Paper list

903 On the TOCTOU Problem in Remote Attestation
904 Search-based Approaches for Local Black-Box Code Deobfuscation: Understand, Improve and Mitigate
905 Exorcising Spectres with Secure Compilers
906 Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction
907 Consistency Analysis of Data-Usage Purposes in Mobile Apps
908 C3PO: Large-Scale Study Of Covert Monitoring of C&C Servers via Over-Permissioned Protocol Infiltration
909 Cert-RNN: Towards Certifying the Robustness of Recurrent Neural Networks
910 Secure Source-Tracking for Encrypted Messaging
911 LEAP: Leakage-Abuse Attack on Efficiently Deployable, Efficiently Searchable Encryption with Partially Known Dataset
912 AHEAD: Adaptive Hierarchical Decomposition for Range Query under Local Differential Privacy
913 Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees
914 SNIPUZZ: Black-box Fuzzing of IoT Firmware via Message Snippet Inference
915 Unleashing the Tiger: Inference Attacks on Split Learning
916 Fuzzy Message Detection
917 Dissecting Click Fraud Autonomy in the Wild
918 Understanding and Detecting Mobile Ad Fraud Through the Lens of Invalid Traffic
919 Mechanized Proofs of Adversarial Complexity and Application to Universal Composability
920 Periscope: A Keystroke Inference Attack Using Human Coupled Electromagnetic Emanations
921 Meteor: Cryptographically Secure Steganography for RealisticDistributions
922 TableGAN-MCA: Evaluating Membership Collisions of GAN-Synthesized Tabular Data Releasing
923 "I need a better description": An Investigation Into User Expectations For Differential Privacy
924 Usable User Authentication on a Smartwatch using Vibration
925 Multi-Threshold Byzantine Fault Tolerance
926 Verifying Table-Based Elections
927 QuickSilver: Efficient and Affordable Zero-Knowledge Proofs for Circuits and Polynomials over Any Field
928 Secure Multi-party Computation of Differentially Private Heavy Hitters
929 ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange
930 It's Not What It Looks Like: Manipulating Perceptual Hashing based Applications
931 Secure Graph Analysis at Scale
932 Revisiting Nakamoto Consensus in Asynchronous Networks: A Comprehensive Analysis of Bitcoin Safety and Chain Quality
933 PPE Circuits for Rational Polynomials
934 PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wild
935 CROSSLINE: Breaking ``Security-by-Crash'' based Memory Isolation in AMD SEV
936 Locally Private Graph Neural Networks
937 BFT Protocol Forensics
938 Securing Parallel-chain Protocols under Variable Mining Power
939 A One-Pass Distributed and Private Sketch for Kernel Sums with Applications to Machine Learning at Scale
940 All your credentials are belong to us: On Insecure WPA2-Enterprise Configurations
941 On the Robustness of Domain Constraints
942 Amortized Threshold Symmetric-key Encryption
943 Shorter and Faster Post-Quantum zkSNARKs from Lattices
944 Hardware Support to Improve Fuzzing Performance and Precision
945 RandPiper -- Reconfiguration-Friendly Random Beacons with Quadratic Communication
946 Membership Leakage in Label-Only Exposures
947 Hidden Backdoors in Human-Centric Language Models
948 Spinner: Automated Dynamic Command Subsystem Perturbation
949 SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content Blocking
950 DataLens: Scalable Privacy Preserving Training via Gradient Compression and Aggregation
951 On-device IoT Certificate Revocation Checking with Small Memory and Low Latency
952 MaMIoT: Manipulation of Energy Market Leveraging High Wattage IoT Botnets
953 With a Little Help from My Friends: Constructing Practical Anonymous Credentials
954 Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization
955 Oblivious Linear Group Actions and Applications
956 Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis
957 Revisiting Fuzzy Signatures: Towards a More Risk-Free Cryptographic Authentication System based on Biometrics
958 PalmTree: Learning an Assembly Language Model for Instruction Embedding
959 TSS: Transformation-Specific Smoothing for Robustness Certification
960 DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications
961 Hiding the Lengths of Encrypted Messages via Gaussian Padding
962 Efficient Linear Multiparty PSI and Extensions to Circuit/Quorum PSI
963 On the (in)security of ElGamal in OpenPGP
964 Locating the Security Patches for Disclosed OSS Vulnerabilities with Vulnerability-Commit Correlation Ranking
965 Facilitating Vulnerability Assessment through PoC Migration
966 Efficient Zero-knowledge MPCitH-based Arguments
967 Regression Greybox Fuzzing
968 Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' Outputs
969 Wireless Charging Power Side-Channel Attacks
970 A Security Framework for Distributed Ledgers
971 Differential Privacy for Directional Data
972 Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis
973 Differentially private sparse vectors with low error, optimal space, and fast access
974 Supply-Chain Vulnerability Elimination via Active Learning and Regeneration
975 Deterrence of Intelligent DDoS via Multi-Hop Traffic Divergence
976 Igor: Crash Deduplication Through Root-Cause Clustering
977 CPscan: Detecting Bugs Caused by Code Pruning in IoT Kernels
978 XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers
979 HardsHeap: A Universal and Extensible Framework for Evaluating Secure Allocators
980 The Invisible Shadow: How Security Cameras Leak Private Activities
981 "Hello, It's Me": Deep Learning-based Speech Synthesis Attacks in the Real World
982 Chunk-Level Password Guessing: Towards Modeling Refined Password Composition Representations
983 MirChecker: Detecting Bugs in Rust Programs via Static Analysis
984 Demons in the Shared Kernel: Abstract Resource Attacks Against OS-level Virtualization
985 FakeWake: Understanding and Mitigating Fake Wake-up Words of Voice Assistants
986 Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization
987 DoubleX: Statically Analyzing Browser Extensions at Scale
988 Biometrics-Authenticated Key Exchange for Secure Messaging
989 Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks
990 Reconstructing with Less: Leakage Abuse Attacks in Two-Dimensions
991 This Sneaky Piggy Went to the Android Ad Market: Misusing Mobile Sensors for Stealthy Data Exfiltration
992 Scan, Test, Execute: Adversarial Tactics in Amplification DDoS Attacks
993 Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale
994 HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs
995 EncoderMI: Membership Inference against Pre-trained Encoders in Contrastive Learning
996 Subpopulation Data Poisoning Attacks
997 Continuous Release of Data Streams under both Centralized and Local Differential Privacy
998 Side-channel attacks on query-based data anonymization
999 How Does Blockchain Security Dictate Blockchain Implementation?
1000 ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels
1001 The return of Eratosthenes: Secure Generation of RSA Moduli using Distributed Sieving
1002 Robust Detection of Machine-induced Audio Attacks in Intelligent Audio Systems with Microphone Array
1003 When Machine Unlearning Jeopardizes Privacy
1004 DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks
1005 New Directions in Automated Traffic Analysis
1006 An Inside Look into the Practice of Malware Analysis
1007 Labeled PSI from Homomorphic Encryption with Reduced Computation and Communication
1008 DETER: Denial of Ethereum Txpool sERvices
1009 Structured Leakage and Applications to Cryptographic Constant-Time and Cost
1010 Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison
1011 SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers
1012 The Effect of Google Search on Software Security
1013 One Hot Garbling
1014 DNS Cache Poisoning Attack: Resurrections with Side Channels
1015 Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits
1016 I Can See the Light: Attacks on Autonomous Vehicles Using Invisible Lights Autonomous Vehicle Object detection Traffic light detection Localization IR lights Camera Tesla SLAM
1017 EasyPQC: Verifying Post-Quantum Cryptography
1018 SyncAttack: Double-spending in Bitcoin Without Mining Power
1019 Backdoor Pre-trained Models Can Transfer to All
1020 Packet scheduling with optional client privacy
1021 Warmonger: Inflicting Denial-of-Service via Serverless Functions in the Cloud
1022 Quantifying and Mitigating Privacy Risks of Contrastive Learning
1023 Doubly Efficient Interactive Proofs for General Arithmetic Circuits with Linear Prover Time
1024 Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
1025 Indistinguishability Prevents Scheduler Side-Channels in Real-Time Systems
1026 Detecting Missed Security Operations Through Differential Checking of Object-based Similar Paths
1027 Membership Inference Attacks Against Recommender Systems
1028 Machine-checked ZKP for NP relations: Formally Verified Security Proofs and Implementations of MPC-in-the-Head
1029 An In-Depth Symbolic Security Analysis of the ACME Standard
1030 Who's In Control? On Security Risks of Disjointed IoT Device Management Channels
1031 Simple, Fast Malicious Multiparty Private Set Intersection
1032 Efficient CCA Timed Commitments in Class Groups
1033 Android on PC: On the Security of End-user Android Emulators
1034 Glowworm Attack: Optical TEMPEST Sound Recovery via a Deviceâs Power Indicator LED
1035 Learning Security Classifiers with Verified Global Robustness Properties
1036 Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems
1037 Compact and Malicious Private Set Intersection for Small Sets
1038 One Glitch to Rule Them All: Fault Injection Attacks Against AMDâs Secure Encrypted Virtualization
1039 12 Angry Developers â A Qualitative Study on Developersâ Struggles with CSP
1040 DPGen: Automated Program Synthesis for Differential Privacy
1041 Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves
1042 Util::Lookup: Exploiting key decoding in cryptographic libraries
1043 Mining in Logarithmic Space
1044 Dissecting Residual APIs in Custom Android ROMs
1045 MPC-Friendly Commitments for Publicly Verifiable Covert Security
1046 A formally verified configuration for Hardware Security Modules in the cloud
1047 VIP: Safeguard Value Invariant Property for Thwarting Critical Memory Corruption Attacks
1048 Epsolute: Efficiently Querying Databases While Providing Differential Privacy
1049 Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing
1050 RealSWATT: Remote Software-based Attestation for Embedded Devices under Realtime Constraints
1051 Can We Use Arbitrary Objects to Attack LiDAR Perception in Autonomous Driving? Autonomous Vehicle Object detection LiDAR PIXOR VoxelNet PointPillars F-PointNet KITTI dataset
1052 DroneKey: A Drone-Aided Group-Key Generation Scheme for Large-Scale IoT Networks
1053 The One-Page Setting: A Higher Standard for Evaluating Website Fingerprinting Defenses
1054 Don't Forget the Stuffing! Revisiting the Security Impact of Typo-Tolerant Password
1055 Compressed Oblivious Encoding for Homomorphically Encrypted Search
1056 Feature Indistinguishable Attack to Circumvent Trapdoor-enabled Defense
1057 On Reengineering the X.509 PKI with Executable Specification for Better Implementation Guarantees
1058 On the Renyi Differential Privacy of the Shuffle Model
1059 Zero Knowledge Static Program Analysis
1060 A Hard Label Black-box Adversarial Attack Against Graph Neural Networks
1061 COINN: Crypto/ML Codesign for Oblivious Inference via Neural Networks
1062 Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels
1063 WristPrint: Characterizing User Re-identification Risks from Wrist-worn Accelerometry Data
1064 Constant-Overhead Zero-Knowledge for RAM Programs
1065 Ghost in the Binder: Binder Transaction Redirection Attacks in Android System Services
1066 Generalized Proof of Liabilities
1067 Efficient Online-friendly Two-Party ECDSA Signature
1068 APECS: A Distributed Access Control Framework for Pervasive Edge Computing Services
1069 Reverse Attack: Black-box Attacks on Collaborative Recommendation
1070 zkCNN: Zero Knowledge Proofs for Convolutional Neural Network Predictions and Accuracy
1071 A PKI-based Framework for Establishing Efficient MPC Channels
1072 The Exact Security of BIP32 Wallets
1073 Asynchronous Data Dissemination and its Applications
1074 OpenSquare: Decentralized Repeated Modular Squaring Service
1075 Rosita++: Automatic Higher-Order Leakage Elimination from Cryptographic Code
1076 OnionPIR: Response Efficient Single-Server PIR
1077 Morpheus: Bringing The (PKCS) One To Meet the Oracle
1078 Black-box Adversarial Attacks on Commercial Speech Platforms with Minimal Information
1079 Solver-Aided Constant-Time Hardware Verification
1080 V-SHUTTLE: Scalable and Semantics-Aware Hypervisor Fuzzing
1081 T-Reqs: HTTP Request Smuggling with Differential Fuzzing
1082 United We Stand: Collaborative Detection and Mitigation of Amplification DDoS Attacks at Scale
1083 Appenzeller to Brie: Efficient Zero-Knowledge Proofs for Mixed-Mode Arithmetic and $\Z_{2^k}$
1084 Learning to Explore Paths for Symbolic Execution
1085 You Make Me Tremble: A First Look at Attacks Against Structural Control Systems
1086 Structural Attack against Graph Based Android Malware Detection
1087 The Security of ChaCha20-Poly1305 in the Multi-User Setting
1088 Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular Devices
1089 Let's Downgrade Let's Encrypt
1090 Prime+Scope: Overcoming the Observer Effect for High-Precision Cache Contention Attacks
1091 CapSpeaker: Injecting Sounds to Microphones via Capacitors
1092 A Concrete Treatment of Efficient Continuous Group Key Agreement via Multi-Recipient PKEs
1093 AI-Lancet: Locating Error-inducing Neurons to Optimize Neural Networks
1094 Faster Lattice-Based KEMs via a Generic Fujisaki-Okamoto Transform Using Prefix Hashing
1095 Modular Design of Secure Group Messaging Protocols and the Security of MLS
1096 SmashEx: Smashing SGX Enclaves Using Exceptions
1097 Private Hierarchical Clustering in Federated Networks
1098 SoFi: Reflection-Augmented Fuzzing for JavaScript Engines