Paper list

1579 "Adversarial Examples for Proof-of-Learning"
1580 "Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in Kenya Smartphone Mobile Apps
1581 "Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers Peer Review
1582 "They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks Timing Attacks
1583 27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University Email
1584 A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verification Web Browser
1585 A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols
1586 A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilities
1587 A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP
1588 AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabulary
1589 Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks CPU
1590 Analyzing Ground-Truth Data of Mobile Gambling Scam
1591 Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPK
1592 Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems
1593 Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems
1594 Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions
1595 Attacks on Wireless Coexistence
1596 Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest
1597 Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents
1598 BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning
1599 Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learning
1600 Bad Characters: Imperceptible NLP Attacks
1601 BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning
1602 Blacksmith: Compromising Target Row Refresh by Rowhammering in the Frequency Domain
1603 COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Services
1604 Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attacks
1605 CirC: Compiler infrastructure for proof systems, software verification, and more
1606 Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects
1607 Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models
1608 DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigation
1609 DeepCASE: Semi-Supervised Contextual Analysis of Security Events
1610 DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplification Tor
1611 DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories
1612 Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks
1613 Deployment of Source Address Validation by Network Operators: A Randomized Control Trial
1614 Device Fingerprinting with Peripheral Timestamps Fingerprinting
1615 Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Census
1616 Differentially Private Histograms in the Shuffle Model from Fake Users
1617 Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trust
1618 Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis
1619 Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices Bluetooth
1620 Exploit the Last Straw That Breaks Android Systems
1621 Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices
1622 FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy
1623 Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis
1624 Finding and Exploiting CPU Features using MSR Templating
1625 Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities Bluetooth
1626 Foundations of Dynamic BFT
1627 Four Attacks and a Proof for Telegram
1628 FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks
1629 GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs
1630 Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsis
1631 Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors
1632 HAMRAZ: Resilient Partitioning and Replication
1633 HardLog: Practical Tamper-Proof System Auditing Using a Novel Audit Device
1634 Hardening Circuit-Design IP Against Reverse-Engineering Attacks
1635 Hark: A Deep Learning System for Navigating Privacy Feedback at Scale
1636 Heapster: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images
1637 How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study
1638 How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations
1639 How to Attack and Generate Honeywords
1640 IRQDebloat: Reducing Driver Attack Surface in Embedded Devices
1641 IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensing
1642 Investigating Influencer VPN Ads on YouTube VPN
1643 Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices
1644 IronMask: Versatile Verification of Masking Security
1645 Jigsaw: Efficient and Scalable Path Constraints Fuzzing
1646 LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis
1647 Locally Differentially Private Sparse Vector Aggregation
1648 Low-Bandwidth Threshold ECDSA via Pseudorandom Correlation Generators
1649 MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments
1650 Measuring and Mitigating the Risk of IP Reuse on Public Clouds
1651 Membership inference attacks from first principles
1652 MeshUp: Stateless Cache Side-channel Attack on CPU Mesh
1653 Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures
1654 Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation
1655 Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security
1656 Model Stealing Attacks Against Inductive Graph Neural Networks
1657 Multi-Server Verifiable Computation of Low-Degree Polynomials
1658 Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security
1659 Noise: A Library of Verified High-Performance Secure Channel Protocol Implementations
1660 PATA: Fuzzing with Path Aware Taint Analysis
1661 PCR-Auth: Solving Authentication Puzzle Challenges with Encoded Palm Contact Responses
1662 PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles
1663 PICCOLO: Exposing Complex Backdoors in NLP Transformer Models
1664 PROTRR: Principled yet Optimal In-DRAM Target Row Refresh
1665 Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homes
1666 Phishing in Organizations: Findings from a Large-Scale and Long-Term Study
1667 Practical Asynchronous Distributed Key Generation
1668 Practical EMV Relay Protection
1669 Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA
1670 Private Nearest Neighbor Search with Sublinear Communication and Malicious Security
1671 ProVerif with Lemmas, Induction, Fast Subsumption, and Much More
1672 Property Inference from Poisoning
1673 Publicly Accountable Robust Multi-Party Computation
1674 Quantifying Blockchain Extractable Value:How dark is the forest?
1675 RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone TEE
1676 Reconstructing Training Data with Informed Adversaries
1677 Repairing DoS Vulnerability of Real-World Regexes
1678 Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platforms
1679 SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds Smart Contract
1680 SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors
1681 SMILE: Secure Memory Introspection for Live Enclave
1682 SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofs
1683 SPURT: Scalable Distributed Randomness Beacon with Transparent Setup
1684 SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros
1685 Sabre: Sender-Anonymous Messaging with Fast Audits
1686 Scraping Sticky Leftovers: App User Information Left on Servers After Account Deletion
1687 SecFloat: Accurate Floating-Point meets Secure 2-Party Computation
1688 Security Analysis of the MLS Key Derivation
1689 Security Foundations for Application-Based Covert Communication Channels
1690 ShadeWatcher: Recommendation-guided Cyber Threat Analysis using System Audit Records
1691 ShorTor: Improving Tor Network Latency via Multi-hop Overlay Routing Tor
1692 SoK: A Framework for Unifying At-Risk User Research
1693 SoK: Authentication in Augmented and Virtual Reality VR SoK
1694 SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications
1695 SoK: How Robust is Image Classification Deep Neural Network Watermarking?
1696 SoK: Practical Foundations for Software Spectre Defenses Spectre
1697 SoK: Social Cybersecurity
1698 SoK: The Dual Nature of Technology in Sexual Assault
1699 SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks Spectre
1700 Sphinx: Enabling Privacy-Preserving Online Learning over the Cloud
1701 Spinning Language Models: Risks of Propaganda-as-a-Service and Countermeasures
1702 Spiral: Fast, High-Rate Single-Server PIR via FHE Composition
1703 Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution
1704 Statistical Quantification of Differential Privacy: A Local Approach
1705 Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defense Web Website Fingerprinting
1706 SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms
1707 TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent Systems
1708 TROLLMAGNIFIER: Detecting State-Sponsored Troll Accounts on Reddit?
1709 The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies Web Browser
1710 Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprints
1711 Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation Web Browser
1712 Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments
1713 Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drift
1714 Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings
1715 Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems
1716 Universal Atomic Swaps: Secure Exchange of Coins Across All Blockchains
1717 Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchains
1718 WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreens
1719 Waldo: A Private Time-Series Database from Function Secret-Sharing
1720 Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques
1721 Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly Web Browser
1722 WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networks
1723 ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs
1724 mmSpy: Spying Phone Calls using mmWave Radars
1725 vSGX: Virtualizing SGX Enclaves on AMD SEV