|
"I chose to fight, be brave, and to deal with it": Threat Experiences and Security Practices of Pakistani Content Creators
|
|
|
|
📦 Artifact
📄 Appendix
|
|
"I just hated it and I want my money back": Data-driven Understanding of Mobile VPN Service Switching Preferences in The Wild
|
|
|
|
📦 Artifact
📄 Appendix
|
|
"These results must be false": A usability evaluation of constant-time analysis tools
|
|
|
|
📦 Artifact
📄 Appendix
|
|
A Flushing Attack on the DNS Cache
|
|
|
|
📦 Artifacts:
1,
2
📄 Appendix
|
|
A Formal Analysis of SCTP: Attack Synthesis and Patch Verification
|
|
|
|
📦 Artifact
📄 Appendix
|
|
A Friend's Eye is A Good Mirror: Synthesizing MCU Peripheral Models from Peripheral Drivers
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ACAI: Protecting Accelerator Execution with Arm Confidential Computing Architecture
|
|
|
|
📦 Artifact
📄 Appendix
|
|
AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Abuse Reporting for Metadata-Hiding Communication Based on Secret Sharing
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Adversarial Illusions in Multi-Modal Embeddings
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation
|
|
|
|
📦 Artifacts:
1,
2
📄 Appendix
|
|
Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Argus: All your (PHP) Injection-sinks are belong to us.
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Automated Large-Scale Analysis of Cookie Notice Compliance
|
|
|
|
📦 Artifact
📄 Appendix
|
|
BUDAlloc: Defeating Use-After-Free Bugs by Decoupling Virtual Address Management from Kernel
|
|
|
|
📦 Artifact
📄 Appendix
|
|
BeeBox: Hardening BPF against Transient Execution Attacks
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Bending microarchitectural weird machines towards practicality
|
|
|
|
📦 Artifact
📄 Appendix
|
|
CAMP: Compiler and Allocator-based Heap Memory Protection
|
|
|
|
📦 Artifact
📄 Appendix
|
|
CO3: Concolic Co-execution for Firmware
|
|
|
|
📦 Artifact
📄 Appendix
|
|
CacheWarp: Software-based Fault Injection using Selective State Reset
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Cascade: CPU Fuzzing via Intricate Program Generation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
CellularLint: A Systematic Approach to Identify Inconsistent Behavior in Cellular Network Specifications
|
|
|
|
📦 Artifact
📄 Appendix
|
ChainReactor: Automated Privilege Escalation Chain Discovery via AI Planning
🏆 Distinguished Artifact Award
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Closed-Form Bounds for DP-SGD against Record-level Inference
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Code is not Natural Language: Unlock the Power of Semantics-Oriented Graph Representation for Binary Code Similarity Detection
|
|
|
|
📦 Artifact
📄 Appendix
|
|
D-Helix: A Generic Decompiler Testing Framework Using Symbolic Differentiation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
DEEPTYPE: Refining Indirect Call Targets with Strong Multi-layer Type Analysis
|
|
|
|
📦 Artifact
📄 Appendix
|
|
DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks
|
|
|
|
📦 Artifact
📄 Appendix
|
|
DVa: Extracting Victims and Abuse Vectors from Android Accessibility Malware
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernels
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Divide and Surrender: Exploiting Variable Division Instruction Timing in HQC Key Recovery Attacks
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models
|
|
|
|
📦 Artifact
📄 Appendix
|
|
EL3XIR: Fuzzing COTS Secure Monitors
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ENG25519: Faster TLS 1.3 handshake using optimized X25519 and Ed25519
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Election Eligibility with OpenID: Turning Authentication into Transferable Proof of Eligibility
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Enabling Contextual Soft Moderation on Social Media through Contrastive Textual Deviation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Enabling Developers, Protecting Users: Investigating Harassment and Safety in VR
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Enhancing Network Attack Detection with Distributed and In-Network Data Collection System
|
|
|
|
📦 Artifact
📄 Appendix
|
|
FFXE: Dynamic Control Flow Graph Recovery for Embedded Firmware Binaries
|
|
|
|
📦 Artifact
📄 Appendix
|
|
FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques
|
|
|
|
📦 Artifact
📄 Appendix
|
|
False Claims against Model Ownership Resolution
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Fast RS-IOP Multivariate Polynomial Commitments and Verifiable Secret Sharing
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Formal Security Analysis of Widevine through the W3C EME Standard
|
|
|
|
📦 Artifact
📄 Appendix
|
|
FraudWhistler: A Resilient, Robust and Plug-and-play Adversarial Example Detection Method for Speaker Recognition
|
|
|
|
📦 Artifact
📄 Appendix
|
|
From the Childhood Past: Views of Young Adults on Parental Sharing of Children's Photos
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing
|
|
|
|
📦 Artifact
📄 Appendix
|
|
GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes
|
|
|
|
📦 Artifact
📄 Appendix
|
|
GlobalConfusion: TrustZone Trusted Application 0-Days by Design
|
|
|
|
📦 Artifact
📄 Appendix
|
|
GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Holding Secrets Accountable: Auditing Privacy-Preserving Machine Learning
|
|
|
|
📦 Artifact
📄 Appendix
|
|
How does Endpoint Detection use the MITRE ATT&CK Framework?
|
|
|
|
📦 Artifact
📄 Appendix
|
|
I/O-Efficient Dynamic Searchable Encryption meets Forward & Backward Privacy
|
|
|
|
📦 Artifact
📄 Appendix
|
|
InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Inference of Error Specifications and Bug Detection Using Structural Similarities
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Intellectual Property Exposure: Subverting and Securing Intellectual Property Encapsulation in Texas Instruments Microcontrollers
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Invisibility Cloak: Proactive Defense Against Visual Game Cheating
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Logic Gone Astray: A Security Analysis Framework for the Control Plane Protocols of 5G Basebands
|
|
|
|
📦 Artifact
📄 Appendix
|
|
MD-ML: Super Fast Privacy-Preserving Machine Learning for Malicious Security with a Dishonest Majority
|
|
|
|
📦 Artifact
📄 Appendix
|
|
MOAT: Towards Safe BPF Kernel Extension
|
|
|
|
📦 Artifact
📄 Appendix
|
|
MUSES: Efficient Multi-User Searchable Encrypted Database
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Machine Learning needs Better Randomness Standards: Randomised Smoothing and PRNG-based attacks
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Malla: Demystifying Real-world Large Language Model Integrated Malicious Services
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Max Attestation Matters: Making Honest Parties Lose Their Incentives in Ethereum PoS
|
|
|
|
📦 Artifact
📄 Appendix
|
|
MetaSafe: Compiling for Protecting Smart Pointer Metadata to Ensure Safe Rust Integrity
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ModelGuard: Information-Theoretic Defense Against Model Extraction Attacks
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Moderating Illicit Online Image Promotion for Unsafe User Generated Content Games Using Large Vision-Language Models
|
|
|
|
📦 Artifact
📄 Appendix
|
|
MultiFuzz: A Multi-Stream Fuzzer For Testing Monolithic Firmware
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Near-Optimal Constrained Padding for Object Retrievals with Dependencies
|
|
|
|
📦 Artifact
📄 Appendix
|
|
NetShaper: A Differentially Private Network Side-Channel Mitigation System
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators
|
|
|
|
📦 Artifact
📄 Appendix
|
|
OPTISAN: Using Multiple Spatial Error Defenses to Optimize Stack Memory Protection within a Budget
|
|
|
|
📦 Artifact
📄 Appendix
|
|
On Data Fabrication in Collaborative Vehicular Perception: Attacks and Countermeasures
|
|
|
|
📦 Artifact
📄 Appendix
|
|
On a Collision Course: Unveiling Wireless Attacks to the Aircraft Traffic Collision Avoidance System (TCAS)
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Operation Mango: Scalable Discovery of Taint-Style Vulnerabilities in Binary Firmware Services
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Opportunistic Data Flow Integrity for Real-time Cyber-physical Systems Using Worst Case Execution Time Reservation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
PIXELMOD: Improving Soft Moderation of Visual Misleading Information on Twitter
|
|
|
|
📦 Artifact
📄 Appendix
|
|
PURE: Payments with UWB RElay-protection
|
|
|
|
📦 Artifacts:
1,
2,
3
📄 Appendix
|
|
PURL: Safe and Effective Sanitization of Link Decoration
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Pandawan: Quantifying Progress in Linux-based Firmware Rehosting
|
|
|
|
📦 Artifact
📄 Appendix
|
|
PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses
|
|
|
|
📦 Artifact
📄 Appendix
|
PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing
🏆 Distinguished Artifact Award
|
|
|
|
📦 Artifact
📄 Appendix
|
|
PerfOMR: Oblivious Message Retrieval with Reduced Communication and Computation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Practical Data-Only Attack Generation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
PrivImage: Differentially Private Synthetic Image Generation using Diffusion Models with Semantic-Aware Pretraining
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Query Recovery from Easy to Hard: Jigsaw Attack against SSE
|
|
|
|
📦 Artifact
📄 Appendix
|
|
RECORD: A RECeption-Only Region Determination Attack on LEO Satellite Users
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Racing on the Negative Force: Efficient Vulnerability Root-Cause Analysis through Reinforcement Learning on Counterexamples
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SIMurai: Slicing Through the Complexity of SIM Card Security Research
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SPF Beyond the Standard: Management and Operational Challenges in Practice and Practical Recommendations
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SWOOSH: Efficient Lattice-Based Non-Interactive Key Exchange
|
|
|
|
📦 Artifact
📄 Appendix
|
SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching
🏆 Distinguished Artifact Award
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Scalable Multi-Party Computation Protocols for Machine Learning in the Honest-Majority Setting
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SeaK: Rethinking the Design of a Secure Allocator for OS Kernel
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Secure Account Recovery for a Privacy-Preserving Web Service
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Shaken, not Stirred - Automated Discovery of Subtle Attacks on Protocols using Mix-Nets
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SnailLoad: Exploiting Remote Network Latency Measurements without JavaScript
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SoK: All You Need to Know About On-Device ML Model Extraction - The Gap Between Research and Practice
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SoK: Security of Programmable Logic Controllers
|
|
|
|
📦 Artifacts:
1,
2
📄 Appendix
|
|
SoK: State of the Krawlers - Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Current Deepfake Media Datasets
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Spider-Scents: Grey-box Database-aware Web Scanning for Stored XSS
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Spill the TeA: An Empirical Study of Trusted Application Rollback Prevention on Android Smartphones
|
|
|
|
📦 Artifact
📄 Appendix
|
|
SpotProxy: Rediscovering the Cloud for Censorship Circumvention
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Stateful Least Privilege Authorization for the Cloud
|
|
|
|
📦 Artifact
📄 Appendix
|
Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation
🏆 Distinguished Artifact Award
|
|
|
|
📦 Artifact
📄 Appendix
|
|
The Decisive Power of Indecision: Low-Variance Risk-Limiting Audits and Election Contestation via Marginal Mark Recording
|
|
|
|
📦 Artifact
📄 Appendix
|
|
The Imitation Game: Exploring Brand Impersonation Attacks on Social Media Platforms
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Toward Unbiased Multiple-Target Fuzzing with Path Diversity
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Towards Privacy and Security in Private Clouds: A Representative Survey on the Prevalence of Private Hosting and Administrator Characteristics
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Towards Privacy-Preserving Social-Media SDKs on Android
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Towards an Effective Method of ReDoS Detection for Non-backtracking Engines
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Trust Me If You Can - How Usable Is Trusted Types In Practice?
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM
|
|
|
|
📦 Artifact
📄 Appendix
|
|
UBA-Inf: Unlearning Activated Backdoor Attack with Influence-Driven Camouflage
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Understanding Ethereum Mempool Security under Asymmetric DoS by Symbolized Stateful Fuzzing
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Unveiling IoT Security in Reality: A Firmware-Centric Journey
|
|
|
|
📦 Artifact
📄 Appendix
|
|
VeriSimplePIR: Verifiability in SimplePIR at No Online Cost for Honest Servers
|
|
|
|
📦 Artifact
📄 Appendix
|
|
VulSim: Leveraging Similarity of Multi-Dimensional Neighbor Embeddings for Vulnerability Detection
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Web Platform Threats: Automated Detection of Web Security Issues With WPT
|
|
|
|
📦 Artifact
📄 Appendix
|
|
What Was Your Prompt? A Remote Keylogging Attack on AI Assistants
|
|
|
|
📦 Artifact
📄 Appendix
|
|
When Threads Meet Interrupts: Effective Static Detection of Interrupt-Based Deadlocks in Linux
|
|
|
|
📦 Artifact
📄 Appendix
|
|
When the User Is Inside the User Interface: An Empirical Study of UI Security Properties in Augmented Reality
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Windows into the Past: Exploiting Legacy Crypto in Modern OS's Kerberos Implementation
|
|
|
|
📦 Artifact
📄 Appendix
|
|
With Great Power Come Great Side Channels: Statistical Timing Side-Channel Analyses with Bounded Type-1 Errors
|
|
|
|
📦 Artifact
📄 Appendix
|
|
YPIR: High-Throughput Single-Server PIR with Silent Preprocessing
|
|
|
|
📦 Artifact
📄 Appendix
|
You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks
🏆 Distinguished Artifact Award
|
|
|
|
📦 Artifact
📄 Appendix
|
|
Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities
|
|
|
|
📦 Artifact
📄 Appendix
|
|
ZKSMT: A VM for Proving SMT Theorems in Zero Knowledge
|
|
|
|
📦 Artifact
📄 Appendix
|
|
d-DSE: Distinct Dynamic Searchable Encryption Resisting Volume Leakage in Encrypted Databases
|
|
|
|
📦 Artifact
📄 Appendix
|