30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023

researchr

You are not signed in
Sign in
Sign up

30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023. The Internet Society, 2023. [doi]

Conference: ndss2023

Abstract is missing.

Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry PairingMohit Kumar Jangid, Yue Zhang 0025, Zhiqiang Lin. [doi]

OBSan: An Out-Of-Bound Sanitizer to Harden DNN ExecutablesYanzuo Chen, Yuanyuan Yuan, Shuai Wang 0011. [doi]

FUZZILLI: Fuzzing for JavaScript JIT Compiler VulnerabilitiesSamuel Groß, Simon Koch, Lukas Bernhard, Thorsten Holz, Martin Johns. [doi]

He-HTLC: Revisiting Incentives in HTLCSarisht Wadhwa, Jannis Stoeter, Fan Zhang, Kartik Nayak. [doi]

HeteroScore: Evaluating and Mitigating Cloud Security Threats Brought by HeterogeneityChongzhou Fang, Najmeh Nazari, Behnam Omidi, Han Wang, Aditya Puri, Manish Arora, Setareh Rafatirad, Houman Homayoun, Khaled N. Khasawneh. [doi]

Fine-Grained Trackability in Protocol ExecutionsKsenia Budykho, Ioana Boureanu, Stephan Wesemeyer, Daniel Romero, Matt Lewis, Yogaratnam Rahulan, Fortunat Rajaona, Steve Schneider. [doi]

SoundLock: A Novel User Authentication Scheme for VR Devices Using Auditory-Pupillary ResponseHuadi Zhu, Mingyan Xiao, Demoria Sherman, Ming Li 0006. [doi]

Sometimes, You Aren't What You Do: Mimicry Attacks against Provenance Graph Host Intrusion Detection SystemsAkul Goyal, Xueyuan Han, Gang Wang 0011, Adam Bates 0001. [doi]

Navigating Murky Waters: Automated Browser Feature Testing for Uncovering Tracking VectorsMir Masood Ali, Binoy Chitale, Mohammad Ghasemisharif, Chris Kanich, Nick Nikiforakis, Jason Polakis. [doi]

Partitioning Ethereum without Eclipsing ItHwanjo Heo, Seungwon Woo, Taeung Yoon, Min-Suk Kang, Seungwon Shin. [doi]

Accountable Javascript Code DeliveryIlkan Esiyok, Pascal Berrang, Katriel Cohn-Gordon, Robert Künnemann. [doi]

Backdoor Attacks Against Dataset DistillationYugeng Liu, Zheng Li, Michael Backes 0001, Yun Shen, Yang Zhang 0016. [doi]

Double and Nothing: Understanding and Detecting Cryptocurrency Giveaway ScamsXigao Li, Anurag Yepuri, Nick Nikiforakis. [doi]

DOITRUST: Dissecting On-chain Compromised Internet Domains via Graph LearningShuo Wang, Mahathir Almashor, Alsharif Abuadbba, Ruoxi Sun, Minhui Xue, Calvin Wang, Raj Gaire 0001, Surya Nepal, Seyit Camtepe. [doi]

Breaking and Fixing Virtual Channels: Domino Attack and DonnerLukas Aumayr, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei. [doi]

Him of Many Faces: Characterizing Billion-scale Adversarial and Benign Browser Fingerprints on Commercial WebsitesShujiang Wu, Pengfei Sun, Yao Zhao, Yinzhi Cao. [doi]

Fusion: Efficient and Secure Inference Resilient to Malicious ServersCaiqin Dong, Jian Weng 0001, Jia-Nan Liu, Yue Zhang 0025, Yao Tong, Anjia Yang, Yudan Cheng, Shun Hu. [doi]

REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a ServiceWenjie Qu 0001, Jinyuan Jia, Neil Zhenqiang Gong. [doi]

MyTEE: Own the Trusted Execution Environment on Embedded DevicesSeung-Kyun Han, Jinsoo Jang. [doi]

REDsec: Running Encrypted Discretized Neural Networks in SecondsLars Folkerts, Charles Gouert, Nektarios Georgios Tsoutsos. [doi]

StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission SensorsKe Sun 0012, Chunyu Xia, Songlin Xu, Xinyu Zhang 0003. [doi]

BARS: Local Robustness Certification for Deep Learning based Traffic Analysis SystemsKai Wang, Zhiliang Wang, Dongqi Han, Wenqi Chen, Jiahai Yang 0001, Xingang Shi, Xia Yin. [doi]

Thwarting Smartphone SMS Attacks at the Radio Interface LayerHaohuang Wen, Phillip A. Porras, Vinod Yegneswaran, Zhiqiang Lin. [doi]

An OS-agnostic Approach to Memory ForensicsAndrea Oliveri, Matteo Dell'Amico, Davide Balzarotti. [doi]

InfoMasker: Preventing Eavesdropping Using Phoneme-Based NoisePeng Huang, Yao Wei, Peng Cheng, Zhongjie Ba, Li Lu 0008, Feng Lin 0004, Fan Zhang 0010, Kui Ren 0001. [doi]

Focusing on Pinocchio's Nose: A Gradients Scrutinizer to Thwart Split-Learning Hijacking Attacks Using Intrinsic AttributesJiayun Fu, Xiaojing Ma 0002, Bin B. Zhu, Pingyi Hu, Ruixin Zhao, Yaru Jia, Peng Xu 0003, Hai Jin 0001, Dongmei Zhang 0001. [doi]

Efficient Dynamic Proof of Retrievability for Cold StorageTung Le, Pengzhi Huang, Attila A. Yavuz, Elaine Shi, Thang Hoang. [doi]

Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and RevocationXiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li 0001, Haixin Duan, Qi Li 0002. [doi]

RR: A Fault Model for Efficient TEE ReplicationBaltasar Dinis, Peter Druschel, Rodrigo Rodrigues 0001. [doi]

A Security Study about Electron Applications and a Programming Methodology to Tame DOM FunctionalitiesZihao Jin, Shuo Chen 0001, Yang Chen, Haixin Duan, Jianjun Chen 0005, Jianping Wu. [doi]

AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile PlatformsHossein Fereidooni, Jan König, Phillip Rieger, Marco Chilese, Bora Gökbakan, Moritz Finke, Alexandra Dmitrienko, Ahmad-Reza Sadeghi. [doi]

A Systematic Study of the Consistency of Two-Factor Authentication User Journeys on Top-Ranked WebsitesSanam Ghorbani Lyastani, Michael Backes 0001, Sven Bugiel. [doi]

Private Certifier IntersectionBishakh Chandra Ghosh, Sikhar Patranabis, Dhinakaran Vinayagamurthy, Venkatraman Ramakrishna, Krishnasuri Narayanam, Sandip Chakraborty. [doi]

On the Anonymity of Peer-To-Peer Network Anonymity Schemes Used by CryptocurrenciesPiyush Kumar Sharma, Devashish Gosain, Claudia Díaz. [doi]

Real Threshold ECDSAHarry W. H. Wong, Jack P. K. Ma, Hoover H. F. Yin, Sherman S. M. Chow. [doi]

RAI2: Responsible Identity Audit Governing the Artificial IntelligenceTian Dong, Shaofeng Li, Guoxing Chen, Minhui Xue, Haojin Zhu, Zhen Liu 0008. [doi]

Cryptographic Oracle-based Conditional PaymentsVarun Madathil, Sri Aravinda Krishnan Thyagarajan, Dimitrios Vasilopoulos, Lloyd Fournier, Giulio Malavolta, Pedro Moreno-Sanchez. [doi]

Drone Security and the Mysterious Case of DJI's DroneIDNico Schiller, Merlin Chlosta, Moritz Schloegel, Nils Bars, Thorsten Eisenhofer, Tobias Scharnowski, Felix Domke, Lea Schönherr, Thorsten Holz. [doi]

Towards Automatic and Precise Heap Layout Manipulation for General-Purpose ProgramsRunhao Li, Bin Zhang, Jiongyi Chen, Wenfeng Lin, Chao Feng, Chaojing Tang. [doi]

MetaWave: Attacking mmWave Sensing with Meta-material-enhanced TagsXingyu Chen, Zhengxiong Li, Baicheng Chen, Yi Zhu, Chris Xiaoxuan Lu, Zhengyu Peng, Feng Lin 0004, Wenyao Xu, Kui Ren 0001, Chunming Qiao. [doi]

Copy-on-Flip: Hardening ECC Memory Against Rowhammer AttacksAndrea Di Dio, Koen Koning, Herbert Bos, Cristiano Giuffrida. [doi]

BEAGLE: Forensics of Deep Learning Backdoor Attack for Better DefenseSiyuan Cheng 0005, Guanhong Tao, Yingqi Liu, Shengwei An, Xiangzhe Xu, Shiwei Feng 0002, Guangyu Shen, Kaiyuan Zhang 0002, Qiuling Xu, ShiQing Ma, Xiangyu Zhang 0001. [doi]

SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web ApplicationsAn Chen, Jiho Lee, Basanta Chaulagain, Yonghwi Kwon 0001, Kyu Hyung Lee. [doi]

OBI: a multi-path oblivious RAM for forward-and-backward-secure searchable encryptionZhiqiang Wu, Rui Li. [doi]

Faster Secure Comparisons with Offline Phase for Efficient Private Set IntersectionFlorian Kerschbaum, Erik-Oliver Blass, Rasoul Akhavan Mahdavi. [doi]

LOKI: State-Aware Fuzzing Framework for the Implementation of Blockchain Consensus ProtocolsFuchen Ma, Yuanliang Chen, Meng Ren, Yuanhang Zhou, Yu Jiang 0001, Ting Chen 0002, Huizhong Li, Jiaguang Sun 0001. [doi]

Browser Permission Mechanisms DemystifiedKazuki Nomoto, Takuya Watanabe 0001, Eitaro Shioji, Mitsuaki Akiyama, Tatsuya Mori. [doi]

DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential TestingSeongIl Wi, Trung Tin Nguyen, Jihwan Kim, Ben Stock, Sooel Son. [doi]

Post-GDPR Threat Hunting on Android Phones: Dissecting OS-level Safeguards of User-unresettable IdentifiersMark Huasong Meng, Qing Zhang, Guangshuai Xia, Yuwei Zheng, Yanjun Zhang, Guangdong Bai, Zhi Liu, Sin G. Teo, Jin Song Dong. [doi]

DARWIN: Survival of the Fittest Fuzzing MutatorsPatrick Jauernig, Domagoj Jakobovic, Stjepan Picek, Emmanuel Stapf, Ahmad-Reza Sadeghi. [doi]

Evasion Attacks and Defenses on Smart Home Physical Event VerificationMuslum Ozgur Ozmen, Ruoyu Song, Habiba Farrukh, Z. Berkay Celik. [doi]

How to Count Bots in Longitudinal Datasets of IP AddressesLeon Böck, Dave Levin, Ramakrishna Padmanabhan, Christian Doerr, Max Mühlhäuser. [doi]

A Robust Counting Sketch for Data Plane Intrusion DetectionSian Kim, Changhun Jung, RhongHo Jang, David Mohaisen, DaeHun Nyang. [doi]

Privacy-Preserving Database FingerprintingTianxi Ji, Erman Ayday, Emre Yilmaz, Ming Li, Pan Li 0001. [doi]

Automata-Based Automated Detection of State Machine Bugs in Protocol ImplementationsPaul Fiterau-Brostean, Bengt Jonsson 0001, Konstantinos Sagonas, Fredrik Tåquist. [doi]

The "Beatrix" Resurrections: Robust Backdoor Detection via Gram MatricesWanlun Ma, Derui Wang, Ruoxi Sun, Minhui Xue, Sheng Wen, Yang Xiang. [doi]

Adversarial Robustness for Tabular Data through Cost and Utility AwarenessKlim Kireev, Bogdan Kulynych, Carmela Troncoso. [doi]

POSE: Practical Off-chain Smart Contract ExecutionTommaso Frassetto, Patrick Jauernig, David Koisser, David Kretzler, Benjamin Schlosser, Sebastian Faust, Ahmad-Reza Sadeghi. [doi]

Parakeet: Practical Key Transparency for End-to-End Encrypted MessagingHarjasleen Malvai, Lefteris Kokoris-Kogias, Alberto Sonnino, Esha Ghosh, Ercan Oztürk, Kevin Lewi, Sean F. Lawlor. [doi]

EdgeTDC: On the Security of Time Difference of Arrival Measurements in CAN Bus SystemsMarc Roeschlin, Giovanni Camurati, Pascal Brunner, Mridula Singh, Srdjan Capkun. [doi]

Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition SystemsHadi Abdullah, Aditya Karlekar, Saurabh Prasad, Muhammad Sajidur Rahman, Logan Blue, Luke A. Bauer, Vincent Bindschaedler, Patrick Traynor. [doi]

CHKPLUG: Checking GDPR Compliance of WordPress Plugins via Cross-language Code Property GraphFaysal Hossain Shezan, Zihao Su, Mingqing Kang, Nicholas Phair, Patrick William Thomas, Michelangelo van Dam, Yinzhi Cao, Yuan Tian 0001. [doi]

ChargePrint: A Framework for Internet-Scale Discovery and Security Analysis of EV Charging Management SystemsTony Nasr, Sadegh Torabi, Elias Bou-Harb, Claude Fachkha, Chadi Assi. [doi]

OptRand: Optimistically Responsive Reconfigurable Distributed RandomnessAdithya Bhat, Nibesh Shrestha, Aniket Kate, Kartik Nayak. [doi]

Machine Unlearning of Features and LabelsAlexander Warnecke, Lukas Pirch, Christian Wressnegger, Konrad Rieck. [doi]

Folk Models of Misinformation on Social MediaFilipo Sharevski, Amy Devine, Emma Pieroni, Peter Jachim. [doi]

Do Not Give a Dog Bread Every Time He Wags His Tail: Stealing Passwords through Content Queries (CONQUER) AttacksChongqing Lei, Zhen Ling, Yue Zhang 0025, Kai Dong, Kaizheng Liu, Junzhou Luo, Xinwen Fu. [doi]

VulHawk: Cross-architecture Vulnerability Detection with Entropy-based Binary Code SearchZhenhao Luo, Pengfei Wang 0010, Baosheng Wang, Yong Tang, Wei Xie, Xu Zhou, Danjun Liu, Kai Lu. [doi]

BinaryInferno: A Semantic-Driven Approach to Field Inference for Binary Message FormatsJared Chandler, Adam Wick, Kathleen Fisher. [doi]

I Still Know What You Watched Last Sunday: Privacy of the HbbTV Protocol in the European Smart TV LandscapeCarlotta Tagliaro, Florian Hahn 0004, Riccardo Sepe, Alessio Aceti, Martina Lindorfer. [doi]

ReScan: A Middleware Framework for Realistic and Robust Black-box Web Application ScanningKostas Drakonakis, Sotiris Ioannidis, Jason Polakis. [doi]

No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call DescriptionsAlexander Bulekov, Bandan Das, Stefan Hajnoczi, Manuel Egele. [doi]

Preventing SIM Box Fraud Using Device Model FingerprintingBeomseok Oh, Junho Ahn, Sangwook Bae, Mincheol Son, Yonghwa Lee, Min-Suk Kang, Yongdae Kim. [doi]

Paralyzing Drones via EMI Signal Injection on Sensory Communication ChannelsJoon-Ha Jang, ManGi Cho, Jaehoon Kim, Dongkwan Kim, Yongdae Kim. [doi]

BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain ProjectsXiao Yi, Yuzhou Fang, Daoyuan Wu, Lingxiao Jiang. [doi]

Access Your Tesla without Your Awareness: Compromising Keyless Entry System of Model 3Xinyi Xie, Kun Jiang 0004, Rui Dai, Jun Lu, Lihui Wang, Qing Li, Jun Yu 0010. [doi]

Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer LearningChristoph Sendner, Huili Chen, Hossein Fereidooni, Lukas Petzi, Jan König, Jasper Stang, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Farinaz Koushanfar. [doi]

The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric EncryptionTianyang Chen, Peng Xu 0003, Stjepan Picek, Bo Luo, Willy Susilo, Hai Jin 0001, Kaitai Liang. [doi]

Brokenwire : Wireless Disruption of CCS Electric Vehicle ChargingSebastian Köhler 0005, Richard Baker 0008, Martin Strohmeier, Ivan Martinovic. [doi]

Tactics, Threats & Targets: Modeling Disinformation and its MitigationMuhammad Shujaat Mirza, Labeeba Begum, Liang Niu, Sarah Pardo, Azza Abouzied, Paolo Papotti, Christina Pöpper. [doi]

Anomaly Detection in the Open World: Normality Shift Detection, Explanation, and AdaptationDongqi Han, Zhiliang Wang, Wenqi Chen, Kai Wang, Rui Yu 0003, Su Wang, Han Zhang 0009, Zhihua Wang, Minghui Jin, Jiahai Yang 0001, Xingang Shi, Xia Yin. [doi]

ProbFlow : Using Probabilistic Programming in Anonymous Communication NetworksHussein Darir, Geir E. Dullerud, Nikita Borisov. [doi]

PPA: Preference Profiling Attack Against Federated LearningChunyi Zhou, Yansong Gao, Anmin Fu, Kai Chen, Zhiyang Dai, Zhi Zhang 0001, Minhui Xue, Yuqing Zhang 0001. [doi]

Your Router is My Prober: Measuring IPv6 Networks via ICMP Rate Limiting Side ChannelsLong Pan, Jiahai Yang 0001, Lin He 0004, Zhiliang Wang, Leyao Nie, Guanglei Song, Yaozhong Liu. [doi]

Hope of Delivery: Extracting User Locations From Mobile Instant MessengersTheodor Schnitzler, Katharina Kohls, Evangelos Bitsikas, Christina Pöpper. [doi]

Un-Rocking Drones: Foundations of Acoustic Injection Attacks and Recovery ThereofJinseob Jeong, Dongkwan Kim, Joon-Ha Jang, Juhwan Noh, ChangHun Song, Yongdae Kim. [doi]

Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow Interaction Graph AnalysisChuanpu Fu, Qi Li 0002, Ke Xu 0002. [doi]

Let Me Unwind That For You: Exceptions to Backward-Edge ProtectionVictor Duta, Fabian Freyer, Fabio Pagani, Marius Muench, Cristiano Giuffrida. [doi]

Trellis: Robust and Scalable Metadata-private Anonymous BroadcastSimon Langowski, Sacha Servan-Schreiber, Srinivas Devadas. [doi]

QUICforge: Client-side Request Forgery in QUICKonrad Yuri Gbur, Florian Tschorsch. [doi]

Securing Federated Sensitive Topic Classification against Poisoning AttacksTianyue Chu, Álvaro García-Recuero, Costas Iordanou, Georgios Smaragdakis, Nikolaos Laoutaris. [doi]

RoVISQ: Reduction of Video Service Quality via Adversarial Attacks on Deep Learning-based Video CompressionJung-Woo Chang, Mojan Javaheripi, Seira Hidano, Farinaz Koushanfar. [doi]

Assessing the Impact of Interface Vulnerabilities in Compartmentalized SoftwareHugo Lefeuvre, Vlad-Andrei Badoiu, Yi Chen, Felipe Huici, Nathan Dautenhahn, Pierre Olivier. [doi]

VICEROY: GDPR-/CCPA-compliant Enforcement of Verifiable Accountless Consumer RequestsScott Jordan, Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, Gene Tsudik. [doi]

External Links

Cite Key

Statistics

PDF

Researchr

30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023

Abstract

Table of Contents