Skip to content

Latest commit

 

History

History
258 lines (255 loc) · 108 KB

2023.md

File metadata and controls

258 lines (255 loc) · 108 KB

USENIX Security 2023

USENIX Security 2023 - Summer

Title Authors Paper Code Video Slides
Improving Logging to Reduce Permission Over-Granting Mistakes Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou,University of California, San Diego PDF - video slides
V-Cloak: Intelligibility-, Naturalness- & Timbre-Preserving Real-Time Voice Anonymization Jiangyi Deng, Fei Teng, and Yanjiao Chen,Zhejiang University;Xiaofu Chen and Zhaohui Wang,Wuhan University;Wenyuan Xu,Zhejiang University PDF - video slides
PatchVerif: Discovering Faulty Patches in Robotic Vehicles Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, and Dongyan Xu,Purdue University PDF - video slides
DISTDET: A Cost-Effective Distributed Cyber Threat Detection System Feng Dong,School of Cyber Science and Engineering, Huazhong University of Science and Technology / Sangfor Technologies Inc.;Liu Wang and Xu Nie,Beijing University of Posts and Telecommunications;Fei Shao,Case Western Reserve University;Haoyu Wang,School of Cyber Science and Engineering, Huazhong University of Science and Technology;Ding Li,Key Laboratory of High-Confidence Software Technologies (MOE), School of Computer Science, Peking University;Xiapu Luo,The Hong Kong Polytechnic University;Xusheng Xiao,Arizona State University PDF - video -
The Impostor Among US(B): Off-Path Injection Attacks on USB Communications Robert Dumitru,The University of Adelaide and Defence Science and Technology Group;Daniel Genkin,Georgia Tech;Andrew Wabnitz,Defence Science and Technology Group;Yuval Yarom,The University of Adelaide PDF - video slides
Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge Nils Bars, Moritz Schloegel, Tobias Scharnowski, and Nico Schiller,Ruhr-Universität Bochum;Thorsten Holz,CISPA Helmholtz Center for Information SecurityDistinguished Paper Award Winner and Runner-Up Winner of the 2023 Internet Defense Prize PDF code video -
NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems Zixuan Wang,UC San Diego;Mohammadkazem Taram,Purdue University and UC San Diego;Daniel Moghimi,UT Austin and UC San Diego;Steven Swanson, Dean Tullsen, and Jishen Zhao,UC San Diego PDF code video -
A Research Framework and Initial Study of Browser Security for the Visually Impaired Elaine Lau and Zachary Peterson,Cal Poly, San Luis Obispo PDF - video slides
PUMM: Preventing Use-After-Free Using Execution Unit Partitioning Carter Yagemann,The Ohio State University;Simon P. Chung, Brendan Saltaformaggio, and Wenke Lee,Georgia Institute of Technology PDF code video slides
POLICYCOMP: Counterpart Comparison of Privacy Policies Uncovers Overbroad Personal Data Collection Practices Lu Zhou,Xidian University and Shanghai Jiao Tong University;Chengyongxiao Wei, Tong Zhu, and Guoxing Chen,Shanghai Jiao Tong University;Xiaokuan Zhang,George Mason University;Suguo Du, Hui Cao, and Haojin Zhu,Shanghai Jiao Tong University PDF - video slides
The Maginot Line: Attacking the Boundary of DNS Caching Protection Xiang Li, Chaoyi Lu, and Baojun Liu,Tsinghua University;Qifan Zhang and Zhou Li,University of California, Irvine;Haixin Duan,Tsinghua University, QI-ANXIN Technology Research Institute, and Zhongguancun Laboratory;Qi Li,Tsinghua University and Zhongguancun Laboratory PDF - video slides
One Server for the Price of Two: Simple and Fast Single-Server Private Information Retrieval Alexandra Henzinger, Matthew M. Hong, and Henry Corrigan-Gibbs,MIT;Sarah Meiklejohn,Google;Vinod Vaikuntanathan,MIT PDF code video slides
Exploring User Reactions and Mental Models Towards Perceptual Manipulation Attacks in Mixed Reality Kaiming Cheng, Jeffery F. Tian, Tadayoshi Kohno, and Franziska Roesner,University of Washington PDF - video -
Eavesdropping Mobile App Activity via Radio-Frequency Energy Harvesting Tao Ni,Shenzhen Research Institute, City University of Hong Kong, and Department of Computer Science, City University of Hong Kong;Guohao Lan,Department of Software Technology, Delft University of Technology;Jia Wang,College of Computer Science and Software Engineering, Shenzhen University;Qingchuan Zhao,Department of Computer Science, City University of Hong Kong;Weitao Xu,Shenzhen Research Institute, City University of Hong Kong, and Department of Computer Science, City University of Hong Kong PDF - video slides
Side-Channel Attacks on Optane Persistent Memory Sihang Liu,University of Virginia;Suraaj Kanniwadi,Cornell University;Martin Schwarzl, Andreas Kogler, and Daniel Gruss,Graz University of Technology;Samira Khan,University of Virginia PDF - video slides
A Study of Multi-Factor and Risk-Based Authentication Availability Anthony Gavazzi, Ryan Williams, Engin Kirda, and Long Lu,Northeastern University;Andre King, Andy Davis, and Tim Leek,MIT Lincoln Laboratory PDF - video slides
Person Re-identification in 3D Space: A WiFi Vision-based Approach Yili Ren and Yichao Wang,Florida State University;Sheng Tan,Trinity University;Yingying Chen,Rutgers University;Jie Yang,Florida State University PDF - video -
Fourteen Years in the Life: A Root Server’s Perspective on DNS Resolver Security Alden Hilton,Sandia National Laboratories;Casey Deccio,Brigham Young University;Jacob Davis,Sandia National Laboratories PDF - video slides
ClepsydraCache -- Preventing Cache Attacks with Time-Based Evictions Jan Philipp Thoma,Ruhr University Bochum;Christian Niesler,University of Duisburg-Essen;Dominic Funke, Gregor Leander, Pierre Mayr, and Nils Pohl,Ruhr University Bochum;Lucas Davi,University of Duisburg-Essen;Tim Güneysu,Ruhr University Bochum & DFKI PDF - video slides
Guarding Serverless Applications with Kalium Deepak Sirone Jegan,University of Wisconsin-Madison;Liang Wang,Princeton University;Siddhant Bhagat,Microsoft;Michael Swift,University of Wisconsin-Madison PDF - video slides
DynSQL: Stateful Fuzzing for Database Management Systems with Complex and Valid SQL Query Generation Zu-Ming Jiang,ETH Zurich;Jia-Ju Bai,Tsinghua University;Zhendong Su,ETH Zurich PDF - video -
Automated Security Analysis of Exposure Notification Systems Kevin Morio and Ilkan Esiyok,CISPA Helmholtz Center for Information Security;Dennis Jackson,Mozilla;Robert Künnemann,CISPA Helmholtz Center for Information Security PDF - video slides
xNIDS: Explaining Deep Learning-based Network Intrusion Detection Systems for Active Intrusion Responses Feng Wei,University at Buffalo;Hongda Li,Palo Alto Networks;Ziming Zhao and Hongxin Hu,University at Buffalo PDF code video slides
Pspray: Timing Side-Channel based Linux Kernel Heap Exploitation Technique Yoochan Lee and Jinhan Kwak,Seoul National University;Junesoo Kang and Yuseok Jeon,UNIST;Byoungyoung Lee,Seoul National University PDF - video -
Strategies and Vulnerabilities of Participants in Venezuelan Influence Operations Ruben Recabarren, Bogdan Carbunar, Nestor Hernandez, and Ashfaq Ali Shafin,Florida International University PDF - video -
Investigating Verification Behavior and Perceptions of Visual Digital Certificates Dañiel Gerhardt and Alexander Ponticello,CISPA Helmholtz Center for Information Security and Saarland University;Adrian Dabrowski and Katharina Krombholz,CISPA Helmholtz Center for Information Security PDF - video slides
Remote Attacks on Speech Recognition Systems Using Sound from Power Supply Lanqing Yang, Xinqi Chen, Xiangyong Jian, Leping Yang, Yijie Li, Qianfei Ren, Yi-Chao Chen, and Guangtao Xue,Shanghai Jiao Tong University;Xiaoyu Ji,Zhejiang University PDF - video -
HOMESPY: The Invisible Sniffer of Infrared Remote Control of Smart TVs Kong Huang, YuTong Zhou, and Ke Zhang,The Chinese University of Hong Kong;Jiacen Xu,University of California, Irvine;Jiongyi Chen,National University of Defense Technology;Di Tang,Indiana University Bloomington;Kehuan Zhang,The Chinese University of Hong Kong PDF - video slides
FuzzJIT: Oracle-Enhanced Fuzzing for JavaScript Engine JIT Compiler Junjie Wang,College of Intelligence and Computing, Tianjin University;Zhiyi Zhang,CodeSafe Team, Qi An Xin Group Corp.;Shuang Liu,College of Intelligence and Computing, Tianjin University;Xiaoning Du,Monash University;Junjie Chen,College of Intelligence and Computing, Tianjin University PDF code video slides
TPatch: A Triggered Physical Adversarial Patch Wenjun Zhu and Xiaoyu Ji,USSLAB, Zhejiang University;Yushi Cheng,BNRist, Tsinghua University;Shibo Zhang and Wenyuan Xu,USSLAB, Zhejiang University PDF code video -
TAP: Transparent and Privacy-Preserving Data Services Daniel Reijsbergen and Aung Maw,Singapore University of Technology and Design;Zheng Yang,Southwest University;Tien Tuan Anh Dinh and Jianying Zhou,Singapore University of Technology and Design PDF code video slides
UnGANable: Defending Against GAN-based Face Manipulation Zheng Li,CISPA Helmholtz Center for Information Security;Ning Yu,Salesforce Research;Ahmed Salem,Microsoft Research;Michael Backes, Mario Fritz, and Yang Zhang,CISPA Helmholtz Center for Information Security PDF code video -
Back to School: On the (In)Security of Academic VPNs Ka Lok Wu,The Chinese University of Hong Kong;Man Hong Hue,The Chinese University of Hong Kong and Georgia Institute of Technology;Ngai Man Poon,The Chinese University of Hong Kong;Kin Man Leung,The University of British Columbia;Wai Yin Po, Kin Ting Wong, Sze Ho Hui, and Sze Yiu Chau,The Chinese University of Hong Kong PDF - video slides
Squint Hard Enough: Attacking Perceptual Hashing with Adversarial Machine Learning Jonathan Prokos,Johns Hopkins University;Neil Fendley,Johns Hopkins University Applied Physics Laboratory;Matthew Green,Johns Hopkins University;Roei Schuster,Vector Institute;Eran Tromer,Tel Aviv University and Columbia University;Tushar Jois and Yinzhi Cao,Johns Hopkins University PDF - video slides
"All of them claim to be the best": Multi-perspective study of VPN users and VPN providers Reethika Ramesh,University of Michigan;Anjali Vyas,Cornell Tech;Roya Ensafi,University of Michigan PDF - video slides
GlitchHiker: Uncovering Vulnerabilities of Image Signal Transmission with IEMI Qinhong Jiang, Xiaoyu Ji, Chen Yan, Zhixin Xie, Haina Lou, and Wenyuan Xu,Zhejiang University PDF - video -
Device Tracking via Linux’s New TCP Source Port Selection Algorithm Moshe Kol, Amit Klein, and Yossi Gilad,Hebrew University of Jerusalem PDF code video -
The Writing on the Wall and 3D Digital Twins: Personal Information in (not so) Private Real Estate Rachel McAmis and Tadayoshi Kohno,University of Washington PDF - video -
PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Models Haiming Wang,Zhejiang University;Zhikun Zhang,CISPA Helmholtz Center for Information Security;Tianhao Wang,University of Virginia;Shibo He,Zhejiang University;Michael Backes,CISPA Helmholtz Center for Information Security;Jiming Chen,Zhejiang University;Yang Zhang,CISPA Helmholtz Center for Information Security PDF code video -
Egg Hunt in Tesla Infotainment: A First Look at Reverse Engineering of Qt Binaries Haohuang Wen and Zhiqiang Lin,The Ohio State University PDF code video slides
Learning Normality is Enough: A Software-based Mitigation against Inaudible Voice Attacks Xinfeng Li, Xiaoyu Ji, and Chen Yan,USSLAB, Zhejiang University;Chaohao Li,USSLAB, Zhejiang University and Hangzhou Hikvision Digital Technology Co., Ltd.;Yichen Li,Hong Kong University of Science and Technology;Zhenning Zhang,University of Illinois at Urbana-Champaign;Wenyuan Xu,USSLAB, Zhejiang University PDF - video slides
FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modules Ioannis Angelakopoulos, Gianluca Stringhini, and Manuel Egele,Boston University PDF - video slides
CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software Yuanyuan Yuan, Zhibo Liu, and Shuai Wang,The Hong Kong University of Science and Technology PDF - video slides
“If sighted people know, I should be able to know:” Privacy Perceptions of Bystanders with Visual Impairments around Camera-based Technology Yuhang Zhao,University of Wisconsin—Madison;Yaxing Yao,University of Maryland, Baltimore County;Jiaru Fu and Nihan Zhou,University of Wisconsin—Madison PDF - video -
Access Denied: Assessing Physical Risks to Internet Access Networks Alexander Marder,CAIDA / UC San Diego;Zesen Zhang,UC San Diego;Ricky Mok and Ramakrishna Padmanabhan,CAIDA / UC San Diego;Bradley Huffaker,CAIDA/ UC San Diego;Matthew Luckie,University of Waikato;Alberto Dainotti,Georgia Tech;kc claffy,CAIDA/ UC San Diego;Alex C. Snoeren and Aaron Schulman,UC San Diego PDF - video -
Security and Privacy Failures in Popular 2FA Apps Conor Gilsenan,UC Berkeley / ICSI;Fuzail Shakir and Noura Alomar,UC Berkeley;Serge Egelman,UC Berkeley / ICSI PDF - video slides
A comprehensive, formal and automated analysis of the EDHOC protocol Charlie Jacomme,Inria Paris;Elise Klein, Steve Kremer, and Maïwenn Racouchot,Inria Nancy and Université de Lorraine PDF - video slides
Hash Gone Bad: Automated discovery of protocol attacks that exploit hash function weaknesses Vincent Cheval,Inria Paris;Cas Cremers and Alexander Dax,CISPA Helmholtz Center for Information Security;Lucca Hirschi,Inria & LORIA;Charlie Jacomme,Inria Paris;Steve Kremer,Université de Lorraine, LORIA, Inria Nancy Grand-EstDistinguished Paper Award Winner PDF - video slides
(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels Ruiyi Zhang,CISPA Helmholtz Center for Information Security;Taehyun Kim,Independent;Daniel Weber and Michael Schwarz,CISPA Helmholtz Center for Information Security PDF - video slides
Content-Type: multipart/oracle - Tapping into Format Oracles in Email End-to-End Encryption Fabian Ising,Münster University of Applied Sciences and National Research Center for Applied Cybersecurity ATHENE;Damian Poddebniak and Tobias Kappert,Münster University of Applied Sciences;Christoph Saatjohann and Sebastian Schinzel,Münster University of Applied Sciences and National Research Center for Applied Cybersecurity ATHENE PDF - video slides
Glowing in the Dark: Uncovering IPv6 Address Discovery and Scanning Strategies in the Wild Hammas Bin Tanveer,The University of Iowa;Rachee Singh,Microsoft and Cornell University;Paul Pearce,Georgia Tech;Rishab Nithyanand,University of Iowa PDF - video slides
Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk,Ruhr University Bochum PDF - video slides
Humans vs. Machines in Malware Classification Simone Aonzo,EURECOM;Yufei Han,INRIA;Alessandro Mantovani and Davide Balzarotti,EURECOM PDF - video slides
How fast do you heal? A taxonomy for post-compromise security in secure-channel establishment Olivier Blazy,LIX, CNRS, Inria, École Polytechnique, Institut Polytechnique de Paris, France;Ioana Boureanu,University of Surrey, Surrey Centre for Cyber Security, UK;Pascal Lafourcade,LIMOS, University of Clermont Auvergne, France;Cristina Onete,XLIM, University of Limoges, France;Léo Robert,LIMOS, University of Clermont Auvergne, France PDF - video -
Assessing Anonymity Techniques Employed in German Court Decisions: A De-Anonymization Experiment Dominic Deuber and Michael Keuchen,Friedrich-Alexander-Universität Erlangen-Nürnberg;Nicolas Christin,Carnegie Mellon University PDF - video slides
GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation Hui Peng,Purdue University;Zhihao Yao and Ardalan Amiri Sani,UC Irvine;Dave (Jing) Tian,Purdue University;Mathias Payer,EPFL PDF - video slides
Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps Yuhong Nan,Sun Yat-sen University;Xueqiang Wang,University of Central Florida;Luyi Xing and Xiaojing Liao,Indiana University Bloomington;Ruoyu Wu and Jianliang Wu,Purdue University;Yifan Zhang and XiaoFeng Wang,Indiana University Bloomington PDF - video slides
The Space of Adversarial Strategies Ryan Sheatsley, Blaine Hoak, Eric Pauley, and Patrick McDaniel,University of Wisconsin-Madison PDF - video -
Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference Xueqiang Wang,University of Central Florida;Yuqiong Sun,Meta;Susanta Nanda,ServiceNow;XiaoFeng Wang,Indiana University Bloomington PDF - video slides
That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal Consistency Yanmao Man,University of Arizona;Raymond Muller,Purdue University;Ming Li,University of Arizona;Z. Berkay Celik,Purdue University;Ryan Gerdes,Virginia Tech PDF - video -
CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations Sen Deng,Southern University of Science and Technology;Mengyuan Li,The Ohio State University;Yining Tang,Southern University of Science and Technology;Shuai Wang,Hong Kong University of Science and Technology;Shoumeng Yan,The Ant Group;Yinqian Zhang,Southern University of Science and Technology PDF - video slides
"My Privacy for their Security": Employees' Privacy Perspectives and Expectations when using Enterprise Security Software Jonah Stegman, Patrick J. Trottier, Caroline Hillier, and Hassan Khan,University of Guelph;Mohammad Mannan,Concordia University PDF - video -
Combating Robocalls with Phone Virtual Assistant Mediated Interaction Sharbani Pandit,Georgia Institute of Technology;Krishanu Sarker,Georgia State University;Roberto Perdisci,University of Georgia and Georgia Institute of Technology;Mustaque Ahamad and Diyi Yang,Georgia Institute of Technology PDF - video -
On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling Binlin Cheng,Shandong University & Hubei Normal University;Erika A Leal,Tulane University;Haotian Zhang,The University of Texas at Arlington;Jiang Ming,Tulane University PDF - video slides
Distance-Aware Private Set Intersection Anrin Chakraborti,Duke University;Giulia Fanti,Carnegie Mellon University;Michael K. Reiter,Duke University PDF - video -
NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural Networks Qi Liu,Lehigh University;Jieming Yin,Nanjing University of Posts and Telecommunications;Wujie Wen,Lehigh University;Chengmo Yang,University of Delaware;Shi Sha,Wilkes University PDF - video -
Towards a General Video-based Keystroke Inference Attack Zhuolin Yang, Yuxin Chen, and Zain Sarwar,University of Chicago;Hadleigh Schwartz,Columbia University;Ben Y. Zhao and Haitao Zheng,University of Chicago PDF - video -
URET: Universal Robustness Evaluation Toolkit (for Evasion) Kevin Eykholt, Taesung Lee, Douglas Schales, Jiyong Jang, and Ian Molloy,IBM Research;Masha Zorin,University of Cambridge PDF - video slides
You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks Yulong Cao,University of Michigan;S. Hrushikesh Bhupathiraju and Pirouz Naghavi,University of Florida;Takeshi Sugawara,The University of Electro-Communications;Z. Morley Mao,University of Michigan;Sara Rampazzi,University of Florida PDF - video -
Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues Domien Schepers and Aanjhan Ranganathan,Northeastern University;Mathy Vanhoef,imec-DistriNet, KU Leuven PDF - video -
SMACK: Semantically Meaningful Adversarial Audio Attack Zhiyuan Yu, Yuanhaur Chang, and Ning Zhang,Washington University in St. Louis;Chaowei Xiao,Arizona State University PDF - video -
Gradient Obfuscation Gives a False Sense of Security in Federated Learning Kai Yue,North Carolina State University;Richeng Jin,Zhejiang University;Chau-Wai Wong, Dror Baron, and Huaiyu Dai,North Carolina State University PDF - video -
Automata-Guided Control-Flow-Sensitive Fuzz Driver Generation Cen Zhang and Yuekang Li,Nanyang Technological University, Continental-NTU Corporate Lab;Hao Zhou,The Hong Kong Polytechnic University;Xiaohan Zhang,Xidian University;Yaowen Zheng,Nanyang Technological University, Continental-NTU Corporate Lab;Xian Zhan,Southern University of Science and Technology; The Hong Kong Polytechnic University;Xiaofei Xie,Singapore Management University;Xiapu Luo,The Hong Kong Polytechnic University;Xinghua Li,Xidian University;Yang Liu,Nanyang Technological University, Continental-NTU Corporate Lab;Sheikh Mahbub Habib,Continental AG, Germany PDF - video slides
Are Consumers Willing to Pay for Security and Privacy of IoT Devices? Pardis Emami-Naeini,Duke University;Janarth Dheenadhayalan, Yuvraj Agarwal, and Lorrie Faith Cranor,Carnegie Mellon University PDF - video -
PhyAuth: Physical-Layer Message Authentication for ZigBee Networks Ang Li and Jiawei Li,Arizona State University;Dianqi Han,University of Texas at Arlington;Yan Zhang,The University of Akron;Tao Li,Indiana University–Purdue University Indianapolis;Ting Zhu,The Ohio State University;Yanchao Zhang,Arizona State University PDF - video slides
Fairness Properties of Face Recognition and Obfuscation Systems Harrison Rosenberg,University of Wisconsin–Madison;Brian Tang,University of Michigan;Kassem Fawaz and Somesh Jha,University of Wisconsin–Madison PDF - video -
Beyond The Gates: An Empirical Analysis of HTTP-Managed Password Stealers and Operators Athanasios Avgetidis, Omar Alrawi, Kevin Valakuzhy, and Charles Lever,Georgia Institute of Technology;Paul Burbage,MalBeacon;Angelos D. Keromytis, Fabian Monrose, and Manos Antonakakis,Georgia Institute of Technology PDF - video slides
Decompiling x86 Deep Neural Network Executables Zhibo Liu, Yuanyuan Yuan, and Shuai Wang,The Hong Kong University of Science and Technology;Xiaofei Xie,Singapore Management University;Lei Ma,University of Alberta PDF - video slides
PolyFuzz: Holistic Greybox Fuzzing of Multi-Language Systems Wen Li, Jinyang Ruan, and Guangbei Yi,Washington State University;Long Cheng,Clemson University;Xiapu Luo,The Hong Kong Polytechnic University;Haipeng Cai,Washington State University PDF - video slides
Linear Private Set Union from Multi-Query Reverse Private Membership Test Cong Zhang,State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences;Yu Chen,School of Cyber Science and Technology, Shandong University; State Key Laboratory of Cryptology; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University;Weiran Liu,Alibaba Group;Min Zhang,School of Cyber Science and Technology, Shandong University; State Key Laboratory of Cryptology; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University;Dongdai Lin,State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences PDF - video slides
An Efficient Design of Intelligent Network Data Plane Guangmeng Zhou,Tsinghua University;Zhuotao Liu,Tsinghua University and Zhongguancun Laboratory;Chuanpu Fu,Tsinghua University;Qi Li and Ke Xu,Tsinghua University and Zhongguancun LaboratoryDistinguished Paper Award Winner PDF - video slides
AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering Ji Shi,{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, Chinese Academy of Sciences; Institute for Network Science and Cyberspace & BNRist, Tsinghua University; Zhongguancun Lab; Singular Security Lab, Huawei Technologies; School of Cyber Security, University of Chinese Academy of Sciences;Zhun Wang,Institute for Network Science and Cyberspace & BNRist, Tsinghua University; Zhongguancun Lab;Zhiyao Feng,Institute for Network Science and Cyberspace & BNRist, Tsinghua University; Zhongguancun Lab; EPFL;Yang Lan and Shisong Qin,Institute for Network Science and Cyberspace & BNRist, Tsinghua University; Zhongguancun Lab;Wei You,Renmin University of China;Wei Zou,{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences;Mathias Payer,EPFL;Chao Zhang,Institute for Network Science and Cyberspace & BNRist, Tsinghua University; Zhongguancun Lab PDF - video slides
Inducing Authentication Failures to Bypass Credit Card PINs David Basin, Patrick Schaller, and Jorge Toro-Pozo,ETH Zurich PDF - video slides
Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js Mikhail Shcherbakov and Musard Balliu,KTH Royal Institute of Technology;Cristian-Alexandru Staicu,CISPA Helmholtz Center for Information Security PDF - video slides
Reassembly is Hard: A Reflection on Challenges and Strategies Hyungseok Kim,KAIST and The Affiliated Institute of ETRI;Soomin Kim and Junoh Lee,KAIST;Kangkook Jee,University of Texas at Dallas;Sang Kil Cha,KAIST PDF - video slides
PCAT: Functionality and Data Stealing from Split Learning by Pseudo-Client Attack Xinben Gao and Lan Zhang,University of Science and Technology of China PDF - video slides
VulChecker: Graph-based Vulnerability Localization in Source Code Yisroel Mirsky,Ben-Gurion University of the Negev;George Macon,Georgia Tech Research Institute;Michael Brown,Georgia Institute of Technology;Carter Yagemann,Ohio State University;Matthew Pruett, Evan Downing, Sukarno Mertoguno, and Wenke Lee,Georgia Institute of Technology PDF - video -
Examining Consumer Reviews to Understand Security and Privacy Issues in the Market of Smart Home Devices Swaathi Vetrivel, Veerle van Harten, Carlos H. Gañán, Michel van Eeten, and Simon Parkin,Delft University of Technology PDF - video slides
Timeless Timing Attacks and Preload Defenses in Tor's DNS Cache Rasmus Dahlberg and Tobias Pulls,Karlstad University PDF - video slides
Isolated and Exhausted: Attacking Operating Systems via Site Isolation in the Browser Matthias Gierlings, Marcus Brinkmann, and Jörg Schwenk,Ruhr University Bochum PDF - video slides
Internet Service Providers' and Individuals' Attitudes, Barriers, and Incentives to Secure IoT Nissy Sombatruang,National Institute of Information and Communications Technology;Tristan Caulfield and Ingolf Becker,University College London;Akira Fujita, Takahiro Kasama, Koji Nakao, and Daisuke Inoue,National Institute of Information and Communications Technology PDF - video slides

USENIX Security 2023 - Fall

Title Authors Paper Code Video Slides
“Employees Who Don’t Accept the Time Security Takes Are Not Aware Enough”: The CISO View of Human-Centred Security Jonas Hielscher and Uta Menges,Ruhr University Bochum;Simon Parkin,TU Delft;Annette Kluge and M. Angela Sasse,Ruhr University Bochum PDF - video -
“Millions of people are watching you”: Understanding the Digital-Safety Needs and Practices of Creators Patrawat Samermit, Anna Turner, Patrick Gage Kelley, Tara Matthews, Vanessia Wu, Sunny Consolvo, and Kurt Thomas,Google PDF - video -
“Security is not my field, I’m a stats guy”: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry Jaron Mink,University of Illinois at Urbana-Champaign;Harjot Kaur,Leibniz University Hannover;Juliane Schmüser and Sascha Fahl,CISPA Helmholtz Center for Information Security;Yasemin Acar,Paderborn University and George Washington University PDF - video slides
A Data-free Backdoor Injection Approach in Neural Networks Peizhuo Lv, Chang Yue, Ruigang Liang, and Yunfei Yang,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China;Shengzhi Zhang,Department of Computer Science, Metropolitan College, Boston University, USA;Hualong Ma,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China;Kai Chen,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Beijing Academy of Artificial Intelligence, China PDF - video slides
A Large Scale Study of the Ethereum Arbitrage Ecosystem Robert McLaughlin, Christopher Kruegel, and Giovanni Vigna,University of California, Santa Barbara PDF code video slides
A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots Boyang Zhang and Xinlei He,CISPA Helmholtz Center for Information Security;Yun Shen,NetApp;Tianhao Wang,University of Virginia;Yang Zhang,CISPA Helmholtz Center for Information Security PDF code video -
Abuse Vectors: A Framework for Conceptualizing IoT-Enabled Interpersonal Abuse Sophie Stephenson and Majed Almansoori,University of Wisconsin--Madison;Pardis Emami-Naeini,Duke University;Danny Yuxing Huang,New York University;Rahul Chatterjee,University of Wisconsin--Madison PDF - video slides
ACon^2: Adaptive Conformal Consensus for Provable Blockchain Oracles Sangdon Park,Georgia Institute of Technology;Osbert Bastani,University of Pennsylvania;Taesoo Kim,Georgia Institute of Technology PDF - video slides
Adversarial Training for Raw-Binary Malware Classifiers Keane Lucas, Samruddhi Pai, Weiran Lin, and Lujo Bauer,Carnegie Mellon University;Michael K. Reiter,Duke University;Mahmood Sharif,Tel Aviv University PDF - video -
Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks Jialai Wang,Tsinghua University;Ziyuan Zhang,Beijing University of Posts and Telecommunications;Meiqi Wang,Tsinghua University;Han Qiu,Tsinghua University and Zhongguancun Laboratory;Tianwei Zhang,Nanyang Technological University;Qi Li,Tsinghua University and Zhongguancun Laboratory;Zongpeng Li,Tsinghua University and Hangzhou Dianzi University;Tao Wei,Ant Group;Chao Zhang,Tsinghua University and Zhongguancun Laboratory PDF - video slides
AIRS: Explanation for Deep Reinforcement Learning based Security Applications Jiahao Yu,Northwestern University;Wenbo Guo,Purdue University;Qi Qin,ShanghaiTech University;Gang Wang,University of Illinois at Urbana-Champaign;Ting Wang,The Pennsylvania State University;Xinyu Xing,Northwestern University PDF - video -
An Input-Agnostic Hierarchical Deep Learning Framework for Traffic Fingerprinting Jian Qu, Xiaobo Ma, and Jianfeng Li,Xi’an Jiaotong University;Xiapu Luo,The Hong Kong Polytechnic University;Lei Xue,Sun Yat-sen University;Junjie Zhang,Wright State University;Zhenhua Li,Tsinghua University;Li Feng,Southwest Jiaotong University;Xiaohong Guan,Xi'an Jiaotong University PDF - video slides
Araña: Discovering and Characterizing Password Guessing Attacks in Practice Mazharul Islam,University of Wisconsin–Madison;Marina Sanusi Bohuk,Cornell Tech;Paul Chung,University of Wisconsin–Madison;Thomas Ristenpart,Cornell Tech;Rahul Chatterjee,University of Wisconsin–Madison PDF - video slides
ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks Phillip Rieger, Marco Chilese, Reham Mohamed, Markus Miettinen, Hossein Fereidooni, and Ahmad-Reza Sadeghi,Technical University of Darmstadt PDF - video slides
ARI: Attestation of Real-time Mission Execution Integrity Jinwen Wang, Yujie Wang, and Ao Li,Washington University in St. Louis;Yang Xiao,University of Kentucky;Ruide Zhang, Wenjing Lou, and Y. Thomas Hou,Virginia Polytechnic Institute and State University;Ning Zhang,Washington University in St. Louis PDF - video -
ARMore: Pushing Love Back Into Binaries Luca Di Bartolomeo, Hossein Moghaddas, and Mathias Payer,EPFL PDF - video slides
Attacks are Forwarded: Breaking the Isolation of MicroVM-based Containers Through Operation Forwarding Jietao Xiao and Nanzi Yang,State Key Lab of ISN, School of Cyber Engineering, Xidian University, China;Wenbo Shen,Zhejiang University, China;Jinku Li and Xin Guo,State Key Lab of ISN, School of Cyber Engineering, Xidian University, China;Zhiqiang Dong and Fei Xie,Tencent Security Yunding Lab, China;Jianfeng Ma,State Key Lab of ISN, School of Cyber Engineering, Xidian University, China PDF - video -
AURC: Detecting Errors in Program Code and Documentation Peiwei Hu, Ruigang Liang, and Ying Cao,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China, and School of Cyber Security, University of Chinese Academy of Sciences, China;Kai Chen,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China, School of Cyber Security, University of Chinese Academy of Sciences, China, and Beijing Academy of Artificial Intelligence, China;Runze Zhang,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China, and School of Cyber Security, University of Chinese Academy of Sciences, China PDF - video slides
Authenticated private information retrieval Simone Colombo,EPFL;Kirill Nikitin,Cornell Tech;Henry Corrigan-Gibbs,MIT;David J. Wu,UT Austin;Bryan Ford,EPFL PDF - video slides
AutoFR: Automated Filter Rule Generation for Adblocking Hieu Le, Salma Elmalaki, and Athina Markopoulou,University of California, Irvine;Zubair Shafiq,University of California, Davis PDF - video slides
autofz: Automated Fuzzer Composition at Runtime Yu-Fu Fu, Jaehyuk Lee, and Taesoo Kim,Georgia Institute of Technology PDF - video slides
Automated Cookie Notice Analysis and Enforcement Rishabh Khandelwal and Asmit Nayak,University of Wisconsin—Madison;Hamza Harkous,Google, Inc.;Kassem Fawaz,University of Wisconsin—Madison PDF - video -
Automated Exploitable Heap Layout Generation for Heap Overflows Through Manipulation Distance-Guided Fuzzing Bin Zhang, Jiongyi Chen, Runhao Li, Chao Feng, Ruilin Li, and Chaojing Tang,National University of Defense Technology PDF - video slides
BalanceProofs: Maintainable Vector Commitments with Fast Aggregation Weijie Wang, Annie Ulichney, and Charalampos Papamanthou,Yale University PDF - video slides
Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages Cristian-Alexandru Staicu,CISPA Helmholtz Center for Information Security;Sazzadur Rahaman,University of Arizona;Ágnes Kiss and Michael Backes,CISPA Helmholtz Center for Information Security PDF - video slides
Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information Heng Li,Huazhong University of Science and Technology;Zhang Cheng,NSFOCUS Technologies Group Co., Ltd. and Huazhong University of Science and Technology;Bang Wu, Liheng Yuan, Cuiying Gao, and Wei Yuan,Huazhong University of Science and Technology;Xiapu Luo,The Hong Kong Polytechnic University PDF - video slides
Bleem: Packet Sequence Oriented Fuzzing for Protocol Implementations Zhengxiong Luo, Junze Yu, Feilong Zuo, Jianzhong Liu, and Yu Jiang,Tsinghua University;Ting Chen,University of Electronic Science and Technology of China;Abhik Roychoudhury,National University of Singapore;Jiaguang Sun,Tsinghua University PDF - video slides
BoKASAN: Binary-only Kernel Address Sanitizer for Effective Kernel Fuzzing Mingi Cho, Dohyeon An, Hoyong Jin, and Taekyoung Kwon,Yonsei University PDF - video slides
Bug Hunters’ Perspectives on the Challenges and Benefits of the Bug Bounty Ecosystem Omer Akgul,University of Maryland;Taha Eghtesad,Pennsylvania State University;Amit Elazari,University of California, Berkeley;Omprakash Gnawali,University of Houston;Jens Grossklags,Technical University of Munich;Michelle L. Mazurek,University of Maryland;Daniel Votipka,Tufts University;Aron Laszka,Pennsylvania State UniversityDistinguished Paper Award Winner PDF - video slides
BunnyHop: Exploiting the Instruction Prefetcher Zhiyuan Zhang, Mingtian Tao, and Sioli O'Connell,The University of Adelaide;Chitchanok Chuengsatiansup,The University of Melbourne;Daniel Genkin,Georgia Tech;Yuval Yarom,The University of Adelaide PDF - video slides
CAPatch: Physical Adversarial Patch against Image Captioning Systems Shibo Zhang,USSLAB, Zhejiang University;Yushi Cheng,BNRist, Tsinghua University;Wenjun Zhu, Xiaoyu Ji, and Wenyuan Xu,USSLAB, Zhejiang University PDF - video -
Capstone: A Capability-based Foundation for Trustless Secure Memory Access Jason Zhijingcheng Yu,National University of Singapore;Conrad Watt,University of Cambridge;Aditya Badole, Trevor E. Carlson, and Prateek Saxena,National University of Singapore PDF - video slides
CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing Dawei Wang, Ying Li, and Zhiyu Zhang,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China;Kai Chen,SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, China; School of Cyber Security, University of Chinese Academy of Sciences, China; Beijing Academy of Artificial Intelligence, China PDF - video slides
Catch You and I Can: Revealing Source Voiceprint Against Voice Conversion Jiangyi Deng, Yanjiao Chen, Yinan Zhong, and Qianhao Miao,Zhejiang University;Xueluan Gong,Wuhan University;Wenyuan Xu,Zhejiang University PDF - video slides
Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software Jan Wichelmann, Anna Pätschke, Luca Wilke, and Thomas Eisenbarth,University of Lübeck PDF - video slides
Controlled Data Races in Enclaves: Attacks and Detection Sanchuan Chen,Fordham University;Zhiqiang Lin,The Ohio State University;Yinqian Zhang,Southern University of Science and Technology PDF - video -
CSHER: A System for Compact Storage with HE-Retrieval Adi Akavia and Neta Oren,University of Haifa;Boaz Sapir and Margarita Vald,Intuit Israel Inc. PDF - video slides
DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed Fuzzing Ming Yuan and Bodong Zhao,Tsinghua University;Penghui Li,The Chinese University of Hong Kong;Jiashuo Liang and Xinhui Han,Peking University;Xiapu Luo,The Hong Kong Polytechnic University;Chao Zhang,Tsinghua University and Zhongguancun Lab PDF - video slides
Defining "Broken": User Experiences and Remediation Tactics When Ad-Blocking or Tracking-Protection Tools Break a Website’s User Experience Alexandra Nisenoff,University of Chicago and Carnegie Mellon University;Arthur Borem, Madison Pickering, Grant Nakanishi, Maya Thumpasery, and Blase Ur,University of Chicago PDF - video slides
Design of Access Control Mechanisms in Systems-on-Chip with Formal Integrity Guarantees Dino Mehmedagić, Mohammad Rahmani Fadiheh, Johannes Müller, Anna Lena Duque Antón, Dominik Stoffel, and Wolfgang Kunz,Rheinland-Pfälzische Technische Universität (RPTU) Kaiserslautern-Landau, Germany PDF - video slides
Detecting and Handling IoT Interaction Threats in Multi-Platform Multi-Control-Channel Smart Homes Haotian Chi,Shanxi University and Temple University;Qiang Zeng,George Mason University;Xiaojiang Du,Stevens Institute of Technology PDF - video -
Detecting Multi-Step IAM Attacks in AWS Environments via Model Checking Ilia Shevrin,Citi;Oded Margalit,Ben-Gurion University PDF - video slides
Did the Shark Eat the Watchdog in the NTP Pool? Deceiving the NTP Pool’s Monitoring System Jonghoon Kwon,ETH Zürich;Jeonggyu Song and Junbeom Hur,Korea University;Adrian Perrig,ETH Zürich PDF - video slides
DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing Jiawei Zhang,UIUC;Zhongzhu Chen,University of Michigan, Ann Arbor;Huan Zhang,Carnegie Mellon University;Chaowei Xiao,Arizona State University;Bo Li,UIUC PDF - video slides
Diving into Robocall Content with SnorCall Sathvik Prasad, Trevor Dunlap, Alexander Ross, and Bradley Reaves,North Carolina State University PDF - video slides
Don’t be Dense: Efficient Keyword PIR for Sparse Databases Sarvar Patel and Joon Young Seo,Google;Kevin Yeo,Google and Columbia UniversityDistinguished Paper Award Winner PDF - video -
Duoram: A Bandwidth-Efficient Distributed ORAM for 2- and 3-Party Computation Adithya Vadapalli,University of Waterloo;Ryan Henry,University of Calgary;Ian Goldberg,University of Waterloo PDF - video -
Educators’ Perspectives of Using (or Not Using) Online Exam Proctoring David G. Balash, Elena Korkes, Miles Grant, and Adam J. Aviv,The George Washington University;Rahel A. Fainchtein and Micah Sherr,Georgetown University PDF - video -
ELASM: Error-Latency-Aware Scale Management for Fully Homomorphic Encryption Yongwoo Lee, Seonyoung Cheon, and Dongkwan Kim,Yonsei University;Dongyoon Lee,Stony Brook University;Hanjun Kim,Yonsei University PDF - video -
Eos: Efficient Private Delegation of zkSNARK Provers Alessandro Chiesa,UC Berkeley and EPFL;Ryan Lehmkuhl,MIT;Pratyush Mishra,Aleo and University of Pennsylvania;Yinuo Zhang,UC Berkeley PDF - video slides
Every Vote Counts: Ranking-Based Training of Federated Learning to Resist Poisoning Attacks Hamid Mozaffari, Virat Shejwalkar, and Amir Houmansadr,University of Massachusetts Amherst PDF - video -
Exorcising "Wraith": Protecting LiDAR-based Object Detector in Automated Driving System from Appearing Attacks Qifan Xiao, Xudong Pan, Yifan Lu, Mi Zhang, Jiarun Dai, and Min Yang,Fudan University PDF - video slides
Extending a Hand to Attackers: Browser Privilege Escalation Attacks via Extensions Young Min Kim and Byoungyoung Lee,Seoul National University PDF - video slides
Eye-Shield: Real-Time Protection of Mobile Device Screen Information from Shoulder Surfing Brian Jay Tang and Kang G. Shin,University of Michigan PDF - video slides
FABRID: Flexible Attestation-Based Routing for Inter-Domain Networks Cyrill Krähenbühl, Marc Wyss, and David Basin,ETH Zürich;Vincent Lenders,armasuisse;Adrian Perrig,ETH Zürich;Martin Strohmeier,armasuisse PDF - video slides
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems Sahar Abdelnabi and Mario Fritz,CISPA Helmholtz Center for Information Security PDF - video slides
Fine-grained Poisoning Attack to Local Differential Privacy Protocols for Mean and Variance Estimation Xiaoguang Li,Xidian University and Purdue University;Ninghui Li and Wenhai Sun,Purdue University;Neil Zhenqiang Gong,Duke University;Hui Li,Xidian University PDF - video slides
Formal Analysis and Patching of BLE-SC Pairing Min Shi, Jing Chen, Kun He, Haoran Zhao, Meng Jia, and Ruiying Du,Wuhan University PDF - video slides
Formal Analysis of Session-Handling in Secure Messaging: Lifting Security from Sessions to Conversations Cas Cremers,CISPA Helmholtz Center for Information Security;Charlie Jacomme,Inria Paris;Aurora Naska,CISPA Helmholtz Center for Information Security PDF - video -
Formal Analysis of SPDM: Security Protocol and Data Model version 1.2 Cas Cremers, Alexander Dax, and Aurora Naska,CISPA Helmholtz Center for Information Security PDF - video -
Forming Faster Firmware Fuzzers Lukas Seidel,Qwiet AI;Dominik Maier,TU Berlin;Marius Muench,VU Amsterdam and University of Birmingham PDF - video slides
FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases Chong Fu, Xuhong Zhang, and Shouling Ji,Zhejiang University;Ting Wang,Pennsylvania State University;Peng Lin,Chinese Aeronautical Establishment;Yanghe Feng,National University of Defense Technology;Jianwei Yin,Zhejiang University PDF - video slides
GAP: Differentially Private Graph Neural Networks with Aggregation Perturbation Sina Sajadmanesh,Idiap Research Institute and EPFL;Ali Shahin Shamsabadi,Alan Turing Institute;Aurélien Bellet,Inria;Daniel Gatica-Perez,Idiap Research Institute and EPFL PDF - video slides
Going through the motions: AR/VR keylogging from user head motions Carter Slocum, Yicheng Zhang, Nael Abu-Ghazaleh, and Jiasi Chen,University of California, Riverside PDF - video -
HECO: Fully Homomorphic Encryption Compiler Alexander Viand, Patrick Jattke, Miro Haller, and Anwar Hithnawi,ETH Zurich PDF - video slides
Hey Kimya, Is My Smart Speaker Spying on Me? Taking Control of Sensor Privacy Through Isolation and Amnesia Piet De Vaere and Adrian Perrig,ETH Zürich PDF - video slides
Hidden Reality: Caution, Your Hand Gesture Inputs in the Immersive Virtual World are Visible to All! Sindhu Reddy Kalathur Gopal and Diksha Shukla,University of Wyoming;James David Wheelock,University of Colorado Boulder;Nitesh Saxena,Texas A&M University, College Station PDF - video -
Hiding in Plain Sight: An Empirical Study of Web Application Abuse in Malware Mingxuan Yao,Georgia Institute of Technology;Jonathan Fuller,United States Military Academy;Ranjita Pai Kasturi, Saumya Agarwal, Amit Kumar Sikder, and Brendan Saltaformaggio,Georgia Institute of Technology PDF - video slides
High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption Xianglong Zhang and Wei Wang,Huazhong University of Science and Technology;Peng Xu,Huazhong University of Science and Technology and Hubei Key Laboratory of Distributed System Security;Laurence T. Yang,Huazhong University of Science and Technology and St. Francis Xavier University;Kaitai Liang,Delft University of Technology PDF - video slides
HOLMES: Efficient Distribution Testing for Secure Collaborative Learning Ian Chang and Katerina Sotiraki,UC Berkeley;Weikeng Chen,UC Berkeley & DZK Labs;Murat Kantarcioglu,University of Texas at Dallas & UC Berkeley;Raluca Popa,UC Berkeley PDF - video slides
​​How Library IT Staff Navigate Privacy and Security Challenges and Responsibilities Alan F. Luo, Noel Warford, and Samuel Dooley,University of Maryland;Rachel Greenstadt,New York University;Michelle L. Mazurek,University of Maryland;Nora McDonald,George Mason University PDF - video -
How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic Mingshi Wu,GFW Report;Jackson Sippe,University of Colorado Boulder;Danesh Sivakumar and Jack Burg,University of Maryland;Peter Anderson,Independent researcher;Xiaokang Wang,V2Ray Project;Kevin Bock,University of Maryland;Amir Houmansadr,University of Massachusetts Amherst;Dave Levin,University of Maryland;Eric Wustrow,University of Colorado Boulder PDF - video -
How to Cover up Anomalous Accesses to Electronic Health Records Xiaojun Xu, Qingying Hao, Zhuolin Yang, and Bo Li,University of Illinois at Urbana-Champaign;David Liebovitz,Northwestern University;Gang Wang and Carl A. Gunter,University of Illinois at Urbana-Champaign PDF - video -
ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence Graphs Prashant Hari Narayan Rajput,NYU Tandon School of Engineering;Constantine Doumanidis and Michail Maniatakos,New York University Abu Dhabi PDF - video slides
Improving Real-world Password Guessing Attacks via Bi-directional Transformers Ming Xu and Jitao Yu,Fudan University;Xinyi Zhang,Facebook;Chuanwang Wang, Shenghao Zhang, Haoqi Wu, and Weili Han,Fudan University PDF - video slides
InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force Attack Yu Chen and Yang Yu,Xuanwu Lab, Tencent;Lidong Zhai,Institute of Information Engineering, Chinese Academy of Sciences PDF - video slides
Intender: Fuzzing Intent-Based Networking with Intent-State Transition Guidance Jiwon Kim,Purdue University;Benjamin E. Ujcich,Georgetown University;Dave (Jing) Tian,Purdue University PDF - video slides
It's all in your head(set): Side-channel attacks on AR/VR systems Yicheng Zhang, Carter Slocum, Jiasi Chen, and Nael Abu-Ghazaleh,University of California, Riverside PDF - video slides
IvySyn: Automated Vulnerability Discovery in Deep Learning Frameworks Neophytos Christou, Di Jin, and Vaggelis Atlidakis,Brown University;Baishakhi Ray,Columbia University;Vasileios P. Kemerlis,Brown University PDF - video slides
Jinn: Hijacking Safe Programs with Trojans Komail Dharsee and John Criswell,University of Rochester PDF - video -
KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations Tingting Yin,Tsinghua University and Ant Group;Zicong Gao,State Key Laboratory of Mathematical Engineering and Advanced Computing;Zhenghang Xiao,Hunan University;Zheyu Ma,Tsinghua University;Min Zheng,Ant Group;Chao Zhang,Tsinghua University and Zhongguancun Laboratory PDF - video slides
Know Your Cybercriminal: Evaluating Attacker Preferences by Measuring Profile Sales on an Active, Leading Criminal Market for User Impersonation at Scale Michele Campobasso and Luca Allodi,Eindhoven University of Technology PDF - video slides
Lalaine: Measuring and Characterizing Non-Compliance of Apple Privacy Labels Yue Xiao, Zhengyi Li, and Yue Qin,Indiana University Bloomington;Xiaolong Bai,Orion Security Lab, Alibaba Group;Jiale Guan, Xiaojing Liao, and Luyi Xing,Indiana University Bloomington PDF - video -
Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys Daniel W. Woods,University of Edinburgh;Rainer Böhme,University of Innsbruck;Josephine Wolff,Tufts University;Daniel Schwarcz,University of Minnesota PDF - video slides
Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem Allan Lyons,University of Calgary;Julien Gamba,IMDEA Networks Institute and Universidad Carlos III de Madrid;Austin Shawaga,University of Calgary;Joel Reardon,University of Calgary and AppCensus, Inc.;Juan Tapiador,Universidad Carlos III de Madrid;Serge Egelman,ICSI and UC Berkeley and AppCensus, Inc.;Narseo Vallina-Rodriguez,IMDEA Networks Institute and AppCensus, Inc. PDF - video slides
Long Live The Honey Badger: Robust Asynchronous DPSS and its Applications Thomas Yurek,University of Illinois at Urbana-Champaign, NTT Research, and IC3;Zhuolun Xiang,Aptos;Yu Xia,MIT CSAIL and NTT Research;Andrew Miller,University of Illinois at Urbana-Champaign and IC3 PDF - video -
Lost at C: A User Study on the Security Implications of Large Language Model Code Assistants Gustavo Sandoval, Hammond Pearce, Teo Nys, Ramesh Karri, Siddharth Garg, and Brendan Dolan-Gavitt,New York University PDF - video slides
Machine-checking Multi-Round Proofs of Shuffle: Terelius-Wikstrom and Bayer-Groth Thomas Haines,Australian National University;Rajeev Gore,Polish Academy of Science;Mukesh Tiwari,University of Cambridge PDF - video -
Measuring Up to (Reasonable) Consumer Expectations: Providing an Empirical Basis for Holding IoT Manufacturers Legally Responsible Lorenz Kustosch and Carlos Gañán,TU Delft;Mattis van 't Schip,Radboud University;Michel van Eeten and Simon Parkin,TU Delft PDF - video slides
Meta-Sift: How to Sift Out a Clean Subset in the Presence of Data Poisoning? Yi Zeng,Virginia Tech and SONY AI;Minzhou Pan, Himanshu Jahagirdar, and Ming Jin,Virginia Tech;Lingjuan Lyu,SONY AI;Ruoxi Jia,Virginia Tech PDF - video -
MINER: A Hybrid Data-Driven Approach for REST API Fuzzing Chenyang Lyu, Jiacheng Xu, Shouling Ji, Xuhong Zhang, and Qinying Wang,Zhejiang University;Binbin Zhao,Georgia Institute of Technology;Gaoning Pan,Zhejiang University;Wei Cao and Peng Chen,Ant Group;Raheem Beyah,Georgia Institute of Technology PDF - video slides
Minimalist: Semi-automated Debloating of PHP Web Applications through Static Analysis Rasoul Jahanshahi,Boston University;Babak Amin Azad and Nick Nikiforakis,Stony Brook University;Manuel Egele,Boston University PDF - video slides
MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research Gabriel K. Gegenhuber,University of Vienna;Wilfried Mayer,SBA Research;Edgar Weippl,University of Vienna;Adrian Dabrowski,CISPA Helmholtz Center for Information Security PDF - video slides
MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation Jinyan Xu and Yiyuan Liu,Zhejiang University;Sirui He,City University of Hong Kong;Haoran Lin and Yajin Zhou,Zhejiang University;Cong Wang,City University of Hong Kong PDF - video slides
MTSan: A Feasible and Practical Memory Sanitizer for Fuzzing COTS Binaries Xingman Chen,Tsinghua University;Yinghao Shi,Institute of Information Engineering, Chinese Academy of Sciences;Zheyu Jiang and Yuan Li,Tsinghua University;Ruoyu Wang,Arizona State University;Haixin Duan,Tsinghua University and Zhongguancun Laboratory;Haoyu Wang,Huazhong University of Science and Technology;Chao Zhang,Tsinghua University and Zhongguancun Laboratory PDF - video slides
Multi-Factor Key Derivation Function (MFKDF) for Fast, Flexible, Secure, & Practical Key Management Vivek Nair and Dawn Song,University of California, Berkeley PDF - video slides
Multiview: Finding Blind Spots in Access-Deny Issues Diagnosis Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou,University of California, San Diego PDF - video -
NAUTILUS: Automated RESTful API Vulnerability Detection Gelei Deng,Nanyang Technological University;Zhiyi Zhang,CodeSafe Team, Qi An Xin Group Corp.;Yuekang Li, Yi Liu, Tianwei Zhang, and Yang Liu,Nanyang Technological University;Guo Yu,China Industrial Control Systems Cyber Emergency Response Team;Dongjin Wang,Institute of Scientific and Technical Information, China Academy of Railway Sciences PDF - video -
Near-Ultrasound Inaudible Trojan (Nuit): Exploiting Your Speaker to Attack Your Microphone Qi Xia and Qian Chen,University of Texas at San Antonio;Shouhuai Xu,University of Colorado Colorado Springs PDF - video slides
Network Responses to Russia's Invasion of Ukraine in 2022: A Cautionary Tale for Internet Freedom Reethika Ramesh, Ram Sundara Raman, and Apurva Virkud,University of Michigan;Alexandra Dirksen,TU Braunschweig;Armin Huremagic,University of Michigan;David Fifield,unaffiliated;Dirk Rodenburg and Rod Hynes,Psiphon;Doug Madory,Kentik;Roya Ensafi,University of Michigan PDF - video slides
No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning Thorsten Eisenhofer,Ruhr University Bochum;Erwin Quiring,Ruhr University Bochum and International Computer Science Institute (ICSI) Berkeley;Jonas Möller,Technische Universität Berlin;Doreen Riepel,Ruhr University Bochum;Thorsten Holz,CISPA Helmholtz Center for Information Security;Konrad Rieck,Technische Universität Berlin PDF - video slides
No Single Silver Bullet: Measuring the Accuracy of Password Strength Meters Ding Wang, Xuan Shan, and Qiying Dong,Nankai University;Yaosheng Shen,Peking University;Chunfu Jia,Nankai University PDF - video slides
NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers Yehuda Afek and Anat Bremler-Barr,Tel-Aviv University;Shani Stajnrod,Reichman University PDF - video -
Downgrading DNSSEC: How to Exploit Crypto Agility for Hijacking Signed Zones Elias Heftrig,ATHENE and Fraunhofer SIT;Haya Shulman,ATHENE, Fraunhofer SIT, and Goethe-Universität Frankfurt;Michael Waidner,ATHENE, Fraunhofer SIT, and Technische Universität Darmstadt PDF - video slides
One Size Does not Fit All: Quantifying the Risk of Malicious App Encounters for Different Android User Profiles Savino Dambra, Leyla Bilge, and Platon Kotzias,Norton Research Group;Yun Shen,NetApp;Juan Caballero,IMDEA Software Institute PDF - video -
Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M Xhani Marvin Saß, Richard Mitev, and Ahmad-Reza Sadeghi,Technical University of Darmstadt PDF - video slides
Panda: Security Analysis of Algorand Smart Contracts Zhiyuan Sun,The Hong Kong Polytechnic University and Southern University of Science and Technology;Xiapu Luo,The Hong Kong Polytechnic University;Yinqian Zhang,Southern University of Science and Technology PDF - video slides
Pass2Edit: A Multi-Step Generative Model for Guessing Edited Passwords Ding Wang and Yunkai Zou,Nankai University;Yuan-An Xiao,Peking University;Siqi Ma,The University of New South Wales;Xiaofeng Chen,Xidian University PDF - video slides
Password Guessing Using Random Forest Ding Wang and Yunkai Zou,Nankai University;Zijian Zhang,Peking University;Kedong Xiu,Nankai University PDF - video slides
PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code Analysis Zhuo Zhang, Guanhong Tao, Guangyu Shen, Shengwei An, Qiuling Xu, Yingqi Liu, and Yapeng Ye,Purdue University;Yaoxuan Wu,University of California, Los Angeles;Xiangyu Zhang,Purdue University PDF - video slides
Place Your Locks Well: Understanding and Detecting Lock Misuse Bugs Yuandao Cai, Peisen Yao, Chengfeng Ye, and Charles Zhang,The Hong Kong University of Science and Technology PDF - video slides
Pool-Party: Exploiting Browser Resource Pools for Web Tracking Peter Snyder,Brave Software;Soroush Karami,University of Illinois at Chicago;Arthur Edelstein,Brave Software;Benjamin Livshits,Imperial College London;Hamed Haddadi,Brave Software and Imperial College of London PDF - video -
Practical Asynchronous High-threshold Distributed Key Generation and Distributed Polynomial Sampling Sourav Das,University of Illinois at Urbana-Champaign;Zhuolun Xiang,Aptos;Lefteris Kokoris-Kogias,IST Austria and Mysten Labs;Ling Ren,University of Illinois at Urbana-Champaign PDF - video -
Prime Match: A Privacy-Preserving Inventory Matching System Antigoni Polychroniadou,J.P. Morgan;Gilad Asharov,Bar-Ilan University;Benjamin Diamond, Tucker Balch, Hans Buehler, Richard Hua, Suwen Gu, Greg Gimler, and Manuela Veloso,J.P. Morgan PDF - video slides
PrivateFL: Accurate, Differentially Private Federated Learning via Personalized Data Transformation Yuchen Yang, Bo Hui, and Haolin Yuan,The Johns Hopkins University;Neil Gong,Duke University;Yinzhi Cao,The Johns Hopkins University PDF - video -
PROGRAPHER: An Anomaly Detection System based on Provenance Graph Embedding Fan Yang,The Chinese University of Hong Kong;Jiacen Xu,University of California, Irvine;Chunlin Xiong,Sangfor Technologies Inc.;Zhou Li,University of California, Irvine;Kehuan Zhang,The Chinese University of Hong Kong PDF - video slides
ProSpeCT: Provably Secure Speculation for the Constant-Time Policy Lesly-Ann Daniel, Marton Bognar, and Job Noorman,imec-DistriNet, KU Leuven;Sébastien Bardin,CEA, LIST, Université Paris Saclay;Tamara Rezk,INRIA, Université Côte d’Azur, Sophia Antipolis;Frank Piessens,imec-DistriNet, KU Leuven PDF - video -
PROVIDENCE: a Flexible Round-by-Round Risk-Limiting Audit Oliver Broadrick and Poorvi Vora,The George Washington University;Filip Zagórski,University of Wroclaw and Votifica PDF - video -
Proxy Hunting: Understanding and Characterizing Proxy-based Upgradeable Smart Contracts in Blockchains William E Bodell III, Sajad Meisami, and Yue Duan,Illinois Institute of Technology PDF - video -
Remote Code Execution from SSTI in the Sandbox: Automatically Detecting and Exploiting Template Escape Bugs Yudi Zhao, Yuan Zhang, and Min Yang,Fudan University PDF - video slides
Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation Yifan Yan, Xudong Pan, Mi Zhang, and Min Yang,Fudan University PDF - video slides
Rosetta: Enabling Robust TLS Encrypted Traffic Classification in Diverse Network Environments with TCP-Aware Traffic Augmentation Renjie Xie and Jiahao Cao,Tsinghua University;Enhuan Dong and Mingwei Xu,Tsinghua University and Quan Cheng Laboratory;Kun Sun,George Mason University;Qi Li and Licheng Shen,Tsinghua University;Menghao Zhang,Tsinghua University and Kuaishou Technology PDF - video slides
SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes Abdullah AlHamdan and Cristian-Alexandru Staicu,CISPA Helmholtz Center for Information Security PDF - video slides
Secure Floating-Point Training Deevashwer Rathee,University of California, Berkeley;Anwesh Bhattacharya, Divya Gupta, and Rahul Sharma,Microsoft Research;Dawn Song,University of California, Berkeley PDF - video -
SHELTER: Extending Arm CCA with Isolation in User Space Yiming Zhang,Southern University of Science and Technology and The Hong Kong Polytechnic University;Yuxin Hu,Southern University of Science and Technology;Zhenyu Ning,Hunan University and Southern University of Science and Technology;Fengwei Zhang,Southern University of Science and Technology;Xiapu Luo,The Hong Kong Polytechnic University;Haoyang Huang,Southern University of Science and Technology;Shoumeng Yan and Zhengyu He,Ant Group PDF - video slides
Sherlock on Specs: Building LTE Conformance Tests through Automated Reasoning Yi Chen and Di Tang,Indiana University Bloomington;Yepeng Yao,{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS, and School of Cyber Security, University of Chinese Academy of Sciences;Mingming Zha and Xiaofeng Wang,Indiana University Bloomington;Xiaozhong Liu,Worcester Polytechnic Institute;Haixu Tang,Indiana University Bloomington;Baoxu Liu,{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS, and School of Cyber Security, University of Chinese Academy of Sciences PDF - video slides
Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs Jianhao Xu,Nanjing University;Kangjie Lu,University of Minnesota;Zhengjie Du, Zhu Ding, and Linke Li,Nanjing University;Qiushi Wu,University of Minnesota;Mathias Payer,EPFL;Bing Mao,Nanjing University PDF - video slides
Squirrel: A Scalable Secure Two-Party Computation Framework for Training Gradient Boosting Decision Tree Wen-jie Lu and Zhicong Huang,Alibaba Group;Qizhi Zhang,Ant Group;Yuchen Wang,Alibaba Group;Cheng Hong,Ant Group PDF - video slides
Subverting Website Fingerprinting Defenses with Robust Traffic Representation Meng Shen,School of Cyberspace Science and Technology, Beijing Institute of Technology;Kexin Ji and Zhenbo Gao,School of Computer Science, Beijing Institute of Technology;Qi Li,Institute for Network Sciences and Cyberspace, Tsinghua University;Liehuang Zhu,School of Cyberspace Science and Technology, Beijing Institute of Technology;Ke Xu,Department of Computer Science and Technology, Tsinghua University PDF - video slides
Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack Run Guo,Tsinghua University;Jianjun Chen,Tsinghua University and Zhongguancun Laboratory;Yihang Wang and Keran Mu,Tsinghua University;Baojun Liu,Tsinghua University and Zhongguancun Laboratory;Xiang Li,Tsinghua University;Chao Zhang,Tsinghua University and Zhongguancun Laboratory;Haixin Duan,Tsinghua University and Zhongguancun Laboratory and QI-ANXIN Technology Research Institute;Jianping Wu,Tsinghua University and Zhongguancun Laboratory PDF - video slides
The Blockchain Imitation Game Kaihua Qin,Imperial College London, RDI;Stefanos Chaliasos,Imperial College London;Liyi Zhou,Imperial College London, RDI;Benjamin Livshits,Imperial College London;Dawn Song,UC Berkeley, RDI;Arthur Gervais,University College London, RDI PDF - video slides
The Case for Learned Provenance Graph Storage Systems Hailun Ding, Juan Zhai, Dong Deng, and Shiqing Ma,Rutgers University PDF - video -
The Gates of Time: Improving Cache Attacks with Transient Execution Daniel Katzman,Tel Aviv University;William Kosasih,The University of Adelaide;Chitchanok Chuengsatiansup,The University of Melbourne;Eyal Ronen,Tel Aviv University;Yuval Yarom,The University of Adelaide PDF - video -
The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders Willy R. Vasquez,The University of Texas at Austin;Stephen Checkoway,Oberlin College;Hovav Shacham,The University of Texas at Austin PDF - video slides
The OK Is Not Enough: A Large Scale Study of Consent Dialogs in Smartphone Applications Simon Koch,TU Braunschweig;Benjamin Altpeter,Datenanfragen.de e.V.;Martin Johns,TU Braunschweig PDF - video -
The Role of Professional Product Reviewers in Evaluating Security and Privacy Wentao Guo, Jason Walter, and Michelle L. Mazurek,University of Maryland PDF - video slides
Three Lessons From Threema: Analysis of a Secure Messenger Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong,ETH Zurich PDF - video slides
Downfall: Exploiting Speculative Data Gathering Daniel Moghimi,UCSD PDF - video -
Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) Federico Cernera, Massimo La Morgia, Alessandro Mei, and Francesco Sassi,Sapienza University of Rome PDF - video slides
TreeSync: Authenticated Group Management for Messaging Layer Security Théophile Wallez,Inria Paris;Jonathan Protzenko,Microsoft Research;Benjamin Beurdouche,Mozilla;Karthikeyan Bhargavan,Inria ParisDistinguished Paper Award Winner and Co-Winner of the 2023 Internet Defense Prize PDF - video slides
TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks Zheng Yang, Joey Allen, and Matthew Landen,Georgia Institute of Technology;Roberto Perdisci,Georgia Tech and University of Georgia;Wenke Lee,Georgia Institute of Technology PDF - video slides
Trojan Source: Invisible Vulnerabilities Nicholas Boucher,University of Cambridge;Ross Anderson,University of Cambridge and University of Edinburgh PDF - video slides
TRust: A Compilation Framework for In-process Isolation to Protect Safe Rust against Untrusted Code Inyoung Bang and Martin Kayondo,Seoul National University;Hyungon Moon,UNIST (Ulsan National Institute of Science and Technology);Yunheung Paek,Seoul National University PDF - video slides
Tubes Among Us: Analog Attack on Automatic Speaker Identification Shimaa Ahmed and Yash Wani,University of Wisconsin-Madison;Ali Shahin Shamsabadi,Alan Turing Institute;Mohammad Yaghini,University of Toronto and Vector Institute;Ilia Shumailov,Vector Institute and University of Oxford;Nicolas Papernot,University of Toronto and Vector Institute;Kassem Fawaz,University of Wisconsin-Madison PDF - video slides
Ultimate SLH: Taking Speculative Load Hardening to the Next Level Zhiyuan Zhang,The University of Adelaide;Gilles Barthe,MPI-SP and IMDEA Software Institute;Chitchanok Chuengsatiansup,The University of Melbourne;Peter Schwabe,MPI-SP and Radboud University;Yuval Yarom,The University of Adelaide PDF - video slides
Understand Users' Privacy Perception and Decision of V2X Communication in Connected Autonomous Vehicles Zekun Cai and Aiping Xiong,The Pennsylvania State University PDF - video -
User Awareness and Behaviors Concerning Encrypted DNS Settings in Web Browsers Alexandra Nisenoff,Carnegie Mellon University and University of Chicago;Ranya Sharma and Nick Feamster,University of Chicago PDF - video slides
V1SCAN: Discovering 1-day Vulnerabilities in Reused C/C++ Open-source Software Components Using Code Classification Techniques Seunghoon Woo, Eunjin Choi, Heejo Lee, and Hakjoo Oh,Korea University PDF - video slides
VeriZexe: Decentralized Private Computation with Universal Setup Alex Luoyuan Xiong,Espresso Systems, National University of Singapore;Binyi Chen and Zhenfei Zhang,Espresso Systems;Benedikt Bünz,Espresso Systems, Stanford University;Ben Fisch,Espresso Systems, Yale University;Fernando Krell and Philippe Camacho,Espresso Systems PDF - video -
Watch your Watch: Inferring Personality Traits from Wearable Activity Trackers Noé Zufferey and Mathias Humbert,University of Lausanne, Switzerland;Romain Tavenard,University of Rennes, CNRS, LETG, France;Kévin Huguenin,University of Lausanne, Switzerland PDF - video -
We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets Sven Hebrok,Paderborn University;Simon Nachtigall,Paderborn University and achelos GmbH;Marcel Maehren and Nurullah Erinola,Ruhr University Bochum;Robert Merget,Technology Innovation Institute and Ruhr University Bochum;Juraj Somorovsky,Paderborn University;Jörg Schwenk,Ruhr University Bochum PDF - video slides
Work-From-Home and COVID-19: Trajectories of Endpoint Security Management in a Security Operations Center Kailani R. Jones and Dalton A. Brucker-Hahn,University of Kansas;Bradley Fidler,Independent Researcher;Alexandru G. Bardas,University of Kansas PDF - video slides
X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection Aishan Liu and Jun Guo,Beihang University;Jiakai Wang,Zhongguancun Laboratory;Siyuan Liang,Chinese Academy of Sciences;Renshuai Tao,Beihang University;Wenbo Zhou,University of Science and Technology of China;Cong Liu,iFLYTEK;Xianglong Liu,Beihang University, Zhongguancun Laboratory, and Hefei Comprehensive National Science Center;Dacheng Tao,JD Explore Academy PDF - video slides
XCheck: Verifying Integrity of 3D Printed Patient-Specific Devices via Computing Tomography Zhiyuan Yu, Yuanhaur Chang, Shixuan Zhai, Nicholas Deily, and Tao Ju,Washington University in St. Louis;XiaoFeng Wang,Indiana University Bloomington;Uday Jammalamadaka,Rice University;Ning Zhang,Washington University in St. Louis PDF - video -
ZBCAN: A Zero-Byte CAN Defense System Khaled Serag, Rohit Bhatia, Akram Faqih, and Muslum Ozgur Ozmen,Purdue University;Vireshwar Kumar,Indian Institute of Technology, Delhi;Z. Berkay Celik and Dongyan Xu,Purdue University PDF - video -