default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCID44th SP 2023: San Francisco, CA, USA
- 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE 2023, ISBN 978-1-6654-9336-9
- Johannes Willbold, Moritz Schloegel
, Manuel Vögele, Maximilian Gerhardt, Thorsten Holz, Ali Abbasi:
Space Odyssey: An Experimental Software Security Analysis of Satellites. 1-19 - Moses Ike, Kandy Phan, Keaton Sadoski, Romuald Valme, Wenke Lee:
Scaphy: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsical. 20-37 - Brian Singer, Amritanshu Pandey, Shimiao Li, Lujo Bauer, Craig Miller, Lawrence T. Pileggi, Vyas Sekar:
Shedding Light on Inconsistencies in Grid Cybersecurity: Disconnects and Recommendations. 38-55 - Endres Puschner, Thorben Moos, Steffen Becker, Christian Kison, Amir Moradi, Christof Paar:
Red Team vs. Blue Team: A Real-World Hardware Trojan Detection Case Study Across Four Modern CMOS Technology Generations. 56-74 - Kevin Choi, Aathira Manoj, Joseph Bonneau:
SoK: Distributed Randomness Beacons. 75-92 - Roi Bar Zur, Ameer Abu-Hanna, Ittay Eyal, Aviv Tamar:
WeRLman: To Tackle Whale (Transactions), Go Deep (RL). 93-110 - Muhammad Saad, David Mohaisen:
Three Birds with One Stone: Efficient Partitioning Attacks on Interdependent Cryptocurrency Networks. 111-125 - Ertem Nusret Tas, David Tse, Fangyu Gai, Sreeram Kannan, Mohammad Ali Maddah-Ali, Fisher Yu:
Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities. 126-145 - Matilda Backendal, Miro Haller, Kenneth G. Paterson:
MEGA: Malleable Encryption Goes Awry. 146-163 - Mathew Hogan, Yan Michalevsky, Saba Eskandarian:
DBREACH: Stealing from Databases Using Compression Side Channels. 182-198 - Quang Dao, Jim Miller, Opal Wright, Paul Grubbs:
Weak Fiat-Shamir Attacks on Modern Proof Systems. 199-216 - Lisa Geierhaas, Fabian Otto, Maximilian Häring, Matthew Smith:
Attitudes towards Client-Side Scanning for CSAM, Terrorism, Drug Trafficking, Drug Use and Tax Evasion in Germany. 217-233 - Shubham Jain, Ana-Maria Cretu, Antoine Cully, Yves-Alexandre de Montjoye:
Deep perceptual hashing algorithms with hidden dual purpose: when client-side scanning does facial recognition. 234-252 - Sarah Scheffler, Anunay Kulshrestha, Jonathan R. Mayer:
Public Verification for Private Hash Matching. 253-273 - Nathan Reitinger, Nathan Malkin, Omer Akgul, Michelle L. Mazurek, Ian Miers:
Is Cryptographic Deniability Sufficientƒ Non-Expert Perceptions of Deniability in Secure Messaging. 274-292 - Yiting Qu, Xinlei He, Shannon Pierson, Michael Backes, Yang Zhang, Savvas Zannettou:
On the Evolution of (Hateful) Memes by Means of Multimodal Contrastive Learning. 293-310 - Pujan Paudel, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, Gianluca Stringhini:
Lambretta: Learning to Rank for Twitter Soft Moderation. 311-326 - Ahmed Salem, Giovanni Cherubin, David Evans, Boris Köpf, Andrew Paverd, Anshuman Suri, Shruti Tople, Santiago Zanella Béguelin:
SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning. 327-345 - Nils Lukas, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, Santiago Zanella Béguelin:
Analyzing Leakage of Personally Identifiable Information in Language Models. 346-363 - Shahbaz Rezaei, Zubair Shafiq, Xin Liu:
Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective. 364-381 - Yanjiao Chen, Rui Guan, Xueluan Gong, Jianshuo Dong, Meng Xue:
D-DAE: Defense-Penetrating Model Extraction Attacks. 382-399 - Harsh Chaudhari, John Abascal, Alina Oprea, Matthew Jagielski, Florian Tramèr, Jonathan R. Ullman:
SNAP: Efficient Extraction of Private Properties with Poisoning. 400-417 - Dario Pasquini, Mathilde Raynal, Carmela Troncoso:
On the (In)security of Peer-to-Peer Decentralized Machine Learning. 418-436 - Muhammad Haris Mughees, Ling Ren:
Vectorized Batch Private Information Retrieval. 437-452 - Hidde Lycklama, Lukas Burkhalter, Alexander Viand, Nicolas Küchler, Anwar Hithnawi:
RoFL: Robustness of Secure Federated Learning. 453-476 - Yiping Ma, Jess Woods, Sebastian Angel, Antigoni Polychroniadou, Tal Rabin:
Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning. 477-496 - Lucien K. L. Ng, Sherman S. M. Chow:
SoK: Cryptographic Neural-Network Computation. 497-514 - Andreas Brüggemann, Robin Hundt, Thomas Schneider, Ajith Suresh, Hossein Yalame:
FLUTE: Fast and Secure Lookup Table Evaluations. 515-533 - Lijing Zhou, Ziyu Wang, Hongrui Cui, Qingrui Song, Yu Yu:
Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learning. 534-551 - Sena Sahin, Suood Abdulaziz Al-Roomi, Tara Poteat, Frank Li:
Investigating the Password Policy Practices of Website Administrators. 552-569 - Collins W. Munyendo, Yasemin Acar, Adam J. Aviv:
"In Eighty Percent of the Cases, I Select the Password for Them": Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya. 570-587 - Jeremiah Blocki, Peiyuan Liu:
Towards a Rigorous Statistical Analysis of Empirical Password Datasets. 606-625 - Peiyuan Liu, Jeremiah Blocki, Wenjie Bai:
Confident Monte Carlo: Rigorous Analysis of Guessing Curves for Probabilistic Password Models. 626-644 - Boya Wang, Wouter Lueks, Justinas Sukaitis, Vincent Graf Narbel, Carmela Troncoso:
Not Yet Another Digital ID: Privacy-Preserving Humanitarian Aid Distribution. 645-663 - Maximilian Noppel, Lukas Peter, Christian Wressnegger:
Disguising Attacks with Explanation-Aware Backdoors. 664-681 - Hong Zhu, Shengzhi Zhang, Kai Chen:
AI-Guardian: Defeating Adversarial Attacks using Backdoors. 701-718 - Limin Yang, Zhi Chen, Jacopo Cortellazzi, Feargus Pendlebury, Kevin Tu, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang:
Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. 719-736 - Kavita Kumari, Phillip Rieger, Hossein Fereidooni, Murtuza Jadliwala, Ahmad-Reza Sadeghi:
BayBFed: Bayesian Backdoor Defense for Federated Learning. 737-754 - Xueluan Gong, Yanjiao Chen, Wang Yang, Qian Wang, Yuzhe Gu, Huayang Huang, Chao Shen:
Redeem Myself: Purifying Backdoors in Deep Learning Models using Self Attention Distillation. 755-772 - Jack Doerner, Yashvanth Kondi, Eysa Lee, Abhi Shelat, LaKyah Tyner:
Threshold BBS+ Signatures for Distributed Anonymous Credential Issuance. 773-789 - Michael Rosenberg, Jacob D. White, Christina Garman, Ian Miers:
zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure. 790-808 - Sacha Servan-Schreiber, Simon Beyzerov, Eli Yablon, Hyojae Park:
Private Access Control for Function Secret Sharing. 809-828 - Sijun Tan, Weikeng Chen, Ryan Deng, Raluca Ada Popa:
MPCAuth: Multi-factor Authentication for Distributed-trust Systems. 829-847 - Edward Chen, Jinhao Zhu, Alex Ozdemir, Riad S. Wahby, Fraser Brown, Wenting Zheng:
Silph: A Framework for Scalable and Accurate Generation of Hybrid MPC Protocols. 848-863 - Emily Wenger, Shawn Shan, Haitao Zheng, Ben Y. Zhao:
SoK: Anti-Facial Recognition Technology. 864-881 - Yueli Yan, Zhice Yang:
Spoofing Real-world Face Authentication Systems through Optical Synthesis. 882-898 - Shengwei An, Yuan Yao, Qiuling Xu, Shiqing Ma, Guanhong Tao, Siyuan Cheng, Kaiyuan Zhang, Yingqi Liu, Guangyu Shen, Ian Kelk, Xiangyu Zhang:
ImU: Physical Impersonating Attack for Face Recognition System with Natural Style Changes. 899-916 - Zhihao Wu, Yushi Cheng, Jiahui Yang, Xiaoyu Ji, Wenyuan Xu:
DepthFake: Spoofing 3D Face Authentication with a 2D Photo. 917-91373 - Xiaohan Zhang, Haoqi Ye, Ziqi Huang, Xiao Ye, Yinzhi Cao, Yuan Zhang, Min Yang:
Understanding the (In)Security of Cross-side Face Verification Systems in Mobile Apps: A System Perspective. 934-950 - Andre Kassis, Urs Hengartner:
Breaking Security-Critical Voice Authentication. 951-968 - Nate Mathews, James K. Holland, Se Eun Oh, Mohammad Saidur Rahman, Nicholas Hopper, Matthew Wright:
SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenses. 969-986 - Xu Lin, Frederico Araujo, Teryl Taylor, Jiyong Jang, Jason Polakis:
Fashion Faux Pas: Implicit Stylistic Fingerprints for Bypassing Browsers' Anti-Fingerprinting Defenses. 987-1004 - Xinhao Deng, Qilei Yin, Zhuotao Liu, Xiyuan Zhao, Qi Li, Mingwei Xu, Ke Xu, Jianping Wu:
Robust Multi-tab Website Fingerprinting Attacks in the Wild. 1005-1022 - Ryan Torok, Amit Levy:
Only Pay for What You Leak: Leveraging Sandboxes for a Minimally Invasive Browser Fingerprinting Defense. 1023-1040 - Soheil Khodayari, Giancarlo Pellegrino:
It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses. 1041-1058 - Mingqing Kang, Yichao Xu, Song Li, Rigel Gjomemo, Jianwei Hou, V. N. Venkatakrishnan, Yinzhi Cao:
Scaling JavaScript Abstract Interpretation to Detect and Exploit Node.js Taint-style Vulnerability. 1059-1076 - Linard Arquint, Felix A. Wolf, Joseph Lallemand, Ralf Sasse, Christoph Sprenger, Sven N. Wiesner, David A. Basin, Peter Müller:
Sound Verification of Security Protocols: From Design to Interoperable Implementations. 1077-1093 - Basavesh Ammanaghatta Shivakumar, Gilles Barthe, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Swarn Priya, Peter Schwabe, Lucas Tabary-Maujean:
Typing High-Speed Cryptography against Spectre v1. 1094-1111 - Kunming Jiang, Devora Chait-Roth, Zachary DeStefano, Michael Walfish, Thomas Wies:
Less is more: refinement proofs for probabilistic proofs. 1112-1129 - Joshua Gancher, Sydney Gibson, Pratap Singh, Samvid Dharanikota, Bryan Parno:
Owl: Compositional Verification of Security Protocols via an Information-Flow Type System. 1130-1147 - Mike Graf, Ralf Küsters, Daniel Rausch:
AUC: Accountable Universal Composability. 1148-1167 - Rafaël del Pino, Thomas Prest, Mélissa Rossi, Markku-Juhani O. Saarinen:
High-Order Masking of Lattice Signatures in Quasilinear Time. 1168-1185 - Martin Schwarzl, Pietro Borrello, Gururaj Saileshwar, Hanna Müller, Michael Schwarz, Daniel Gruss:
Practical Timing Side-Channel Attacks on Memory Compression. 1186-1203 - Marcel Busch, Aravind Machiry, Chad Spensky, Giovanni Vigna, Christopher Kruegel, Mathias Payer:
TEEzz: Fuzzing Trusted Applications on COTS Android Devices. 1204-1219 - Hosein Yavarzadeh, Mohammadkazem Taram, Shravan Narayan, Deian Stefan, Dean M. Tullsen:
Half&Half: Demystifying Intel's Directional Branch Predictors for Fast, Secure Partitioned Execution. 1220-1237 - Hosein Yavarzadeh, Mohammadkazem Taram, Shravan Narayan, Deian Stefan, Dean M. Tullsen:
Half&Half: Demystifying Intel's Directional Branch Predictors for Fast, Secure Partitioned Execution. 1220-1237 - Sk Adnan Hassan, Zainab Aamir, Dongyoon Lee, James C. Davis, Francisco Servant:
Improving Developers' Understanding of Regex Denial of Service Tools through Anti-Patterns and Fix Strategies. 1238-1255 - Kangjie Lu:
Practical Program Modularization with Type-Based Dependence Analysis. 1256-1270 - Jianhao Xu, Luca Di Bartolomeo, Flavio Toffalini, Bing Mao, Mathias Payer:
WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches. 1271-1288 - Linyi Li, Tao Xie, Bo Li:
SoK: Certified Robustness for Deep Neural Networks. 1289-1310 - Maurice Weber, Xiaojun Xu, Bojan Karlas, Ce Zhang, Bo Li:
RAB: Provable Robustness Against Backdoor Attacks. 1311-1328 - Chong Xiang, Alexander Valtchanov, Saeed Mahloujifar, Prateek Mittal:
ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking. 1329-1347 - Shuo Wang, Sharif Abuadbba, Sidharth Agarwal, Kristen Moore, Ruoxi Sun, Minhui Xue, Surya Nepal, Seyit Camtepe, Salil S. Kanhere:
PublicCheck: Public Integrity Verification for Services of Run-time Deep Models. 1348-1365 - Xiaoyu Cao, Jinyuan Jia, Zaixi Zhang, Neil Zhenqiang Gong:
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information. 1366-1383 - Salijona Dyrmishi, Salah Ghamizi, Thibault Simonetto, Yves Le Traon, Maxime Cordy:
On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attacks. 1384-1400 - Zichen Gui, Kenneth G. Paterson, Sikhar Patranabis:
Rethinking Searchable Symmetric Encryption. 1401-1418 - Erik-Oliver Blass, Florian Kerschbaum:
Private Collaborative Data Cleaning via Non-Equi PSI. 1419-1434 - Erik-Oliver Blass, Florian Kerschbaum:
Private Collaborative Data Cleaning via Non-Equi PSI. 1419-1434 - Andreas Hülsing, Mikhail A. Kudinov, Eyal Ronen, Eylon Yogev:
SPHINCS+C: Compressing SPHINCS+ With (Almost) No Cost. 1435-1453 - Leemon Baird, Sanjam Garg, Abhishek Jain, Pratyay Mukherjee, Rohit Sinha, Mingyuan Wang, Yinuo Zhang:
Threshold Signatures in the Multiverse. 1454-1470 - Nina Bindel, Cas Cremers, Mang Zhao:
FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiation. 1471-1490 - Lucjan Hanzlik, Julian Loss, Benedikt Wagner:
Token meets Wallet: Formalizing Privacy and Revocation for FIDO2. 1491-1508 - Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais:
SoK: Taxonomy of Attacks on Open-Source Software Supply Chains. 1509-1526 - Marcel Fourné, Dominik Wermke, William Enck, Sascha Fahl, Yasemin Acar:
It's like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security. 1527-1544 - Dominik Wermke, Jan H. Klemmer, Noah Wöhler, Juliane Schmüser, Harshini Sri Ramulu, Yasemin Acar, Sascha Fahl:
"Always Contribute Back": A Qualitative Study on Security Challenges of the Open Source Supply Chain. 1545-1560 - Yacong Gu, Lingyun Ying, Huajun Chai, Chu Qiao, Haixin Duan, Xing Gao:
Continuous Intrusion: Characterizing the Security of Continuous Integration Services. 1561-1577 - Yacong Gu, Lingyun Ying, Yingyuan Pu, Xiao Hu, Huajun Chai, Ruimin Wang, Xing Gao, Haixin Duan:
Investigating Package Related Security Threats in Software Registries. 1578-1595 - Zhichuang Sun, Ruimin Sun, Changming Liu, Amrita Roy Chowdhury, Long Lu, Somesh Jha:
ShadowNet: A Secure and Efficient On-device Model Inference System for Convolutional Neural Networks. 1596-1612 - Jiameng Pu, Zain Sarwar, Sifat Muhammad Abdullah, Abdullah Rehman, Yoonjin Kim, Parantapa Bhattacharya, Mobin Javed, Bimal Viswanath:
Deepfake Text Detection: Limitations and Opportunities. 1613-1630 - Yuxin Cao, Xi Xiao, Ruoxi Sun, Derui Wang, Minhui Xue, Sheng Wen:
StyleFool: Fooling Video Classification Systems via Style Transfer. 1631-1648 - Ruijie Zhao, Xianwen Deng, Yanhao Wang, Zhicong Yan, Zhengguang Han, Libo Chen, Zhi Xue, Yijun Wang:
GeeSolver: A Generic, Efficient, and Effortless Solver with Self-Supervised Learning for Breaking Text Captchas. 1649-1666 - Wei Zong, Yang-Wai Chow, Willy Susilo, Kien Do, Svetha Venkatesh:
TrojanModel: A Practical Trojan Attack against Automatic Speech Recognition Systems. 1667-1683 - Michele Marazzi, Flavien Solt, Patrick Jattke, Kubo Takashi, Kaveh Razavi:
REGA: Scalable Rowhammer Mitigation with Refresh-Generating Activations. 1684-1701 - Jonas Juffinger, Lukas Lamster, Andreas Kogler, Maria Eichlseder, Moritz Lipp, Daniel Gruss:
CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammer. 1702-1718 - Koksal Mus, Yarkin Doröz, M. Caner Tol, Kristi Rahman, Berk Sunar:
Jolt: Recovering TLS Signing Keys via Rowhammer Faults. 1719-1736 - Oleksii Oleksenko, Marco Guarnieri, Boris Köpf, Mark Silberstein:
Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing. 1737-1752 - Basavesh Ammanaghatta Shivakumar, Jack Barnes, Gilles Barthe, Sunjay Cauligi, Chitchanok Chuengsatiansup, Daniel Genkin, Sioli O'Connell, Peter Schwabe, Rui Qi Sim, Yuval Yarom:
Spectre Declassified: Reading from the Right Place at the Wrong Time. 1753-1770 - Kai Wang, Shilin Xiao, Xiaoyu Ji, Chen Yan, Chaohao Li, Wenyuan Xu:
Volttack: Control IoT Devices by Manipulating Power Supply Voltage. 1771-1788 - Donghui Dai, Zhenlin An, Lei Yang:
Inducing Wireless Chargers to Voice Out for Inaudible Command Attacks. 1789-1806 - Rohith Reddy Vennam, Ish Kumar Jain, Kshitiz Bansal, Joshua Orozco, Puja Shukla, Aanjhan Ranganathan, Dinesh Bharadia:
mmSpoof: Resilient Spoofing of Automotive Millimeter-wave Radars using Reflect Array. 1807-1821 - Zizhi Jin, Xiaoyu Ji, Yushi Cheng, Bo Yang, Chen Yan, Wenyuan Xu:
PLA-LiDAR: Physical Laser Attacks against LiDAR-based 3D Object Detection in Autonomous Vehicle. 1822-1839 - Pengfei Hu, Wenhao Li, Riccardo Spolaor, Xiuzhen Cheng:
mmEcho: A mmWave-based Acoustic Eavesdropping Method. 1840-1856 - Yan Long, Pirouz Naghavi, Blas Kojusner, Kevin R. B. Butler, Sara Rampazzi, Kevin Fu:
Side Eye: Characterizing the Limits of POV Acoustic Eavesdropping from Smartphone Cameras with Rolling Shutters and Movable Lenses. 1857-1874 - Haoyang Li, Qingqing Ye, Haibo Hu, Jin Li, Leixia Wang, Chengfang Fang, Jie Shi:
3DFed: Adaptive and Extensible Framework for Covert Backdoor Attack in Federated Learning. 1893-1907 - David Froelicher, Hyunghoon Cho, Manaswitha Edupalli, Joao Sa Sousa, Jean-Philippe Bossuat, Apostolos Pyrgelis, Juan Ramón Troncoso-Pastoriza, Bonnie Berger, Jean-Pierre Hubaux:
Scalable and Privacy-Preserving Federated Principal Component Analysis. 1908-1925 - Wenqiang Ruan, Mingxin Xu, Wenjing Fang, Li Wang, Lei Wang, Weili Han:
Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy. 1926-1943 - Ce Feng, Nuo Xu, Wujie Wen, Parv Venkitasubramaniam, Caiwen Ding:
Spectral-DP: Differentially Private Deep Learning through Spectral Perturbation and Filtering. 1944-1960 - Mayank Rathee, Conghao Shen, Sameer Wagh, Raluca Ada Popa:
ELSA: Secure Aggregation for Federated Learning with Malicious Actors. 1961-1979 - Stephanie de Smale, Rik van Dijk, Xander Bouwman, Jeroen van der Ham, Michel van Eeten:
No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Information. 1980-1996 - Kelsey R. Fulton, Samantha Katcher, Kevin Song, Marshini Chetty, Michelle L. Mazurek, Chloé Messdaghi, Daniel Votipka:
Vulnerability Discovery for All: Experiences of Marginalization in Vulnerability Discovery. 1997-2014 - Dilara Keküllüoglu, Yasemin Acar:
"We are a startup to the core": A qualitative interview study on the security and privacy development practices in Turkish software startups. 2015-2031 - Zachary Kilhoffer, Zhixuan Zhou, Firmiana Wang, Fahad Tamton, Yun Huang, Pilyoung Kim, Tom Yeh, Yang Wang:
"How technical do you get? I'm an English teacher": Teaching and Learning Cybersecurity and AI Ethics in High School. 2032 - Miranda Wei, Pardis Emami Naeini, Franziska Roesner, Tadayoshi Kohno:
Skilled or Gullibleƒ Gender Stereotypes Related to Computer Security and Privacy. 2050-2067 - Jaron Mink, Hadjer Benkraouda, Limin Yang, Arridhana Ciptadi, Ali Ahmadzadeh, Daniel Votipka, Gang Wang:
Everybody's Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanations. 2068-2085 - Gabriel Ryan, Abhishek Shah, Dongdong She, Suman Jana:
Precise Detection of Kernel Data Races with Probabilistic Lockset Analysis. 2086-2103 - Dae R. Jeong, Byoungyoung Lee, Insik Shin, Youngjin Kwon:
SegFuzz: Segmentizing Thread Interleaving to Discover Kernel Concurrency Bugs through Fuzzing. 2104-2121 - Zheyue Jiang, Yuan Zhang, Jun Xu, Xinqian Sun, Zhuang Liu, Min Yang:
AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilities. 2122-2137 - Zheyue Jiang, Yuan Zhang, Jun Xu, Xinqian Sun, Zhuang Liu, Min Yang:
AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilities. 2122-2137 - Lin Ma, Duoming Zhou, Hanjie Wu, Yajin Zhou, Rui Chang, Hao Xiong, Lei Wu, Kui Ren:
When Top-down Meets Bottom-up: Detecting and Exploiting Use-After-Cleanup Bugs in Linux Kernel. 2138-2154 - Jiawei Yin, Menghao Li, Yuekang Li, Yong Yu, Boru Lin, Yanyan Zou, Yang Liu, Wei Huo, Jingling Xue:
RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing. 2155-2169 - Hanshen Xiao, Zihang Xiang, Di Wang, Srinivas Devadas:
A Theory to Instruct Differentially-Private Learning via Clipping Bias Reduction. 2170-2189 - Wei Dong, Qiyao Luo, Ke Yi:
Continual Observation under User-level Differential Privacy. 2190-2207 - Huiyu Fang, Liquan Chen, Yali Liu, Yuan Gao:
Locally Differentially Private Frequency Estimation Based on Convolution Framework. 2208-2222 - Zhen Sun, Vitaly Shmatikov:
Telepath: A Minecraft-based Covert Communication System. 2223-2237 - Jinyang Ding, Kejiang Chen, Yaofei Wang, Na Zhao, Weiming Zhang, Nenghai Yu:
Discop: Provably Secure Steganography in Practice Based on "Distribution Copies". 2238-2255 - Stefan Gast, Jonas Juffinger, Martin Schwarzl, Gururaj Saileshwar, Andreas Kogler, Simone Franza, Markus Köstl, Daniel Gruss:
SQUIP: Exploiting the Scheduler Queue Contention Side Channel. 2256-2272 - Lukas Giner, Stefan Steinegger, Antoon Purnal, Maria Eichlseder, Thomas Unterluggauer, Stefan Mangard, Daniel Gruss:
Scatter and Split Securely: Defeating Cache Contention and Occupancy Attacks. 2273-2287 - Taehun Kim, Hyeongjin Park, Seokmin Lee, Seunghee Shin, Junbeom Hur, Youngjoo Shin:
DevIOus: Device-Driven Side-Channel Attacks on the IOMMU. 2288-2305 - Yingchen Wang, Riccardo Paccagnella, Alan Wandke, Zhao Gang, Grant Garrett-Grossman, Christopher W. Fletcher, David Kohlbrenner, Hovav Shacham:
DVFS Frequently Leaks Secrets: Hertzbleed Attacks Beyond SIKE, Cryptography, and CPU-Only Data. 2306-2320 - Lukas Gerlach, Daniel Weber, Ruiyi Zhang, Michael Schwarz:
A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs. 2321-2338 - Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, Brendan Dolan-Gavitt:
Examining Zero-Shot Vulnerability Repair with Large Language Models. 2339-2356 - Hammond Pearce, Benjamin Tan, Baleegh Ahmad, Ramesh Karri, Brendan Dolan-Gavitt:
Examining Zero-Shot Vulnerability Repair with Large Language Models. 2339-2356 - Wenyu Zhu, Zhiyao Feng, Zihan Zhang, Jianjun Chen, Zhijian Ou, Min Yang, Chao Zhang:
Callee: Recovering Call Graphs for Binaries with Transfer and Contrastive Learning. 2357-2374 - James Patrick-Evans, Moritz Dannehl, Johannes Kinder:
XFL: Naming Functions in Binaries with Extreme Multi-label Learning. 2375-2390 - Yapeng Ye, Zhuo Zhang, Qingkai Shi, Yousra Aafer, Xiangyu Zhang:
D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modeling. 2391-2408 - Shu Wang, Xinda Wang, Kun Sun, Sushil Jajodia, Haining Wang, Qi Li:
GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics. 2409-2426 - Xinyi Wang, Cen Zhang, Yeting Li, Zhiwu Xu, Shuailin Huang, Yi Liu, Yican Yao, Yang Xiao, Yanyan Zou, Yang Liu, Wei Huo:
Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation. 2427-2443 - Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, Arthur Gervais:
SoK: Decentralized Finance (DeFi) Attacks. 2444-2461 - Xianrui Qin, Shimin Pan, Arash Mirzaei, Zhimei Sui, Oguzhan Ersoy, Amin Sakzad, Muhammed F. Esgin, Joseph K. Liu, Jiangshan Yu, Tsz Hon Yuen:
BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts. 2462-2480 - Ruomu Hou, Haifeng Yu:
Optimistic Fast Confirmation While Tolerating Malicious Majority in Blockchains. 2481-2498 - Kushal Babel, Philip Daian, Mahimna Kelkar, Ari Juels:
Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts. 2499-2516 - Yuanliang Chen, Fuchen Ma, Yuanhang Zhou, Yu Jiang, Ting Chen, Jia-Guang Sun:
Tyr: Finding Consensus Failure Bugs in Blockchain System with Behaviour Divergent Model. 2517-2532 - Tianyu Zheng, Shang Gao, Yubo Song, Bin Xiao:
Leaking Arbitrarily Many Secrets: Any-out-of-Many Proofs and Applications to RingCT Protocols. 2533-2550 - Harm Griffioen, Christian Doerr:
Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet worms. 2551-2565 - Marzieh Bitaab, Haehyun Cho, Adam Oest, Zhuoer Lyu, Wei Wang, Jorij Abraham, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé:
Beyond Phish: Toward Detecting Fraudulent e-Commerce Websites at Scale. 2566-2583 - Chijin Zhou, Lihua Guo, Yiwei Hou, Zhenya Ma, Quan Zhang, Mingzhe Wang, Zhe Liu, Yu Jiang:
Limits of I/O Based Ransomware Detection: An Imitation Based Attack. 2584-2601 - Xian Wu, Wenbo Guo, Jia Yan, Baris Coskun, Xinyu Xing:
From Grim Reality to Practical Solution: Malware Classification in Real-World Noise. 2602-2619 - Muhammad Adil Inam, Yinfang Chen, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, Wajih Ul Hassan:
SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions. 2620-2638 - Eleni Gkiouzepi, Athanasios Andreou, Oana Goga, Patrick Loiseau:
Collaborative Ad Transparency: Promises and Limitations. 2639-2657 - Erik Trickel, Fabio Pagani, Chang Zhu, Lukas Dresel, Giovanni Vigna, Christopher Kruegel, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé:
Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities. 2658-2675 - Bokdeuk Jeong, Joonun Jang, Hayoon Yi, Jiin Moon, Junsik Kim, Intae Jeon, Taesoo Kim, WooChul Shim, Yong Ho Hwang:
UTopia: Automatic Generation of Fuzz Driver using Unit Tests. 2676-2692 - Changhua Luo, Wei Meng, Penghui Li:
SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration. 2693-2707 - Ru Ji, Meng Xu:
Finding Specification Blind Spots via Fuzz Testing. 2708-2725 - Sicong Cao, Biao He, Xiaobing Sun, Yu Ouyang, Chao Zhang, Xiaoxue Wu, Ting Su, Lili Bo, Bin Li, Chuanlei Ma, Jiajia Li, Tao Wei:
ODDFuzz: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing. 2726-2743 - Jannis Rautenstrauch, Giancarlo Pellegrino, Ben Stock:
The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web. 2744-2760 - Lorenzo Veronese, Benjamin Farinier, Pedro Bernardo, Mauro Tempesta, Marco Squarcina, Matteo Maffei:
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms. 2761-2779 - Duc Bui, Brian Tang, Kang G. Shin:
Detection of Inconsistencies in Privacy Practices of Browser Extensions. 2780-2798 - Ruihua Wang, Yihao Peng, Yilun Sun, Xuancheng Zhang, Hai Wan, Xibin Zhao:
TeSec: Accurate Server-side Attack Investigation for Web Applications. 2799-2816 - Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos:
RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks. 2817-2834 - Phoebe Moh, Pubali Datta, Noel Warford, Adam Bates, Nathan Malkin, Michelle L. Mazurek:
Characterizing Everyday Misuse of Smart Home Devices. 2835-2849 - Jingjie Li, Kaiwen Sun, Brittany Skye Huff, Anna Marie Bierley, Younghyun Kim, Florian Schaub, Kassem Fawaz:
"It's up to the Consumer to be Smart": Understanding the Security and Privacy Attitudes of Smart Home Users on Reddit. 2850-2866 - Julie M. Haney, Susanne M. Furman:
User Perceptions and Experiences with Smart Home Updates. 2867-2884 - Yaman Yu, Saidivya Ashok, Smirity Kaushik, Yang Wang, Gang Wang:
Design and Evaluation of Inclusive Email Security Indicators for People with Visual Impairments. 2885-2902 - Hao-Ping Hank Lee, Jacob Logas, Stephanie S. Yang, Zhouyu Li, Natã M. Barbosa, Yang Wang, Sauvik Das:
When and Why Do People Want Ad Targeting Explanations? Evidence from a Four-Week, Mixed-Methods Field Study. 2903-2920 - Atri Bhattacharyya, Florian Hofhammer, Yuanlong Li, Siddharth Gupta, Andrés Sánchez, Babak Falsafi, Mathias Payer:
SecureCells: A Secure Compartmentalized Architecture. 2921-2939 - Evan Johnson, Evan Laufer, Zijie Zhao, Dan Gohman, Shravan Narayan, Stefan Savage, Deian Stefan, Fraser Brown:
WaVe: a verifiably secure WebAssembly sandboxing runtime. 2940-2955 - Dinglan Peng, Congyu Liu, Tapti Palit, Pedro Fonseca, Anjo Vahldiek-Oberwagner, Mona Vij:
μSwitch: Fast Kernel Context Isolation with Implicit Context Switches. 2956-2973 - Ravi Theja Gollapudi, Gokturk Yuksek, David Demicco, Matthew Cole, Gaurav Kothari, Rohit Kulkarni, Xin Zhang, Kanad Ghose, Aravind Prakash, Zerksis Umrigar:
Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecture. 2974-2989 - Arslan Khan, Dongyan Xu, Dave Jing Tian:
EC: Embedded Systems Compartmentalization via Intra-Kernel Isolation. 2990-3007 - Arslan Khan, Dongyan Xu, Dave Jing Tian:
Low-Cost Privilege Separation with Compile Time Compartmentalization for Embedded Systems. 3008-3025 - Habiba Farrukh, Muslum Ozgur Ozmen, Faik Kerem Örs, Z. Berkay Celik:
One Key to Rule Them All: Secure Group Pairing for Heterogeneous IoT Devices. 3026-3042 - Nathan Malkin, Alan F. Luo, Julio Poveda, Michelle L. Mazurek:
Optimistic Access Control for the Smart Home. 3043-3060 - Anna Maria Mandalari, Hamed Haddadi, Daniel J. Dubois, David R. Choffnes:
Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards. 3061-3078 - Mohammad M. Ahmadpanah, Daniel Hedin, Andrei Sabelfeld:
LazyTAP: On-Demand Data Minimization for Trigger-Action Applications. 3079-3097 - Tyler Tucker, Hunter Searle, Kevin R. B. Butler, Patrick Traynor:
Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Devices. 3098-3112 - Ruochen Zhou, Xiaoyu Ji, Chen Yan, Yi-Chao Chen, Wenyuan Xu, Chaohao Li:
DeHiREC: Detecting Hidden Voice Recorders via ADC Electromagnetic Radiation. 3113-3128 - Erik C. Rye, Robert Beverly:
IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation. 3129-3145 - Norbert Ludant, Pieter Robyns, Guevara Noubir:
From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers. 3146-3161 - Xuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, Ke Xu:
Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirects. 3162-3177 - Huancheng Zhou, Sungmin Hong, Yangyang Liu, Xiapu Luo, Weichao Li, Guofei Gu:
Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switches. 3178-3192 - Andrew D. Loveless, Linh Thi Xuan Phan, Ronald G. Dreslinski, Baris Kasikci:
PCSPOOF: Compromising the Safety of Time-Triggered Ethernet. 3193-3208 - Imtiaz Karim, Abdullah Al Ishtiaq, Syed Rafiul Hussain, Elisa Bertino:
BLEDiff: Scalable and Property-Agnostic Noncompliance Checking for BLE Implementations. 3209-3227 - Qiang Liu, Flavio Toffalini, Yajin Zhou, Mathias Payer:
ViDeZZo: Dependency-aware Virtual Device Fuzzing. 3228-3245 - Yilun Wu, Tong Zhang, Changhee Jung, Dongyoon Lee:
DevFuzz: Automatic Device Model-Guided Device Driver Fuzzing. 3246-3261 - Yu Hao, Guoren Li, Xiaochen Zou, Weiteng Chen, Shitong Zhu, Zhiyun Qian, Ardalan Amiri Sani:
SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers. 3262-3278 - HyungSeok Han, JeongOh Kyea, Yonghwi Jin, Jinoh Kang, Brian Pak, Insu Yun:
QueryX: Symbolic Query on Decompiled Code for Finding Bugs in COTS Binaries. 3279-312795 - Ali Ahad, Chijung Jung, Ammar Askar, Doowon Kim, Taesoo Kim, Yonghwi Kwon:
Pyfet: Forensically Equivalent Transformation for Python Binary Decompilation. 3296-3313 - Benjamin Fuller, Abigail Harrison, Alexander Russell:
Adaptive Risk-Limiting Comparison Audits. 3314-3331 - Richard Roberts, Julio Poveda, Raley Roberts, Dave Levin:
Blue Is the New Black (Market): Privacy Leaks and Re-Victimization from Police-Auctioned Cellphones. 3332-3336 - Jason Ceci, Jonah Stegman, Hassan Khan:
No Privacy in the Electronics Repair Industry. 3347-3364 - Peiyu Liu, Shouling Ji, Lirong Fu, Kangjie Lu, Xuhong Zhang, Jingchang Qin, Wenhai Wang, Wenzhi Chen:
How IoT Re-using Threatens Your Sensitive Data: Exploring the User-Data Disposal in Used IoT Devices. 3365-3381 - Yi Wu, Cong Shi, Tianfang Zhang, Payton Walker, Jian Liu, Nitesh Saxena, Yingying Chen:
Privacy Leakage via Unrestricted Motion-Position Sensors in the Age of Virtual Reality: A Study of Snooping Typed Input on Virtual Keyboards. 3382-3398 - Tao Ni, Xiaokuan Zhang, Chaoshun Zuo, Jianfeng Li, Zhenyu Yan, Wubing Wang, Weitao Xu, Xiapu Luo, Qingchuan Zhao:
Uncovering User Interactions on Smartphones via Contactless Wireless Charging Side Channels. 3399-3415 - Tiantian Liu, Feng Lin, Zhangsen Wang, Chao Wang, Zhongjie Ba, Li Lu, Wenyao Xu, Kui Ren:
MagBackdoor: Beware of Your Loudspeaker as A Backdoor For Magnetic Injection Attacks. 3416-3431 - Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, Kevin Fu:
Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing. 3432-3449 - Ruxin Wang, Long Huang, Chen Wang:
Low-effort VR Headset User Authentication Using Head-reverberated Sounds with Replay Resistance. 3450-3465 - Carolyn Guthoff, Simon Anell, Johann Hainzinger, Adrian Dabrowski, Katharina Krombholz:
Perceptions of Distributed Ledger Technology Key Management - An Interview Study with Finance Professionals. 588-605 - Martin R. Albrecht, Sofía Celi, Benjamin Dowling, Daniel Jones:
Practically-exploitable Cryptographic Vulnerabilities in Matrix. 164-181 - Rui Zhu, Di Tang, Siyuan Tang, Xiaofeng Wang, Haixu Tang:
Selective Amnesia: On Efficient, High-Fidelity and Blind Suppression of Backdoor Effects in Trojaned Machine Learning Models. 1-19
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-10-31 20:02 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
