Results

Results include evaluation of the USENIX Security Summer submissions and will be extended over time.

Title Avail. Funct. Repro. Repository Appendix
Orca: Blocklisting in Sender-Anonymous Messaging Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
PrivGuard: Privacy Regulation Compliance Made Easier Artifact Available Badge Artifact Functional Badge Artifact Appendix
OpenSSLNTRU: Faster post-quantum TLS key exchange Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Midas: Systematic Kernel TOCTTOU Protection Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Jenny: Securing Syscalls for PKU-based Memory Isolation Systems Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Back-Propagating System Dependency Impact for Attack Investigation Artifact Available Badge Artifact Functional Badge Artifact Appendix
Automated Side Channel Analysis of Media Software with Manifold Learning Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Mining Node.js Vulnerabilities via Object Dependence Graph and Query Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Bedrock: Programmable Network Support for Secure RDMA Systems Artifact Available Badge Artifact Appendix
Polynomial Commitment with a One-to-Many Prover and Applications Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices Artifact Available Badge Artifact Functional Badge Artifact Appendix
Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
OVRseen: Auditing Network Traffic and Privacy Policies in Oculus VR Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
How to Abuse and Fix Authenticated Encryption Without Key Commitment Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Synthetic Data – Anonymisation Groundhog Day Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
HyperDegrade: From GHz to MHz Effective CPU Frequencies Artifact Available Badge Artifact Appendix
Aardvark: An Asynchronous Authenticated Dictionary with Applications to Account-based Cryptocurrencies Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
On the Security Risks of AutoML Artifact Available Badge Artifact Functional Badge Artifact Appendix
MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
A Large-scale Investigation into Geodifferences in Mobile Apps Artifact Available Badge Artifact Appendix
Debloating Address Sanitizer Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel Artifact Available Badge Artifact Functional Badge Artifact Appendix
Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits Artifact Functional Badge Appendix
Incremental Offline/Online PIR Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Morphuzz: Bending (Input) Space to Fuzz Virtual Devices Artifact Available Badge Artifact Functional Badge Artifact Appendix
SkillDetective: Automated Policy-Violation Detection of Voice Assistant Applications in the Wild Artifact Available Badge Artifact Functional Badge Artifact Appendix
SecSMT: Securing SMT Processors against Contention-Based Covert Channels Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Regulator: Dynamic Analysis to Detect ReDoS Artifact Available Badge Artifact Functional Badge Artifact Appendix
DeepDi: Learning a Relational Graph Convolutional Network Model on Instructions for Fast and Accurate Disassembly Artifact Available Badge Artifact Appendix
SIMC: ML Inference Secure Against Malicious Clients at Semi-Honest Cost Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Adversarial Detection Avoidance Attacks: Evaluating the robustness of perceptual hashing-based client-side scanning Artifact Functional Badge Appendix
Automating Cookie Consent and GDPR Violation Detection Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope Artifact Available Badge Artifact Appendix
Elasticlave: An Efficient Memory Model for Enclaves Artifact Available Badge Artifact Appendix
FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Caring about Sharing: User Perceptions of Multiparty Data Sharing Artifact Available Badge Artifact Appendix
Experimenting with Collaborative zk-SNARKs: Zero-Knowledge Proofs for Distributed Secrets Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Membership Inference Attacks and Defenses in Neural Network Pruning Artifact Available Badge Artifact Functional Badge Artifact Appendix
PolyCruise: A Cross-Language Dynamic Information Flow Analysis Artifact Available Badge Artifact Functional Badge Artifact Appendix
Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Khaleesi: Breaker of Advertising and Tracking Request Chains Artifact Available Badge Artifact Appendix
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Double Trouble: Combined Heterogeneous Attacks on Non-Inclusive Cache Hierarchies Artifact Available Badge Artifact Functional Badge Artifact Appendix
Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Unity Mobile Games Artifact Functional Badge Appendix
DeepPhish: Understanding User Trust Towards Artificially Generated Profiles in Online Social Networks Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Hyperproofs: Aggregating and Maintaining Proofs in Vector Commitments Artifact Available Badge Artifact Functional Badge Artifact Appendix
Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Provably-Safe Multilingual Software Sandboxing using WebAssembly Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Security and Privacy Perceptions of Third-Party Application Access for Google Accounts Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Transferring Adversarial Robustness Through Robust Representation Matching Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
In-Kernel Control-Flow Integrity on Commodity OSes using ARM Pointer Authentication Artifact Functional Badge Appendix
Efficient Representation of Numerical Optimization Problems for SNARKs Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
ppSAT: Towards Two-Party Private SAT Solving Artifact Available Badge Artifact Functional Badge Artifact Appendix
Anycast Agility: Network Playbooks to Fight DDoS Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Practical Data Access Minimization in Trigger-Action Platforms Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier Artifact Available Badge Artifact Appendix
Pacer: Comprehensive Network Side-Channel Mitigation in the Cloud Artifact Available Badge Artifact Appendix
Ghost Peak: Practical Distance Reduction Attacks Against HRP UWB Ranging Artifact Available Badge Artifact Functional Badge Artifact Appendix
Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Zero-Knowledge Middleboxes Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Constant-weight PIR: Single-round Keyword PIR via Constant-weight Equality Operators Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Estimating Incidental Collection in Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union and Sum Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Ground Truth for Binary Disassembly is Not Easy Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
CellIFT: Leveraging Cells for Scalable and Precise Dynamic Information Flow Tracking in RTL Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Stateful Greybox Fuzzing Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
The Security Lottery: Measuring Client-Side Web Security Inconsistencies Artifact Available Badge Artifact Functional Badge Artifact Appendix
SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis Artifact Available Badge Artifact Functional Badge Artifact Appendix
Twilight: A Differentially Private Payment Channel Network Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
QCSD: A QUIC Client-Side Website-Fingerprinting Defence Framework Artifact Available Badge Artifact Functional Badge Artifact Appendix
Might I Get Pwned: A Second Generation Compromised Credential Checking Service Artifact Available Badge Artifact Appendix
Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86 Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds Artifact Available Badge Artifact Functional Badge Artifact Appendix
Don't Mesh Around: Side-Channel Attacks and Mitigations on Mesh Interconnects Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Building an Open, Robust, and Stable Voting-Based Domain Top List Artifact Available Badge Artifact Appendix
One-off Disclosure Control by Heterogeneous Generalization Artifact Available Badge Artifact Functional Badge Artifact Appendix
End-to-Same-End Encryption: Modularly Augmenting an App with an Efficient, Portable, and Blind Cloud Storage Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Detecting Logical Bugs of DBMS with Coverage-based Guidance Artifact Available Badge Artifact Functional Badge Artifact Appendix
Faster Yet Safer: Logging System Via Fixed-Key Blockcipher Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Half-Double: Hammering From the Next Row Over Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
How Long Do Vulnerabilities Live in the Code? A Large-Scale Empirical Measurement Study on FOSS Vulnerability Lifetimes Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
SAPIC+: protocol verifiers of the world, unite! Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
A Hardware-Software Co-design for Efficient Intra-Enclave Isolation Artifact Functional Badge Results Reproduced Badge Appendix
FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation Artifact Available Badge Artifact Appendix
BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing Artifact Available Badge Artifact Functional Badge Artifact Appendix
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
AutoDA: Automated Decision-based Iterative Adversarial Attacks Artifact Available Badge Artifact Functional Badge Artifact Appendix
AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities Artifact Available Badge Artifact Functional Badge Artifact Appendix
Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples Artifact Available Badge Artifact Appendix
SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing Artifact Available Badge Artifact Functional Badge Artifact Appendix
PISTIS: Trusted Computing Architecture for Low-end Embedded Systems Artifact Available Badge Artifact Functional Badge Artifact Appendix
Loki: Hardening Code Obfuscation Against Automated Attacks Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
WebGraph: Capturing Advertising and Tracking Information Flows for Robust Blocking Artifact Available Badge Artifact Functional Badge Artifact Appendix
Composable Cachelets: Protecting Enclaves from Cache Side-Channel Attacks Artifact Functional Badge Results Reproduced Badge Appendix
Measurement by Proxy: On the Accuracy of Online Marketplace Measurements Artifact Available Badge Artifact Appendix
Why Users (Don't) Use Password Managers at a Large Educational Institution Artifact Available Badge Artifact Functional Badge Artifact Appendix
RETBLEED: Arbitrary Speculative Code Execution with Return Instructions Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Piranha: A GPU Platform for Secure Computation Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
Batched Differentially Private Information Retrieval Artifact Available Badge Artifact Functional Badge Artifact Appendix
TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
SWAPP: A New Programmable Playground for Web Application Security Artifact Available Badge Artifact Functional Badge Artifact Appendix
"They Look at Vulnerability and Use That to Abuse You'': Participatory Threat Modelling with Migrant Domestic Workers Artifact Available Badge Artifact Appendix
Creating a Secure Underlay for the Internet Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix
GET /out: Automated Discovery of Application-Layer Censorship Evasion Strategies Artifact Available Badge Artifact Functional Badge Results Reproduced Badge Artifact Appendix