoder: Stealing Pre-trained Encoders in Self-supervised Learning | Yupei Liu (Duke University); Jinyuan Jia (Duke University); Hongbin Liu (Duke University); Neil Gong (Duke University) |
| Strengthening Order Preserving Encryption with Differential Privacy | Amrita Roy Chowdhury (University of Wisconsin-Madison); Bolin Ding (Alibaba Group); Somesh Jha (University of Wisconsin-Madison); Weiran Liu (Alibaba Group); Jingren Zhou (Alibaba Group) |
| StrongBox: A GPU TEE on Arm Endpoints | Yunjie Deng (Southern University of Science and Technology); Chenxu Wang (Southern University of Science and Technology; The Hong Kong Polytechnic University); Shunchang Yu (Southern University of Science and Technology); Shiqing Liu (Southern University of Science and Technology); Zhenyu Ning (Hunan University; Southern University of Science and Technology); Kevin Leach (Vanderbilt University); Jin Li (Guangzhou University); Shoumeng Yan (Ant Group); Zhengyu He (Ant Group); Jiannong Cao (The Hong Kong Polytechnic University); Fengwei Zhang (Southern University of Science and Technology) |
| Succinct Zero Knowledge for Floating Point Computations | Sanjam Garg (UC Berkeley & NTT Research); Abhishek Jain (Johns Hopkins University); Zhengzhong Jin (Johns Hopkins University); Yinuo Zhang (UC Berkeley) |
| Succinct Zero-Knowledge Batch Proofs for Set Accumulators | Matteo Campanelli (Protocol Labs); Dario Fiore (IMDEA Software Institute); Semin Han (Hanyang University); Jihye Kim (Kookmin University); Dimitris Kolonelos (IMDEA Software Institute & Universidad Politécnica de Madrid); Hyunok Oh (Hanyang University) |
| SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings | Xin Jin (The Ohio State University); Kexin Pei (Columbia University); Jun Yeon Won (The Ohio State University); Zhiqiang Lin (The Ohio State University) |
| TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications | Changhua Luo (The Chinese University of Hong Kong); Penghui Li (The Chinese University of Hong Kong); Wei Meng (The Chinese University of Hong Kong) |
| TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities | Wooseok Kang (KAIST); Byoungho Son (POSTECH); Kihong Heo (KAIST) |
| The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning | Chris McMahon Stone (University of Birmingham); Sam L. Thomas (BINARLY); Mathy Vanhoef (KU Leuven); James Henderson (University of Birmingham); Nicolas Bailluet (École Normale Supérieure); Tom Chothia (University of Birmingham) |
| The Generals' Scuttlebutt: Byzantine-Resilient Gossip Protocols | Sandro Coretti (IOG); Aggelos Kiayias (University of Edinburgh & IOG); Alexander Russell (University of Connecticut & IOG); Cristopher Moore (Santa Fe Institute) |
| The Multi-User Security of Triple Encryption, Revisited: Exact Security, Strengthening, and Application to TDES | Yusuke Naito (Mitsubishi Electric Corporation); Yu Sasaki (NTT Social Informatics Laboratories); Takeshi Sugawara (The University of Electro-Communications); Kan Yasuda (NTT Social Informatics Laboratories) |
| Themis: An On-Site Voting System with Systematic Cast-as-intended Verification and Partial Accountability | Mikael Bougon (IDEMIA); Hervé Chabanne (IDEMIA); Véronique Cortier (Université de Lorraine; Inria; CNRS); Alexandre Debant (Université de Lorraine; Inria; CNRS); Emmanuelle Dottax (IDEMIA); Jannik Dreier (Université de Lorraine; Inria; CNRS); Pierrick Gaudry (Université de Lorraine; Inria; CNRS); Mathieu Turuani (Université de Lorraine; Inria; CNRS) |
| Thora: Atomic and Privacy-Preserving Multi-Channel Updates | Lukas Aumayr (TU Wien); Kasra Abbaszadeh (University of Maryland); Matteo Maffei (Christian Doppler Laboratory Blockchain Technologies for the Internet of Things & TU Wien) |
| Threshold Cryptography as a Service (in the Multiserver and YOSO Models) | Fabrice Benhamouda (Algorand Foundation); Shai Halevi (Algorand Foundation); Hugo Krawczyk (Algorand Foundation); Alex Miao (Unaffiliated); Tal Rabin (Algorand Foundation) |
| TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals | Soundarya Ramesh (National University of Singapore); Ghozali Suhariyanto Hadi (National University of Singapore); Sihun Yang (Yonsei University); Mun Choon Chan (National University of Singapore); Jun Han (Yonsei University) |
| Tidy: Symbolic Verification of Timed Cryptographic Protocols | Gilles Barthe (MPI-SP & IMDEA Software Institute); Ugo Dal Lago (University of Bologna & INRIA Sophia Antipolis); Giulio Malavolta (MPI-SP); Itsaka Rakotonirina (MPI-SP) |
| Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications | Yue Duan (Illinois Institute of Technology); Xin Zhao (Nanjing University); Yu Pan (University of Utah); Shucheng Li (Nanjing University); Minghao Li (Harvard University); Fengyuan Xu (National Key Lab for Novel Software Technology; Nanjing University); Mu Zhang (University of Utah) |
| Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets | Florian Tramer (ETH Zürich); Reza Shokri (National University of Singapore); Ayrton San Joaquin (Yale-NUS College); Hoang Le (Oregon State University); Matthew Jagielski (Google); Sanghyun Hong (Oregon State University); Nicholas Carlini (Google) |
| TurboPack: Honest Majority MPC with Constant Online Communication | Daniel Escudero (J.P. Morgan AI Research); Vipul Goyal (Carnegie Mellon University); Antigoni Polychroniadou (J.P. Morgan AI Research); Yifan Song (Carnegie Mellon University) |
| Two-Client Inner-Product Functional Encryption with an Application to Money-Laundering Detection | Paola de Perthuis (Cosmian; DIENS; ENS/PSL; CNRS; INRIA); David Pointcheval (DIENS; ENS/PSL; CNRS; INRIA) |
| Uncovering Intent based Leak of Sensitive Data in Android Framework | Hao Zhou (The Hong Kong Polytechnic University); Xiapu Luo (The Hong Kong Polytechnic University); Haoyu Wang (Huazhong University of Science and Technology); Haipeng Cai (Washington State University; Pullman) |
| Understanding IoT Security from a Market-Scale Perspective | Xin Jin (The Ohio State University); Sunil Manandhar (IBM T.J. Watson Research Center); Kaushal Kafle (William & Mary); Zhiqiang Lin (The Ohio State University); Adwait Nadkarni (William & Mary) |
| Understanding Real-world Threats to Deep Learning Models in Android Apps | Zizhuang Deng (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Kai Chen (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Beijing Academy of Artificial Intelligence); Guozhu Meng (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Xiaodong Zhang (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Ke Xu (Huawei International Pte Ltd); Yao Cheng (Huawei International Pte Ltd) |
| Understanding Security Issues in the NFT Ecosystem | Dipanjan Das (University of California; Santa Barbara); Priyanka Bose (University of California; Santa Barbara); Nicola Ruaro (University of California; Santa Barbara); Christopher Kruegel (University of California; Santa Barbara); Giovanni Vigna (University of California; Santa Barbara) |
| Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem | Feng Xiao (Georgia Institute of Technology); Zheng Yang (Georgia Institute of Technology); Joey Allen (Georgia Institute of Technology); Guangliang Yang (Fudan University); Grant Williams (Georgia Institute of Technology); Wenke Lee (Georgia Institute of Technology) |
| Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition | Kelsey R. Fulton (University of Maryland); Daniel Votipka (Tufts University); Desiree Abrokwa (University of Maryland); Michelle L. Mazurek (University of Maryland); Michael Hicks (University of Maryland and Amazon); James Parker (Galois; Inc.) |
| Updatable Public Key Encryption from DCR: Efficient Constructions With Stronger Security | Calvin Abou Haidar (Inria; ENS Lyon); Benoit Libert (CNRS; ENS Lyon); Alain Passelègue (Inria; ENS Lyon) |
| VOProof: Efficient zkSNARKs Generation for Algebra Dummies | Yuncong Zhang (Shanghai Jiao Tong University); Alan Szepeniec (Nervos); Ren Zhang (Cryptape Co. Ltd. and Nervos); Shi-Feng Sun (Shanghai Jiao Tong University); Geng Wang (Shanghai Jiao Tong University); Dawu Gu (Shanghai Jiao Tong University) |
| VRust: Automated Vulnerability Detection for Solana Smart Contracts | Siwei Cui (Texas A&M University); Gang Zhao (Texas A&M University); Yifei Gao (Texas A&M University); Tien Tavu (Texas A&M University); Jeff Huang (Texas A&M University) |
| VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries | Nirvan Tyagi (Cornell University); Ben Fisch (Yale University); Andrew Zitek (New York University); Joseph Bonneau (New York University); Stefano Tessaro (University of Washington) |
| Victory by KO: Attacking OpenPGP Using Key Overwriting | Lara Bruseghini (ETH Zurich & Proton AG); Daniel Huigens (Proton AG); Kenneth G. Paterson (ETH Zurich) |
| Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls | Chengjun Cai (City University of Hong Kong Dongguan Research Institute); Yichen Zang (City University of Hong Kong); Cong Wang (City University of Hong Kong); Xiaohua Jia (City University of Hong Kong); Qian Wang (Wuhan University) |
| WINK: Wireless Inference of Numerical Keystrokes via Zero-Training Spatiotemporal Analysis | Edwin Yang (University of Oklahoma); Qiuye He (University of Oklahoma); Song Fang (University of Oklahoma) |
| Watch Out for Race Condition Attacks When Using Android External Storage | Shaoyong Du (State Key Laboratory of Mathematical Engineering and Advanced Computing); Xin Liu (State Key Laboratory of Mathematical Engineering and Advanced Computing); Guoqing Lai (State Key Laboratory of Mathematical Engineering and Advanced Computing); Xiangyang Luo (State Key Laboratory of Mathematical Engineering and Advanced Computing) |
| Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration | Gibran Gomez (IMDEA Software Institute & Universidad Politécnica de Madrid); Pedro Moreno-Sanchez (IMDEA Software Institute); Juan Caballero (IMDEA Software Institute) |
| What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation | Wei Zhou (Huazhong University of Science&University of Chinese Academy of Sciences and Technology); Lan Zhang (College of Information Sciences and Technology; The Pennsylvania State University); Le Guan (School of Computing; University of Georgia); Peng Liu (College of Information Sciences and Technology; The Pennsylvania State University); Yuqing Zhang (National Computer Network Intrusion Protection Center; University of Chinese Academy of Sciences) |
| When Evil Calls: Targeted Adversarial Voice over IP Network | Han Liu (Washington University in St. Louis); Zhiyuan Yu (Washington University in St. Louis); Mingming Zha (Indiana University Bloomington); XiaoFeng Wang (Indiana University Bloomington); William Yeoh (Washington University in St. Louis); Yevgeniy Vorobeychik (Washington University in St. Louis); Ning Zhang (Washington University in St. Louis) |
| When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer | Michael Fahr (University of Arkansas); Hunter Kippen (University of Maryland); Andrew Kwong (University of Michigan); Thinh Dang (George Washington University); Jacob Lichtinger (NIST); Dana Dachman-Soled (University of Maryland); Daniel Genkin (Georgia Institute of Technology); Alexander H. Nelson (University of Arkansas); Ray Perlner (NIST); Arkady Yerukhimovich (George Washington University); Daniel Apon (The MITRE Corporation) |
| When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure | Yue Zhang (The Ohio State University); Zhiqiang Lin (The Ohio State University) |
| Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots | Wai Man Si (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Jeremy Blackburn (Binghamton University); Emiliano De Cristofaro (University College London); Gianluca Stringhini (Boston University); Savvas Zannettou (TU Delft); Yang Zhang (CISPA Helmholtz Center for Information Security) |
| Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It | Sílvia Casacuberta (Harvard University); Michael Shoemate (Harvard University); Salil Vadhan (Harvard University); Connor Wagaman (Boston University) |
| Zapper: Smart Contracts with Data and Identity Privacy | Samuel Steffen (ETH Zurich); Benjamin Bichsel (ETH Zurich); Martin Vechev (ETH Zurich) |
| ``Is your explanation stable?': A Robustness Evaluation Framework for Feature Attribution | Yuyou Gan (Zhejiang University); Yuhao Mao (Zhejiang University); Xuhong Zhang (Zhejiang University); Shouling Ji (Zhejiang University); Yuwen Pu (Zhejiang University); Meng Han (Zhejiang University); Jianwei Yin (Zhejiang University); Ting Wang (The Pennsylvania State University) |
| i-TiRE: Incremental Timed-Release Encryption or How to use Timed-Release Encryption on Blockchains? | Leemon Baird (Swirlds Labs); Pratyay Mukherjee (Swirlds Labs); Rohit Sinha (Swirlds Labs) |
| pMPL: A Robust Multi-Party Learning Framework with a Privileged Party | Lushan Song (Fudan University); Jiaxuan Wang (Fudan University); Zhexuan Wang (Fudan University); Xinyu Tu (Fudan University); Guopeng Lin (Fudan University); Wenqiang Ruan (Fudan University); Haoqi Wu (Fudan University); Weili Han (Fudan University) |
| zkBridge: Trustless Cross-chain Bridges Made Practical | Tiancheng Xie (University of California; Berkeley); Jiaheng Zhang (University of California; Berkeley); Zerui Cheng (Tsinghua University); Fan Zhang (Yale University); Yupeng Zhang (Texas A&M University); Yongzheng Jia (Overeality Labs); Dan Boneh (Stanford University); Dawn Song (University of California; Berkeley) |
| Cart-ology: Intercepting Targeted Advertising via Ad Network Identity Entanglement | ChangSeok Oh (Georgia Institute of Technology); Chris Kanich (University of Illinois Chicago); Damon McCoy (NYU); Paul Pearce (Georgia Institute of Technology) |
