Paper list

• 1996 Improving Logging to Reduce Permission Over-Granting Mistakes
• 1997 V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization
• 1998 PatchVerif: Discovering Faulty Patches in Robotic Vehicles
• 1999 DISTDET: A Cost-Effective Distributed Cyber Threat Detection System
• 2000 The Impostor Among US(B): Off-Path Injection Attacks on USB Communications
• 2001 Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge
• 2002 NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems
• 2003 A Research Framework and Initial Study of Browser Security for the Visually Impaired
• 2004 PUMM: Preventing Use-After-Free Using Execution Unit Partitioning
• 2005 POLICYCOMP: Counterpart Comparison of Privacy Policies Uncovers Overbroad Personal Data Collection Practices
• 2006 The Maginot Line: Attacking the Boundary of DNS Caching Protection
• 2007 One Server for the Price of Two: Simple and Fast Single-Server Private Information Retrieval
• 2008 Exploring User Reactions and Mental Models Towards Perceptual Manipulation Attacks in Mixed Reality
• 2009 Eavesdropping Mobile App Activity via Radio-Frequency Energy Harvesting
• 2010 Side-Channel Attacks on Optane Persistent Memory
• 2011 A Study of Multi-Factor and Risk-Based Authentication Availability
• 2012 Person Re-identification in 3D Space: A WiFi Vision-based Approach
• 2013 Fourteen Years in the Life: A Root Server’s Perspective on DNS Resolver Security
• 2014 ClepsydraCache -- Preventing Cache Attacks with Time-Based Evictions
• 2015 Guarding Serverless Applications with Kalium
• 2016 DynSQL: Stateful Fuzzing for Database Management Systems with Complex and Valid SQL Query Generation
• 2017 Automated Security Analysis of Exposure Notification Systems
• 2018 xNIDS: Explaining Deep Learning-based Network Intrusion Detection Systems for Active Intrusion Responses
• 2019 Pspray: Timing Side-Channel based Linux Kernel Heap Exploitation Technique
• 2020 Strategies and Vulnerabilities of Participants in Venezuelan Influence Operations
• 2021 Investigating Verification Behavior and Perceptions of Visual Digital Certificates
• 2022 Remote Attacks on Speech Recognition Systems Using Sound from Power Supply
• 2023 HOMESPY: The Invisible Sniffer of Infrared Remote Control of Smart TVs
• 2024 FuzzJIT: Oracle-Enhanced Fuzzing for JavaScript Engine JIT Compiler
• 2025 TPatch: A Triggered Physical Adversarial Patch
• 2026 TAP: Transparent and Privacy-Preserving Data Services
• 2027 UnGANable: Defending Against GAN-based Face Manipulation
• 2028 Back to School: On the (In)Security of Academic VPNs
• 2029 Squint Hard Enough: Attacking Perceptual Hashing with Adversarial Machine Learning
• 2030 "All of them claim to be the best": Multi-perspective study of VPN users and VPN providers
• 2031 GlitchHiker: Uncovering Vulnerabilities of Image Signal Transmission with IEMI
• 2032 Device Tracking via Linux’s New TCP Source Port Selection Algorithm
• 2033 The Writing on the Wall and 3D Digital Twins: Personal Information in (not so) Private Real Estate
• 2034 PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Models
• 2035 Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries
• 2036 Learning Normality is Enough: A Software-based Mitigation against the Inaudible Voice Attacks
• 2037 FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modules
• 2038 CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software
• 2039 “If sighted people know, I should be able to know:” Privacy Perceptions of Bystanders with Visual Impairments around Camera-based Technology
• 2040 Access Denied: Assessing Physical Risks to Internet Access Networks
• 2041 Security and Privacy Failures in Popular 2FA Apps
• 2042 A comprehensive, formal and automated analysis of the EDHOC protocol
• 2043 Hash Gone Bad: Automated discovery of protocol attacks that exploit hash function weaknesses
• 2044 (M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels
• 2045 Content-Type: multipart/oracle - Tapping into Format Oracles in Email End-to-End Encryption
• 2046 Glowing in the Dark: Uncovering IPv6 Address Discovery and Scanning Strategies in the Wild
• 2047 Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures
• 2048 Humans vs. Machines in Malware Classification
• 2049 How fast do you heal? A taxonomy for post-compromise security in secure-channel establishment
• 2050 Assessing Anonymity Techniques Employed in German Court Decisions: A De-Anonymization Experiment
• 2051 GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation
• 2052 Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps
• 2053 The Space of Adversarial Strategies
• 2054 Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference
• 2055 That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal Consistency
• 2056 CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations
• 2057 "My Privacy for their Security": Employees' Privacy Perspectives and Expectations when using Enterprise Security Software
• 2058 Combating Robocalls with Phone Virtual Assistant Mediated Interaction
• 2059 On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling
• 2060 Distance-Aware Private Set Intersection
• 2061 NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural Networks
• 2062 Towards a General Video-based Keystroke Inference Attack
• 2063 URET: Universal Robustness Evaluation Toolkit (for Evasion)
• 2064 You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks
• 2065 Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues
• 2066 SMACK: Semantically Meaningful Adversarial Audio Attack
• 2067 Gradient Obfuscation Gives a False Sense of Security in Federated Learning
• 2068 Automata-Guided Control-Flow-Sensitive Fuzz Driver Generation
• 2069 Are Consumers Willing to Pay for Security and Privacy of IoT Devices?
• 2070 PhyAuth: Physical-Layer Message Authentication for ZigBee Networks
• 2071 Fairness Properties of Face Recognition and Obfuscation Systems
• 2072 Beyond The Gates: An Empirical Analysis of HTTP-Managed Password Stealers and Operators
• 2073 Decompiling x86 Deep Neural Network Executables
• 2074 PolyFuzz: Holistic Greybox Fuzzing of Multi-Language Systems
• 2075 Linear Private Set Union from Multi-Query Reverse Private Membership Test
• 2076 An Efficient Design of Intelligent Network Data Plane
• 2077 AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering
• 2078 Inducing Authentication Failures to Bypass Credit Card PINs
• 2079 Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
• 2080 Reassembly is Hard: A Reflection on Challenges and Strategies
• 2081 PCAT: Functionality and Data Stealing from Split Learning by Pseudo-Client Attack
• 2082 VulChecker: Graph-based Vulnerability Localization in Source Code
• 2083 Examining Consumer Reviews to Understand Security and Privacy Issues in the Market of Smart Home Devices
• 2084 Timeless Timing Attacks and Preload Defenses in Tor's DNS Cache
• 2085 Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser
• 2086 Internet Service Providers' and Individuals' Attitudes, Barriers, and Incentives to Secure IoT