43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022 - researchr publication

researchr

You are not signed in
Sign in
Sign up

43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE, 2022. [doi]

Conference: sp

Abstract is missing.

PATA: Fuzzing with Path Aware Taint AnalysisJie Liang, Mingzhe Wang, Chijin Zhou, Zhiyong Wu, Yu Jiang 0001, Jianzhong Liu, Zhe Liu 0001, Jiaguang Sun 0001. 1-17 [doi]

JIGSAW: Efficient and Scalable Path Constraints FuzzingJu Chen, Jinghan Wang, Chengyu Song, Heng Yin. 18-35 [doi]

BEACON: Directed Grey-Box Fuzzing with Provable Path PruningHeqing Huang, Yiyuan Guo, Qingkai Shi, Peisen Yao, Rongxin Wu, Charles Zhang. 36-50 [doi]

Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification DocumentsMaria Leonor Pacheco, Max von Hippel, Ben Weintraub, Dan Goldwasser, Cristina Nita-Rotaru. 51-68 [doi]

ProVerif with Lemmas, Induction, Fast Subsumption, and Much MoreBruno Blanchet, Vincent Cheval, Véronique Cortier. 69-86 [doi]

Four Attacks and a Proof for TelegramMartin R. Albrecht, Lenka Mareková, Kenneth G. Paterson, Igors Stepanovs. 87-106 [doi]

Noise*: A Library of Verified High-Performance Secure Channel Protocol ImplementationsSon Ho, Jonathan Protzenko, Abhishek Bichhawat, Karthikeyan Bhargavan. 107-124 [doi]

A Logic and an Interactive Prover for the Computational Post-Quantum Security of ProtocolsCas Cremers, Caroline Fontaine, Charlie Jacomme. 125-141 [doi]

IronMask: Versatile Verification of Masking SecuritySonia Belaïd, Darius Mercadier, Matthieu Rivain, Abdul Rahman Taleb. 142-160 [doi]

SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in SecondsPriyanka Bose, Dipanjan Das 0002, Yanju Chen, Yu Feng 0001, Christopher Kruegel, Giovanni Vigna. 161-178 [doi]

ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge ProofsSamuel Steffen, Benjamin Bichsel, Roger Baumgartner, Martin T. Vechev. 179-197 [doi]

Quantifying Blockchain Extractable Value: How dark is the forest?Kaihua Qin, Liyi Zhou, Arthur Gervais. 198-214 [doi]

A Formal Security Analysis of the W3C Web Payment APIs: Attacks and VerificationQuoc Huy Do 0001, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Nils Wenzler, Tim Würtele. 215-234 [doi]

Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution AttacksHernán Ponce de León, Johannes Kinder. 235-248 [doi]

TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent SystemsMustafa Abdallah, Daniel Woods, Parinaz Naghizadeh, Issa Khalil, Timothy N. Cason, Shreyas Sundaram, Saurabh Bagchi. 249-266 [doi]

SoK: Authentication in Augmented and Virtual RealitySophie Stephenson, Bijeeta Pal, Stephen Fan, Earlence Fernandes, Yuhang Zhao, Rahul Chatterjee 0001. 267-284 [doi]

Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference AttacksHaotian Chi, Chenglong Fu 0002, Qiang Zeng 0001, Xiaojiang Du. 285-302 [doi]

Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart HomesHaojian Jin, Gram Liu, David Hwang, Swarun Kumar, Yuvraj Agarwal, Jason I. Hong. 303-320 [doi]

vSGX: Virtualizing SGX Enclaves on AMD SEVShixuan Zhao, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin. 321-336 [doi]

A Systematic Look at Ciphertext Side Channels on AMD SEV-SNPMengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth 0001, Radu Teodorescu, Yinqian Zhang. 337-351 [doi]

RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZoneJinwen Wang, Ao Li, Haoran Li, Chenyang Lu 0001, Ning Zhang 0017. 352-369 [doi]

A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative VulnerabilitiesHongyan Xia, David Zhang, Wei Liu, István Haller, Bruce Sherwin, David Chisnall. 370-385 [doi]

Smile: Secure Memory Introspection for Live EnclaveLei Zhou, Xuhua Ding, Fengwei Zhang. 386-401 [doi]

Statistical Quantification of Differential Privacy: A Local ApproachÖnder Askin, Tim Kutta, Holger Dette. 402-421 [doi]

Locally Differentially Private Sparse Vector AggregationMingxun Zhou, Tianhao Wang 0001, T.-H. Hubert Chan, Giulia Fanti, Elaine Shi. 422-439 [doi]

Differentially Private Histograms in the Shuffle Model from Fake UsersAlbert Cheu, Maxim Zhilyaev. 440-457 [doi]

Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. CensusMiranda Christ, Sarah Radway, Steven M. Bellovin. 457-472 [doi]

Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy SystemsJiankai Jin, Eleanor McMurtry, Benjamin I. P. Rubinstein, Olga Ohrimenko. 473-488 [doi]

SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit RecordsJun Zeng, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, Zheng-Leong Chua. 489-506 [doi]

SIRAJ: A Unified Framework for Aggregation of Malicious Entity DetectorsSaravanan Thirumuruganathan, Mohamed Nabeel, Euijin Choo, Issa Khalil, Ting Yu 0001. 507-521 [doi]

DEEPCASE: Semi-Supervised Contextual Analysis of Security EventsThijs van Ede, Hojjat Aghakhani, Noah Spahn, Riccardo Bortolameotti, Marco Cova, Andrea Continella, Maarten van Steen, Andreas Peter, Christopher Kruegel, Giovanni Vigna. 522-539 [doi]

DEPCOMM: Graph Summarization on System Audit Logs for Attack InvestigationZhiqiang Xu, Pengcheng Fang, Changlin Liu, Xusheng Xiao, Yu Wen, Dan Meng. 540-557 [doi]

Measuring and Mitigating the Risk of IP Reuse on Public CloudsEric Pauley, Ryan Sheatsley, Blaine Hoak, Quinn Burke, Yohan Beugin, Patrick D. McDaniel. 558-575 [doi]

SecFloat: Accurate Floating-Point meets Secure 2-Party ComputationDeevashwer Rathee, Anwesh Bhattacharya, Rahul Sharma 0001, Divya Gupta 0001, Nishanth Chandran, Aseem Rastogi. 576-595 [doi]

Multi-Server Verifiable Computation of Low-Degree PolynomialsLiang Feng Zhang, Huaxiong Wang. 596-613 [doi]

Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection TechniquesAmit Seal Ami, Nathan Cooper, Kaushal Kafle, Kevin Moran, Denys Poshyvanyk, Adwait Nadkarni. 614-631 [doi]

"They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing AttacksJan Jancar, Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar. 632-649 [doi]

Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPKXuancheng Jin, Xuangan Xiao, Songlin Jia, Wang Gao, Dawu Gu, Hang Zhang, Siqi Ma, Zhiyun Qian, Juanru Li. 650-665 [doi]

SoK: Practical Foundations for Software Spectre DefensesSunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan. 666-680 [doi]

SpecHammer: Combining Spectre and Rowhammer for New Speculative AttacksYoussef Tobah, Andrew Kwong, Ingab Kang, Daniel Genkin, Kang G. Shin. 681-698 [doi]

Spook.js: Attacking Chrome Strict Site Isolation via Speculative ExecutionAyush Agarwal, Sioli O'Connell, Jason Kim 0007, Shaked Yehezkel, Daniel Genkin, Eyal Ronen, Yuval Yarom. 699-715 [doi]

BLACKSMITH: Scalable Rowhammering in the Frequency DomainPatrick Jattke, Victor van der Veen, Pietro Frigo, Stijn Gunter, Kaveh Razavi. 716-734 [doi]

ProTRR: Principled yet Optimal In-DRAM Target Row RefreshMichele Marazzi, Patrick Jattke, Flavien Solt, Kaveh Razavi. 735-753 [doi]

Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code ContributionsHammond Pearce, Baleegh Ahmad, Benjamin Tan 0001, Brendan Dolan-Gavitt, Ramesh Karri. 754-768 [doi]

Spinning Language Models: Risks of Propaganda-As-A-Service and CountermeasuresEugene Bagdasaryan, Vitaly Shmatikov. 769-786 [doi]

SoK: How Robust is Image Classification Deep Neural Network Watermarking?Nils Lukas, Edward Jiang, XinDa Li, Florian Kerschbaum. 787-804 [doi]

Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept DriftFederico Barbero, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro. 805-823 [doi]

Copy, Right? A Testing Framework for Copyright Protection of Deep Learning ModelsJialuo Chen, Jingyi Wang, Tinglan Peng, Youcheng Sun, Peng Cheng 0001, Shouling Ji, Xingjun Ma, Bo Li 0026, Dawn Song. 824-841 [doi]

Phishing in Organizations: Findings from a Large-Scale and Long-Term StudyDaniele Lain, Kari Kostiainen, Srdjan Capkun. 842-859 [doi]

27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire UniversityChristian Stransky, Oliver Wiese, Volker Roth 0002, Yasemin Acar, Sascha Fahl. 860-875 [doi]

Investigating Influencer VPN Ads on YouTubeOmer Akgul, Richard Roberts, Moses Namara, Dave Levin, Michelle L. Mazurek. 876-892 [doi]

How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview StudyMarco Gutfleisch, Jan H. Klemmer, Niklas Busch, Yasemin Acar, M. Angela Sasse, Sascha Fahl. 893-910 [doi]

Private Approximate Nearest Neighbor Search with Sublinear CommunicationSacha Servan-Schreiber, Simon Langowski, Srinivas Devadas. 911-929 [doi]

SPIRAL: Fast, High-Rate Single-Server PIR via FHE CompositionSamir Jordan Menon, David J. Wu. 930-947 [doi]

SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate ProofsMichael Rosenberg, Mary Maller, Ian Miers. 948-965 [doi]

How to Attack and Generate HoneywordsDing Wang 0002, Yunkai Zou, Qiying Dong, Yuanming Song, Xinyi Huang. 966-983 [doi]

WIGHT: Wired Ghost Touch Attack on Capacitive TouchscreensYan Jiang, Xiaoyu Ji 0001, Kai Wang, Chen Yan, Richard Mitev, Ahmad-Reza Sadeghi, Wenyuan Xu. 984-1001 [doi]

Time-Print: Authenticating USB Flash Drives with Novel Timing FingerprintsPatrick Cronin, Xing Gao 0001, Haining Wang, Chase Cotton. 1002-1017 [doi]

Device Fingerprinting with Peripheral TimestampsJohn V. Monaco. 1018-1033 [doi]

PCR-Auth: Solving Authentication Puzzle Challenge with Encoded Palm Contact ResponseLong Huang, Chen Wang 0009. 1034-1048 [doi]

Mitigating Information Leakage Vulnerabilities with Type-based Data IsolationAlyssa Milburn, Erik van der Kouwe, Cristiano Giuffrida. 1049-1065 [doi]

SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 MacrosNicola Ruaro, Fabio Pagani, Stefano Ortolani, Christopher Kruegel, Giovanni Vigna. 1066-1081 [doi]

HEAPSTER: Analyzing the Security of Dynamic Allocators for Monolithic Firmware ImagesFabio Gritti, Fabio Pagani, Ilya Grishchenko, Lukas Dresel, Nilo Redini, Christopher Kruegel, Giovanni Vigna. 1082-1099 [doi]

SoK: Demystifying Binary Lifters Through the Lens of Downstream ApplicationsZhibo Liu, Yuanyuan Yuan, Shuai Wang, Yuyan Bao. 1100-1119 [doi]

Property Inference from PoisoningSaeed Mahloujifar, Esha Ghosh, Melissa Chase. 1120-1137 [doi]

Reconstructing Training Data with Informed AdversariesBorja Balle, Giovanni Cherubin, Jamie Hayes. 1138-1156 [doi]

DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in MemoriesAdnan Siraj Rakin, Md Hafizul Islam Chowdhuryy, Fan Yao, Deliang Fan. 1157-1174 [doi]

Model Stealing Attacks Against Inductive Graph Neural NetworksYun Shen, Xinlei He, Yufei Han, Yang Zhang 0016. 1175-1192 [doi]

Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission SecurityGiovanni Camurati, Aurélien Francillon. 1193-1210 [doi]

mmSpy: Spying Phone Calls using mmWave RadarsSuryoday Basak, Mahanth Gowda. 1211-1228 [doi]

Attacks on Wireless Coexistence: Exploiting Cross-Technology Performance Features for Inter-Chip Privilege EscalationJiska Classen, Francesco Gringoli, Michael Hermann, Matthias Hollick. 1229-1245 [doi]

Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic DevicesHaoqi Shan, Boyi Zhang, Zihao Zhan, Dean Sullivan, Shuo Wang, Yier Jin. 1246-1262 [doi]

Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in BlockchainsRuomu Hou, Haifeng Yu, Prateek Saxena. 1263-1280 [doi]

+: More Efficient Post-Quantum Private Blockchain PaymentsMuhammed F. Esgin, Ron Steinfeld, Raymond K. Zhao. 1281-1298 [doi]

Universal Atomic Swaps: Secure Exchange of Coins Across All BlockchainsSri Aravinda Krishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez. 1299-1316 [doi]

Foundations of Dynamic BFTSisi Duan, Haibin Zhang. 1317-1334 [doi]

COBRA: Dynamic Proactive Secret Sharing for Confidential BFT ServicesRobin Vassantlal, Eduardo Alchieri, Bernardo Ferreira, Alysson Bessani. 1335-1353 [doi]

Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated LearningVirat Shejwalkar, Amir Houmansadr, Peter Kairouz, Daniel Ramage. 1354-1371 [doi]

Model Orthogonalization: Class Distance Hardening in Neural Networks for Better SecurityGuanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang 0002, Xiangyu Zhang 0001. 1372-1389 [doi]

Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition SystemsShangyu Xie, Han Wang, Yu Kong, Yuan Hong. 1390-1407 [doi]

"Adversarial Examples" for Proof-of-LearningRui Zhang, Jian Liu, Yuan Ding, Zhibo Wang, Qingbiao Wu, Kui Ren 0001. 1408-1422 [doi]

Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision SettingsYuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang 0005, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang 0006. 1423-1439 [doi]

Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your NeighborsZihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, Xenofon D. Koutsoukos. 1440-1457 [doi]

Adversarial Prefetch: New Cross-Core Cache Side Channel AttacksYanan Guo, Andrew Zigerelli, Youtao Zhang, Jun Yang 0002. 1458-1473 [doi]

Finding and Exploiting CPU Features using MSR TemplatingAndreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz 0001. 1474-1490 [doi]

Augury: Using Data Memory-Dependent Prefetchers to Leak Data at RestJose Rodrigo Sanchez Vicarte, Michael Flanders, Riccardo Paccagnella, Grant Garrett-Grossman, Adam Morrison 0001, Christopher W. Fletcher, David Kohlbrenner. 1491-1505 [doi]

MeshUp: Stateless Cache Side-channel Attack on CPU MeshJunpeng Wan, Yanxiang Bi, Zhe Zhou 0001, Zhou Li 0001. 1506-1524 [doi]

Timing-Based Browsing Privacy Vulnerabilities Via Site IsolationZihao Jin, Ziqiao Kong, Shuo Chen, Haixin Duan. 1525-1539 [doi]

WTAGRAPH: Web Tracking and Advertising Detection using Graph Neural NetworksZhiju Yang, Weiping Pei, Monchu Chen, Chuan Yue. 1540-1557 [doi]

Surakav: Generating Realistic Traces for a Strong Website Fingerprinting DefenseJiajun Gong, Wuqi Zhang, Charles Zhang, Tao Wang. 1558-1573 [doi]

Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssemblyAlan Romano, Daniel Lehmann 0002, Michael Pradel, Weihang Wang 0001. 1574-1589 [doi]

The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite CookiesSoheil Khodayari, Giancarlo Pellegrino. 1590-1607 [doi]

IRQDebloat: Reducing Driver Attack Surface in Embedded DevicesZhenghao Hu, Brendan Dolan-Gavitt. 1608-1622 [doi]

Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static AnalysisJiawei Yin, Menghao Li, Wei Wu, Dandan Sun, Jianhua Zhou, Wei Huo, Jingling Xue. 1623-1637 [doi]

Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution ArchitecturesMarton Bognar, Jo Van Bulck, Frank Piessens. 1638-1655 [doi]

How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 ImplementationsJulian Speith, Florian Schweins, Maik Ender, Marc Fyrbiak, Alexander May 0001, Christof Paar. 1656-1671 [doi]

Hardening Circuit-Design IP Against Reverse-Engineering AttacksAnimesh Chhotaray, Thomas Shrimpton. 1672-1689 [doi]

Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile DevicesHadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, Aaron Schulman. 1690-1704 [doi]

IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless SensingPaul Staat, Simon Mulzer, Stefan Roth 0004, Veelasha Moonsamy, Markus Heinrichs, Rainer Kronberger, Aydin Sezgin, Christof Paar. 1705-1721 [doi]

Anti-Tamper Radio: System-Level Tamper Detection for Computing SystemsPaul Staat, Johannes Tobisch, Christian T. Zenger, Christof Paar. 1722-1736 [doi]

Practical EMV Relay ProtectionAndreea-Ina Radu, Tom Chothia, Christopher J. P. Newton, Ioana Boureanu, Liqun Chen 0002. 1737-1756 [doi]

AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained VocabularyPengfei Hu, Hui Zhuang, Panneer Selvam Santhalingam, Riccardo Spolaor, Parth H. Pathak, Guoming Zhang, Xiuzhen Cheng 0001. 1757-1773 [doi]

Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On DeploymentsMohammad Ghasemisharif, Chris Kanich, Jason Polakis. 1774-1790 [doi]

HARDLOG: Practical Tamper-Proof System Auditing Using a Novel Audit DeviceAdil Ahmad, Sangho Lee 0001, Marcus Peinado. 1791-1807 [doi]

SWARMFLAWFINDER: Discovering and Exploiting Logic Flaws of Swarm AlgorithmsChijung Jung, Ali Ahad, Yuseok Jeon, Yonghwi Kwon 0001. 1808-1825 [doi]

PGPatch: Policy-Guided Logic Bug Patching for Robotic VehiclesHyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu. 1826-1844 [doi]

"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security PapersAnanta Soneji, Faris Bugra Kokulu, Carlos E. Rubio-Medrano, Tiffany Bao, Ruoyu Wang 0001, Yan Shoshitaishvili, Adam Doupé. 1845-1862 [doi]

SoK: Social CybersecurityYuxi Wu, W. Keith Edwards, Sauvik Das. 1863-1879 [doi]

Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software ProjectsDominik Wermke, Noah Wöhler, Jan H. Klemmer, Marcel Fourné, Yasemin Acar, Sascha Fahl. 1880-1896 [doi]

Membership Inference Attacks From First PrinciplesNicholas Carlini, Steve Chien, Milad Nasr, Shuang Song 0001, Andreas Terzis, Florian Tramèr. 1897-1914 [doi]

DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and AmplificationSe Eun Oh, Taiji Yang, Nate Mathews, James K. Holland, Mohammad Saidur Rahman 0002, Nicholas Hopper, Matthew Wright 0001. 1915-1932 [doi]

ShorTor: Improving Tor Network Latency via Multi-hop Overlay RoutingKyle Hogan, Sacha Servan-Schreiber, Zachary Newman, Ben Weintraub, Cristina Nita-Rotaru, Srinivas Devadas. 1933-1952 [doi]

Sabre: Sender-Anonymous Messaging with Fast AuditsAdithya Vadapalli, Kyle Storrier, Ryan Henry. 1953-1970 [doi]

Security Foundations for Application-Based Covert Communication ChannelsJames K. Howes IV, Marios Georgiou 0001, Alex J. Malozemoff, Thomas Shrimpton. 1971-1986 [doi]

Bad Characters: Imperceptible NLP AttacksNicholas Boucher, Ilia Shumailov, Ross Anderson 0001, Nicolas Papernot. 1987-2004 [doi]

Journey to the Center of the Cookie Ecosystem: Unraveling Actors' Roles and RelationshipsIskander Sánchez-Rola, Matteo Dell'Amico, Davide Balzarotti, Pierre-Antoine Vervier, Leyla Bilge. 1990-2004 [doi]

LINKTELLER: Recovering Private Edges from Graph Neural Networks via Influence AnalysisFan Wu 0011, Yunhui Long, Ce Zhang 0001, Bo Li 0026. 2005-2024 [doi]

Piccolo: Exposing Complex Backdoors in NLP Transformer ModelsYingqi Liu, Guangyu Shen, Guanhong Tao, Shengwei An, ShiQing Ma, Xiangyu Zhang 0001. 2025-2042 [doi]

BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised LearningJinyuan Jia, Yupei Liu, Neil Zhenqiang Gong. 2043-2059 [doi]

Repairing DoS Vulnerability of Real-World RegexesNariyoshi Chida, Tachio Terauchi. 2060-2077 [doi]

GREBE: Unveiling Exploitation Potential for Linux Kernel BugsZhenpeng Lin, Yueqi Chen, Yuhang Wu, Dongliang Mu, Chensheng Yu, Xinyu Xing, Kang Li. 2078-2095 [doi]

Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation SynopsisYunlong Lyu, Yi Fang, YiWei Zhang, Qibin Sun, Siqi Ma, Elisa Bertino, Kangjie Lu, Juanru Li. 2096-2113 [doi]

FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction StrategyZhi Yang, Zhanhui Yuan, Shuyuan Jin, Xingyuan Chen, Lei Sun, Xuehui Du, Wenfa Li, Hongqi Zhang. 2114-2129 [doi]

Domains Do Change Their Spots: Quantifying Potential Abuse of Residual TrustJohnny So, Najmeh Miramirkhani, Michael Ferdman, Nick Nikiforakis. 2130-2144 [doi]

Scraping Sticky Leftovers: App User Information Left on Servers After Account DeletionPreethi Santhanam, Hoang Dang, Zhiyong Shan, Iulian Neamtiu. 2145-2160 [doi]

TrollMagnifier: Detecting State-Sponsored Troll Accounts on RedditMohammad Hammas Saeed, Shiza Ali, Jeremy Blackburn, Emiliano De Cristofaro, Savvas Zannettou, Gianluca Stringhini. 2161-2175 [doi]

Analyzing Ground-Truth Data of Mobile Gambling ScamsGeng Hong, Zhemin Yang, Sen Yang, Xiaojing Liao, Xiaolin Du, Min Yang 0002, Haixin Duan. 2176-2193 [doi]

Effective Seed Scheduling for Fuzzing with Graph Centrality AnalysisDongdong She, Abhishek Shah, Suman Jana. 2194-2211 [doi]

FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget StacksKyungtae Kim, TaeGyu Kim, Ertza Warraich, Byoungyoung Lee, Kevin R. B. Butler, Antonio Bianchi, Dave Jing Tian. 2212-2229 [doi]

Exploit the Last Straw That Breaks Android SystemsLei Zhang 0096, Keke Lian, Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang 0009, Min Yang 0002, Haixin Duan. 2230-2247 [doi]

CirC: Compiler infrastructure for proof systems, software verification, and moreAlex Ozdemir, Fraser Brown, Riad S. Wahby. 2248-2266 [doi]

HAMRAZ: Resilient Partitioning and ReplicationXiao Li, Farzin Houshmand, Mohsen Lesani. 2267-2284 [doi]

Formal Model-Driven Discovery of Bluetooth Protocol Design VulnerabilitiesJianliang Wu, Ruoyu Wu, Dongyan Xu, Dave Jing Tian, Antonio Bianchi. 2285-2303 [doi]

"Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in KenyaCollins W. Munyendo, Yasemin Acar, Adam J. Aviv. 2304-2319 [doi]

SoK: The Dual Nature of Technology in Sexual AbuseBorke Obada-Obieh, Yue Huang, Lucrezia Spagnolo, Konstantin Beznosov. 2320-2343 [doi]

SoK: A Framework for Unifying At-Risk User ResearchNoel Warford, Tara Matthews, Kaitlyn Yang, Omer Akgul, Sunny Consolvo, Patrick Gage Kelley, Nathan Malkin, Michelle L. Mazurek, Manya Sleeper, Kurt Thomas. 2344-2360 [doi]

Deployment of Source Address Validation by Network Operators: A Randomized Control TrialQasim Lone, Alisa Frik, Matthew Luckie, Maciej Korczynski, Michel van Eeten, Carlos Gañán. 2361-2378 [doi]

Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management DevicesTakayuki Sasaki, Akira Fujita, Carlos Hernandez Gañán, Michel van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto. 2379-2396 [doi]

Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service PlatformsZhi Li 0048, Weijie Liu 0004, Hongbo Chen, Xiaofeng Wang 0001, Xiaojing Liao, Luyi Xing, Mingming Zha, Hai Jin 0001, Deqing Zou. 2397-2412 [doi]

Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSAIvan De Oliveira Nunes, Seoyeon Hwang, Sashidhar Jakkamsetti, Gene Tsudik. 2413-2429 [doi]

Publicly Accountable Robust Multi-Party ComputationMarc Rivinius, Pascal Reisert, Daniel Rausch 0001, Ralf Küsters. 2430-2449 [doi]

Waldo: A Private Time-Series Database from Function Secret SharingEmma Dauterman, Mayank Rathee, Raluca Ada Popa, Ion Stoica. 2450-2468 [doi]

Hark: A Deep Learning System for Navigating Privacy Feedback at ScaleHamza Harkous, Sai Teja Peddinti, Rishabh Khandelwal, Animesh Srivastava, Nina Taft. 2469-2486 [doi]

Sphinx: Enabling Privacy-Preserving Online Learning over the CloudHan Tian, Chaoliang Zeng, Zhenghang Ren, Di Chai, Junxue Zhang, Kai Chen 0005, Qiang Yang 0001. 2487-2501 [doi]

Spurt: Scalable Distributed Randomness Beacon with Transparent SetupSourav Das, Vinith Krishnan, Irene Miriam Isaac, Ling Ren 0001. 2502-2517 [doi]

Practical Asynchronous Distributed Key GenerationSourav Das, Thomas Yurek, Zhuolun Xiang, Andrew K. Miller, Lefteris Kokoris-Kogias, Ling Ren 0001. 2518-2534 [doi]

Security Analysis of the MLS Key DerivationChris Brzuska, Eric Cornelissen, Konrad Kohbrok. 2535-2553 [doi]

Low-Bandwidth Threshold ECDSA via Pseudorandom Correlation GeneratorsDamiano Abram, Ariel Nof, Claudio Orlandi, Peter Scholl, Omer Shlomovits. 2554-2572 [doi]

runs on WebDSL

翻译：