Skip to main content

Accepted Papers

Learning from Failures: Secure and Fault-Tolerant Aggregation for Federated Learning
Mohamad Mansouri (Thales SIX GTS / EURECOM), Melek Önen (EURECOM), Wafa Ben Jaballah (Thales SIX GTS)

MProbe: Make the code probing meaningless
YongGang Li (China University of Mining and Technology), Yeh-Ching Chung (the Chinese University of Hong Kong (CUHK), Shenzhen), Jinbiao Xing (China University of Mining and Technology), Yu Bao (China University of Mining and Technology), GuoYuan LIn (China University of Mining and Technology)

Privacy-Preserving Trajectory Matching on Autonomous Unmanned Aerial Vehicles
Savio Sciancalepore (Eindhoven University of Technology (TU/e)), Dominik Roy George (Eindhoven University of Technology (TU/e))

TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation
Markus Bauer (CISPA – Helmholtz Center for Information Security), Ilya Grishchenko (University of California, Santa Barbara), Christian Rossow (CISPA – Helmholtz Center for Information Security)

Reconstruction Attack on Differential Private Trajectory Protection Mechanisms
Erik Buchholz (UNSW Sydney), Alsharif Abuadbba (Data61, CSIRO), Shuo Wang (Data61, CSIRO), Surya Nepal (Data61, CSIRO), Salil S. Kanhere (UNSW Sydney)

ZeroDNS: Towards Better Zero Trust Security using DNS
Levente Csikor (Institute for Infocomm Research, A*STAR), Sriram Ramachandran (Institute for Infocomm Research, A*STAR), Anantharaman Lakshminarayanan (Institute for Infocomm Research, A*STAR)

DRAGON: Deep Reinforcement Learning for Autonomous Grid Operation and Attack Detection
Matthew Landen (Georgia Institute of Technology), Keywhan Chung (Lawrence Livermore National Laboratory), Moses Ike (Georgia Institute of Technology), Sarah Mackay (Lawrence Livermore National Laboratory), Jean-Paul Watson (Lawrence Livermore National Laboratory), Wenke Lee (Georgia Institute of Technology)

Randezvous: Making Randomization Effective on MCUs
Zhuojia Shen (University of Rochester), Komail Dharsee (University of Rochester), John Criswell (University of Rochester)

Local Power Grids at Risk – An Experimental and Simulation-based Analysis of Attacks on Vehicle-To-Grid Communication
Maria Zhdanova (Fraunhofer SIT), Julian Urbansky (Fraunhofer UMSICHT), Anne Hagemeier (Fraunhofer UMSICHT), Daniel Zelle (Fraunhofer SIT), Isabelle Herrmann (Fraunhofer UMSICHT), Dorian Höffner (Fraunhofer UMSICHT)

MADDC: Multi-Scale Anomaly Detection, Diagnosis and Correction for Discrete Event Logs
xiaolei Wang (College of Computer, National University of Defense Technology), Lin Yang (National Key Laboratory of Science and Technology on Information System Security, Systems Engineering Institute, AMS), Dongyang Li (National Key Laboratory of Science and Technology on Information System Security, Systems Engineering Institute, AMS), Linru Ma (National Key Laboratory of Science and Technology on Information System Security, Systems Engineering Institute, AMS), Yongzhong He (School of Computer and Information Technology,Beijing Jiaotong University), Junchao Xiao (School of Systems Science and Engineering, Sun Yat-Sen University), Jiyuan Liu (College of Computer, National University of Defense Technology), Yuexiang Yang (College of Computer, National University of Defense Technology)

Communication Efficient Federated Learning Based on Adaptive Local Differential Privacy
Yinbin Miao (Xidian University), Rongpeng Xie (Xidian University), Xinghua Li (Xidian University), Ximeng Liu (Fuzhou University), Zhuo Ma (Xidian University), Robert H. Deng (Singapore Management University)

Differentially Private Map Matching for Mobility Trajectories
Ammar Haydari (University of California, Davis), Chen-Nee Chuah (University of California, Davis), Michael Zhang (University of California, Davis), Jane Macfarlane (University of California, Berkeley), Sean Peisert (Lawrence berkeley national laboratory)

Parallel Small Polynomial Multiplication for Dilithium: A Faster Design and Implementation
Jieyu Zheng (Fudan university), Feng He (Fudan university), Shiyu Shen (Fudan university), Chenxi Xue (Fudan university), Yunlei Zhao (Fudan university)

Towards Practical Application-level Support for Privilege Separation
Nik Sultana (Illinois Institute of Technology), Henry Zhu (Independent researcher), Ke Zhong (University of Pennsylvania), Zhilei Zheng (University of Pennsylvania), Ruijie Mao (University of Pennsylvania), Digvijaysinh Chauhan (University of Pennsylvania), Stephen Carrasquillo (University of Pennsylvania), Junyong Zhao (University of Pennsylvania), Lei Shi (University of Pennsylvania), Nikos Vasilaki (University of Pennsylvania), Boon Thau Loo (University of Pennsylvania)

Practical Binary Code Similarity Detection with BERT-based Transferable Similarity Learning
Sunwoo Ahn (Seoul National University), Seonggwan Ahn (Seoul National University), Hyungjoon Koo (Sungkyunkwan University), Yunheung Paek (Seoul National University)

Trebiz: Byzantine Fault Tolerance with Byzantine Merchants
Xiaohai Dai (Huazhong University of Science and Technology), Liping Huang (Huazhong University of Science and Technology), Jiang Xiao (Huazhong University of Science and Technology), Zhaonan Zhang (Huazhong University of Science and Technology), Xia Xie (Hainan University), Hai Jin (Huazhong University of Science and Technology)

Play the Imitation Game: Model Extraction Attack against Autonomous Driving Localization
Qifan Zhang (University of California, Irvine), Junjie Shen (University of California, Irvine), Mingtian Tan (Fudan University), Zhe Zhou (Fudan University), Zhou Li (University of California, Irvine), Qi Alfred Chen (University of California, Irvine), Haipeng Zhang (ShanghaiTech University)

User Perceptions of the Privacy and Usability of Smart DNS
Rahel A. Fainchtein (Georgetown University), Adam J. Aviv (The George Washington University), Micah Sherr (Georgetown University)

DF-SCA: Dynamic Frequency Side Channel Attacks are Practical
Debopriya Roy Dipta (Iowa State University), Berk Gulmezoglu (Iowa State University)

SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning
Giovanni Apruzzese (University of Liechtenstein), Mauro Conti (University of Padua), Ying Yuan (University of Padua)

User Perceptions of Five-Word Passwords
Xiaoyuan Wu (The George Washington University), Collins W. Munyendo (The George Washington University), Eddie Cosic (The George Washington University), Genevieve A. Flynn (The George Washington University), Olivia Legault (The George Washington University), Adam J. Aviv (The George Washington University)

DitDetector: Bimodal Learning based on Deceptive Image and Text for Macro Malware Detection
Jia Yan (Institute of Software, Chinese Academy of Sciences / School of Computer Science and Technology, University of Chinese Academy of Sciences), Ming Wan (QIANXIN Group Inc.), Xiangkun Jia (Institute of Software, Chinese Academy of Sciences), Lingyun Ying (QIANXIN Group Inc.), Purui Su (Institute of Software, Chinese Academy of Sciences / School of Cyber Security, University of Chinese Academy of Sciences), Zhanyi Wang (QIANXIN Group Inc.)

POPKORN: Popping Windows Kernel Drivers At Scale
Rajat Gupta (Georgia Institute of Technology), Lukas Dresel (University of California, Santa Barbara), Noah Spahn (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Taesoo Kim (Georgia Institute of Technology)

Are There Wireless Hidden Cameras Spying on Me?
Jeongyoon Heo (Samsung Research), Sangwon Gil (Samsung Research), Youngman Jung (Samsung Research), Jinmok Kim (Samsung Research), Donguk Kim (Samsung Research), Woojin Park (Samsung Research), Yongdae Kim (KAIST), Kang G. Shin (The University of Michigan), Choong-Hoon Lee (Samsung Research)

If You Can’t Beat Them, Pay Them: Bitcoin Protection Racket is Profitable
Zheng Yang (Southwest University), Chao Yin (Vrije University Amsterdam, Netherlands), Junming Ke (University of Tartu), Anh Dinh (Singapore University of Technology and Design), Jianying Zhou (Singapore University of Technology and Design)

Assessing Model-free Anomaly Detection in Industrial Control Systems Against Generic Concealment Attacks
Alessandro Erba (CISPA Helmholtz Center for Information Security), Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security)

Making Memory Account Accountable: Analyzing and Detecting Memory Missing-account bugs for Container Platforms
Yutian Yang (Zhejiang University), Wenbo Shen (Zhejiang University), Xun Xie (Zhejiang University), Kangjie Lu (Zhejiang University), Mingsen Wang (Zhejiang University), Tianyu Zhou (Zhejiang University), Chenggang Qin (Ant Group), Wang Yu (Ant Group), Kui Ren (Zhejiang University)

Formal Modeling and Security Analysis for Intra-level Privilege Separation
Yinggang Guo (State Key Laboratory for Novel Software Technology, Nanjing University), Zicheng Wang (State Key Laboratory for Novel Software Technology, Nanjing University), Bingnan Zhong (State Key Laboratory for Novel Software Technology, Nanjing University), Qingkai Zeng (State Key Laboratory for Novel Software Technology, Nanjing University)

ArchiveSafe LT: Secure Long-term Archiving System
Moe Sabry (McMaster University), Reza Samavi (Toronto Metropolitan University)

Transformer-Based Language Models for Software Vulnerability Detection
Chandra Thapa (CSIRO Data61), Seung Ick Jang (CSIRO Data61), Muhammad Ejaz Ahmed (CSIRO Data61), Seyit Camtepe (CSIRO Data61), Josef Pieprzyk (CSIRO Data61), Surya Nepal (CSIRO Data61)

Curiosity-Driven and Victim-Aware Adversarial Policies
Chen Gong (Institute of Automation, Chinese Academy of Sciences), Zhou Yang (Singapore Management University), Yunpeng Bai (Institute of Automation, Chinese Academy of Sciences), Jieke Shi (Singapore Management University), Arunesh Sinha (Rutgers University), Bowen Xu (Singapore Management University), David Lo (Singapore Management University), Xinwen Hou (Institute of Automation, Chinese Academy of Sciences), Guoliang Fan (Institute of Automation, Chinese Academy of Sciences)

NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks
Nuo Xu (Lehigh University), Binghui Wang (Illinois Institute of Technology), Ran Ran (Lehigh University), Wujie Wen (Lehigh University), Parv Venkitasubramaniam (Lehigh University)

SPACELORD: Private and Secure Smart Space Sharing
Yechan Bae (Georgia Institute of Technology), Sarbartha Banerjee (University of Texas at Austin), Sangho Lee (Microsoft Research), Marcus Peinado (Microsoft Research)

DeView: Confining Progressive Web Applications by Debloating Web APIs
ChangSeok Oh (Georgia Institute of Technology), Sangho Lee (Microsoft Research), Chenxiong Qian (HKU), Hyungjoon Koo (Sungkyunkwan University), Wenke Lee (Georgia Institute of Technology)

BayesImposter: Bayesian Estimation Based .bss Imposter Attack on Industrial Control Systems
Anomadarshi Barua (University of California, Irvine), Lelin Pan (University of California, Irvine), Mohammad Abdullah Al Faruque (University of California, Irvine)

Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots
Elia Geretto (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam), Herbert Bos (Vrije Universiteit Amsterdam), Erik van der Kouwe (Vrije Universiteit Amsterdam)

No Signal Left to Chance: Driving Browser Extension Analysis by Download Patterns
Pablo Picazo (Chalmers University of Technology), Benjamin Eriksson (Chalmers University of Technology), Andrei Sabelfeld (Chalmers University of Technology)

Ripples in the Pond: Transmitting Information through Grid Frequency Modulation
Jan Götte (TU Darmstadt), Liran Katzir (Tel Aviv University), Björn Scheuermann (TU Darmstadt)

Analysis of Payment Service Provider SDKs in Android
Samin Yaseer Mahmud (North Carolina State University), K. Virgil English (North Carolina State University), Seaver Thorn (North Carolina State University), William Enck (North Carolina State University), Adam Oest (PayPal), Muhammad Saad (PayPal)

Heimdallr: Fingerprinting SD-WAN Control-Plane Architecture via Encrypted Control Traffic
Minjae Seo (The Affiliated Institute of ETRI), Jaehan Kim (KAIST), Eduard Marin (Telefonica Research), Myeongsung You (KAIST), Taejune Park (Chonnam National University), Seungsoo Lee (Incheon National University), Seungwon Shin (KAIST), Jinwoo Kim (Kwangwoon University)

CryptoGo: Automatic Detection of Go Cryptographic API Misuses
Wenqing Li (The Institute of Information Engineering, Chinese Acadamy of Sciences.), Shijie Jia (The Institute of Information Engineering, Chinese Acadamy of Sciences.), Limin Liu (The Institute of Information Engineering, Chinese Acadamy of Sciences.), Fangyu Zheng (The Institute of Information Engineering, Chinese Acadamy of Sciences.), Yuan Ma (The Institute of Information Engineering, Chinese Acadamy of Sciences.), Jingqiang Lin (School of Cyber Security, University of Science and Technology of China.)

FAuST: Striking a Bargain between Forensic Auditing’s Security and Throughput
Muhammad Adil Inam (University of Illinois at Urbana-Champaign), Akul Goyal (University of Illinois at Urbana-Champaign), Jason Liu (University of Illinois at Urbana-Champaign), Jaron Mink (University of Illinois at Urbana-Champaign), Noor Michael (University of Illinois at Urbana-Champaign), Sneha Gaur (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign), Wajih Ul Hassan (University of Virginia)

AFLGuard: Byzantine-robust Asynchronous Federated Learning
Minghong Fang (The Ohio State University), Jia Liu (The Ohio State University), Neil Zhenqiang Gong (Duke University), Elizabeth S. Bentley (Air Force Research Laboratory)

One Fuzz Doesn’t Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction
Prashast Srivastava (Purdue University), Stefan Nagy (University of Utah), Matthew Hicks (Virginia Tech), Antonio Bianchi (Purdue University), Mathias Payer (EPFL)

Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behavior profiles
Luca Morgese Zangrandi (TNO), Thijs van Ede (University of Twente), Tim Booij (TNO), Savio Sciancalepore (Eindhoven University of Technology), Luca Allodi (Eindhoven University of Technology), Andrea Continella (University of Twente)

ENIDrift: A Fast and Adaptive Ensemble System for Network Intrusion Detection under Real-world Drift
Xian Wang (The Hong Kong University of Science and Technology)

Interaction matters: a comprehensive analysis and a dataset of hybrid IoT/OT honeypots
Shreyas Srinivasa (Aalborg University), Jens Myrup Pedersen (Aalborg University), Emmanouil Vasilomanolakis (Technical University of Denmark)

View from Above: Exploring the Malware Ecosystem from the Upper DNS Hierarchy
Aaron Faulkenberry (Georgia Institute of Technology), Athanasios Avgetidis (Georgia Institute of Technology), Zane Ma (Georgia Institute of Technology), Omar Alrawi (Georgia Institute of Technology), Charles Lever (Devo), Panagiotis Kintis (Voreas Laboratories Inc), Fabian Monrose (Georgia Institute of Technology), Angelos D. Keromytis (Georgia Institute of Technology), Manos Antonakakis (Georgia Institute of Technology)

A Qualitative Evaluation of Reverse Engineering Tool Usability
James Mattei (Tufts University), Madeline McLaughlin (Tufts University), Samantha Katcher (Tufts University), Daniel Votipka (Tufts University)

Designing a Provenance Analysis for SGX Enclaves
Flavio Toffalini (EPFL), Mathias Payer (EPFL), Jianying Zhou (Singapore University of Technology and Design), Lorenzo Cavallaro (University College London)

Cloak: Transitioning States on Legacy Blockchains Using Secure and Publicly Verifiable Off-Chain Multi-Party Computation
Qian Ren (SSC Holding Company Ltd., Oxford-Hainan Blockchain Research Institute), Yingjun Wu (SSC Holding Company Ltd., Oxford-Hainan Blockchain Research Institute), Han Liu (Oxford-Hainan Blockchain Research Institute, Tsinghua University), Yue Li (Oxford-Hainan Blockchain Research Institute), Anne Victor (SSC Holding Company Ltd., Oxford-Hainan Blockchain Research Institute), Hong Lei (Hainan University, Oxford-Hainan Blockchain Research Institute), Lei Wang (Shanghai Jiao Tong University), Bangdao Chen (SSC Holding Company Ltd., Oxford-Hainan Blockchain Research Institute)

Accept all Exploits: Exploring the Security Impact of Cookie Banners
David Klein (Technische Universität Braunschweig), Marius Musch (Technische Universität Braunschweig), Thomas Barber (SAP Security Research), Moritz Kopmann (Technische Universität Braunschweig), Martin Johns (Technische Universität Braunschweig)

CoCoTPM: Trusted Platform Modules for Virtual Machines in Confidential Computing Environments
Joana Pecholt (Fraunhofer AISEC), Sascha Wessel (Fraunhofer AISEC)

A Recent Year On the Internet: Measuring and Understanding the Threats to Everyday Internet Devices
Afsah Anwar (Northeastern University), Yi Hui Chen (Northeastern University), Engin Kirda (Northeastern University), Alina Oprea (Northeastern University), Roy Hodgman (Rapid 7), Tom Sellers (runZero)

Stopping Silent Sneaks: Defending against Malicious Mixes with Topological Engineering
Xinshu Ma (University of Edinburgh), Florentin Rochet (University of Namur), Tariq Elahi (University of Edinburgh)

RAPID: Real-Time Alert Investigation with Context-aware Prioritization for Efficient Threat Discovery
Yushan Liu (Google, Inc.), Xiaokui Shu (IBM Research), Yixin Sun (University of Virginia), Jiyong Jang (IBM Research), Prateek Mittal (Princeton Univ.)

StateDiver: Testing Deep Packet Inspection Systems with State-Discrepancy Guidance
Zhechang Zhang (Huazhong University of Science and Technology), Bin Yuan (Huazhong University of Science and Technology), Kehan Yang (Huazhong University of Science and Technology), Deqing Zou (Huazhong University of Science and Technology), Hai Jin (Huazhong University of Science and Technology)

On the Implications of Spoofing and Jamming Aviation Datalink Applications
Harshad Sathaye (Northeastern University), Guevara Noubir (Northeastern University), Aanjhan Ranganathan (Northeastern University)

Squeezing More Utility via Adaptive Clipping on Diferentially Private Gradients in Federated Meta-Learning
Ning Wang (Virginia Polytechnic Institute and State University), Yang Xiao (University of Kentucky), Yimin Chen (University of Massachusetts Lowell), Ning Zhang (Washington University in St. Louis), Wenjing Lou (Virginia Polytechnic Institute and State University), Y. Thomas Hou (Virginia Polytechnic Institute and State University)

Drone Authentication via Acoustic Fingerprint
Yufeng Diao (University of Glasgow), Yichi Zhang (University of Glasgow), Guodong Zhao (University of Glasgow), Mohamed Khamis (University of Glasgow)

From Hindsight to Foresight: Enhancing Design Artifacts for Business Logic Flaw Discovery
Carmen Cheh (Advanced Digital Sciences Center, Singapore), Nicholas Tay (Singapore University of Technology and Design), Binbin Chen (Singapore University of Technology and Design)

Compact Abstract Graphs for Detecting Code Vulnerability with GNN Models
Yu Luo (University of Missouri - Kansas City), Weifeng Xu (The University of Baltimore), Dianxiang Xu (University of Missouri - Kansas City)

Boosting Neural Networks to Decompile Optimized Binaries
Ying Cao (Institute of Information Engineering, Chinese Academy of Sciences), Ruigang Liang (Institute of Information Engineering, Chinese Academy of Sciences), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences), Peiwei Hu (Institute of Information Engineering, Chinese Academy of Sciences)

Towards Enhanced EEG-based Authentication with Motor Imagery Brain-Computer Interface
Bingkun Wu (Technical University of Denmark, Denmark), Weizhi Meng (Technical University of Denmark, Denmark), Wei-Yang Chiu (Technical University of Denmark, Denmark)

Closing the Loophole: Rethinking Reconstruction Attacks in Federated Learning from a Privacy Standpoint
Seung Ho Na (KAIST), Hyeong Gwon Hong (KAIST), Junmo Kim (KAIST), Seungwon Shin (KAIST)

Better Together: Attaining the Triad of Byzantine-robust Federated Learning via Local Update Amplification
Liyue Shen (University of Queensland), Yanjun Zhang (Deakin University), Jingwei Wang (University of Queensland), Guangdong Bai (University of Queensland)

More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks
Jing Xu (TU Delft), Rui Wang (TU Delft), Stefanos Koffas (TU Delft), Kaitai Liang (TU Delft), Stjepan Picek (Radboud University & TU Delft)

You have been warned: Abusing 5G’s Warning and Emergency Systems
Evangelos Bitsikas (New York University Abu Dhabi and Northeastern University), Christina Pöpper (New York University Abu Dhabi)

SLOPT: Bandit Optimization Framework for Mutation-Based Fuzzing
Yuki Koike (Ricerca Security, Inc.), Hiroyuki Katsura (Ricerca Security, Inc.), Hiromu Yakura (University of Tsukuba / National Institute of Advanced Industrial Science and Technology (AIST), Japan), Yuma Kurogome (Ricerca Security, Inc.)

Alphuzz: Monte Carlo Search on Seed-Mutation Tree for Coverage-Guided Fuzzing
Yiru Zhao (Wuhan university), Xiaoke Wang (Wuhan university), Lei Zhao (Wuhan university), Yueqiang Cheng (NIO Security Research), Heng Yin (UC Riverside)

Make Data Reliable : An Explanation-powered Cleaning on Malware Dataset Against Backdoor Poisoning Attacks
Xutong Wang (Institute of Information Engineering, Chinese Academy of Sciences), Chaoge Liu (Institute of Information Engineering, Chinese Academy of Sciences), Xiaohui Hu (School of Computer Science, Beijing University of Posts and Telecommunications), Zhi Wang (Institute of Information Engineering, Chinese Academy of Sciences), Jie Yin (Institute of Information Engineering, Chinese Academy of Sciences), Xiang Cui (Zhongguancun Laboratory)

iService: : Detecting and Evaluating the Impact of Confused Deputy Problem in AppleOS
Yizhuo Wang (Shanghai Jiao Tong University), Yikun Hu (Shanghai Jiao Tong University), Xuangan Xiao (Shanghai Jiao Tong University), Dawu Gu (Shanghai Jiao Tong University)

MoLE: Mitigation of Side-channel Attacks against SGX via Dynamic Data Location Escape
Fan Lang (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Wei Wang (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences), Lingjia Meng (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences), Jingqiang Lin (University of Science and Technology of China), Qiongxiao Wang (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences), Linli Lu (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences)