Results
Evaluated Artifacts: 114
Evaluation Results:
- 112 Available
- 97 Functional
- 70 Reproduced
Three artifacts recieved the Distinguished Artifact Award:
- Consensus in the Known Participation Model with Byzantine Failures and Sleepy Replicas by Chenxu Wang (Shandong University), Sisi Duan (Tsinghua University), Minghui Xu (Shandong University), Feng Li (Shandong University), and Xiuzhen Cheng (Shandong University).
- Unknown Target: Uncovering and Detecting Novel In-Flight Attacks to Collision Avoidance (TCAS) by Giacomo Longo (CASD - Italian Defense University), Giacomo Ratto (University of Genova), Alessio Merlo (CASD - Italian Defense University), and Enrico Russo (University of Genova).
- When Mixnets Fail: Evaluating, Quantifying, and Mitigating the Impact of Adversarial Nodes in Mix Networks by Mahdi Rahimi (KU Leuven).
All evaluated artifacts:
| Title | Available | Functional | Reproduced | Artifact |
|---|---|---|---|---|
| A Deep Dive into Function Inlining and its Security Implications for ML-based Binary Analysis |
|
|
Artifact |
|
| ADGFUZZ: Assignment Dependency-Guided Fuzzing for Robotic Vehicles |
|
|
|
Artifact |
| Accurate Identification of the Vulnerability-introducing Commit based on Differential Analysis of Patching Patterns |
|
Artifact |
||
| Achieving Interpretable DL-based Web Attack Detection through Malicious Payload Localization |
|
|
|
Artifact |
| Achieving Zen: Combining Mathematical and Programmatic Deep Learning Model Representations for Attribution and Reuse |
|
|
|
Artifact |
| Action Required: A Mixed-Methods Study of Security Practices in GitHub Actions |
|
|
|
Artifact |
| AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks |
|
|
Artifact |
|
| AnonyCall: Enabling Native Private Calling in Mobile Networks |
|
|
|
Artifact |
| Are your Sites Truly Isolated? Automatically Detecting Logic Bugs in Site Isolation Implementations |
|
Artifact |
||
| Augmented Shuffle Differential Privacy Protocols for Large-Domain Categorical and Key-Value Data |
|
|
Artifact |
|
| BKPIR: Keyword PIR for Private Boolean Retrieval |
|
|
|
Artifact |
| BLERP: BLE Re-Pairing Attacks and Defenses |
|
|
|
Artifact |
| Benchmarking and Understanding Safety Risks in AI Character Platforms |
|
|
Artifact |
|
| Better Safe than Sorry: Uncovering the Insecure Resource Management in App-in-App Cloud Services |
|
|
Artifact |
|
| Beyond Raw Bytes: Towards Large Malware Language Models |
|
|
Artifact |
|
| Breaking the Bulkhead: Demystifying Cross-Namespace Reference Vulnerabilities in Kubernetes Operators |
|
|
|
Artifact |
| Breaking the Generative Steganography Trilemma: ANStega for Optimal Capacity, Efficiency, and Security |
|
|
|
Artifact |
| BunnyFinder: Finding Incentive Flaws for Ethereum Consensus |
|
|
|
Artifact |
| CTng: Secure Certificate and Revocation Transparency |
|
|
Artifact |
|
| CatBack: Universal Backdoor Attacks on Tabular Data via Categorical Encoding |
|
|
|
Artifact |
| Cease at the Ultimate Goodness: Approaching Optimal Website Fingerprinting Defense via Iterative Mutual Information Minimization |
|
|
Artifact |
|
| CellShift: RTT-Aware Trace Transduction for Real-World Website Fingerprinting |
|
|
Artifact |
|
| ChameleoScan: Demystifying and Detecting iOS Chameleon Apps via LLM-Powered UI Exploration |
|
Artifact |
||
| Characterizing the Implementation of Censorship Policies in Chinese LLM Services |
|
|
|
Artifact |
| Chasing Shadows: Pitfalls in LLM Security Research |
|
|
|
Artifact |
| Cirrus: Performant and Accountable Distributed SNARK |
|
|
|
Artifact |
| Consensus in the Known Participation Model with Byzantine Failures and Sleepy Replicas |
|
|
|
Distinguished Artifact Award 🏆 Artifact |
| Convergent Privacy Framework for Multi-layer GNNs through Contractive Message Passing |
|
|
|
Artifact |
| Cross-Boundary Mobile Tracking: Exploring Java-to-JavaScript Information Diffusion in WebViews |
|
Artifact |
||
| Cross-Cache Attacks for the Linux Kernel via PCP Massaging |
|
|
Artifact |
|
| Cross-Consensus Reliable Broadcast and its Applications |
|
|
|
Artifact |
| CryptPEFT: Efficient and Private Neural Network Inference via Parameter-Efficient Fine-Tuning |
|
|
|
Artifact |
| Cryptobazaar: Private Sealed-bid Auctions at Scale |
|
|
|
Artifact |
| DNN Latency Sequencing: Extracting DNN Architectures from Intel SGX Enclaves with Single-Stepping Attacks |
|
|
|
Artifact |
| DualStrike: Accurate, Real-time Eavesdropping and Injection of Keystrokes on Commodity Keyboards |
|
Artifact |
||
| Enhancing Legal Document Security and Accessibility with TAF |
|
|
|
Artifact |
| Enhancing Semantic-Aware Binary Diffing with High-Confidence Dynamic Instruction Alignment |
|
|
|
Artifact |
| Entente: Cross-silo Intrusion Detection on Network Log Graphs with Federated Learning |
|
|
Artifact |
|
| FARFETCH'D: Side-Channel Analysis for Privacy Applications on Confidential VMs |
|
Artifact |
||
| Faster Than Ever: A New Lightweight Private Set Intersection and Its Variants |
|
|
|
Artifact |
| FidelityGPT: Correcting Decompilation Distortions with Retrieval Augmented Generation |
|
|
|
Artifact |
| FirmCross: Detecting Taint-style Vulnerabilities in Modern C-Lua Hybrid Web Services of Linux-based Firmware |
|
|
||
| FlippyR.AM: A Large-Scale Study of Rowhammer Prevalence |
|
|
|
Artifact |
| FlyTrap: Physical Distance-Pulling Attack Towards Camera-based Autonomous Target Tracking Systems |
|
Artifact |
||
| Formal Analysis of BLE Secure Connection Pairing and Revelation of the PE Confusion Attack |
|
|
|
Artifact |
| From Noise to Signal: Precisely Identify Affected Packages of Known Vulnerabilities in npm Ecosystem |
|
Artifact |
||
| From Obfuscated to Obvious: A Comprehensive JavaScript Deobfuscation Tool for Security Analysis |
|
|
|
Artifact |
| HoneySat: A Network-based Satellite Honeypot Framework |
|
|
|
Artifact |
| Huma: Censorship Circumvention via Web Protocol Tunneling with Deferred Traffic Replacement |
|
|
|
Artifact |
| Icarus: Achieving Performant Asynchronous BFT with Only Optimistic Paths |
|
|
Artifact |
|
| Identifying Logical Vulnerabilities in QUIC Implementations |
|
Artifact |
||
| In-Context Probing for Membership Inference in Fine-Tuned Language Models |
|
|
Artifact |
|
| Incident Response Planning Using a Lightweight Large Language Model with Reduced Hallucination |
|
|
|
Artifact |
| Ipotane: Achieving the Best of All Worlds in Asynchronous BFT |
|
|
Artifact |
|
| Kangaroo: A Private and Amortized Inference Framework over WAN for Large-Scale Decision Tree Evaluation |
|
|
Artifact |
|
| Learning from Leakage: Database Reconstruction from Just a Few Multidimensional Range Queries |
|
Artifact |
||
| Les Dissonances: Cross-Tool Harvesting and Polluting in Pool-of-Tools Empowered LLM Agents |
|
|
|
Artifact |
| LinkGuard: A Lightweight State-Aware Runtime Guard Against Link Following Attacks in Windows File System |
|
|
Artifact |
|
| Loki: Proactively discovering online scams by mining toxic search queries |
|
|
|
Artifact |
| MIMIR: Masked Image Modeling for Mutual Information-based Adversarial Robustness |
|
|
|
Artifact |
| MUTATO: Enhancing Fuzz Drivers with Adaptive API Option Mutation |
|
|
Artifact |
|
| MVP-ORAM: a Wait-free Concurrent ORAM for Confidential BFT Storage |
|
|
|
Artifact |
| MinBucket MPSI: Breaking the Max-Size Bottleneck in Multi-Party Private Set Intersection |
|
|
|
Artifact |
| Mirage: Private, Mobility-based Routing for Censorship Evasion |
|
|
|
Artifact |
| NetRadar: Enabling Robust Carpet Bombing DDoS Detection |
|
|
|
Artifact |
| NeuroStrike: Neuron-Level Attacks on Aligned LLMs |
|
|
|
Artifact |
| OSAVRoute: Advancing Outbound Source Address Validation Deployment Detection with Non-Cooperative Measurement |
|
Artifact |
||
| On the Security Risks of Memory Adaptation and Augmentation in Data-plane DoS Mitigation |
|
|
Artifact |
|
| One Email, Many Faces: A Deep Dive into Identity Confusion in Email Aliases |
|
|
Artifact |
|
| OptiMix: Scalable and Distributed Approaches for Latency Optimization in Modern Mixnets |
|
|
|
Artifact |
| PACS: Privacy-Preserving Attribute-Driven Community Search over Attributed Graphs |
|
|
|
Artifact |
| Pando: Extremely Scalable BFT Based on Committee Sampling |
|
|
|
Artifact |
| PANDORA: Lightweight Adversarial Defense for Edge IoT using Uncertainty-Aware Metric Learning |
|
|
|
Artifact |
| PIRANHAS: PrIvacy-Preserving Remote Attestation in Non-Hierarchical Asynchronous Swarms |
|
|
|
Artifact |
| Paladin: Defending LLM-enabled Phishing Emails with a New Trigger-Tag Paradigm |
|
|
|
Artifact |
| PathProb: Probabilistic Inference and Path Scoring for Enhanced RPKI-based Route Leak Detection |
|
|
|
Artifact |
| Peering Inside the Black-Box: Long-Range and Scalable Model Architecture Snooping via GPU Electromagnetic Side-Channel |
|
|
|
Artifact |
| Pitfalls for Security Isolation in Multi-CPU Systems |
|
|
|
Artifact |
| PriSrv+: Privacy and Usability-Enhanced Wireless Service Discovery with Fast and Expressive Matchmaking Encryption |
|
Artifact |
||
| PrivCode: When Code Synthesis Meets Differential Privacy |
|
|
|
Artifact |
| PrivORL: Differentially Private Synthetic Dataset for Offline Reinforcement Learning |
|
|
Artifact |
|
| ProtocolGuard: Detecting Protocol Non-compliance Bugs via LLM-guided Static Analysis and Dynamic Verification |
|
Artifact |
||
| RTCON: Context-Adaptive Function-Level Fuzzing for RTOS Kernels |
|
|
|
Artifact |
| Repairing Trust in Domain Name Disputes Practices: Insights from a Quarter-Century’s Worth of Squabbles |
|
|
|
Artifact |
| Revisiting Differentially Private Hyper-parameter Tuning |
|
|
Artifact |
|
| Reviving and Advancing Page Cache Attacks |
|
|
|
Artifact |
| SACK: Systematic Generation of Function Substitution Attacks Against Control-Flow Integrity |
|
|
|
Artifact |
| SECV: Securing Connected Vehicles with Hardware Trust Anchors |
|
|
Artifact |
|
| SVDefense: Effective Defense against Gradient Inversion Attacks via Singular Value Decomposition |
|
|
Artifact |
|
| SWIPE - DOM-XSS Detection via Webpage Interaction Fuzzing and URL Component Synthesis |
|
|
Artifact |
|
| SYSYPHUZZ and the Pressure of More Coverage |
|
|
|
Artifact |
| Select-Then-Compute: Encrypted Label Selection and Analytics over Distributed Datasets using FHE |
|
|
|
Artifact |
| TIPSO-GAN: Malicious Network Traffic Detection Using a Novel Optimized Generative Adversarial Network |
|
|
|
Artifact |
| Targeted Physical Evasion Attacks in the Near-Infrared Domain |
|
|||
| The Butterfly Effect in LLM Watermarks: Character-Level Perturbations Disrupt Watermark |
|
|
Artifact |
|
| The Dark Side of Flexibility : Detecting Exploitable Over-Permissions in Serverless Applications |
|
|
|
Artifact |
| The Heat is On: Understanding and Mitigating Vulnerabilities of Thermal Image Perception in Autonomous Systems |
|
|
|
Artifact |
| There is No War in Ba Sing Se: A Global Analysis of Content Moderation in Large Language Models |
|
|
|
Artifact |
| TranSPArent: Taint-style Vulnerability Detection of Generic Single-Page Applications through Automated Framework Abstraction |
|
|
|
Artifact |
| Understanding the Status and Strategies of the Code Signing Abuse Ecosystem |
|
Artifact |
||
| Understanding the Stealthy BGP Hijacking Risk in the ROV Era |
|
|
|
Artifact |
| Unknown Target: Uncovering and Detecting Novel In-Flight Attacks to Collision Avoidance (TCAS) |
|
|
|
Distinguished Artifact Award 🏆 Artifact |
| Unshaken by Weak Embedding: Robust Probabilistic Watermarking for Dataset Copyright Protection |
|
|
|
Artifact |
| Unveiling BYOVD Threats: Malware's Use and Abuse of Kernel Drivers |
|
Artifact |
||
| User-Space Dependency-Aware Rehosting for Linux-Based Firmware Binaries |
|
|
|
Artifact |
| VDORAM: Towards a Random Access Machine with Both Public Verifiability and Distributed Obliviousness |
|
|
|
Artifact |
| Validity Is Not Enough: Uncovering the Security Pitfall in Chainlink's Off-Chain Reporting Protocol |
|
|
|
Artifact |
| WBSLT: A Framework for White-Box Encryption Based on Substitution-Linear Transformation Ciphers |
|
|
Artifact |
|
| WCDCAnalyzer: Scalable Security Analysis of Wi-Fi Certified Device Connectivity Protocols |
|
|
|
Artifact |
| When Mixnets Fail: Evaluating, Quantifying, and Mitigating the Impact of Adversarial Nodes in Mix Networks |
|
|
|
Distinguished Artifact Award 🏆 Artifact |
| ZKSL: Verifiable and Efficient Split Federated Learning via Asynchronous Zero-Knowledge Proofs |
|
Artifact |
||
| ropbot: Reimaging Code Reuse Attack Synthesis |
|
|
|
Artifact |
| vSim: Semantics-Aware Value Extraction for Efficient Binary Code Similarity Analysis |
|
|
|
Artifact |
| μFuzz: Microcode-Guided Post-Silicon x86 CPU Fuzzer |
|
Artifact |