| Updatable Public Key Encryption from DCR: Efficient Constructions With Stronger Security. |
Calvin Abou Haidar, Benoît Libert, Alain Passelègue |
PDF |
- |
- |
| Helping or Hindering?: How Browser Extensions Undermine Security. |
Shubham Agarwal |
PDF |
- |
- |
| Practical, Round-Optimal Lattice-Based Blind Signatures. |
Shweta Agrawal, Elena Kirshanova, Damien Stehlé, Anshu Yadav |
PDF |
- |
- |
| Blacktooth: Breaking through the Defense of Bluetooth in Silence. |
Mingrui Ai, Kaiping Xue, Bo Luo, Lutong Chen, Nenghai Yu, Qibin Sun, Feng Wu |
PDF |
- |
- |
| Server-Aided Continuous Group Key Agreement. |
Joël Alwen, Dominik Hartmann, Eike Kiltz, Marta Mularczyk |
PDF |
- |
- |
| Enforcing Fine-grained Constant-time Policies. |
Basavesh Ammanaghatta Shivakumar, Gilles Barthe, Benjamin Grégoire, Vincent Laporte, Swarn Priya |
PDF |
- |
- |
| Post Quantum Noise. |
Yawning Angel, Benjamin Dowling, Andreas Hülsing, Peter Schwabe, Florian Weber |
PDF |
- |
- |
| Laconic Private Set-Intersection From Pairings. |
Diego F. Aranha, Chuanwei Lin, Claudio Orlandi, Mark Simkin |
PDF |
- |
- |
| Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters. |
Gilad Asharov, Koki Hamada, Dai Ikarashi, Ryo Kikuchi, Ariel Nof, Benny Pinkas, Katsumi Takahashi, Junichi Tomida |
PDF |
- |
- |
| Chaghri - A FHE-friendly Block Cipher. |
Tomer Ashur, Mohammad Mahzoun, Dilara Toprakhisar |
PDF |
- |
- |
| Secure Parallel Computation on Privately Partitioned Data and Applications. |
Nuttapong Attrapadung, Hiraku Morita, Kazuma Ohara, Jacob C. N. Schuldt, Tadanori Teruya, Kazunari Tozawa |
PDF |
- |
- |
| Thora: Atomic and Privacy-Preserving Multi-Channel Updates. |
Lukas Aumayr, Kasra Abbaszadeh, Matteo Maffei |
PDF |
- |
- |
| Sleepy Channels: Bi-directional Payment Channels without Watchtowers. |
Lukas Aumayr, Sri Aravinda Krishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez, Matteo Maffei |
PDF |
- |
- |
| On the Adaptive Security of the Threshold BLS Signature Scheme. |
Renas Bacho, Julian Loss |
PDF |
- |
- |
| Secret-Shared Joins with Multiplicity from Aggregation Trees. |
Saikrishna Badrinarayanan, Sourav Das, Gayathri Garimella, Srinivasan Raghuraman, Peter Rindal |
PDF |
- |
- |
| META-BTS: Bootstrapping Precision Beyond the Limit. |
Youngjin Bae, Jung Hee Cheon, Wonhee Cho, Jaehyung Kim, Taekyung Kim |
PDF |
- |
- |
| i-TiRE: Incremental Timed-Release Encryption or How to use Timed-Release Encryption on Blockchains? |
Leemon Baird, Pratyay Mukherjee, Rohit Sinha |
PDF |
- |
- |
| Membership Inference Attacks and Generalization: A Causal Perspective. |
Teodora Baluta, Shiqi Shen, S. Hitarth, Shruti Tople, Prateek Saxena |
PDF |
- |
- |
| Tidy: Symbolic Verification of Timed Cryptographic Protocols. |
Gilles Barthe, Ugo Dal Lago, Giulio Malavolta, Itsaka Rakotonirina |
PDF |
- |
- |
| A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. |
Anomadarshi Barua, Yonatan Gizachew Achamyeleh, Mohammad Abdullah Al Faruque |
PDF |
- |
- |
| Feta: Efficient Threshold Designated-Verifier Zero-Knowledge Proofs. |
Carsten Baum, Robin Jadoul, Emmanuela Orsini, Peter Scholl, Nigel P. Smart |
PDF |
- |
- |
| Distributed, Private, Sparse Histograms in the Two-Server Model. |
James Bell, Adrià Gascón, Badih Ghazi, Ravi Kumar, Pasin Manurangsi, Mariana Raykova, Phillipp Schoppmann |
PDF |
- |
- |
| Threshold Cryptography as a Service (in the Multiserver and YOSO Models). |
Fabrice Benhamouda, Shai Halevi, Hugo Krawczyk, Alex Miao, Tal Rabin |
PDF |
- |
- |
| Privacy Limitations of Interest-based Advertising on The Web: A Post-mortem Empirical Analysis of Google's FLoC. |
Alex Berke, Dan Calacci |
PDF |
- |
- |
| JIT-Picking: Differential Fuzzing of JavaScript Engines. |
Lukas Bernhard, Tobias Scharnowski, Moritz Schloegel, Tim Blazytko, Thorsten Holz |
PDF |
- |
- |
| A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello. |
Karthikeyan Bhargavan, Vincent Cheval, Christopher A. Wood |
PDF |
- |
- |
| Power Contracts: Provably Complete Power Leakage Models for Processors. |
Roderick Bloem, Barbara Gigerl, Marc Gourjon, Vedad Hadzic, Stefan Mangard, Robert Primas |
PDF |
- |
- |
| Themis: An On-Site Voting System with Systematic Cast-as-intended Verification and Partial Accountability. |
Mikael Bougon, Hervé Chabanne, Véronique Cortier, Alexandre Debant, Emmanuelle Dottax, Jannik Dreier, Pierrick Gaudry, Mathieu Turuani |
PDF |
- |
- |
| Victory by KO: Attacking OpenPGP Using Key Overwriting. |
Lara Bruseghini, Daniel Huigens, Kenneth G. Paterson |
PDF |
- |
- |
| Do Opt-Outs Really Opt Me Out? |
Duc Bui, Brian Tang, Kang G. Shin |
PDF |
- |
- |
| Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls. |
Chengjun Cai, Yichen Zang, Cong Wang, Xiaohua Jia, Qian Wang |
PDF |
- |
- |
| Succinct Zero-Knowledge Batch Proofs for Set Accumulators. |
Matteo Campanelli, Dario Fiore, Semin Han, Jihye Kim, Dimitris Kolonelos, Hyunok Oh |
PDF |
- |
- |
| Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It. |
Sílvia Casacuberta, Michael Shoemate, Salil P. Vadhan, Connor Wagaman |
PDF |
- |
- |
| SFuzz: Slice-based Fuzzing for Real-Time Operating Systems. |
Libo Chen, Quanpu Cai, Zhenbang Ma, Yanhao Wang, Hong Hu, Minghang Shen, Yue Liu, Shanqing Guo, Haixin Duan, Kaida Jiang, Zhi Xue |
PDF |
- |
- |
| Graph Unlearning. |
Min Chen, Zhikun Zhang, Tianhao Wang, Michael Backes, Mathias Humbert, Yang Zhang |
PDF |
- |
- |
| MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware. |
Zitai Chen, Sam L. Thomas, Flavio D. Garcia |
PDF |
- |
- |
| PSI from Ring-OLE. |
Wutichai Chongchitmate, Yuval Ishai, Steve Lu, Rafail Ostrovsky |
PDF |
- |
- |
| HammerScope: Observing DRAM Power Consumption Using Rowhammer. |
Yaakov Cohen, Kevin Sam Tharayil, Arie Haenel, Daniel Genkin, Angelos D. Keromytis, Yossi Oren, Yuval Yarom |
PDF |
- |
- |
| SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering. |
Kelong Cong, Debajyoti Das, Jeongeun Park, Hilder V. L. Pereira |
PDF |
- |
- |
| SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. |
Tianshuo Cong, Xinlei He, Yang Zhang |
PDF |
- |
- |
| The Generals' Scuttlebutt: Byzantine-Resilient Gossip Protocols. |
Sandro Coretti, Aggelos Kiayias, Cristopher Moore, Alexander Russell |
PDF |
- |
- |
| Sharp: Short Relaxed Range Proofs. |
Geoffroy Couteau, Dahmun Goudarzi, Michael Klooß, Michael Reichle |
PDF |
- |
- |
| QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. |
Ana-Maria Cretu, Florimond Houssiau, Antoine Cully, Yves-Alexandre de Montjoye |
PDF |
- |
- |
| VRust: Automated Vulnerability Detection for Solana Smart Contracts. |
Siwei Cui, Gang Zhao, Yifei Gao, Tien Tavu, Jeff Huang |
PDF |
- |
- |
| Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority. |
Anders P. K. Dalskov, Daniel Escudero, Ariel Nof |
PDF |
- |
- |
| Understanding Security Issues in the NFT Ecosystem. |
Dipanjan Das, Priyanka Bose, Nicola Ruaro, Christopher Kruegel, Giovanni Vigna |
PDF |
- |
- |
| GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy. |
Bernardo David, Bernardo Magri, Christian Matt, Jesper Buus Nielsen, Daniel Tschudi |
PDF |
- |
- |
| STAR: Secret Sharing for Private Threshold Aggregation Reporting. |
Alex Davidson, Peter Snyder, E. B. Quirk, Joseph Genereux, Benjamin Livshits, Hamed Haddadi |
PDF |
- |
- |
| CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. |
Alvise de Faveri Tron, Stefano Longari, Michele Carminati, Mario Polino, Stefano Zanero |
PDF |
- |
- |
| Two-Client Inner-Product Functional Encryption with an Application to Money-Laundering Detection. |
Paola de Perthuis, David Pointcheval |
PDF |
- |
- |
| On the (In)Security of Secure ROS2. |
Gelei Deng, Guowen Xu, Yuan Zhou, Tianwei Zhang, Yang Liu |
PDF |
- |
- |
| FenceSitter: Black-box, Content-Agnostic, and Synchronization-Free Enrollment-Phase Attacks on Speaker Recognition Systems. |
Jiangyi Deng, Yanjiao Chen, Wenyuan Xu |
PDF |
- |
- |
| StrongBox: A GPU TEE on Arm Endpoints. |
Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, Fengwei Zhang |
PDF |
- |
- |
| Understanding Real-world Threats to Deep Learning Models in Android Apps. |
Zizhuang Deng, Kai Chen, Guozhu Meng, Xiaodong Zhang, Ke Xu, Yao Cheng |
PDF |
- |
- |
| A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks. |
Karel Dhondt, Victor Le Pochat, Alexios Voulimeneas, Wouter Joosen, Stijn Volckaert |
PDF |
- |
- |
| Second-Order Low-Randomness d + 1 Hardware Sharing of the AES. |
Siemen Dhooghe, Aein Rezaei Shahmirzadi, Amir Moradi |
PDF |
- |
- |
| Improving Line-Point Zero Knowledge: Two Multiplications for the Price of One. |
Samuel Dittmer, Yuval Ishai, Steve Lu, Rafail Ostrovsky |
PDF |
- |
- |
| Shorter Signatures Based on Tailor-Made Minimalist Symmetric-Key Crypto. |
Christoph Dobraunig, Daniel Kales, Christian Rechberger, Markus Schofnegger, Greg Zaverucha |
PDF |
- |
- |
| Leakage and Tamper Resilient Permutation-Based Cryptography. |
Christoph Dobraunig, Bart Mennink, Robert Primas |
PDF |
- |
- |
| Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection. |
Priyanka Dodia, Mashael AlSabah, Omar Alrawi, Tao Wang |
PDF |
- |
- |
| Watch Out for Race Condition Attacks When Using Android External Storage. |
Shaoyong Du, Xin Liu, Guoqing Lai, Xiangyang Luo |
PDF |
- |
- |
| Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. |
Rui Duan, Zhe Qu, Shangqing Zhao, Leah Ding, Yao Liu, Zhuo Lu |
PDF |
- |
- |
| Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications. |
Yue Duan, Xin Zhao, Yu Pan, Shucheng Li, Minghao Li, Fengyuan Xu, Mu Zhang |
PDF |
- |
- |
| Poirot: Probabilistically Recommending Protections for the Android Framework. |
Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer |
PDF |
- |
- |
| TurboPack: Honest Majority MPC with Constant Online Communication. |
Daniel Escudero, Vipul Goyal, Antigoni Polychroniadou, Yifan Song |
PDF |
- |
- |
| Automatic Detection of Speculative Execution Combinations. |
Xaver Fabian, Marco Guarnieri, Marco Patrignani |
PDF |
- |
- |
| When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer. |
Michael Fahr, Hunter Kippen, Andrew Kwong, Thinh Dang, Jacob Lichtinger, Dana Dachman-Soled, Daniel Genkin, Alexander Nelson, Ray A. Perlner, Arkady Yerukhimovich, Daniel Apon |
PDF |
- |
- |
| NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms. |
Xiaoyu Fan, Kun Chen, Guosai Wang, Mingchun Zhuang, Yi Li, Wei Xu |
PDF |
- |
- |
| Shifted Inverse: A General Mechanism for Monotonic Functions under User Differential Privacy. |
Juanru Fang, Wei Dong, Ke Yi |
PDF |
- |
- |
| CINI MINIS: Domain Isolation for Fault and Combined Security. |
Jakob Feldtkeller, Jan Richter-Brockmann, Pascal Sasdrich, Tim Güneysu |
PDF |
- |
- |
| Adversarial Correctness and Privacy for Probabilistic Data Structures. |
Mia Filic, Kenneth G. Paterson, Anupama Unnikrishnan, Fernando Virdia |
PDF |
- |
- |
| LibAFL: A Framework to Build Modular and Reusable Fuzzers. |
Andrea Fioraldi, Dominik Christian Maier, Dongjia Zhang, Davide Balzarotti |
PDF |
- |
- |
| Efficient Zero-Knowledge Proofs on Signed Data with Applications to Verifiable Computation on Data Streams. |
Dario Fiore, Ida Tucker |
PDF |
- |
- |
| Minotaur: Multi-Resource Blockchain Consensus. |
Matthias Fitzi, Xuechao Wang, Sreeram Kannan, Aggelos Kiayias, Nikos Leonardos, Pramod Viswanath, Gerui Wang |
PDF |
- |
- |
| Squirrel: Efficient Synchronized Multi-Signatures from Lattices. |
Nils Fleischhacker, Mark Simkin, Zhenfei Zhang |
PDF |
- |
- |
| Am I Private and If So, how Many?: Communicating Privacy Guarantees of Differential Privacy with Risk Communication Formats. |
Daniel Franzen, Saskia Nuñez von Voigt, Peter Sörries, Florian Tschorsch, Claudia Müller-Birn |
PDF |
- |
- |
| Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition. |
Kelsey R. Fulton, Daniel Votipka, Desiree Abrokwa, Michelle L. Mazurek, Michael Hicks, James Parker |
PDF |
- |
- |
| "Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. |
Yuyou Gan, Yuhao Mao, Xuhong Zhang, Shouling Ji, Yuwen Pu, Meng Han, Jianwei Yin, Ting Wang |
PDF |
- |
- |
| Secure Auctions in the Presence of Rational Adversaries. |
Chaya Ganesh, Bhavana Kanukurthi, Girisha Shankar |
PDF |
- |
- |
| Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency. |
Yingzi Gao, Yuan Lu, Zhenliang Lu, Qiang Tang, Jing Xu, Zhenfeng Zhang |
PDF |
- |
- |
| Succinct Zero Knowledge for Floating Point Computations. |
Sanjam Garg, Abhishek Jain, Zhengzhong Jin, Yinuo Zhang |
PDF |
- |
- |
| Practical Settlement Bounds for Proof-of-Work Blockchains. |
Peter Gazi, Ling Ren, Alexander Russell |
PDF |
- |
- |
| Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud. |
Xinyang Ge, Hsuan-Chi Kuo, Weidong Cui |
PDF |
- |
- |
| C2C: Fine-grained Configuration-driven System Call Filtering. |
Seyedhamed Ghavamnia, Tapti Palit, Michalis Polychronakis |
PDF |
- |
- |
| Foundations of Coin Mixing Services. |
Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri Aravinda Krishnan Thyagarajan |
PDF |
- |
- |
| ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. |
Vasudev Gohil, Hao Guo, Satwik Patnaik, Jeyavijayan Rajendran |
PDF |
- |
- |
| Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration. |
Gibran Gómez, Pedro Moreno-Sanchez, Juan Caballero |
PDF |
- |
- |
| DangZero: Efficient Use-After-Free Detection via Direct Page Table Access. |
Floris Gorter, Koen Koning, Herbert Bos, Cristiano Giuffrida |
PDF |
- |
- |
| Reinforced Concrete: A Fast Hash Function for Verifiable Computation. |
Lorenzo Grassi, Dmitry Khovratovich, Reinhard Lüftenegger, Christian Rechberger, Markus Schofnegger, Roman Walch |
PDF |
- |
- |
| Proof-of-Possession for KEM Certificates using Verifiable Generation. |
Tim Güneysu, Philip W. Hodges, Georg Land, Mike Ounsworth, Douglas Stebila, Greg Zaverucha |
PDF |
- |
- |
| SPECPATCH: Human-In-The-Loop Adversarial Audio Spectrogram Patch Attack on Speech Recognition. |
Hanqing Guo, Yuanda Wang, Nikolay Ivanov, Li Xiao, Qiben Yan |
PDF |
- |
- |
| Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. |
Zayd Hammoudeh, Daniel Lowd |
PDF |
- |
- |
| Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API. |
Xiao Han, Junjie Xiong, Wenbo Shen, Zhuo Lu, Yao Liu |
PDF |
- |
- |
| How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum. |
Keitaro Hashimoto, Shuichi Katsumata, Thomas Prest |
PDF |
- |
- |
| Behind the Scenes of RPKI. |
Tomas Hlavacek, Philipp Jeitner, Donika Mirdita, Haya Schulmann, Michael Waidner |
PDF |
- |
- |
| On the Privacy Risks of Cell-Based NAS Architectures. |
Hai Huang, Zhikun Zhang, Yun Shen, Michael Backes, Qi Li, Yang Zhang |
PDF |
- |
- |
| Kryvos: Publicly Tally-Hiding Verifiable E-Voting. |
Nicolas Huber, Ralf Küsters, Toomas Krips, Julian Liedtke, Johannes Müller, Daniel Rausch, Pascal Reisert, Andreas Vogt |
PDF |
- |
- |
| Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics. |
Thomas Humphries, Rasoul Akhavan Mahdavi, Shannon Veitch, Florian Kerschbaum |
PDF |
- |
- |
| SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities. |
Jaewon Hur, Suhwan Song, Sunwoo Kim, Byoungyoung Lee |
PDF |
- |
- |
| Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels. |
Ahmad Ibrahim, Hamed Nemati, Till Schlüter, Nils Ole Tippenhauer, Christian Rossow |
PDF |
- |
- |
| Differentially Private Triangle and 4-Cycle Counting in the Shuffle Model. |
Jacob Imola, Takao Murakami, Kamalika Chaudhuri |
PDF |
- |
- |
| On the Success Rate of Side-Channel Attacks on Masked Implementations: Information-Theoretical Bounds and Their Practical Usage. |
Akira Ito, Rei Ueno, Naofumi Homma |
PDF |
- |
- |
| AI/ML for Network Security: The Emperor has no Clothes. |
Arthur Selle Jacobs, Roman Beltiukov, Walter Willinger, Ronaldo A. Ferreira, Arpit Gupta, Lisandro Z. Granville |
PDF |
- |
- |
| DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On. |
Louis Jannett, Vladislav Mladenov, Christian Mainka, Jörg Schwenk |
PDF |
- |
- |
| Are Attribute Inference Attacks Just Imputation? |
Bargav Jayaraman, David Evans |
PDF |
- |
- |
| Cache Refinement Type for Side-Channel Detection of Cryptographic Software. |
Ke Jiang, Yuyan Bao, Shuai Wang, Zhibo Liu, Tianwei Zhang |
PDF |
- |
- |
| Evocatio: Conjuring Bug Capabilities from a Single PoC. |
Zhiyuan Jiang, Shuitao Gan, Adrian Herrera, Flavio Toffalini, Lucio Romerio, Chaojing Tang, Manuel Egele, Chao Zhang, Mathias Payer |
PDF |
- |
- |
| Understanding IoT Security from a Market-Scale Perspective. |
Xin Jin, Sunil Manandhar, Kaushal Kafle, Zhiqiang Lin, Adwait Nadkarni |
PDF |
- |
- |
| SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings. |
Xin Jin, Kexin Pei, Jun Yeon Won, Zhiqiang Lin |
PDF |
- |
- |
| P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies. |
Ze Jin, Luyi Xing, Yiwei Fang, Yan Jia, Bin Yuan, Qixu Liu |
PDF |
- |
- |
| Private and Reliable Neural Network Inference. |
Nikola Jovanovic, Marc Fischer, Samuel Steffen, Martin T. Vechev |
PDF |
- |
- |
| A Scalable and Dynamic ACL System for In-Network Defense. |
Changhun Jung, Sian Kim, Rhongho Jang, David Mohaisen, DaeHun Nyang |
PDF |
- |
- |
| TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities. |
Wooseok Kang, Byoungho Son, Kihong Heo |
PDF |
- |
- |
| HyperDbg: Reinventing Hardware-Assisted Debugging. |
Mohammad Sina Karvandi, MohammadHosein Gholamrezaei, Saleh Khalaj Monfared, Soroush Meghdadi Zanjani, Behrooz Abbassi, Ali Amini, Reza Mortazavi, Saeid Gorgin, Dara Rahmati, Michael Schwarz |
PDF |
- |
- |
| RedShift: Transparent SNARKs from List Polynomial Commitments. |
Assimakis A. Kattis, Konstantin Panarin, Alexander Vlasov |
PDF |
- |
- |
| PEReDi: Privacy-Enhanced, Regulated and Distributed Central Bank Digital Currencies. |
Aggelos Kiayias, Markulf Kohlweiss, Amirreza Sarencheh |
PDF |
- |
- |
| DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing. |
Seulbae Kim, Major Liu, Junghwan John Rhee, Yuseok Jeon, Yonghwi Kwon, Chung Hwan Kim |
PDF |
- |
- |
| Phishing URL Detection: A Network-based Approach Robust to Evasion. |
Taeri Kim, Noseong Park, Jiwon Hong, Sang-Wook Kim |
PDF |
- |
- |
| NTRU-v-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus. |
Kamil Kluczniak |
PDF |
- |
- |
| Low-Latency Hardware Private Circuits. |
David Knichel, Amir Moradi |
PDF |
- |
- |
| LPGNet: Link Private Graph Networks for Node Classification. |
Aashish Kolluri, Teodora Baluta, Bryan Hooi, Prateek Saxena |
PDF |
- |
- |
| Leakage Inversion: Towards Quantifying Privacy in Searchable Encryption. |
Evgenios M. Kornaropoulos, Nathaniel Moyer, Charalampos Papamanthou, Alexandros Psomas |
PDF |
- |
- |
| PentaGOD: Stepping beyond Traditional GOD with Five Parties. |
Nishat Koti, Varsha Bhat Kukkala, Arpita Patra, Bhavish Raj Gopal |
PDF |
- |
- |
| Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies. |
James Larisch, Waqar Aqeel, Michael Lum, Yaelle Goldschlag, Leah Kannan, Kasra Torshizi, Yujie Wang, Taejoong Chung, Dave Levin, Bruce M. Maggs, Alan Mislove, Bryan Parno, Christo Wilson |
PDF |
- |
- |
| Cerberus: A Formal Approach to Secure and Efficient Enclave Memory Sharing. |
Dayeol Lee, Kevin Cheang, Alexander Thomas, Catherine Lu, Pranav Gaddamadugu, Anjo Vahldiek-Oberwagner, Mona Vij, Dawn Song, Sanjit A. Seshia, Krste Asanovic |
PDF |
- |
- |
| Collect Responsibly But Deliver Arbitrarily?: A Study on Cross-User Privacy Leakage in Mobile Apps. |
Shuai Li, Zhemin Yang, Nan Hua, Peng Liu, Xiaohan Zhang, Guangliang Yang, Min Yang |
PDF |
- |
- |
| PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication. |
Yuan Li, Wende Tan, Zhizheng Lv, Songtao Yang, Mathias Payer, Ying Liu, Chao Zhang |
PDF |
- |
- |
| Auditing Membership Leakages of Multi-Exit Networks. |
Zheng Li, Yiyong Liu, Xinlei He, Ning Yu, Michael Backes, Yang Zhang |
PDF |
- |
- |
| Overo: Sharing Private Audio Recordings. |
Jaemin Lim, Kiyeon Kim, Hyunwoo Yu, Suk-Bok Lee |
PDF |
- |
- |
| InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution. |
Shihan Lin, Rui Xin, Aayush Goel, Xiaowei Yang |
PDF |
- |
- |
| DirtyCred: Escalating Privilege in Linux Kernel. |
Zhenpeng Lin, Yuhang Wu, Xinyu Xing |
PDF |
- |
- |
| Frequency Throttling Side-Channel Attack. |
Chen Liu, Abhishek Chakraborty, Nikhil Chawla, Neer Roggel |
PDF |
- |
- |
| Ready Raider One: Exploring the Misuse of Cloud Gaming Services. |
Guannan Liu, Daiping Liu, Shuai Hao, Xing Gao, Kun Sun, Haining Wang |
PDF |
- |
- |
| When Evil Calls: Targeted Adversarial Voice over IP Network. |
Han Liu, Zhiyuan Yu, Mingming Zha, XiaoFeng Wang, William Yeoh, Yevgeniy Vorobeychik, Ning Zhang |
PDF |
- |
- |
| Order-Disorder: Imitation Adversarial Attacks for Black-box Neural Ranking Models. |
Jiawei Liu, Yangyang Kang, Di Tang, Kaisong Song, Changlong Sun, Xiaofeng Wang, Wei Lu, Xiaozhong Liu |
PDF |
- |
- |
| Matproofs: Maintainable Matrix Commitment with Efficient Aggregation. |
Jing Liu, Liang Feng Zhang |
PDF |
- |
- |
| Harnessing Perceptual Adversarial Patches for Crowd Counting. |
Shunchang Liu, Jiakai Wang, Aishan Liu, Yingwei Li, Yijie Gao, Xianglong Liu, Dacheng Tao |
PDF |
- |
- |
| Acquirer: A Hybrid Approach to Detecting Algorithmic Complexity Vulnerabilities. |
Yinxi Liu, Wei Meng |
PDF |
- |
- |
| Membership Inference Attacks by Exploiting Loss Trajectory. |
Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang |
PDF |
- |
- |
| Empirical Analysis of EIP-1559: Transaction Fees, Waiting Times, and Consensus Security. |
Yulin Liu, Yuxuan Lu, Kartik Nayak, Fan Zhang, Luyao Zhang, Yinhong Zhao |
PDF |
- |
- |
| StolenEncoder: Stealing Pre-trained Encoders in Self-supervised Learning. |
Yupei Liu, Jinyuan Jia, Hongbin Liu, Neil Zhenqiang Gong |
PDF |
- |
- |
| LoneNeuron: A Highly-Effective Feature-Domain Neural Trojan Using Invisible and Polymorphic Watermarks. |
Zeyan Liu, Fengjun Li, Zhu Li, Bo Luo |
PDF |
- |
- |
| Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems. |
Jie Lu, Haofeng Li, Chen Liu, Lian Li, Kun Cheng |
PDF |
- |
- |
| Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT. |
Yuan Lu, Zhenliang Lu, Qiang Tang |
PDF |
- |
- |
| TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications. |
Changhua Luo, Penghui Li, Wei Meng |
PDF |
- |
- |
| Proving UNSAT in Zero Knowledge. |
Ning Luo, Timos Antonopoulos, William R. Harris, Ruzica Piskac, Eran Tromer, Xiao Wang |
PDF |
- |
- |
| Frequency Estimation in the Shuffle Model with Almost a Single Message. |
Qiyao Luo, Yilei Wang, Ke Yi |
PDF |
- |
- |
| Feature Inference Attack on Shapley Values. |
Xinjian Luo, Yangfan Jiang, Xiaokui Xiao |
PDF |
- |
- |
| Federated Boosted Decision Trees with Differential Privacy. |
Samuel Maddock, Graham Cormode, Tianhao Wang, Carsten Maple, Somesh Jha |
PDF |
- |
- |
| The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning. |
Chris McMahon Stone, Sam L. Thomas, Mathy Vanhoef, James Henderson, Nicolas Bailluet, Tom Chothia |
PDF |
- |
- |
| Securing Reset Operations in NISQ Quantum Computers. |
Allen Mi, Shuwen Deng, Jakub Szefer |
PDF |
- |
- |
| Constant Latency in Sleepy Consensus. |
Atsuki Momose, Ling Ren |
PDF |
- |
- |
| Physical Hijacking Attacks against Object Trackers. |
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ming Li, Ryan M. Gerdes |
PDF |
- |
- |
| The Multi-User Security of Triple Encryption, Revisited: Exact Security, Strengthening, and Application to TDES. |
Yusuke Naito, Yu Sasaki, Takeshi Sugawara, Kan Yasuda |
PDF |
- |
- |
| CERBERUS: Exploring Federated Prediction of Security Events. |
Mohammad Naseri, Yufei Han, Enrico Mariconti, Yun Shen, Gianluca Stringhini, Emiliano De Cristofaro |
PDF |
- |
- |
| Sigstore: Software Signing for Everybody. |
Zachary Newman, John Speed Meyers, Santiago Torres-Arias |
PDF |
- |
- |
| Freely Given Consent?: Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps. |
Trung Tin Nguyen, Michael Backes, Ben Stock |
PDF |
- |
- |
| NARRATOR: Secure and Practical State Continuity for Trusted Execution in the Cloud. |
Jianyu Niu, Wei Peng, Xiaokuan Zhang, Yinqian Zhang |
PDF |
- |
- |
| Cart-ology: Intercepting Targeted Advertising via Ad Network Identity Entanglement. |
ChangSeok Oh, Chris Kanich, Damon McCoy, Paul Pearce |
PDF |
- |
- |
| Discovering IoT Physical Channel Vulnerabilities. |
Muslum Ozgur Ozmen, Xuansong Li, Andrew Chu, Z. Berkay Celik, Bardh Hoxha, Xiangyu Zhang |
PDF |
- |
- |
| Eluding Secure Aggregation in Federated Learning via Model Inconsistency. |
Dario Pasquini, Danilo Francati, Giuseppe Ateniese |
PDF |
- |
- |
| Hidden in Plain Sight: Exploring Encrypted Channels in Android Apps. |
Sajjad Pourali, Nayanamana Samarasinghe, Mohammad Mannan |
PDF |
- |
- |
| Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations. |
Tamjid Al Rahat, Yu Feng, Yuan Tian |
PDF |
- |
- |
| TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals. |
Soundarya Ramesh, Ghozali Suhariyanto Hadi, Sihun Yang, Mun Choon Chan, Jun Han |
PDF |
- |
- |
| FABEO: Fast Attribute-Based Encryption with Optimal Security. |
Doreen Riepel, Hoeteck Wee |
PDF |
- |
- |
| Blazing Fast PSI from Improved OKVS and Subfield VOLE. |
Srinivasan Raghuraman, Peter Rindal |
PDF |
- |
- |
| Strengthening Order Preserving Encryption with Differential Privacy. |
Amrita Roy Chowdhury, Bolin Ding, Somesh Jha, Weiran Liu, Jingren Zhou |
PDF |
- |
- |
| EIFFeL: Ensuring Integrity for Federated Learning. |
Amrita Roy Chowdhury, Chuan Guo, Somesh Jha, Laurens van der Maaten |
PDF |
- |
- |
| ROAST: Robust Asynchronous Schnorr Threshold Signatures. |
Tim Ruffing, Viktoria Ronge, Elliott Jin, Jonas Schneider-Bensch, Dominique Schröder |
PDF |
- |
- |
| Fast Fully Oblivious Compaction and Shuffling. |
Sajin Sasy, Aaron Johnson, Ian Goldberg |
PDF |
- |
- |
| FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs. |
Fabian Schwarz, Khue Do, Gunnar Heide, Lucjan Hanzlik, Christian Rossow |
PDF |
- |
- |
| MC2: Rigorous and Efficient Directed Greybox Fuzzing. |
Abhishek Shah, Dongdong She, Samanway Sadhu, Krish Singal, Peter Coffman, Suman Jana |
PDF |
- |
- |
| Post-breach Recovery: Protection against White-box Adversarial Examples for Leaked DNN Models. |
Shawn Shan, Wenxin Ding, Emily Wenger, Haitao Zheng, Ben Y. Zhao |
PDF |
- |
- |
| Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing. |
Junxian Shen, Han Zhang, Yantao Geng, Jiawei Li, Jilong Wang, Mingwei Xu |
PDF |
- |
- |
| Finding MNEMON: Reviving Memories of Node Embeddings. |
Yun Shen, Yufei Han, Zhikun Zhang, Min Chen, Ting Yu, Michael Backes, Yang Zhang, Gianluca Stringhini |
PDF |
- |
- |
| Why So Toxic?: Measuring and Triggering Toxic Behavior in Open-Domain Chatbots. |
Wai Man Si, Michael Backes, Jeremy Blackburn, Emiliano De Cristofaro, Gianluca Stringhini, Savvas Zannettou, Yang Zhang |
PDF |
- |
- |
| Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications. |
Konstantinos Solomos, Panagiotis Ilia, Nick Nikiforakis, Jason Polakis |
PDF |
- |
- |
| pMPL: A Robust Multi-Party Learning Framework with a Privileged Party. |
Lushan Song, Jiaxuan Wang, Zhexuan Wang, Xinyu Tu, Guopeng Lin, Wenqiang Ruan, Haoqi Wu, Weili Han |
PDF |
- |
- |
| Bullshark: DAG BFT Protocols Made Practical. |
Alexander Spiegelman, Neil Giridharan, Alberto Sonnino, Lefteris Kokoris-Kogias |
PDF |
- |
- |
| Batching, Aggregation, and Zero-Knowledge Proofs in Bilinear Accumulators. |
Shravan Srinivasan, Ioanna Karantaidou, Foteini Baldimtsi, Charalampos Papamanthou |
PDF |
- |
- |
| Zapper: Smart Contracts with Data and Identity Privacy. |
Samuel Steffen, Benjamin Bichsel, Martin T. Vechev |
PDF |
- |
- |
| Clues in Tweets: Twitter-Guided Discovery and Analysis of SMS Spam. |
Siyuan Tang, Xianghang Mi, Ying Li, XiaoFeng Wang, Kai Chen |
PDF |
- |
- |
| NeVerMore: Exploiting RDMA Mistakes in NVMe-oF Storage Applications. |
Konstantin Taranov, Benjamin Rothenberger, Daniele De Sensi, Adrian Perrig, Torsten Hoefler |
PDF |
- |
- |
| Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets. |
Florian Tramèr, Reza Shokri, Ayrton San Joaquin, Hoang Le, Matthew Jagielski, Sanghyun Hong, Nicholas Carlini |
PDF |
- |
- |
| VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries. |
Nirvan Tyagi, Ben Fisch, Andrew Zitek, Joseph Bonneau, Stefano Tessaro |
PDF |
- |
- |
| L-SRR: Local Differential Privacy for Location-Based Services with Staircase Randomized Response. |
Han Wang, Hanbin Hong, Li Xiong, Zhan Qin, Yuan Hong |
PDF |
- |
- |
| Practical Volume-Hiding Encrypted Multi-Maps with Optimal Overhead and Beyond. |
Jianfeng Wang, Shifeng Sun, Tianci Li, Saiyu Qi, Xiaofeng Chen |
PDF |
- |
- |
| ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes. |
Weili Wang, Sen Deng, Jianyu Niu, Michael K. Reiter, Yinqian Zhang |
PDF |
- |
- |
| Don't Kick Over the Beehive: Attacks and Security Analysis on Zigbee. |
Xian Wang, Shuang Hao |
PDF |
- |
- |
| Group Property Inference Attacks Against Graph Neural Networks. |
Xiuling Wang, Wendy Hui Wang |
PDF |
- |
- |
| DPIS: An Enhanced Mechanism for Differentially Private SGD with Importance Sampling. |
Jianxin Wei, Ergute Bao, Xiaokui Xiao, Yin Yang |
PDF |
- |
- |
| AntMan: Interactive Zero-Knowledge Proofs with Sublinear Communication. |
Chenkai Weng, Kang Yang, Zhaomin Yang, Xiang Xie, Xiao Wang |
PDF |
- |
- |
| Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications. |
Jan Wichelmann, Florian Sieck, Anna Pätschke, Thomas Eisenbarth |
PDF |
- |
- |
| EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices. |
Cong Wu, Jing Chen, Kun He, Ziming Zhao, Ruiying Du, Chen Zhang |
PDF |
- |
- |
| Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation. |
Karl Wüst, Kari Kostiainen, Noah Delius, Srdjan Capkun |
PDF |
- |
- |
| Protecting Critical Inter-Domain Communication through Flyover Reservations. |
Marc Wyss, Giacomo Giuliari, Jonas Mohler, Adrian Perrig |
PDF |
- |
- |
| Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem. |
Feng Xiao, Zheng Yang, Joey Allen, Guangliang Yang, Grant Williams, Wenke Lee |
PDF |
- |
- |
| CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation. |
Mengyao Xie, Chenggang Wu, Yinqian Zhang, Jiali Xu, Yuanming Lai, Yan Kang, Wei Wang, Zhe Wang |
PDF |
- |
- |
| zkBridge: Trustless Cross-chain Bridges Made Practical. |
Tiancheng Xie, Jiaheng Zhang, Zerui Cheng, Fan Zhang, Yupeng Zhang, Yongzheng Jia, Dan Boneh, Dawn Song |
PDF |
- |
- |
| Automatic Detection of Fake Key Attacks in Secure Messaging. |
Tarun Kumar Yadav, Devashish Gosain, Amir Herzberg, Daniel Zappala, Kent E. Seamons |
PDF |
- |
- |
| WINK: Wireless Inference of Numerical Keystrokes via Zero-Training Spatiotemporal Analysis. |
Edwin Yang, Qiuye He, Song Fang |
PDF |
- |
- |
| An Extensive Study of Residential Proxies in China. |
Mingshuo Yang, Yunnan Yu, Xianghang Mi, Shujun Tang, Shanqing Guo, Yilin Li, Xiaofeng Zheng, Haixin Duan |
PDF |
- |
- |
| Detecting and Measuring Misconfigured Manifests in Android Apps. |
Yuqing Yang, Mohamed Elsabagh, Chaoshun Zuo, Ryan Johnson, Angelos Stavrou, Zhiqiang Lin |
PDF |
- |
- |
| Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection. |
Yuqing Yang, Yue Zhang, Zhiqiang Lin |
PDF |
- |
- |
| Enhanced Membership Inference Attacks against Machine Learning Models. |
Jiayuan Ye, Aadyaa Maddi, Sasi Kumar Murakonda, Vincent Bindschaedler, Reza Shokri |
PDF |
- |
- |
| HeatDeCam: Detecting Hidden Spy Cameras via Thermal Emissions. |
Zhiyuan Yu, Zhuohang Li, Yuanhaur Chang, Skylar Fong, Jian Liu, Ning Zhang |
PDF |
- |
- |
| Caulk: Lookup Arguments in Sublinear Time. |
Arantxa Zapico, Vitalik Buterin, Dmitry Khovratovich, Mary Maller, Anca Nitulescu, Mark Simkin |
PDF |
- |
- |
| PalanTír: Optimizing Attack Provenance with Hardware-enhanced System Observability. |
Jun Zeng, Chuqi Zhang, Zhenkai Liang |
PDF |
- |
- |
| PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement. |
Haibin Zhang, Sisi Duan |
PDF |
- |
- |
| I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior. |
Penghui Zhang, Zhibo Sun, Sukwha Kyung, Hans Walter Behrens, Zion Leonahenahe Basque, Haehyun Cho, Adam Oest, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Gail-Joon Ahn, Adam Doupé |
PDF |
- |
- |
| When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure. |
Yue Zhang, Zhiqiang Lin |
PDF |
- |
- |
| VOProof: Efficient zkSNARKs from Vector Oracle Compilers. |
Yuncong Zhang, Alan Szepieniec, Ren Zhang, Shifeng Sun, Geng Wang, Dawu Gu |
PDF |
- |
- |
| Characterizing and Detecting Non-Consensual Photo Sharing on Social Networks. |
Tengfei Zheng, Tongqing Zhou, Qiang Liu, Kui Wu, Zhiping Cai |
PDF |
- |
- |
| Ibex: Privacy-preserving Ad Conversion Tracking and Bidding. |
Ke Zhong, Yiping Ma, Sebastian Angel |
PDF |
- |
- |
| Uncovering Intent based Leak of Sensitive Data in Android Framework. |
Hao Zhou, Xiapu Luo, Haoyu Wang, Haipeng Cai |
PDF |
- |
- |
| Non-Distinguishable Inconsistencies as a Deterministic Oracle for Detecting Security Bugs. |
Qingyang Zhou, Qiushi Wu, Dinghao Liu, Shouling Ji, Kangjie Lu |
PDF |
- |
- |
| What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation. |
Wei Zhou, Lan Zhang, Le Guan, Peng Liu, Yuqing Zhang |
PDF |
- |
- |
| Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT. |
Xin'an Zhou, Jiale Guan, Luyi Xing, Zhiyun Qian |
PDF |
- |
- |