Italian Trulli

ACM CCS 2022

November 7-11, 2022 Los Angeles, U.S.A.

ACCEPTED PAPERS

Title Author
A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks Karel Dhondt (imec-DistriNet; KU Leuven); Victor Le Pochat (imec-DistriNet; KU Leuven); Alexios Voulimeneas (imec-DistriNet; KU Leuven); Wouter Joosen (imec-DistriNet; KU Leuven); Stijn Volckaert (imec-DistriNet; KU Leuven)
A Scalable and Dynamic ACL System for In-Network Defense Changhun Jung (Ewha Womans University); Sian Kim (Ewha Womans University); RhongHo Jang (Wayne State University); David Mohaisen (University of Central Florida); DaeHun Nyang (Ewha Womans University)
A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello Karthikeyan Bhargavan (Inria); Vincent Cheval (Inria); Christopher Wood (Cloudflare)
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music Anomadarshi Barua (University of California; Irvine); Yonatan Gizachew Achamyeleh (University of California; Irvine); Mohammad Abdullah Al Faruque (University of California; Irvine)
AI/ML for Network Security: The Emperor has no Clothes Arthur S. Jacobs (UFRGS); Roman Beltiukov (UCSB); Walter Willinger (NIKSUN Inc.); Ronaldo A. Ferreira (UFMS); Arpit Gupta (UCSB); Lisandro Z. Granville (UFRGS)
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning Vasudev Gohil (Texas A&M University); Hao Guo (Texas A&M University); Satwik Patnaik (Texas A&M University); Jeyavijayan Rajendran (Texas A&M University)
Acquirer: A Hybrid Approach to Detecting Algorithmic Complexity Vulnerabilities Yinxi Liu (The Chinese University of Hong Kong); Wei Meng (The Chinese University of Hong Kong)
Adversarial Correctness and Privacy for Probabilistic Data Structures Mia Filić (ETH Zurich); Kenneth G. Paterson (ETH Zurich); Anupama Unnikrishnan (ETH Zurich); Fernando Virdia (Intel Labs)
Am I Private and If So, how Many? Communicating Privacy Guarantees of Differential Privacy with Risk Communication Formats Daniel Franzen (Freie Universität Berlin); Saskia Nuñez von Voigt (Technische Universität Berlin); Peter Sörries (Freie Universität Berlin); Florian Tschorsch (Technische Universität Berlin; Humboldt-Universität zu Berlin); Claudia Müller-Birn (Freie Universität Berlin)
An Extensive Study of Residential Proxies in China Mingshuo Yang (Shandong University); Yunnan Yu (University at Buffalo); Xianghang Mi (University of Science and Technology of China); Shujun Tang (QI-ANXIN Technology Research Institute); Shanqing Guo (Shandong University); Yilin Li (Shandong University); Xiaofeng Zheng (Tsinghua University); Haixin Duan (Tsinghua University)
AntMan: Interactive Zero-Knowledge Proofs with Sublinear Communication Chenkai Weng (Northwestern University); Kang Yang (State Key Laboratory of Cryptology); Zhaomin Yang (Shanghai Key Laboratory of Privacy-Preserving Computation and MatrixElements Technologies); Xiang Xie (Shanghai Key Laboratory of Privacy-Preserving Computation and MatrixElements Technologies); Xiao Wang (Northwestern University)
Are Attribute Inference Attacks Just Imputation? Bargav Jayaraman (University of Virginia); David Evans (University of Virginia)
Auditing Membership Leakages of Multi-Exit Networks Zheng Li (CISPA Helmholtz Center for Information Security); Yiyong Liu (CISPA Helmholtz Center for Information Security); Xinlei He (CISPA Helmholtz Center for Information Security); Ning Yu (Salesforce Research); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security)
Automatic Detection of Fake Key Attacks in Secure Messaging Tarun Kumar Yadav (Brigham Young University); Devashish Gosain (Max Planck Institute for Informatics); Amir Herzberg (University of Connecticut); Daniel Zappala (Brigham Young University); Kent Seamons (Brigham Young University)
Automatic Detection of Speculative Execution Combinations Xaver Fabian (CISPA Helmholtz Center for Information Security); Marco Guarnieri (IMDEA Software Institute); Marco Patrignani (University of Trento)
Batching, Aggregation, and Zero-Knowledge Proofs in Bilinear Accumulators Shravan Srinivasan (University of Maryland); Ioanna Karantaidou (George Mason University); Foteini Baldimtsi (George Mason University); Charalampos Papamanthou (Yale University)
Behind the Scenes of RPKI Tomas Hlavacek (Fraunhofer SIT; ATHENE); Philipp Jeitner (Fraunhofer SIT; ATHENE); Donika Mirdita (Technische Universität Darmstadt; Fraunhofer SIT; ATHENE); Haya Shulman (Goethe-Universität Frankfurt; Fraunhofer SIT; ATHENE); Michael Waidner (Technische Universität Darmstadt; Fraunhofer SIT; ATHENE)
Blacktooth: Breaking through the Defense of Bluetooth in Silence Mingrui Ai (University of Science and Technology of China); Kaiping Xue (University of Science and Technology of China); Bo Luo (University of Kansas); Lutong Chen (University of Science and Technology of China); Nenghai Yu (University of Science and Technology of China); Qibin Sun (University of Science and Technology of China); Feng Wu (University of Science and Technology of China)
Blazing Fast PSI from Improved OKVS and Subfield VOLE Srinivasan Raghuraman (Visa Research); Peter Rindal (Visa Research)
Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu (The University of Sydney); Qiang Tang (The University of Sydney)
Bullshark: DAG BFT Protocols Made Practical Alexander Spiegelman (Aptos); Neil Giridharan (Berkeley); Alberto Sonnino (Mesten Labs); Lefteris Kokoris-Kogias (IST Austria)
C2C: Fine-grained Configuration-driven System Call Filtering Seyedhamed Ghavamnia (Stony Brook University); Tapti Palit (Purdue University); Michalis Polychronakis (Stony Brook University)
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks Alvise De Faveri Tron (Politecnico di Milano); Stefano Longari (Politecnico di Milano); Michele Carminati (Politecnico di Milano); Mario Polino (Politecnico di Milano); Stefano Zanero (Politecnico di Milano)
CERBERUS: Exploring Federated Prediction of Security Events Mohammad Naseri (University College London); Yufei Han (Inria Rennes); Enrico Mariconti (University College London); Yun Shen (NetApp); Gianluca Stringhini (Boston University); Emiliano De Cristofaro (University College London)
CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation Mengyao Xie (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Chenggang Wu (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences & Zhongguancun Laboratory); Yinqian Zhang (Research Institute of Trustworthy Autonomous Systems; Southern University of Science and Technology & Department of Computer Science and Engineering; Southern University of Science and Technology); Jiali Xu (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Yuanming Lai (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Yan Kang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & University of Chinese Academy of Sciences); Wei Wang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences); Zhe Wang (State Key Lab of Processors; Institute of Computing Technology; Chinese Academy of Sciences & Zhongguancun Laboratory)
CINI MINIS: Domain Isolation for Fault and Combined Security Jakob Feldtkeller (Ruhr University Bochum); Jan Richter-Brockmann (Ruhr University Bochum); Pascal Sasdrich (Ruhr University Bochum); Tim Güneysu (Ruhr University Bochum)
Cache Refinement Type for Side-Channel Detection of Cryptographic Software Ke Jiang (Nanyang Technological University); Yuyan Bao (University of Waterloo); Shuai Wang (Hong Kong University of Science and Technology); Zhibo Liu (Hong Kong University of Science and Technology); Tianwei Zhang (Nanyang Technological University)
Caulk: Lookup Arguments in Sublinear Time Arantxa Zapico (Universitat Pompeu Fabra); Vitalik Buterin (Ethereum Foundation); Dmitry Khovratovich (Ethereum Foundation); Mary Maller (Ethereum Foundation); Anca Nitulescu (Ethereum Foundation); Mark Simkin (Ethereum Foundation)
Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing Dayeol Lee (University of California; Berkeley); Kevin Cheang (University of California; Berkeley); Alexander Thomas (University of California; Berkeley); Catherine Lu (University of California; Berkeley); Pranav Gaddamadugu (University of California; Berkeley); Anjo Vahldiek-Oberwagner (Intel Labs); Mona Vij (Intel Labs); Dawn Song (University of California; Berkeley); Sanjit A. Seshia (University of California; Berkeley); Krste Asanović (University of California; Berkeley)
Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations Tamjid Al Rahat (University of California; Los Angeles); Yu Feng (University of California; Santa Barbara); Yuan Tian (University of California; Los Angeles)
Chaghri - An FHE-friendly Block Cipher Tomer Ashur (Eindhoven University of Technology; KU Leuven); Mohammad Mahzoun (Eindhoven University of Technology); Dilara Toprakhisar (KU Leuven)
Characterizing and Detecting Non-Consensual Photo Sharing on Social Networks Tengfei Zheng (National University of Defense Technology); Tongqing Zhou (National University of Defense Technology); Qiang Liu (National University of Defense Technology); Kui Wu (University of Victoria); Zhiping Cai (National University of Defense Technology)
Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam Siyuan Tang (Indiana University Bloomington); Xianghang Mi (University of Science and Technology of China); Ying Li (Institute of Information Engineering; Chinese Academy of Sciences); XiaoFeng Wang (Indiana University Bloomington); Kai Chen (Institute of Information Engineering; Chinese Academy of Sciences & University of Chinese Academy of Sciences; School of Cyber Security)
Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps Shuai Li (Fudan University); Zhemin Yang (Fudan University); Nan Hua (Fudan University); Peng Liu (The Pennsylvania State University); Xiaohan Zhang (Fudan University); Guangliang Yang (Fudan University); Min Yang (Fudan University)
Constant Latency in Sleepy Consensus Atsuki Momose (University of Illinois at Urbana-Champaign); Ling Ren (University of Illinois at Urbana-Champaign)
Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection Yuqing Yang (The Ohio State University); Yue Zhang (The Ohio State University); Zhiqiang Lin (The Ohio State University)
DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On Louis Jannett (Ruhr University Bochum); Vladislav Mladenov (Ruhr University Bochum); Christian Mainka (Ruhr University Bochum); Jörg Schwenk (Ruhr University Bochum)
DPIS: an Enhanced Mechanism for Differentially Private SGD with Importance Sampling Jianxin Wei (National University of Singapore); Ergute Bao (National University of Singapore); Xiaokui Xiao (National University of Singapore); Yin Yang (Hamad Bin Khalifa University)
DangZero: Efficient Use-After-Free Detection via Direct Page Table Access Floris Gorter (Vrije Universiteit Amsterdam); Koen Koning (Vrije Universiteit Amsterdam); Herbert Bos (Vrije Universiteit Amsterdam); Cristiano Giuffrida (Vrije Universiteit Amsterdam)
Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems Jie Lu (SKLP; Institute of Computing Technology; CAS); Haofeng Li (SKLP; Institute of Computing Technology; CAS); Chen Liu (SKLP; Institute of Computing Technology; CAS); Lian Li (SKLP; Institute of Computing Technology; CAS); Kun Cheng (Huawei Technologies Co. Ltd)
Detecting and Measuring Misconfigured Manifest in Android Apps Yuqing Yang (The Ohio State University); Mohamed Elsabagh (Kryptowire); Chaoshun Zuo (The Ohio State University); Ryan Johnson (Kryptowire); Angelos Stavrou (Kryptowire); Zhiqiang Lin (The Ohio State University)
Differentially Private Triangle and 4-Cycle Counting in the Shuffle Model Jacob Imola (UC San Diego); Takao Murakami (AIST); Kamalika Chaudhuri (UC San Diego)
DirtyCred: Escalating Privilege in Linux Kernel Zhenpeng Lin (Northwestern University); Yuhang Wu (Northwestern University); Xinyu Xing (Northwestern University)
Discovering IoT Physical Channel Vulnerabilities Muslum Ozgur Ozmen (Purdue University); Xuansong Li (Nanjing University of Science and Technology & Nanjing University); Andrew Chu (University of Chicago); Z. Berkay Celik (Purdue University); Bardh Hoxha (Toyota Research Institute North America); Xiangyu Zhang (Purdue University)
Distributed, Private, Sparse Histograms in the Two-Server Model James Bell (Google); Adria Gascon (Google); Badih Ghazi (Google); Ravi Kumar (Google); Pasin Manurangsi (Google); Mariana Raykova (Google); Phillipp Schoppmann (Google)
Do Opt-Outs Really Opt Me Out? Duc Bui (University of Michigan); Brian Tang (University of Michigan); Kang G. Shin (University of Michigan)
Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee Xian Wang (University of Texas at Dallas); Shuang Hao (University of Texas at Dallas)
DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing Seulbae Kim (Georgia Institute of Technology); Major Liu (University of Texas at Dallas); Junghwan "John" Rhee (University of Central Oklahoma); Yuseok Jeon (UNIST); Yonghwi Kwon (University of Virginia); Chung Hwan Kim (University of Texas at Dallas)
Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency Yingzi Gao (Institute of Software Chinese Academy of Sciences; University of Chinese Academy of Sciences); Yuan Lu (Institute of Software Chinese Academy of Sciences); Zhenliang Lu (The University of Sydney); Qiang Tang (The University of Sydney); Jing Xu (Institute of Software Chinese Academy of Sciences); Zhenfeng Zhang (Institute of Software Chinese Academy of Sciences)
EIFFeL: Ensuring Integrity for Federated Learning Amrita Roy Chowdhury (University of Wisconsin-Madison); Chuan Guo (Meta AI); Somesh Jha (University of Wisconsin-Madison); Laurens van der Maaten (Meta AI)
ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes Weili Wang (Southern University of Science and Technology); Sen Deng (Southern University of Science and Technology); Jianyu Niu (Southern University of Science and Technology); Michael K. Reiter (Duke University); Yinqian Zhang (Southern University of Science and Technology)
EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices Cong Wu (Wuhan University); Jing Chen (Wuhan University); Kun He (Wuhan University); Ziming Zhao (University at Buffalo); Ruiying Du (Wuhan University); Chen Zhang (Wuhan University)
Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters Gilad Asharov (Bar-Ilan University); Koki Hamada (NTT Corporation); Dai Ikarashi (NTT Corporation); Ryo Kikuchi (NTT Corporation); Ariel Nof (Technion); Benny Pinkas (Bar-Ilan University); Katsumi Takahashi (NTT Corporation); Junichi Tomida (NTT Corporation)
Efficient Zero-Knowledge Proofs on Signed Data with Applications to Verifiable Computation on Data Streams Dario Fiore (IMDEA Software Institute); Ida Tucker (IMDEA Software Institute)
Eluding Secure Aggregation in Federated Learning via Model Inconsistency Dario Pasquini (SPRING Lab; EPFL); Danilo Francati (Aarhus University); Giuseppe Ateniese (George Mason University)
Empirical Analysis of EIP-1559: Transaction Fees, Waiting Times, and Consensus Security Yulin Liu (SciEcon CIC); Yuxuan Lu (Peking University); Kartik Nayak (Duke University); Fan Zhang (Yale University); Luyao Zhang (Duke Kunshan University); Yinhong Zhao (Duke University)
Enforcing Fine-grained Constant-time Policies Basavesh Ammanaghatta Shivakumar (MPI-SP); Gilles Barthe (MPI-SP and IMDEA Software Institute); Benjamin Gregoire (Inria and Université Côte d'Azur); Vincent Laporte (Université de Lorraine & CNRS & Inria & LORIA); Swarn Priya (Inria & Université Côte d'Azur)
Enhanced Membership Inference Attacks against Machine Learning Models Jiayuan Ye (National University of Singapore (NUS)); Aadyaa Maddi (National University of Singapore (NUS)); Sasi Kumar Murakonda (Privitar Labs); Vincent Bindschaedler (University of Florida); Reza Shokri (National University of Singapore (NUS))
Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications Konstantinos Solomos (University of Illinois at Chicago); Panagiotis Ilia (University of Illinois at Chicago); Nick Nikiforakis (Stony Brook University); Jason Polakis (University of Illinois at Chicago)
Evocatio: Conjuring Bug Capabilities from a Single PoC Zhiyuan Jiang (National University of Defense Technology); Shuitao Gan (SKL-MEAC; Tsinghua University); Adrian Herrera (Australian National University); Flavio Toffalini (EPFL); Lucio Romerio (EPFL); Chaojing Tang (National University of Defense Technology); Manuel Egele (Boston University); Chao Zhang (Tsinghua University; BNRist Zhongguancun Lab); Mathias Payer (EPFL)
Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection Priyanka Dodia (Qatar Computing Research Institute); Mashael AlSabah (Qatar Computing Research Institute); Omar Alrawi (Georgia Institute of Technology); Tao Wang (Simon Fraser University)
FABEO: Fast Attribute-Based Encryption with Optimal Security Doreen Riepel (Ruhr-Universität Bochum); Hoeteck Wee (NTT Research)
Fast Fully Oblivious Compaction and Shuffling Sajin Sasy (University of Waterloo); Aaron Johnson (U.S. Naval Research Laboratory); Ian Goldberg (University of Waterloo)
Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority Anders Dalskov (Partisia); Daniel Escudero (J.P. Morgan AI Research); Ariel Nof (Technion)
FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs Fabian Schwarz (CISPA Helmholtz Center for Information Security); Khue Do (CISPA Helmholtz Center for Information Security); Gunnar Heide (CISPA Helmholtz Center for Information Security); Lucjan Hanzlik (CISPA Helmholtz Center for Information Security); Christian Rossow (CISPA Helmholtz Center for Information Security)
Feature Inference Attack on Shapley Values Xinjian Luo (National University of Singapore); Yangfan Jiang (National University of Singapore); Xiaokui Xiao (National University of Singapore)
Federated Boosted Decision Trees with Differential Privacy Samuel Maddock (University of Warwick); Graham Cormode (Meta AI); Tianhao Wang (University of Virginia); Carsten Maple (University of Warwick); Somesh Jha (University of Wisconsin-Madison)
FenceSitter: Black-box, Content-Agnostic, and Synchronization-Free Enrollment-Phase Attacks on Speaker Recognition Systems Jiangyi Deng (Zhejiang University); Yanjiao Chen (Zhejiang University); Wenyuan Xu (Zhejiang University)
Feta: Efficient Threshold Designated-Verifier Zero-Knowledge Proofs Carsten Baum (Aarhus University); Robin Jadoul (KU Leuven); Emmanuela Orsini (KU Leuven); Peter Scholl (Aarhus University); Nigel P. Smart (KU Leuven)
Finding MNEMON: Reviving Memories of Node Embeddings Yun Shen (NetApp); Yufei Han (Inria); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Min Chen (CISPA Helmholtz Center for Information Security); Ting Yu (QCRI); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security); Gianluca Stringhini (Boston University)
Foundations of Coin Mixing Services Noemi Glaeser (University of Maryland & Max Planck Institute for Security and Privacy); Matteo Maffei (TU Wien & Christian Doppler Laboratory Blockchain Technologies for the Internet of Things); Giulio Malavolta (Max Planck Institute for Security and Privacy); Pedro Moreno-Sanchez (IMDEA Software Institute); Erkan Tairi (TU Wien & Christian Doppler Laboratory Blockchain Technologies for the Internet of Things); Sri Aravinda Krishnan Thyagarajan (Carnegie Mellon University)
Freely Given Consent? Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps Trung Tin Nguyen (CISPA Helmholtz Center for Information Security; Saarland University); Michael Backes (CISPA Helmholtz Center for Information Security); Ben Stock (CISPA Helmholtz Center for Information Security)
Frequency Estimation in the Shuffle Model with Almost a Single Message Qiyao Luo (Hong Kong University of Science and Technology); Yilei Wang (Alibaba Group); Ke YI (Hong Kong University of Science and Technology)
Frequency Throttling Side-Channel Attack Chen Liu (Intel Corporation); Abhishek Chakraborty (Intel Corporation); Nikhil Chawla (Intel Corporation); Neer Roggel (Intel Corporation)
GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy Bernardo David (ITU); Bernardo Magri (The University of Manchester); Christian Matt (Concordium); Jesper Buus Nielsen (Concordium Blockchain Research Center; Aarhus University); Daniel Tschudi (Concordium)
Graph Unlearning Min Chen (CISPA Helmholtz Center for Information Security); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Tianhao Wang (University of Virginia); Michael Backes (CISPA Helmholtz Center for Information Security); Mathias Humbert (University of Lausanne); Yang Zhang (CISPA Helmholtz Center for Information Security)
Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing Junxian Shen (Tsinghua University & Zhongguancun Laboratory); Han Zhang (Tsinghua University & Zhongguancun Laboratory); Yantao Geng (Tsinghua University & Zhongguancun Laboratory); Jiawei Li (Tsinghua University); Jilong Wang (Tsinghua University & Peng Cheng Laboratory); Mingwei Xu (Tsinghua University & Peng Cheng Laboratory)
Group Property Inference Attacks Against Graph Neural Networks Xiuling Wang (Stevens Institute of Technology); Wendy Hui Wang (Stevens Institute of Technology)
HammerScope: Observing DRAM Power Consumption Using Rowhammer Yaakov Cohen (Ben-Gurion University of the Negev & Intel Corporation); Kevin Sam Tharayil (Georgia Institute of Technology); Arie Haenel (Jerusalem College of Technology & Intel Corporation); Daniel Genkin (Georgia Institute of Technology); Angelos D. Keromytis (Georgia Institute of Technology); Yossi Oren (Ben-Gurion University of the Negev & Intel Corporation); Yuval Yarom (University of Adelaide)
Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies James Larisch (Harvard University); Waqar Aqeel (Duke University); Michael Lum (University of Maryland); Yaelle Goldschlag (University of Maryland); Leah Kannan (University of Maryland); Kasra Torshizi (University of Maryland); Yujie Wang (University of Maryland); Taejoong Chung (Virginia Tech); Dave Levin (University of Maryland); Bruce M. Maggs (Duke University & Emerald Innovations); Alan Mislove (Northeastern University); Bryan Parno (Carnegie Mellon University); Christo Wilson (Northeastern University)
Harnessing Perceptual Adversarial Patches for Crowd Counting Shunchang Liu (Beihang University); Jiakai Wang (Zhongguancun Laboratory); Aishan Liu (Beihang University); Yingwei Li (Johns Hopkins University); Yijie Gao (Beihang University); Xianglong Liu (Beihang University); Dacheng Tao (JD Explore Academy & The University of Sydney)
HeatDeCam: Detecting Hidden Spy Cameras via Thermal Emissions Zhiyuan Yu (Washington University in St. Louis); Zhuohang Li (University of Tennessee; Knoxville); Yuanhaur Chang (Washington University in St. Louis); Skylar Fong (Washington University in St. Louis); Jian Liu (University of Tennessee; Knoxville); Ning Zhang (Washington University in St. Louis)
Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud Xinyang Ge (Microsoft Research); Hsuan-Chi Kuo (University of Illinois Urbana-Champaign); Weidong Cui (Microsoft Research)
Helping or Hindering? How Browser Extensions Undermine Security Shubham Agarwal (CISPA Helmholtz Center for Information Security)
Hidden in Plain Sight: Exploring Encrypted Channels in Android apps Sajjad Pourali (Concordia University); Nayanamana Samarasinghe (Concordia University); Mohammad Mannan (Concordia University)
How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum Keitaro Hashimoto (Tokyo Institute of Technology & AIST); Shuichi Katsumata (AIST & PQShield Ltd.); Thomas Prest (PQShield SAS)
HyperDbg: Reinventing Hardware-Assisted Debugging Mohammad Sina Karvandi (Institute For Research In Fundamental Sciences (IPM)); MohammadHosein Gholamrezaei (Chosun University); Saleh Khalaj Monfared (Worcester Polytechnic Institute); Soroush Meghdadizanjani (Stony Brook University); Behrooz Abbassi (HyperDbg Organization); Ali Amini (HyperDbg Organization); Reza Mortazavi (Damghan University); Saeid Gorgin (Chosun University); Dara Rahmati (Shahid Beheshti University); Michael Schwarz (CISPA Helmholtz Center for Information Security)
I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior Penghui Zhang (Arizona State University); Zhibo Sun (Drexel University); Sukwha Kyung (Arizona State University); Hans Walter Behrens (Arizona State University); Zion Leonahenahe Basque (Arizona State University); Haehyun Cho (Soongsil University); Adam Oest (PayPal; Inc.); Ruoyu Wang (Arizona State University); Tiffany Bao (Arizona State University); Yan Shoshitaishvili (Arizona State University); Gail-Joon Ahn (Arizona State University); Adam Doupé (Arizona State University)
Ibex: Privacy-preserving Ad Conversion Tracking and Bidding Ke Zhong (University of Pennsylvania); Yiping Ma (University of Pennsylvania); Sebastian Angel (University of Pennsylvania & Microsoft Research)
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation Zayd Hammoudeh (University of Oregon); Daniel Lowd (University of Oregon)
Improving Line-Point Zero Knowledge: Two Multiplications for the Price of One Samuel Dittmer (Stealth Software Technologies; Inc.); Yuval Ishai (Technion - Israel Institute of Technology); Steve Lu (Stealth Software Technologies; Inc.); Rafail Ostrovsky (University of California; Los Angeles)
InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution Shihan Lin (Duke University); Rui Xin (Duke University); Aayush Goel (Cupertino High School); Xiaowei Yang (Duke University)
JIT-Picking: Differential Fuzzing of JavaScript Engines Lukas Bernhard (Ruhr University Bochum); Tobias Scharnowski (Ruhr University Bochum); Moritz Schloegel (Ruhr University Bochum); Tim Blazytko (Ruhr University Bochum); Thorsten Holz (CISPA Helmholtz Center for Information Security)
Kryvos: Publicly Tally-Hiding Verifiable E-Voting Nicolas Huber (University of Stuttgart); Ralf Küsters (University of Stuttgart); Toomas Krips (University of Tartu); Julian Liedtke (University of Stuttgart); Johannes Müller (University of Luxembourg); Daniel Rausch (University of Stuttgart); Pascal Reisert (University of Stuttgart); Andreas Vogt (University of Applied Sciences and Arts Northwestern Switzerland)
L-SRR: Local Differential Privacy for Location-Based Services with Staircase Randomized Response Han Wang (Illinois Institute of Technology); Hanbin Hong (Illinois Institute of Technology); Li Xiong (Emory University); Zhan Qin (Zhejiang University); Yuan Hong (Illinois Institute of Technology & University of Connecticut)
LPGNet: Link Private Graph Networks for Node Classification Aashish Kolluri (National University of Singapore); Teodora Baluta (National University of Singapore); Bryan Hooi (National University of Singapore); Prateek Saxena (National University of Singapore)
Laconic Private Set-Intersection From Pairings Diego F. Aranha (Aarhus University); Chuanwei Lin (Aarhus University); Claudio Orlandi (Aarhus University); Mark Simkin (Ethereum Foundation)
Leakage Inversion: Towards Quantifying Privacy in Searchable Encryption Evgenios M. Kornaropoulos (George Mason University); Nathaniel Moyer (George Mason University); Charalampos Papamanthou (Yale University); Alexandros Psomas (Purdue University)
Leakage and Tamper Resilient Permutation-Based Cryptography Christoph Dobraunig (Graz University of Technology and Lamarr Security Research); Bart Mennink (Digital Security Group; Radboud University); Robert Primas (Graz University of Technology)
LibAFL: A Framework to Build Modular and Reusable Fuzzers Andrea Fioraldi (EURECOM); Dominik Maier (Google Inc.); Dongjia Zhang (The University of Tokyo); Davide Balzarotti (EURECOM)
Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API Xiao Han (University of South Florida); Junjie Xiong (University of South Florida); Wenbo Shen (Zhejiang University); Zhuo Lu (University of South Florida); Yao Liu (University of South Florida)
LoneNeuron: a Highly-Effective Feature-Domain Neural Trojan Using Invisible and Polymorphic Watermarks Zeyan Liu (The University of Kansas); Fengjun Li (The University of Kansas); Zhu Li (University of Missouri-Kansas City); Bo Luo (The University of Kansas)
Low-Latency Hardware Private Circuits David Knichel (Ruhr University Bochum); Amir Moradi (University of Cologne)
MC^2: Rigorous and Efficient Directed Greybox Fuzzing Abhishek Shah (Columbia University); Dongdong She (Columbia University); Samanway Sadhu (Columbia University); Krish Singal (Columbia University); Peter Coffman (Columbia University); Suman Jana (Columbia University)
META-BTS: Bootstrapping Precision Beyond the Limit Youngjin Bae (CryptoLab. Inc.); Jung Hee Cheon (The Seoul National University/CryptoLab. Inc.); Wonhee Cho (The Seoul National University); Jaehyung Kim (CryptoLab. Inc.); Taekyung Kim (CryptoLab. Inc.)
Matproofs: Maintainable Matrix Commitment with Efficient Aggregation Jing Liu (ShanghaiTech University); Liang Feng Zhang (ShanghaiTech University)
Membership Inference Attacks and Generalization: A Causal Perspective Teodora Baluta (National University of Singapore); Shiqi Shen (National University of Singapore); S. Hitarth (National University of Singapore); Shruti Tople (National University of Singapore); Prateek Saxena (National University of Singapore)
Membership Inference Attacks by Exploiting Loss Trajectory Yiyong Liu (CISPA Helmholtz Center for Information Security); Zhengyu Zhao (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security)
MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware Zitai Chen (University of Birmingham); Sam L. Thomas (BINARLY); Flavio D. Garcia (University of Birmingham)
Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels Ahmad Ibrahim (CISPA Helmholtz Center for Information Security); Hamed Nemati (Stanford University and CISPA Helmholtz Center for Information Security); Till Schlüter (CISPA Helmholtz Center for Information Security); Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security); Christian Rossow (CISPA Helmholtz Center for Information Security)
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications Jan Wichelmann (University of Lübeck); Florian Sieck (University of Lübeck); Anna Pätschke (University of Lübeck); Thomas Eisenbarth (University of Lübeck)
Minotaur: Multi-Resource Blockchain Consensus Matthias Fitzi (IOG); Xuechao Wang (University of Illinois Urbana-Champaign); Sreeram Kannan (University of Washington; Seattle); Aggelos Kiayias (University of Edinburgh and IOG); Nikos Leonardos (University of Athens); Pramod Viswanath (Princeton University); Gerui Wang (Beijing Academy of Blockchain and Edge Computing)
NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms Xiaoyu Fan (Tsinghua University); Kun Chen (Tsingjiao Information Technology Co. Ltd.); Guosai Wang (Tsingjiao Information Technology Co. Ltd.); Mingchun Zhuang (Beijing University of Posts and Telecommunications); Yi Li (Tsingjiao Information Technology Co. Ltd.); Wei Xu (Tsinghua University)
NTRU-u-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus Kamil Kluczniak (CISPA Helmholtz Center for Information Security)
Narrator: Secure and Practical State Continuity for Trusted Execution in the Cloud Jianyu Niu (Southern University of Science and Technology); Wei Peng (Southern University of Science and Technology); Xiaokuan Zhang (George Mason University); Yinqian Zhang (Southern University of Science and Technology)
NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications Konstantin Taranov (ETH Zurich); Benjamin Rothenberger (ETH Zurich); Daniele De Sensi (ETH Zurich); Adrian Perrig (ETH Zurich); Torsten Hoefler (ETH Zurich)
Non-Distinguishable Inconsistencies as a Deterministic Oracle for Detecting Security Bugs Qingyang Zhou (University of Minnesota); Qiushi Wu (University of Minnesota); Dinghao Liu (Zhejiang University); Shouling Ji (Zhejiang University); Kangjie Lu (University of Minnesota)
On the (In)Security of Secure ROS2 Gelei Deng (Nanyang Technological University); Guowen Xu (Nanyang Technological University); Yuan Zhou (Nanyang Technological University); Tianwei Zhang (Nanyang Technological University); Yang Liu (Nanyang Technological University)
On the Adaptive Security of the Threshold BLS Signature Scheme Renas Bacho (CISPA Helmoltz Center for Information Security); Julian Loss (CISPA Helmoltz Center for Information Security)
On the Privacy Risks of Cell-Based NAS Architectures Hai Huang (CISPA Helmholtz Center for Information Security); Zhikun Zhang (CISPA Helmholtz Center for Information Security); Yun Shen (NetApp); Michael Backes (CISPA Helmholtz Center for Information Security); Qi Li (Tsinghua University; Zhongguancun Lab); Yang Zhang (CISPA Helmholtz Center for Information Security)
On the Success Rate of Side-Channel Attacks on Masked Implementations Akira Ito (NTT Social Informatics Laboratories); Rei Ueno (Tohoku University); Naofumi Homma (Tohoku University)
Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models Jiawei Liu (Wuhan University); Yangyang Kang (Alibaba Group); Di Tang (Indiana University Bloomington); Kaisong Song (Northeastern University & Alibaba Group); Changlong Sun (Alibaba Group); Xiaofeng Wang (Indiana University Bloomington); Wei Lu (Wuhan University); Xiaozhong Liu (Worcester Polytechnic Institute)
Overo: Sharing Private Audio Recordings Jaemin Lim (Hanyang University); Kiyeon Kim (Hanyang University); Hyunwoo Yu (Hanyang University); Suk-Bok Lee (Hanyang University)
P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies Ze Jin (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Indiana University Bloomington); Luyi Xing (Indiana University Bloomington); Yiwei Fang (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Indiana University Bloomington); Yan Jia (Nankai University); Bin Yuan (HuaZhong University of Science and Technology); Qixu Liu (Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences)
PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement Haibin Zhang (Beijing Institute of Technology); Sisi Duan (Tsinghua University)
PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication Yuan Li (Tsinghua University); Wende Tan (Tsinghua University); Zhizheng Lv (Tsinghua University); Songtao Yang (Tsinghua University); Mathias Payer (EPFL); Ying Liu (Tsinghua University; Zhongguancun Lab); Chao Zhang (Tsinghua University; Zhongguancun Lab; BNRist)
PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies Aggelos Kiayias (The University of Edinburgh & IOG); Markulf Kohlweiss (The University of Edinburgh & IOG); Amirreza Sarencheh (The University of Edinburgh & IOG)
PSI from Ring-OLE Wutichai Chongchitmate (Chulalongkorn University); Yuval Ishai (Technion); Steve Lu (Stealth Software Technologies; Inc.); Rafail Ostrovsky (University of California; Los Angeles)
PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability Jun Zeng (National University of Singapore); Chuqi Zhang (National University of Singapore); Zhenkai Liang (National University of Singapore)
PentaGOD: Stepping beyond Traditional GOD with Five Parties Nishat Koti (Indian Institute of Science); Varsha Bhat Kukkala (Indian Institute of Science); Arpita Patra (Indian Institute of Science); Bhavish Raj Gopal (Indian Institute of Science)
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception Rui Duan (University of South Florida); Zhe Qu (University of South Florida); Shangqing Zhao (University of Oklahoma); Leah Ding (American University); Yao Liu (University of South Florida); Zhuo Lu (University of South Florida)
Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT Xin'an Zhou (University of California; Riverside); Jiale Guan (Indiana University Bloomington); Luyi Xing (Indiana University Bloomington); Zhiyun Qian (University of California; Riverside)
Phishing URL Detection: A Network-based Approach Robust to Evasion Taeri Kim (Hanyang University); Noseong Park (Yonsei University); Jiwon Hong (Hanyang University); Sang-Wook Kim (Hanyang University)
Physical Hijacking Attacks against Object Trackers Raymond Muller (Purdue University); Yanmao Man (University of Arizona); Z. Berkay Celik (Purdue University); Ming Li (University of Arizona); Ryan Gerdes (Virginia Tech)
Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation Karl Wüst (CISPA Helmholtz Center for Information Security); Kari Kostiainen (ETH Zurich); Noah Delius (ETH Zurich); Srdjan Capkun (ETH Zurich)
Poirot: Probabilistically Recommending Protections for the Android Framework Zeinab El-Rewini (University of Waterloo); Zhuo Zhang (Purdue University); Yousra Aafer (University of Waterloo)
Post Quantum Noise Yawning Angel (Oasis Labs); Benjamin Dowling (University of Sheffield); Andreas Hülsing (TU Eindhoven); Peter Schwabe (MPI-SP); Florian Weber (TU Eindhoven)
Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models Shawn Shan (University of Chicago); Wenxin Ding (University of Chicago); Emily Wenger (University of Chicago); Haitao Zheng (University of Chicago); Ben Y. Zhao (University of Chicago)
Power Contracts: Provably Complete Power Leakage Models for Processors Roderick Bloem (Graz University of Technology); Barbara Gigerl (Graz University of Technology); Marc Gourjon (Hamburg University of Technology); Vedad Hadžić (Graz University of Technology); Stefan Mangard (Graz University of Technology); Robert Primas (Graz University of Technology)
Practical Settlement Bounds for Proof-of-Work Blockchains Peter Gaži (IOG); Ling Ren (University of Illinois at Urbana-Champaign); Alexander Russell (University of Connecticut & IOG)
Practical Volume-Hiding Encrypted Multi-Maps with Optimal Overhead and Beyond Jianfeng Wang (Xidian University); Shi-Feng Sun (Shanghai Jiao Tong University); Tianci Li (Xidian University); Saiyu Qi (Xi’an Jiao Tong University); Xiaofeng Chen (Xidian University)
Practical, Round-Optimal Lattice-Based Blind Signatures Shweta Agrawal (IIT Madras); Elena Kirshanova (Technology Innovation Institute; I. Kant BFU); Damien Stehlé (ENS de Lyon and Institut Universitaire de France); Anshu Yadav (IIT Madras)
Privacy Limitations of Interest-based Advertising on The Web: A Post-mortem Empirical Analysis of Google's FLoC Alex Berke (MIT Media Lab); Dan Calacci (MIT Media Lab)
Private and Reliable Neural Network Inference Nikola Jovanović (ETH Zurich); Marc Fischer (ETH Zurich); Samuel Steffen (ETH Zurich); Martin Vechev (ETH Zurich)
Proof-of-Possession for KEM Certificates using Verifiable Generation Tim Güneysu (Ruhr University Bochum; Horst Görtz Institute for IT-Security & DFKI GmbH; Cyber-Physical Systems); Philip Hodges (University of Waterloo); Georg Land (Ruhr University Bochum; Horst Görtz Institute for IT-Security & DFKI GmbH; Cyber-Physical Systems); Mike Ounsworth (Entrust); Douglas Stebila (University of Waterloo); Greg Zaverucha (Microsoft Research)
Protecting Critical Inter-Domain Communication through Flyover Reservations Marc Wyss (ETH Zurich); Giacomo Giuliari (ETH Zurich); Jonas Mohler (ETH Zurich); Adrian Perrig (ETH Zurich)
Proving UNSAT in Zero Knowledge Ning Luo (Yale University); Timos Antonopoulos (Yale University); William R. Harris (Google LLC); Ruzica Piskac (Yale University); Eran Tromer (Columbia University); Xiao Wang (Northwestern University)
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems Ana-Maria Crețu (Imperial College London); Florimond Houssiau (The Alan Turing Institute); Antoine Cully (Imperial College London); Yves-Alexandre de Montjoye (Imperial College London)
ROAST: Robust Asynchronous Schnorr Threshold Signatures Tim Ruffing (Blockstream); Viktoria Ronge (Friedrich-Alexander-Universität Erlangen-Nürnberg); Elliott Jin (Blockstream); Jonas Schneider-Bensch (CISPA Helmholtz Center for Information Security); Dominique Schröder (Friedrich-Alexander-Universität Erlangen-Nürnberg)
Ready Raider One: Exploring the Misuse of Cloud Gaming Services Guannan Liu (Virginia Tech); Daiping Liu (Palo Alto Networks; Inc. ); Shuai Hao (Old Dominion University); Xing Gao (University of Delaware); Kun Sun (George Mason University); Haining Wang (Virginia Tech)
RedShift: Transparent SNARKs from List Polynomial Commitments Assimakis A. Kattis (New York University); Konstantin Panarin (Matter Labs); Alexander Vlasov (Matter Labs)
Reinforced Concrete: A Fast Hash Function for Verifiable Computation Lorenzo Grassi (Radboud University); Dmitry Khovratovich (Dusk Network); Reinhard Lüftenegger (Graz University of Technology); Christian Rechberger (Graz University of Technology); Markus Schofnegger (Graz University of Technology); Roman Walch (Graz University of Technology;Know-Center GmbH)
SFuzz: Slice-based Fuzzing for Real-Time Operating Systems Libo Chen (Shandong University); Quanpu Cai (Shanghai Jiao Tong University); Zhenbang Ma (QI-ANXIN Technology Research Institute); Yanhao Wang (QI-ANXIN Technology Research Institute); Hong Hu (Pennsylvania State University); Minghang Shen (Tencent Security Xuanwu Lab); Yue Liu (QI-ANXIN Technology Research Institute); Shanqing Guo (Shandong University); Haixin Duan (Tsinghua University); Kaida Jiang (Shanghai Jiao Tong University); Zhi Xue (Shanghai Jiao Tong University)
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders Tianshuo Cong (Institute for Advanced Study; BNRist; Tsinghua University); Xinlei He (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholtz Center for Information Security)
STAR: Secret Sharing for Private Threshold Aggregation Reporting Alex Davidson (Brave Software); Peter Snyder (Brave Software); E. B. Quirk (Brave Software); Joseph Genereux (Brave Software); Benjamin Livshits (Imperial College); Hamed Haddadi (Brave Software & Imperial College)
Second-Order Low-Randomness d+1 Hardware Sharing of the AES Siemen Dhooghe (KU Leuven/ COSIC-imec); Aein Rezaei Shahmirzadi (Ruhr University Bochum; Horst Gortz Institute for IT Security); Amir Moradi (Ruhr University Bochum; Horst Gortz Institute for IT Security)
Secret-Shared Joins with Multiplicity from Aggregation Trees Saikrishna Badrinarayanan (Snap); Sourav Das (UIUC); Gayathri Garimella (Oregon State University); Srinivasan Raghuraman (Visa Research); Peter Rindal (Visa Research)
Secure Auctions in the Presence of Rational Adversaries Chaya Ganesh (Indian Institute of Science); Bhavana Kanukurthi (Indian Institute of Science); Girisha Shankar (Indian Institute of Science)
Secure Parallel Computation on Privately Partitioned Data and Applications Nuttapong Attrapadung (AIST); Hiraku Morita (University of St. Gallen); Kazuma Ohara (AIST); Jacob C. N. Schuldt (AIST); Tadanori Teruya (AIST); Kazunari Tozawa (University of Tokyo)
Securing Reset Operations in NISQ Quantum Computers Allen Mi (Yale University); Shuwen Deng (Yale University); Jakub Szefer (Yale University)
Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics Thomas Humphries (University of Waterloo); Rasoul Akhavan Mahdavi (University of Waterloo); Shannon Veitch (University of Waterloo); Florian Kerschbaum (University of Waterloo)
Server-Aided Continuous Group Key Agreement Joël Alwen (AWS-Wickr); Dominik Hartmann (Ruhr University Bochum); Eike Kiltz (Ruhr University Bochum); Marta Mularczyk (AWS-Wickr)
Sharp: Short Relaxed Range Proofs Geoffroy Couteau (CNRS; IRIF; Université Paris Cité); Dahmun Goudarzi (Unaffiliated); Michael Klooß (Karlsruhe Institute of Technology; KASTEL); Michael Reichle (DIENS; École normale supérieure; PSL University; CNRS; INRIA)
Shifted Inverse: A General Mechanism for Monotonic Functions under User Differential Privacy Juanru Fang (Hong Kong University of Science and Technology); Wei Dong (Hong Kong University of Science and Technology); Ke Yi (Hong Kong University of Science and Technology)
Shorter Signatures Based on Tailor-Made Minimalist Symmetric-Key Crypto Christoph Dobraunig (Lamarr Security Research); Daniel Kales (Graz University of Technology); Christian Rechberger (Graz University of Technology); Markus Schofnegger (Graz University of Technology); Greg Zaverucha (Microsoft Research)
Sigstore: Software Signing for Everybody Zachary Newman (Chainguard); John Speed Meyers (Chainguard); Santiago Torres-Arias (Purdue University)
Sleepy Channels: Bi-directional Payment Channels without Watchtowers Lukas Aumayr (TU Wien); Sri AravindaKrishnan Thyagarajan (Carnegie Mellon University); Giulio Malavolta (Max Planck Institute for Security and Privacy); Pedro Moreno-Sanchez (IMDEA Software Institute); Matteo Maffei (Christian Doppler Laboratory Blockchain Technologies for the Internet of Things & TU Wien)
SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering Kelong Cong (KU Leuven); Debajyoti Das (KU Leuven); Jeongeun Park (KU Leuven); Hilder V.L. Pereira (KU Leuven)
SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities Jaewon Hur (Seoul National University); Suhwan Song (Seoul National University); Sunwoo Kim (Samsung Research); Byoungyoung Lee (Seoul National University)
SpecPatch: Human-In-The-Loop Adversarial Audio Spectrogram Patch Attack on Speech Recognition Hanqing Guo (Michigan State University); Yuanda Wang (Michigan State University); Nikolay Ivanov (Michigan State University); Li Xiao (Michigan State University); Qiben Yan (Michigan State University)
Squirrel: Efficient Synchronized Multi-Signatures from Lattices Nils Fleischhacker (Ruhr University Bochum); Mark Simkin (Ethereum Foundation); Zhenfei Zhang (Ethereum Foundation)
StolenEncoder: Stealing Pre-trained Encoders in Self-supervised Learning Yupei Liu (Duke University); Jinyuan Jia (Duke University); Hongbin Liu (Duke University); Neil Gong (Duke University)
Strengthening Order Preserving Encryption with Differential Privacy Amrita Roy Chowdhury (University of Wisconsin-Madison); Bolin Ding (Alibaba Group); Somesh Jha (University of Wisconsin-Madison); Weiran Liu (Alibaba Group); Jingren Zhou (Alibaba Group)
StrongBox: A GPU TEE on Arm Endpoints Yunjie Deng (Southern University of Science and Technology); Chenxu Wang (Southern University of Science and Technology; The Hong Kong Polytechnic University); Shunchang Yu (Southern University of Science and Technology); Shiqing Liu (Southern University of Science and Technology); Zhenyu Ning (Hunan University; Southern University of Science and Technology); Kevin Leach (Vanderbilt University); Jin Li (Guangzhou University); Shoumeng Yan (Ant Group); Zhengyu He (Ant Group); Jiannong Cao (The Hong Kong Polytechnic University); Fengwei Zhang (Southern University of Science and Technology)
Succinct Zero Knowledge for Floating Point Computations Sanjam Garg (UC Berkeley & NTT Research); Abhishek Jain (Johns Hopkins University); Zhengzhong Jin (Johns Hopkins University); Yinuo Zhang (UC Berkeley)
Succinct Zero-Knowledge Batch Proofs for Set Accumulators Matteo Campanelli (Protocol Labs); Dario Fiore (IMDEA Software Institute); Semin Han (Hanyang University); Jihye Kim (Kookmin University); Dimitris Kolonelos (IMDEA Software Institute & Universidad Politécnica de Madrid); Hyunok Oh (Hanyang University)
SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings Xin Jin (The Ohio State University); Kexin Pei (Columbia University); Jun Yeon Won (The Ohio State University); Zhiqiang Lin (The Ohio State University)
TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications Changhua Luo (The Chinese University of Hong Kong); Penghui Li (The Chinese University of Hong Kong); Wei Meng (The Chinese University of Hong Kong)
TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities Wooseok Kang (KAIST); Byoungho Son (POSTECH); Kihong Heo (KAIST)
The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning Chris McMahon Stone (University of Birmingham); Sam L. Thomas (BINARLY); Mathy Vanhoef (KU Leuven); James Henderson (University of Birmingham); Nicolas Bailluet (École Normale Supérieure); Tom Chothia (University of Birmingham)
The Generals' Scuttlebutt: Byzantine-Resilient Gossip Protocols Sandro Coretti (IOG); Aggelos Kiayias (University of Edinburgh & IOG); Alexander Russell (University of Connecticut & IOG); Cristopher Moore (Santa Fe Institute)
The Multi-User Security of Triple Encryption, Revisited: Exact Security, Strengthening, and Application to TDES Yusuke Naito (Mitsubishi Electric Corporation); Yu Sasaki (NTT Social Informatics Laboratories); Takeshi Sugawara (The University of Electro-Communications); Kan Yasuda (NTT Social Informatics Laboratories)
Themis: An On-Site Voting System with Systematic Cast-as-intended Verification and Partial Accountability Mikael Bougon (IDEMIA); Hervé Chabanne (IDEMIA); Véronique Cortier (Université de Lorraine; Inria; CNRS); Alexandre Debant (Université de Lorraine; Inria; CNRS); Emmanuelle Dottax (IDEMIA); Jannik Dreier (Université de Lorraine; Inria; CNRS); Pierrick Gaudry (Université de Lorraine; Inria; CNRS); Mathieu Turuani (Université de Lorraine; Inria; CNRS)
Thora: Atomic and Privacy-Preserving Multi-Channel Updates Lukas Aumayr (TU Wien); Kasra Abbaszadeh (University of Maryland); Matteo Maffei (Christian Doppler Laboratory Blockchain Technologies for the Internet of Things & TU Wien)
Threshold Cryptography as a Service (in the Multiserver and YOSO Models) Fabrice Benhamouda (Algorand Foundation); Shai Halevi (Algorand Foundation); Hugo Krawczyk (Algorand Foundation); Alex Miao (Unaffiliated); Tal Rabin (Algorand Foundation)
TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals Soundarya Ramesh (National University of Singapore); Ghozali Suhariyanto Hadi (National University of Singapore); Sihun Yang (Yonsei University); Mun Choon Chan (National University of Singapore); Jun Han (Yonsei University)
Tidy: Symbolic Verification of Timed Cryptographic Protocols Gilles Barthe (MPI-SP & IMDEA Software Institute); Ugo Dal Lago (University of Bologna & INRIA Sophia Antipolis); Giulio Malavolta (MPI-SP); Itsaka Rakotonirina (MPI-SP)
Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications Yue Duan (Illinois Institute of Technology); Xin Zhao (Nanjing University); Yu Pan (University of Utah); Shucheng Li (Nanjing University); Minghao Li (Harvard University); Fengyuan Xu (National Key Lab for Novel Software Technology; Nanjing University); Mu Zhang (University of Utah)
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets Florian Tramer (ETH Zürich); Reza Shokri (National University of Singapore); Ayrton San Joaquin (Yale-NUS College); Hoang Le (Oregon State University); Matthew Jagielski (Google); Sanghyun Hong (Oregon State University); Nicholas Carlini (Google)
TurboPack: Honest Majority MPC with Constant Online Communication Daniel Escudero (J.P. Morgan AI Research); Vipul Goyal (Carnegie Mellon University); Antigoni Polychroniadou (J.P. Morgan AI Research); Yifan Song (Carnegie Mellon University)
Two-Client Inner-Product Functional Encryption with an Application to Money-Laundering Detection Paola de Perthuis (Cosmian; DIENS; ENS/PSL; CNRS; INRIA); David Pointcheval (DIENS; ENS/PSL; CNRS; INRIA)
Uncovering Intent based Leak of Sensitive Data in Android Framework Hao Zhou (The Hong Kong Polytechnic University); Xiapu Luo (The Hong Kong Polytechnic University); Haoyu Wang (Huazhong University of Science and Technology); Haipeng Cai (Washington State University; Pullman)
Understanding IoT Security from a Market-Scale Perspective Xin Jin (The Ohio State University); Sunil Manandhar (IBM T.J. Watson Research Center); Kaushal Kafle (William & Mary); Zhiqiang Lin (The Ohio State University); Adwait Nadkarni (William & Mary)
Understanding Real-world Threats to Deep Learning Models in Android Apps Zizhuang Deng (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Kai Chen (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences & Beijing Academy of Artificial Intelligence); Guozhu Meng (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Xiaodong Zhang (SKLOIS; Institute of Information Engineering; Chinese Academy of Sciences & School of Cyber Security; University of Chinese Academy of Sciences); Ke Xu (Huawei International Pte Ltd); Yao Cheng (Huawei International Pte Ltd)
Understanding Security Issues in the NFT Ecosystem Dipanjan Das (University of California; Santa Barbara); Priyanka Bose (University of California; Santa Barbara); Nicola Ruaro (University of California; Santa Barbara); Christopher Kruegel (University of California; Santa Barbara); Giovanni Vigna (University of California; Santa Barbara)
Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem Feng Xiao (Georgia Institute of Technology); Zheng Yang (Georgia Institute of Technology); Joey Allen (Georgia Institute of Technology); Guangliang Yang (Fudan University); Grant Williams (Georgia Institute of Technology); Wenke Lee (Georgia Institute of Technology)
Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition Kelsey R. Fulton (University of Maryland); Daniel Votipka (Tufts University); Desiree Abrokwa (University of Maryland); Michelle L. Mazurek (University of Maryland); Michael Hicks (University of Maryland and Amazon); James Parker (Galois; Inc.)
Updatable Public Key Encryption from DCR: Efficient Constructions With Stronger Security Calvin Abou Haidar (Inria; ENS Lyon); Benoit Libert (CNRS; ENS Lyon); Alain Passelègue (Inria; ENS Lyon)
VOProof: Efficient zkSNARKs Generation for Algebra Dummies Yuncong Zhang (Shanghai Jiao Tong University); Alan Szepeniec (Nervos); Ren Zhang (Cryptape Co. Ltd. and Nervos); Shi-Feng Sun (Shanghai Jiao Tong University); Geng Wang (Shanghai Jiao Tong University); Dawu Gu (Shanghai Jiao Tong University)
VRust: Automated Vulnerability Detection for Solana Smart Contracts Siwei Cui (Texas A&M University); Gang Zhao (Texas A&M University); Yifei Gao (Texas A&M University); Tien Tavu (Texas A&M University); Jeff Huang (Texas A&M University)
VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries Nirvan Tyagi (Cornell University); Ben Fisch (Yale University); Andrew Zitek (New York University); Joseph Bonneau (New York University); Stefano Tessaro (University of Washington)
Victory by KO: Attacking OpenPGP Using Key Overwriting Lara Bruseghini (ETH Zurich & Proton AG); Daniel Huigens (Proton AG); Kenneth G. Paterson (ETH Zurich)
Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls Chengjun Cai (City University of Hong Kong Dongguan Research Institute); Yichen Zang (City University of Hong Kong); Cong Wang (City University of Hong Kong); Xiaohua Jia (City University of Hong Kong); Qian Wang (Wuhan University)
WINK: Wireless Inference of Numerical Keystrokes via Zero-Training Spatiotemporal Analysis Edwin Yang (University of Oklahoma); Qiuye He (University of Oklahoma); Song Fang (University of Oklahoma)
Watch Out for Race Condition Attacks When Using Android External Storage Shaoyong Du (State Key Laboratory of Mathematical Engineering and Advanced Computing); Xin Liu (State Key Laboratory of Mathematical Engineering and Advanced Computing); Guoqing Lai (State Key Laboratory of Mathematical Engineering and Advanced Computing); Xiangyang Luo (State Key Laboratory of Mathematical Engineering and Advanced Computing)
Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration Gibran Gomez (IMDEA Software Institute & Universidad Politécnica de Madrid); Pedro Moreno-Sanchez (IMDEA Software Institute); Juan Caballero (IMDEA Software Institute)
What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation Wei Zhou (Huazhong University of Science&University of Chinese Academy of Sciences and Technology); Lan Zhang (College of Information Sciences and Technology; The Pennsylvania State University); Le Guan (School of Computing; University of Georgia); Peng Liu (College of Information Sciences and Technology; The Pennsylvania State University); Yuqing Zhang (National Computer Network Intrusion Protection Center; University of Chinese Academy of Sciences)
When Evil Calls: Targeted Adversarial Voice over IP Network Han Liu (Washington University in St. Louis); Zhiyuan Yu (Washington University in St. Louis); Mingming Zha (Indiana University Bloomington); XiaoFeng Wang (Indiana University Bloomington); William Yeoh (Washington University in St. Louis); Yevgeniy Vorobeychik (Washington University in St. Louis); Ning Zhang (Washington University in St. Louis)
When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer Michael Fahr (University of Arkansas); Hunter Kippen (University of Maryland); Andrew Kwong (University of Michigan); Thinh Dang (George Washington University); Jacob Lichtinger (NIST); Dana Dachman-Soled (University of Maryland); Daniel Genkin (Georgia Institute of Technology); Alexander H. Nelson (University of Arkansas); Ray Perlner (NIST); Arkady Yerukhimovich (George Washington University); Daniel Apon (The MITRE Corporation)
When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure Yue Zhang (The Ohio State University); Zhiqiang Lin (The Ohio State University)
Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots Wai Man Si (CISPA Helmholtz Center for Information Security); Michael Backes (CISPA Helmholtz Center for Information Security); Jeremy Blackburn (Binghamton University); Emiliano De Cristofaro (University College London); Gianluca Stringhini (Boston University); Savvas Zannettou (TU Delft); Yang Zhang (CISPA Helmholtz Center for Information Security)
Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It Sílvia Casacuberta (Harvard University); Michael Shoemate (Harvard University); Salil Vadhan (Harvard University); Connor Wagaman (Boston University)
Zapper: Smart Contracts with Data and Identity Privacy Samuel Steffen (ETH Zurich); Benjamin Bichsel (ETH Zurich); Martin Vechev (ETH Zurich)
``Is your explanation stable?': A Robustness Evaluation Framework for Feature Attribution Yuyou Gan (Zhejiang University); Yuhao Mao (Zhejiang University); Xuhong Zhang (Zhejiang University); Shouling Ji (Zhejiang University); Yuwen Pu (Zhejiang University); Meng Han (Zhejiang University); Jianwei Yin (Zhejiang University); Ting Wang (The Pennsylvania State University)
i-TiRE: Incremental Timed-Release Encryption or How to use Timed-Release Encryption on Blockchains? Leemon Baird (Swirlds Labs); Pratyay Mukherjee (Swirlds Labs); Rohit Sinha (Swirlds Labs)
pMPL: A Robust Multi-Party Learning Framework with a Privileged Party Lushan Song (Fudan University); Jiaxuan Wang (Fudan University); Zhexuan Wang (Fudan University); Xinyu Tu (Fudan University); Guopeng Lin (Fudan University); Wenqiang Ruan (Fudan University); Haoqi Wu (Fudan University); Weili Han (Fudan University)
zkBridge: Trustless Cross-chain Bridges Made Practical Tiancheng Xie (University of California; Berkeley); Jiaheng Zhang (University of California; Berkeley); Zerui Cheng (Tsinghua University); Fan Zhang (Yale University); Yupeng Zhang (Texas A&M University); Yongzheng Jia (Overeality Labs); Dan Boneh (Stanford University); Dawn Song (University of California; Berkeley)