2022.md

IEEE Symposium on Security and Privacy (S&P) 2022

Title	Authors	Paper	Code	Presentations
PATA: Fuzzing with Path Aware Taint Analysis.	Jie Liang, Mingzhe Wang, Chijin Zhou, Zhiyong Wu, Yu Jiang, Jianzhong Liu, Zhe Liu, Jiaguang Sun	PDF	-	-
JIGSAW: Efficient and Scalable Path Constraints Fuzzing.	Ju Chen, Jinghan Wang, Chengyu Song, Heng Yin	PDF	-	-
BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning.	Heqing Huang, Yiyuan Guo, Qingkai Shi, Peisen Yao, Rongxin Wu, Charles Zhang	PDF	-	-
Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents.	Maria Leonor Pacheco, Max von Hippel, Ben Weintraub, Dan Goldwasser, Cristina Nita-Rotaru	PDF	-	-
ProVerif with Lemmas, Induction, Fast Subsumption, and Much More.	Bruno Blanchet, Vincent Cheval, Véronique Cortier	PDF	-	-
Four Attacks and a Proof for Telegram.	Martin R. Albrecht, Lenka Mareková, Kenneth G. Paterson, Igors Stepanovs	PDF	-	-
Noise*: A Library of Verified High-Performance Secure Channel Protocol Implementations.	Son Ho, Jonathan Protzenko, Abhishek Bichhawat, Karthikeyan Bhargavan	PDF	-	-
A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols.	Cas Cremers, Caroline Fontaine, Charlie Jacomme	PDF	-	-
IronMask: Versatile Verification of Masking Security.	Sonia Belaïd, Darius Mercadier, Matthieu Rivain, Abdul Rahman Taleb	PDF	-	-
SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds.	Priyanka Bose, Dipanjan Das, Yanju Chen, Yu Feng, Christopher Kruegel, Giovanni Vigna	PDF	-	-
ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs.	Samuel Steffen, Benjamin Bichsel, Roger Baumgartner, Martin T. Vechev	PDF	-	-
Quantifying Blockchain Extractable Value: How dark is the forest?	Kaihua Qin, Liyi Zhou, Arthur Gervais	PDF	-	-
A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verification.	Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Nils Wenzler, Tim Würtele	PDF	-	-
Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attacks.	Hernán Ponce de León, Johannes Kinder	PDF	-	-
TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent Systems.	Mustafa Abdallah, Daniel Woods, Parinaz Naghizadeh, Issa Khalil, Timothy N. Cason, Shreyas Sundaram, Saurabh Bagchi	PDF	-	-
SoK: Authentication in Augmented and Virtual Reality.	Sophie Stephenson, Bijeeta Pal, Stephen Fan, Earlence Fernandes, Yuhang Zhao, Rahul Chatterjee	PDF	-	-
Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks.	Haotian Chi, Chenglong Fu, Qiang Zeng, Xiaojiang Du	PDF	-	-
Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homes.	Haojian Jin, Gram Liu, David Hwang, Swarun Kumar, Yuvraj Agarwal, Jason I. Hong	PDF	-	-
vSGX: Virtualizing SGX Enclaves on AMD SEV.	Shixuan Zhao, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin	PDF	-	-
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP.	Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, Yinqian Zhang	PDF	-	-
RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone.	Jinwen Wang, Ao Li, Haoran Li, Chenyang Lu, Ning Zhang	PDF	-	-
A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilities.	Hongyan Xia, David Zhang, Wei Liu, István Haller, Bruce Sherwin, David Chisnall	PDF	-	-
Smile: Secure Memory Introspection for Live Enclave.	Lei Zhou, Xuhua Ding, Fengwei Zhang	PDF	-	-
Statistical Quantification of Differential Privacy: A Local Approach.	Önder Askin, Tim Kutta, Holger Dette	PDF	-	-
Locally Differentially Private Sparse Vector Aggregation.	Mingxun Zhou, Tianhao Wang, T.-H. Hubert Chan, Giulia Fanti, Elaine Shi	PDF	-	-
Differentially Private Histograms in the Shuffle Model from Fake Users.	Albert Cheu, Maxim Zhilyaev	PDF	-	-
Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Census.	Miranda Christ, Sarah Radway, Steven M. Bellovin	PDF	-	-
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems.	Jiankai Jin, Eleanor McMurtry, Benjamin I. P. Rubinstein, Olga Ohrimenko	PDF	-	-
SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit Records.	Jun Zeng, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, Zheng Leong Chua	PDF	-	-
SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors.	Saravanan Thirumuruganathan, Mohamed Nabeel, Euijin Choo, Issa Khalil, Ting Yu	PDF	-	-
DEEPCASE: Semi-Supervised Contextual Analysis of Security Events.	Thijs van Ede, Hojjat Aghakhani, Noah Spahn, Riccardo Bortolameotti, Marco Cova, Andrea Continella, Maarten van Steen, Andreas Peter, Christopher Kruegel, Giovanni Vigna	PDF	-	-
DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigation.	Zhiqiang Xu, Pengcheng Fang, Changlin Liu, Xusheng Xiao, Yu Wen, Dan Meng	PDF	-	-
Measuring and Mitigating the Risk of IP Reuse on Public Clouds.	Eric Pauley, Ryan Sheatsley, Blaine Hoak, Quinn Burke, Yohan Beugin, Patrick D. McDaniel	PDF	-	-
SecFloat: Accurate Floating-Point meets Secure 2-Party Computation.	Deevashwer Rathee, Anwesh Bhattacharya, Rahul Sharma, Divya Gupta, Nishanth Chandran, Aseem Rastogi	PDF	-	-
Multi-Server Verifiable Computation of Low-Degree Polynomials.	Liang Feng Zhang, Huaxiong Wang	PDF	-	-
Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques.	Amit Seal Ami, Nathan Cooper, Kaushal Kafle, Kevin Moran, Denys Poshyvanyk, Adwait Nadkarni	PDF	-	-
"They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks.	Jan Jancar, Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar	PDF	-	-
Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPK.	Xuancheng Jin, Xuangan Xiao, Songlin Jia, Wang Gao, Dawu Gu, Hang Zhang, Siqi Ma, Zhiyun Qian, Juanru Li	PDF	-	-
SoK: Practical Foundations for Software Spectre Defenses.	Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan	PDF	-	-
SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks.	Youssef Tobah, Andrew Kwong, Ingab Kang, Daniel Genkin, Kang G. Shin	PDF	-	-
Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution.	Ayush Agarwal, Sioli O'Connell, Jason Kim, Shaked Yehezkel, Daniel Genkin, Eyal Ronen, Yuval Yarom	PDF	-	-
BLACKSMITH: Scalable Rowhammering in the Frequency Domain.	Patrick Jattke, Victor van der Veen, Pietro Frigo, Stijn Gunter, Kaveh Razavi	PDF	-	-
ProTRR: Principled yet Optimal In-DRAM Target Row Refresh.	Michele Marazzi, Patrick Jattke, Flavien Solt, Kaveh Razavi	PDF	-	-
Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions.	Hammond Pearce, Baleegh Ahmad, Benjamin Tan, Brendan Dolan-Gavitt, Ramesh Karri	PDF	-	-
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures.	Eugene Bagdasaryan, Vitaly Shmatikov	PDF	-	-
SoK: How Robust is Image Classification Deep Neural Network Watermarking?	Nils Lukas, Edward Jiang, Xinda Li, Florian Kerschbaum	PDF	-	-
Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drift.	Federico Barbero, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro	PDF	-	-
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models.	Jialuo Chen, Jingyi Wang, Tinglan Peng, Youcheng Sun, Peng Cheng, Shouling Ji, Xingjun Ma, Bo Li, Dawn Song	PDF	-	-
Phishing in Organizations: Findings from a Large-Scale and Long-Term Study.	Daniele Lain, Kari Kostiainen, Srdjan Capkun	PDF	-	-
27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University.	Christian Stransky, Oliver Wiese, Volker Roth, Yasemin Acar, Sascha Fahl	PDF	-	-
Investigating Influencer VPN Ads on YouTube.	Omer Akgul, Richard Roberts, Moses Namara, Dave Levin, Michelle L. Mazurek	PDF	-	-
How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study.	Marco Gutfleisch, Jan H. Klemmer, Niklas Busch, Yasemin Acar, M. Angela Sasse, Sascha Fahl	PDF	-	-
Private Approximate Nearest Neighbor Search with Sublinear Communication.	Sacha Servan-Schreiber, Simon Langowski, Srinivas Devadas	PDF	-	-
SPIRAL: Fast, High-Rate Single-Server PIR via FHE Composition.	Samir Jordan Menon, David J. Wu	PDF	-	-
SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofs.	Michael Rosenberg, Mary Maller, Ian Miers	PDF	-	-
How to Attack and Generate Honeywords.	Ding Wang, Yunkai Zou, Qiying Dong, Yuanming Song, Xinyi Huang	PDF	-	-
WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreens.	Yan Jiang, Xiaoyu Ji, Kai Wang, Chen Yan, Richard Mitev, Ahmad-Reza Sadeghi, Wenyuan Xu	PDF	-	-
Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprints.	Patrick Cronin, Xing Gao, Haining Wang, Chase Cotton	PDF	-	-
Device Fingerprinting with Peripheral Timestamps.	John V. Monaco	PDF	-	-
PCR-Auth: Solving Authentication Puzzle Challenge with Encoded Palm Contact Response.	Long Huang, Chen Wang	PDF	-	-
Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation.	Alyssa Milburn, Erik van der Kouwe, Cristiano Giuffrida	PDF	-	-
SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros.	Nicola Ruaro, Fabio Pagani, Stefano Ortolani, Christopher Kruegel, Giovanni Vigna	PDF	-	-
HEAPSTER: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images.	Fabio Gritti, Fabio Pagani, Ilya Grishchenko, Lukas Dresel, Nilo Redini, Christopher Kruegel, Giovanni Vigna	PDF	-	-
SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications.	Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Yuyan Bao	PDF	-	-
Property Inference from Poisoning.	Saeed Mahloujifar, Esha Ghosh, Melissa Chase	PDF	-	-
Reconstructing Training Data with Informed Adversaries.	Borja Balle, Giovanni Cherubin, Jamie Hayes	PDF	-	-
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories.	Adnan Siraj Rakin, Md Hafizul Islam Chowdhuryy, Fan Yao, Deliang Fan	PDF	-	-
Model Stealing Attacks Against Inductive Graph Neural Networks.	Yun Shen, Xinlei He, Yufei Han, Yang Zhang	PDF	-	-
Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security.	Giovanni Camurati, Aurélien Francillon	PDF	-	-
mmSpy: Spying Phone Calls using mmWave Radars.	Suryoday Basak, Mahanth Gowda	PDF	-	-
Attacks on Wireless Coexistence: Exploiting Cross-Technology Performance Features for Inter-Chip Privilege Escalation.	Jiska Classen, Francesco Gringoli, Michael Hermann, Matthias Hollick	PDF	-	-
Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices.	Haoqi Shan, Boyi Zhang, Zihao Zhan, Dean Sullivan, Shuo Wang, Yier Jin	PDF	-	-
Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchains.	Ruomu Hou, Haifeng Yu, Prateek Saxena	PDF	-	-
MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments.	Muhammed F. Esgin, Ron Steinfeld, Raymond K. Zhao	PDF	-	-
Universal Atomic Swaps: Secure Exchange of Coins Across All Blockchains.	Sri Aravinda Krishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez	PDF	-	-
Foundations of Dynamic BFT.	Sisi Duan, Haibin Zhang	PDF	-	-
COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Services.	Robin Vassantlal, Eduardo Alchieri, Bernardo Ferreira, Alysson Bessani	PDF	-	-
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning.	Virat Shejwalkar, Amir Houmansadr, Peter Kairouz, Daniel Ramage	PDF	-	-
Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security.	Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, Xiangyu Zhang	PDF	-	-
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems.	Shangyu Xie, Han Wang, Yu Kong, Yuan Hong	PDF	-	-
"Adversarial Examples" for Proof-of-Learning.	Rui Zhang, Jian Liu, Yuan Ding, Zhibo Wang, Qingbiao Wu, Kui Ren	PDF	-	-
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings.	Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang	PDF	-	-
Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors.	Zihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, Xenofon D. Koutsoukos	PDF	-	-
Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks.	Yanan Guo, Andrew Zigerelli, Youtao Zhang, Jun Yang	PDF	-	-
Finding and Exploiting CPU Features using MSR Templating.	Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz	PDF	-	-
Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest.	Jose Rodrigo Sanchez Vicarte, Michael Flanders, Riccardo Paccagnella, Grant Garrett-Grossman, Adam Morrison, Christopher W. Fletcher, David Kohlbrenner	PDF	-	-
MeshUp: Stateless Cache Side-channel Attack on CPU Mesh.	Junpeng Wan, Yanxiang Bi, Zhe Zhou, Zhou Li	PDF	-	-
Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation.	Zihao Jin, Ziqiao Kong, Shuo Chen, Haixin Duan	PDF	-	-
WTAGRAPH: Web Tracking and Advertising Detection using Graph Neural Networks.	Zhiju Yang, Weiping Pei, Monchu Chen, Chuan Yue	PDF	-	-
Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defense.	Jiajun Gong, Wuqi Zhang, Charles Zhang, Tao Wang	PDF	-	-
Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly.	Alan Romano, Daniel Lehmann, Michael Pradel, Weihang Wang	PDF	-	-
The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies.	Soheil Khodayari, Giancarlo Pellegrino	PDF	-	-
IRQDebloat: Reducing Driver Attack Surface in Embedded Devices.	Zhenghao Hu, Brendan Dolan-Gavitt	PDF	-	-
Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis.	Jiawei Yin, Menghao Li, Wei Wu, Dandan Sun, Jianhua Zhou, Wei Huo, Jingling Xue	PDF	-	-
Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures.	Marton Bognar, Jo Van Bulck, Frank Piessens	PDF	-	-
How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations.	Julian Speith, Florian Schweins, Maik Ender, Marc Fyrbiak, Alexander May, Christof Paar	PDF	-	-
Hardening Circuit-Design IP Against Reverse-Engineering Attacks.	Animesh Chhotaray, Thomas Shrimpton	PDF	-	-
Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices.	Hadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, Aaron Schulman	PDF	-	-
IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensing.	Paul Staat, Simon Mulzer, Stefan Roth, Veelasha Moonsamy, Markus Heinrichs, Rainer Kronberger, Aydin Sezgin, Christof Paar	PDF	-	-
Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems.	Paul Staat, Johannes Tobisch, Christian T. Zenger, Christof Paar	PDF	-	-
Practical EMV Relay Protection.	Andreea-Ina Radu, Tom Chothia, Christopher J. P. Newton, Ioana Boureanu, Liqun Chen	PDF	-	-
AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabulary.	Pengfei Hu, Hui Zhuang, Panneer Selvam Santhalingam, Riccardo Spolaor, Parth H. Pathak, Guoming Zhang, Xiuzhen Cheng	PDF	-	-
Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments.	Mohammad Ghasemisharif, Chris Kanich, Jason Polakis	PDF	-	-
HARDLOG: Practical Tamper-Proof System Auditing Using a Novel Audit Device.	Adil Ahmad, Sangho Lee, Marcus Peinado	PDF	-	-
SWARMFLAWFINDER: Discovering and Exploiting Logic Flaws of Swarm Algorithms.	Chijung Jung, Ali Ahad, Yuseok Jeon, Yonghwi Kwon	PDF	-	-
PGPatch: Policy-Guided Logic Bug Patching for Robotic Vehicles.	Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu	PDF	-	-
"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers.	Ananta Soneji, Faris Bugra Kokulu, Carlos E. Rubio-Medrano, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé	PDF	-	-
SoK: Social Cybersecurity.	Yuxi Wu, W. Keith Edwards, Sauvik Das	PDF	-	-
Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects.	Dominik Wermke, Noah Wöhler, Jan H. Klemmer, Marcel Fourné, Yasemin Acar, Sascha Fahl	PDF	-	-
Membership Inference Attacks From First Principles.	Nicholas Carlini, Steve Chien, Milad Nasr, Shuang Song, Andreas Terzis, Florian Tramèr	PDF	-	-
DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplification.	Se Eun Oh, Taiji Yang, Nate Mathews, James K. Holland, Mohammad Saidur Rahman, Nicholas Hopper, Matthew Wright	PDF	-	-
ShorTor: Improving Tor Network Latency via Multi-hop Overlay Routing.	Kyle Hogan, Sacha Servan-Schreiber, Zachary Newman, Ben Weintraub, Cristina Nita-Rotaru, Srinivas Devadas	PDF	-	-
Sabre: Sender-Anonymous Messaging with Fast Audits.	Adithya Vadapalli, Kyle Storrier, Ryan Henry	PDF	-	-
Security Foundations for Application-Based Covert Communication Channels.	James K. Howes IV, Marios Georgiou, Alex J. Malozemoff, Thomas Shrimpton	PDF	-	-
Bad Characters: Imperceptible NLP Attacks.	Nicholas Boucher, Ilia Shumailov, Ross Anderson, Nicolas Papernot	PDF	-	-
LINKTELLER: Recovering Private Edges from Graph Neural Networks via Influence Analysis.	Fan Wu, Yunhui Long, Ce Zhang, Bo Li	PDF	-	-
Piccolo: Exposing Complex Backdoors in NLP Transformer Models.	Yingqi Liu, Guangyu Shen, Guanhong Tao, Shengwei An, Shiqing Ma, Xiangyu Zhang	PDF	-	-
BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning.	Jinyuan Jia, Yupei Liu, Neil Zhenqiang Gong	PDF	-	-
Repairing DoS Vulnerability of Real-World Regexes.	Nariyoshi Chida, Tachio Terauchi	PDF	-	-
GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs.	Zhenpeng Lin, Yueqi Chen, Yuhang Wu, Dongliang Mu, Chensheng Yu, Xinyu Xing, Kang Li	PDF	-	-
Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsis.	Yunlong Lyu, Yi Fang, Yiwei Zhang, Qibin Sun, Siqi Ma, Elisa Bertino, Kangjie Lu, Juanru Li	PDF	-	-
FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy.	Zhi Yang, Zhanhui Yuan, Shuyuan Jin, Xingyuan Chen, Lei Sun, Xuehui Du, Wenfa Li, Hongqi Zhang	PDF	-	-
Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trust.	Johnny So, Najmeh Miramirkhani, Michael Ferdman, Nick Nikiforakis	PDF	-	-
Scraping Sticky Leftovers: App User Information Left on Servers After Account Deletion.	Preethi Santhanam, Hoang Dang, Zhiyong Shan, Iulian Neamtiu	PDF	-	-
TrollMagnifier: Detecting State-Sponsored Troll Accounts on Reddit.	Mohammad Hammas Saeed, Shiza Ali, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, Gianluca Stringhini	PDF	-	-
Analyzing Ground-Truth Data of Mobile Gambling Scams.	Geng Hong, Zhemin Yang, Sen Yang, Xiaojing Liao, Xiaolin Du, Min Yang, Haixin Duan	PDF	-	-
Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis.	Dongdong She, Abhishek Shah, Suman Jana	PDF	-	-
FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks.	Kyungtae Kim, Taegyu Kim, Ertza Warraich, Byoungyoung Lee, Kevin R. B. Butler, Antonio Bianchi, Dave Jing Tian	PDF	-	-
Exploit the Last Straw That Breaks Android Systems.	Lei Zhang, Keke Lian, Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang, Min Yang, Haixin Duan	PDF	-	-
CirC: Compiler infrastructure for proof systems, software verification, and more.	Alex Ozdemir, Fraser Brown, Riad S. Wahby	PDF	-	-
HAMRAZ: Resilient Partitioning and Replication.	Xiao Li, Farzin Houshmand, Mohsen Lesani	PDF	-	-
Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities.	Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave Jing Tian, Antonio Bianchi	PDF	-	-
"Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in Kenya.	Collins W. Munyendo, Yasemin Acar, Adam J. Aviv	PDF	-	-
SoK: The Dual Nature of Technology in Sexual Abuse.	Borke Obada-Obieh, Yue Huang, Lucrezia Spagnolo, Konstantin Beznosov	PDF	-	-
SoK: A Framework for Unifying At-Risk User Research.	Noel Warford, Tara Matthews, Kaitlyn Yang, Omer Akgul, Sunny Consolvo, Patrick Gage Kelley, Nathan Malkin, Michelle L. Mazurek, Manya Sleeper, Kurt Thomas	PDF	-	-
Deployment of Source Address Validation by Network Operators: A Randomized Control Trial.	Qasim Lone, Alisa Frik, Matthew Luckie, Maciej Korczynski, Michel van Eeten, Carlos Gañán	PDF	-	-
Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices.	Takayuki Sasaki, Akira Fujita, Carlos Hernandez Gañán, Michel van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto	PDF	-	-
Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platforms.	Zhi Li, Weijie Liu, Hongbo Chen, XiaoFeng Wang, Xiaojing Liao, Luyi Xing, Mingming Zha, Hai Jin, Deqing Zou	PDF	-	-
Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA.	Ivan De Oliveira Nunes, Seoyeon Hwang, Sashidhar Jakkamsetti, Gene Tsudik	PDF	-	-
Publicly Accountable Robust Multi-Party Computation.	Marc Rivinius, Pascal Reisert, Daniel Rausch, Ralf Küsters	PDF	-	-
Waldo: A Private Time-Series Database from Function Secret Sharing.	Emma Dauterman, Mayank Rathee, Raluca Ada Popa, Ion Stoica	PDF	-	-
Hark: A Deep Learning System for Navigating Privacy Feedback at Scale.	Hamza Harkous, Sai Teja Peddinti, Rishabh Khandelwal, Animesh Srivastava, Nina Taft	PDF	-	-
Sphinx: Enabling Privacy-Preserving Online Learning over the Cloud.	Han Tian, Chaoliang Zeng, Zhenghang Ren, Di Chai, Junxue Zhang, Kai Chen, Qiang Yang	PDF	-	-
Spurt: Scalable Distributed Randomness Beacon with Transparent Setup.	Sourav Das, Vinith Krishnan, Irene Miriam Isaac, Ling Ren	PDF	-	-
Practical Asynchronous Distributed Key Generation.	Sourav Das, Thomas Yurek, Zhuolun Xiang, Andrew Miller, Lefteris Kokoris-Kogias, Ling Ren	PDF	-	-
Security Analysis of the MLS Key Derivation.	Chris Brzuska, Eric Cornelissen, Konrad Kohbrok	PDF	-	-
Low-Bandwidth Threshold ECDSA via Pseudorandom Correlation Generators.	Damiano Abram, Ariel Nof, Claudio Orlandi, Peter Scholl, Omer Shlomovits	PDF	-	-
Journey to the Center of the Cookie Ecosystem: Unraveling Actors' Roles and Relationships.	Iskander Sánchez-Rola, Matteo Dell'Amico, Davide Balzarotti, Pierre-Antoine Vervier, Leyla Bilge	PDF	-	-