Paper list

• 1360 A Programming Framework for Differential Privacy with Accuracy Concentration Bounds
• 1361 A Security Analysis of the Facebook Ad Library
• 1362 A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network
• 1363 A Tale of Sea and Sky: On the Security of Maritime VSAT Communications
• 1364 AdGraph: A Graph-Based Approach to Ad and Tracker Blocking
• 1365 An Analysis of Pre-installed Android Software
• 1366 Are Anonymity-Seekers Just Like Everybody Else? An Analysis of Contributions to Wikipedia from Tor
• 1367 Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers
• 1368 Ask the Experts: What Should Be on an IoT Privacy and Security Label?
• 1369 Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps
• 1370 Automatically Detecting Bystanders in Photos to Reduce Privacy Risks
• 1371 BIAS: Bluetooth Impersonation AttackS
• 1372 Binsec/Rel: Efficient Relational Symbolic Execution for Constant-Time at Binary-Level
• 1373 Breaking and (Partially) Fixing Provably Secure Onion Routing
• 1374 Browsing Unicity: On the Limits of Anonymizing Web Tracking Data
• 1375 Burglars' IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds
• 1376 C3APSULe: Cross-FPGA Covert-Channel Attacks through Power Supply Unit Leakage
• 1377 Can Voters Detect Malicious Manipulation of Ballot Marking Devices?
• 1378 Combating Dependence Explosion in Forensic Analysis Using Alternative Tag Propagation Semantics
• 1379 Cornucopia: Temporal Safety for CHERI Heaps
• 1380 CrypTFlow : Secure TensorFlow Inference
• 1381 Detection of Electromagnetic Interference Attacks on Sensor Systems
• 1382 Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe's Transparancy and Consent Framework
• 1383 Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
• 1384 Efficient and Secure Multiparty Computation from Fixed-Key Block Ciphers
• 1385 Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environment
• 1386 Even Black Cats Cannot Stay Hidden in the Dark: Full-band De-anonymization of Bluetooth Classic Devices
• 1387 EverCrypt: A Fast, Verified, Cross-Platform Crytographic Provider
• 1388 Ex-vivo dynamic analysis framework for Android device drivers
• 1389 Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability
• 1390 Flaw Label: Exploiting IPv6 Flow Label
• 1391 FlyClient: Super-Light Clients for Cryptocurrencies
• 1392 Fuzzing JavaScript Engines with Aspect-preserving Mutation
• 1393 Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies
• 1394 High Precision Open-World Website Fingerprinting
• 1395 HopSkipJumpAttack: A Query-Efficient Decision-Based Attack
• 1396 How Not to Prove Your Election Outcome
• 1397 Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning
• 1398 HydRand: Efficient Continuous Distributed Randomness
• 1399 ICAS: An Extensible Framework for Estimating the Susceptibility of IC Layouts to Additive Trojans
• 1400 ICLab: A Global, Longitudinal Internet Censorship Measurement Platform
• 1401 IJON: Exploring Deep State Spaces via Fuzzing
• 1402 Influencing Photo Sharing Decisions on Social Media: A Case of Paradoxical Findings
• 1403 Intriguing Properties of Adversarial ML Attacks in the Problem Space
• 1404 Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication
• 1405 JIT Leaks: Inducing Timing Side Channels through Just-In-Time Compilation
• 1406 KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware
• 1407 Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS
• 1408 Krace: Data Race Fuzzing for Kernel File Systems
• 1409 LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
• 1410 Leveraging EM Side-Channel Information to Detect Rowhammer Attacks
• 1411 MarkUs: Drop-in use-after-free prevention for low-level languages
• 1412 Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers
• 1413 Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement
• 1414 NetCAT: Practical Cache Attacks for the Network
• 1415 Neutaint: Efficient Dynamic Taint Analysis with Neural Networks
• 1416 OAT: Attesting Operation Integrity of Embedded Devices
• 1417 OHIE: Blockchain Scaling Made Simple
• 1418 PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning
• 1419 Pangolin:Incremental Hybrid Fuzzing with Polyhedral Path Abstraction
• 1420 Path Oblivious Heap: Optimal and Practical Oblivious Priority Queue
• 1421 Plundervolt: Software-based Fault Injection Attacks against Intel SGX
• 1422 Privacy Risks of General-Purpose Language Models
• 1423 Private Resource Allocators and Their Applications
• 1424 Pseudorandom Black Swans: Cache Attacks on CTR_DRBG
• 1425 RAMBleed: Reading Bits in Memory Without Accessing Them
• 1426 Replicated State Machines Without Replicated Execution
• 1427 RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization
• 1428 Rigorous Engineering for Hardware Security: Formal Modelling and Proof in the CHERI Design and Implementation Process
• 1429 SAVIOR: Towards Bug-Driven Hybrid Testing
• 1430 SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation
• 1431 SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions
• 1432 SPECCFI: Mitigating Spectre Attacks Using CFI Imformed Speculation
• 1433 SPIDER: Enabling Fast Patch Propagation in Related Software Repositories
• 1434 Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products
• 1435 Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidity
• 1436 SoK: A Minimalist Approach to Formalizing Analog Sensor Security
• 1437 SoK: Cyber Insurance - Technical Challenges and a System Security Roadmap
• 1438 SoK: Differential Privacy as a Causal Property
• 1439 SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems
• 1440 Spectector: Principled Detection of Speculative Information Flows
• 1441 Sync HotStuff: Simple and Practical Synchronous State Machine Replication
• 1442 TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks
• 1443 TRRespass: Exploiting the Many Sides of Target Row Refresh
• 1444 Tactical Provenance Analysis for Endpoint Detection and Response Systems
• 1445 TextExerciser: Feedback-driven Text Input Exercising for Android Applications
• 1446 The Last Mile: High-Assurance and High-Speed Cryptographic Implementations
• 1447 The Many Kinds of Creepware Used for Interpersonal Attacks
• 1448 The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distribution
• 1449 The Value of Collaboration in Convex Machine Learning with Differential Privacy
• 1450 This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs
• 1451 Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation
• 1452 Towards Effective Differential Privacy Communication for Users' Data Sharing Decision and Comprehension
• 1453 Towards Scalable Threshold Cryptosystems
• 1454 Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses
• 1455 Transparent Polynomial Delegation and Its Applications to Zero Knowledge Proof
• 1456 Transys: Leveraging Common Security Properties Across Hardware Designs
• 1457 Unexpected Data Dependency Creation and Chaining: A New Attack to SDN
• 1458 VerX: Safety Verification of Smart Contracts
• 1459 VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts
• 1460 WaveSpy: Remote and Through-wall Screen Attack via mmWave Sensing
• 1461 ZEXE: Enabling Decentralized Private Computation
• 1462 _ I Know Where You Parked Last Summer _ Automated Reverse Engineering and Privacy Analysis of Modern Cars
• 1463 xMP: Selective Memory Protection for Kernel and User Space