Paper list

1769 A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks
1770 A Scalable and Dynamic ACL System for In-Network Defense
1771 A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello
1772 A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music
1773 AI/ML for Network Security: The Emperor has no Clothes
1774 ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning
1775 Acquirer: A Hybrid Approach to Detecting Algorithmic Complexity Vulnerabilities
1776 Adversarial Correctness and Privacy for Probabilistic Data Structures
1777 Am I Private and If So, how Many? Communicating Privacy Guarantees of Differential Privacy with Risk Communication Formats
1778 An Extensive Study of Residential Proxies in China
1779 AntMan: Interactive Zero-Knowledge Proofs with Sublinear Communication
1780 Are Attribute Inference Attacks Just Imputation?
1781 Auditing Membership Leakages of Multi-Exit Networks
1782 Automatic Detection of Fake Key Attacks in Secure Messaging
1783 Automatic Detection of Speculative Execution Combinations
1784 Batching, Aggregation, and Zero-Knowledge Proofs in Bilinear Accumulators
1785 Behind the Scenes of RPKI
1786 Blacktooth: Breaking through the Defense of Bluetooth in Silence
1787 Blazing Fast PSI from Improved OKVS and Subfield VOLE
1788 Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT
1789 Bullshark: DAG BFT Protocols Made Practical
1790 C2C: Fine-grained Configuration-driven System Call Filtering
1791 CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks
1792 CERBERUS: Exploring Federated Prediction of Security Events
1793 CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation
1794 CINI MINIS: Domain Isolation for Fault and Combined Security
1795 Cache Refinement Type for Side-Channel Detection of Cryptographic Software
1796 Caulk: Lookup Arguments in Sublinear Time
1797 Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing
1798 Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations
1799 Chaghri - An FHE-friendly Block Cipher
1800 Characterizing and Detecting Non-Consensual Photo Sharing on Social Networks
1801 Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam
1802 Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps
1803 Constant Latency in Sleepy Consensus
1804 Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection
1805 DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On
1806 DPIS: an Enhanced Mechanism for Differentially Private SGD with Importance Sampling
1807 DangZero: Efficient Use-After-Free Detection via Direct Page Table Access
1808 Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems
1809 Detecting and Measuring Misconfigured Manifest in Android Apps
1810 Differentially Private Triangle and 4-Cycle Counting in the Shuffle Model
1811 DirtyCred: Escalating Privilege in Linux Kernel
1812 Discovering IoT Physical Channel Vulnerabilities
1813 Distributed, Private, Sparse Histograms in the Two-Server Model
1814 Do Opt-Outs Really Opt Me Out?
1815 Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee
1816 DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing Autonomous Vehicle fuzzing CARLA Planning Autoware
1817 Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency
1818 EIFFeL: Ensuring Integrity for Federated Learning
1819 ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes
1820 EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices
1821 Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters
1822 Efficient Zero-Knowledge Proofs on Signed Data with Applications to Verifiable Computation on Data Streams
1823 Eluding Secure Aggregation in Federated Learning via Model Inconsistency
1824 Empirical Analysis of EIP-1559: Transaction Fees, Waiting Times, and Consensus Security
1825 Enforcing Fine-grained Constant-time Policies
1826 Enhanced Membership Inference Attacks against Machine Learning Models
1827 Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications
1828 Evocatio: Conjuring Bug Capabilities from a Single PoC
1829 Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection
1830 FABEO: Fast Attribute-Based Encryption with Optimal Security
1831 Fast Fully Oblivious Compaction and Shuffling
1832 Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority
1833 FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs
1834 Feature Inference Attack on Shapley Values
1835 Federated Boosted Decision Trees with Differential Privacy
1836 FenceSitter: Black-box, Content-Agnostic, and Synchronization-Free Enrollment-Phase Attacks on Speaker Recognition Systems
1837 Feta: Efficient Threshold Designated-Verifier Zero-Knowledge Proofs
1838 Finding MNEMON: Reviving Memories of Node Embeddings
1839 Foundations of Coin Mixing Services
1840 Freely Given Consent? Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps
1841 Frequency Estimation in the Shuffle Model with Almost a Single Message
1842 Frequency Throttling Side-Channel Attack
1843 GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy
1844 Graph Unlearning
1845 Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing
1846 Group Property Inference Attacks Against Graph Neural Networks
1847 HammerScope: Observing DRAM Power Consumption Using Rowhammer
1848 Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies
1849 Harnessing Perceptual Adversarial Patches for Crowd Counting
1850 HeatDeCam: Detecting Hidden Spy Cameras via Thermal Emissions
1851 Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud
1852 Helping or Hindering? How Browser Extensions Undermine Security
1853 Hidden in Plain Sight: Exploring Encrypted Channels in Android apps
1854 How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum
1855 HyperDbg: Reinventing Hardware-Assisted Debugging
1856 I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior
1857 Ibex: Privacy-preserving Ad Conversion Tracking and Bidding
1858 Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation
1859 Improving Line-Point Zero Knowledge: Two Multiplications for the Price of One
1860 InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution
1861 JIT-Picking: Differential Fuzzing of JavaScript Engines
1862 Kryvos: Publicly Tally-Hiding Verifiable E-Voting
1863 L-SRR: Local Differential Privacy for Location-Based Services with Staircase Randomized Response
1864 LPGNet: Link Private Graph Networks for Node Classification
1865 Laconic Private Set-Intersection From Pairings
1866 Leakage Inversion: Towards Quantifying Privacy in Searchable Encryption
1867 Leakage and Tamper Resilient Permutation-Based Cryptography
1868 LibAFL: A Framework to Build Modular and Reusable Fuzzers
1869 Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API
1870 LoneNeuron: a Highly-Effective Feature-Domain Neural Trojan Using Invisible and Polymorphic Watermarks
1871 Low-Latency Hardware Private Circuits
1872 MC^2: Rigorous and Efficient Directed Greybox Fuzzing
1873 META-BTS: Bootstrapping Precision Beyond the Limit
1874 Matproofs: Maintainable Matrix Commitment with Efficient Aggregation
1875 Membership Inference Attacks and Generalization: A Causal Perspective
1876 Membership Inference Attacks by Exploiting Loss Trajectory
1877 MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware
1878 Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels
1879 Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications
1880 Minotaur: Multi-Resource Blockchain Consensus
1881 NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms
1882 NTRU-u-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus
1883 Narrator: Secure and Practical State Continuity for Trusted Execution in the Cloud
1884 NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications
1885 Non-Distinguishable Inconsistencies as a Deterministic Oracle for Detecting Security Bugs
1886 On the (In)Security of Secure ROS2
1887 On the Adaptive Security of the Threshold BLS Signature Scheme
1888 On the Privacy Risks of Cell-Based NAS Architectures
1889 On the Success Rate of Side-Channel Attacks on Masked Implementations
1890 Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models
1891 Overo: Sharing Private Audio Recordings
1892 P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies
1893 PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement
1894 PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication
1895 PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies
1896 PSI from Ring-OLE
1897 PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability
1898 PentaGOD: Stepping beyond Traditional GOD with Five Parties
1899 Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception
1900 Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT
1901 Phishing URL Detection: A Network-based Approach Robust to Evasion
1902 Physical Hijacking Attacks against Object Trackers
1903 Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation
1904 Poirot: Probabilistically Recommending Protections for the Android Framework
1905 Post Quantum Noise
1906 Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models
1907 Power Contracts: Provably Complete Power Leakage Models for Processors
1908 Practical Settlement Bounds for Proof-of-Work Blockchains
1909 Practical Volume-Hiding Encrypted Multi-Maps with Optimal Overhead and Beyond
1910 Practical, Round-Optimal Lattice-Based Blind Signatures
1911 Privacy Limitations of Interest-based Advertising on The Web: A Post-mortem Empirical Analysis of Google's FLoC
1912 Private and Reliable Neural Network Inference
1913 Proof-of-Possession for KEM Certificates using Verifiable Generation
1914 Protecting Critical Inter-Domain Communication through Flyover Reservations
1915 Proving UNSAT in Zero Knowledge
1916 QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems
1917 ROAST: Robust Asynchronous Schnorr Threshold Signatures
1918 Ready Raider One: Exploring the Misuse of Cloud Gaming Services
1919 RedShift: Transparent SNARKs from List Polynomial Commitments
1920 Reinforced Concrete: A Fast Hash Function for Verifiable Computation
1921 SFuzz: Slice-based Fuzzing for Real-Time Operating Systems
1922 SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders
1923 STAR: Secret Sharing for Private Threshold Aggregation Reporting
1924 Second-Order Low-Randomness d+1 Hardware Sharing of the AES
1925 Secret-Shared Joins with Multiplicity from Aggregation Trees
1926 Secure Auctions in the Presence of Rational Adversaries
1927 Secure Parallel Computation on Privately Partitioned Data and Applications
1928 Securing Reset Operations in NISQ Quantum Computers
1929 Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics
1930 Server-Aided Continuous Group Key Agreement
1931 Sharp: Short Relaxed Range Proofs
1932 Shifted Inverse: A General Mechanism for Monotonic Functions under User Differential Privacy
1933 Shorter Signatures Based on Tailor-Made Minimalist Symmetric-Key Crypto
1934 Sigstore: Software Signing for Everybody
1935 Sleepy Channels: Bi-directional Payment Channels without Watchtowers
1936 SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering
1937 SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities
1938 SpecPatch: Human-In-The-Loop Adversarial Audio Spectrogram Patch Attack on Speech Recognition
1939 Squirrel: Efficient Synchronized Multi-Signatures from Lattices
1940 StolenEncoder: Stealing Pre-trained Encoders in Self-supervised Learning
1941 Strengthening Order Preserving Encryption with Differential Privacy
1942 StrongBox: A GPU TEE on Arm Endpoints
1943 Succinct Zero Knowledge for Floating Point Computations
1944 Succinct Zero-Knowledge Batch Proofs for Set Accumulators
1945 SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings
1946 TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications
1947 TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities
1948 The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning
1949 The Generals' Scuttlebutt: Byzantine-Resilient Gossip Protocols
1950 The Multi-User Security of Triple Encryption, Revisited: Exact Security, Strengthening, and Application to TDES
1951 Themis: An On-Site Voting System with Systematic Cast-as-intended Verification and Partial Accountability
1952 Thora: Atomic and Privacy-Preserving Multi-Channel Updates
1953 Threshold Cryptography as a Service (in the Multiserver and YOSO Models)
1954 TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals
1955 Tidy: Symbolic Verification of Timed Cryptographic Protocols
1956 Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications
1957 Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets
1958 TurboPack: Honest Majority MPC with Constant Online Communication
1959 Two-Client Inner-Product Functional Encryption with an Application to Money-Laundering Detection
1960 Uncovering Intent based Leak of Sensitive Data in Android Framework
1961 Understanding IoT Security from a Market-Scale Perspective
1962 Understanding Real-world Threats to Deep Learning Models in Android Apps
1963 Understanding Security Issues in the NFT Ecosystem
1964 Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem
1965 Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition
1966 Updatable Public Key Encryption from DCR: Efficient Constructions With Stronger Security
1967 VOProof: Efficient zkSNARKs Generation for Algebra Dummies
1968 VRust: Automated Vulnerability Detection for Solana Smart Contracts
1969 VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries
1970 Victory by KO: Attacking OpenPGP Using Key Overwriting
1971 Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls
1972 WINK: Wireless Inference of Numerical Keystrokes via Zero-Training Spatiotemporal Analysis
1973 Watch Out for Race Condition Attacks When Using Android External Storage
1974 Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration
1975 What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation
1976 When Evil Calls: Targeted Adversarial Voice over IP Network
1977 When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer
1978 When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure
1979 Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots
1980 Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It
1981 Zapper: Smart Contracts with Data and Identity Privacy
1982 ``Is your explanation stable?': A Robustness Evaluation Framework for Feature Attribution
1983 i-TiRE: Incremental Timed-Release Encryption or How to use Timed-Release Encryption on Blockchains?
1984 pMPL: A Robust Multi-Party Learning Framework with a Privileged Party
1985 zkBridge: Trustless Cross-chain Bridges Made Practical