S&P

S&Phttps://www.ieee-security.org/TC/SP-Index.htmlIEEE Symposium on Security and Privacy Accepted Papers - Powered by RSSHubRSSHubcontact@rsshub.app (RSSHub)enFri, 15 May 2026 19:49:47 GMT5FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Informationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20Informationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20InformationWed, 31 Dec 2025 16:00:00 GMTXiaoyu Cao (Duke University), Jinyuan Jia (Duke University), Zaixi Zhang (University of Science and Technology of China), Neil Zhenqiang Gong (Duke University)It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenseshttps://www.ieee-security.org/TC/SP2026/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20Defenseshttps://www.ieee-security.org/TC/SP2026/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20DefensesWed, 31 Dec 2025 16:00:00 GMTSoheil Khodayari (CISPA Helmholtz Center for Information Security Germany), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security Germany)Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20PrivacyWed, 31 Dec 2025 16:00:00 GMTWenqiang Ruan (Fudan University China), Mingxin Xu (Fudan University China), Wenjing Fnag (Ant Group China), Li Wang (Ant Group China), Lei Wang (Ant Group China), Weili Han (Fudan University China)D-DAE: Defense-Penetrating Model Extraction Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20AttacksWed, 31 Dec 2025 16:00:00 GMTYanjiao Chen (Zhejiang University), Rui Guan (Wuhan University), Xueluan Gong (Wuhan University), Jianshuo Dong (Wuhan University), Meng Xue (Wuhan University)Examining Zero-Shot Vulnerability Repair with Large Language Modelshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20Modelshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20ModelsWed, 31 Dec 2025 16:00:00 GMTHammond Pearce (New York University), Benjamin Tan (University of Calgary), Baleegh Ahmad (New York University), Ramesh Karri (New York University), Brendan Dolan-Gavitt (New York University)Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20VulnerabilitiesWed, 31 Dec 2025 16:00:00 GMTErik Trickel (Arizona State University), Fabio Pagani (UC Santa Barbra), Chang Zhu (Arizona State University), Lukas Dresel (UC Santa Barbra), Giovanni Vigna (UC Santa Barbara), Christopher Kruegel (UC Santa Barbara), Ruoyu Wang (Arizona State University), Tiffany Bao (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupe (Arizona State University)WeRLman: To Tackle Whale (Transactions), Go Deep (RL)https://www.ieee-security.org/TC/SP2026/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)https://www.ieee-security.org/TC/SP2026/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)Wed, 31 Dec 2025 16:00:00 GMTRoi Bar-Zur (Technion IC3), Ameer Abu-Hanna (Technion), Ittay Eyal (Technion IC3), Aviv Tamar (Technion)Vulnerability Discovery for All: Experiences of Marginalization in Vulnerability Discoveryhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20Discoveryhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20DiscoveryWed, 31 Dec 2025 16:00:00 GMTKelsey R. Fulton (University of Maryland), Samantha Katcher (Tufts University), Kevin Song (University of Chicago), Marshini Chetty (University of Chicago), Michelle L. Mazurek (University of Maryland), Daniel Votipka (Tufts University), Chloé Messdaghi (Impactive Consulting)SQUIP: Exploiting the Scheduler Queue Contention Side Channelhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20Channelhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20ChannelWed, 31 Dec 2025 16:00:00 GMTStefan Gast (Lamarr Security Research Graz University of Technology), Jonas Juffinger (Lamarr Security Research Graz University of Technology), Martin Schwarzl (Graz University of Technology), Gururaj Saileshwar (Georgia Institute of Technology), Andreas Kogler (Graz University of Technology), Simone Franza (Graz University of Technology), Markus Köstl (Graz University of Technology), Daniel Gruss (Lamarr Security Research Graz University of Technology)SoK: Taxonomy of Attacks on Open-Source Software Supply Chainshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20Chainshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20ChainsWed, 31 Dec 2025 16:00:00 GMTPiergiorgio Ladisa (SAP Security Research Université de Rennes 1), Henrik Plate (SAP Security Research), Matias Martinez (Université Polytechnique Hauts-de-France), Olivier Barais (Université de Rennes 1 Inria IRISA)SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusionshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20Intrusionshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20IntrusionsWed, 31 Dec 2025 16:00:00 GMTMuhammad Adil Inam (University of Illinois at Urbana-Champaign), Yinfang Chen (University of Illinois at Urbana-Champaign), Akul Goyal (University of Illinois at Urbana-Champaign), Jason Liu (University of Illinois at Urbana-Champaign), Jaron Mink (University of Illinois at Urbana-Champaign), Noor Michael (University of Illinois at Urbana-Champaign), Sneha Gaur (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign), Wajih Ul Hassan (University of Virginia)No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Informationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20Informationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20InformationWed, 31 Dec 2025 16:00:00 GMTStephanie de Smale (National Cyber Security Centre The Netherlands & Delft University of Technology The Netherlands), Rik van Dijk (National Cyber Security Centre The Netherlands), Xander Bouwman (Delft University of Technology The Netherlands), Jeroen van der Ham (National Cyber Security Centre The Netherlands & University of Twente The Netherlands), Michel van Eeten (Delft University of Technology The Netherlands)Rethinking Searchable Symmetric Encryptionhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Rethinking%20Searchable%20Symmetric%20Encryptionhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Rethinking%20Searchable%20Symmetric%20EncryptionWed, 31 Dec 2025 16:00:00 GMTZichen Gui (ETH Zurich Switzerland), Kenneth G. Paterson (ETH Zurich Switzerland), Sikhar Patranabis (IBM Research India)SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenseshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20Defenseshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20DefensesWed, 31 Dec 2025 16:00:00 GMTNate Mathews (Rochester Institute of Technology), James K Holland (University of Minnesota), Se Eun Oh (Ewha Womans University), Mohammad Saidur Rahman (Rochester Institute of Technology), Nicholas Hopper (University of Minnesota), Matthew Wright (Rochester Institute of Technology)SoK: Certified Robustness for Deep Neural Networkshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20NetworksWed, 31 Dec 2025 16:00:00 GMTLinyi Li (University of Illinois Urbana-Champaign USA), Tao Xie (Key Laboratory of High Confidence Software Technologies MoE (Peking University) China), Bo Li (University of Illinois Urbana-Champaign USA)GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semanticshttps://www.ieee-security.org/TC/SP2026/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20Semanticshttps://www.ieee-security.org/TC/SP2026/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20SemanticsWed, 31 Dec 2025 16:00:00 GMTShu Wang (George Mason University USA), Xinda Wang (George Mason University USA), Kun Sun (George Mason University USA), Sushil Jajodia (George Mason University USA), Haining Wang (Virginia Tech USA), Qi Li (Tsinghua University China)AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20VulnerabilitiesWed, 31 Dec 2025 16:00:00 GMTZheyue Jiang (Fudan University), Yuan Zhang (Fudan University), Jun Xu (University of Utah), Xinqian Sun (Fudan University), Zhuang Liu (Fudan University), Min Yang (Fudan University)Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirectshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20Redirectshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20RedirectsWed, 31 Dec 2025 16:00:00 GMTXuewei Feng (Tsinghua University China), Qi Li (Tsinghua University and Zhongguancun Lab China), Kun Sun (George Mason University USA), Yuxiang Yang (Tsinghua University), Ke Xu (Tsinghua University and Zhongguancun Lab China)Inducing Wireless Chargers to Voice Out for Inaudible Command Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20AttacksWed, 31 Dec 2025 16:00:00 GMTDonghui Dai (The Hong Kong Polytechnic University China), Zhenlin An (The Hong Kong Polytechnic University China), Lei Yang (The Hong Kong Polytechnic University China)IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20Geolocationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20GeolocationWed, 31 Dec 2025 16:00:00 GMTErik Rye (University of Maryland), Robert Beverly (CMAND)SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsicalhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalWed, 31 Dec 2025 16:00:00 GMTMoses Ike (Georgia Institute of Technology USA), Kandy Phan (Sandia National Labs USA), Keaton Sadoski (Sandia National Labs USA), Romuald Valme (Sandia National Labs USA), Wenke Lee (Georgia Institute of Technology USA)Skilled or Gullible? Gender Stereotypes Related to Computer Security and Privacyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20Privacyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20PrivacyWed, 31 Dec 2025 16:00:00 GMTMiranda Wei (University of Washington USA), Pardis Emami-Naeini (Duke University USA), Franziska Roesner (University of Washington USA), Tadayoshi Kohno (University of Washington USA)PLA-LiDAR: Physical Laser Attacks against LiDAR-based 3D Object Detection in Autonomous Vehiclehttps://www.ieee-security.org/TC/SP2026/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20Vehiclehttps://www.ieee-security.org/TC/SP2026/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20VehicleWed, 31 Dec 2025 16:00:00 GMTZizhi Jin (Zhejiang University), Ji Xiaoyu (Zhejiang University), Yushi Cheng (Tsinghua University), Bo Yang (Zhejiang University), Chen Yan (Zhejiang University), Wenyuan Xu (Zhejiang University)Towards a Rigorous Statistical Analysis of Empirical Password Datasetshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20Datasetshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20DatasetsWed, 31 Dec 2025 16:00:00 GMTJeremiah Blocki (Purdue University USA), Peiyuan Liu (Purdue University USA)Spectre Declassified: Reading from the Right Place at the Wrong Timehttps://www.ieee-security.org/TC/SP2026/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20Timehttps://www.ieee-security.org/TC/SP2026/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20TimeWed, 31 Dec 2025 16:00:00 GMTBasavesh Ammanaghatta Shivakumar (Max Planck Institute for Security and Privacy Germany), Jack Barnes (The University of Adelaide Australia), Gilles Barthe (Max Planck Institute for Security and Privacy Germany; IMDEA Software Institute Spain), Sunjay Cauligi (Max Planck Institute for Security and Privacy Germany), Chitchanok Chuengsatiansup (The University of Adelaide Australia), Daniel Genkin (Georgia Institute of Technology USA), Sioli O'Connell (The University of Adelaide Australia), Peter Schwabe (Max Planck Institute for Security and Privacy Germany; Radboud University Netherlands), Rui Qi Sim (The University of Adelaide Australia), Yuval Yarom (The University of Adelaide Australia)CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammerhttps://www.ieee-security.org/TC/SP2026/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20Rowhammerhttps://www.ieee-security.org/TC/SP2026/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20RowhammerWed, 31 Dec 2025 16:00:00 GMTJonas Juffinger (Lamarr Security Research Graz University of Technology Austria), Lukas Lamster (Graz University of Technology Austria), Andreas Kogler (Graz University of Technology Austria), Maria Eichlseder (Graz University of Technology Austria), Moritz Lipp (Amazon Web Services Austria), Daniel Gruss (Graz University of Technology Austria)Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Deviceshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20Deviceshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20DevicesWed, 31 Dec 2025 16:00:00 GMTTyler Tucker (University of Florida), Hunter Searle (University of Florida), Kevin Butler (University of Florida), Patrick Traynor (University of Florida)D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modelinghttps://www.ieee-security.org/TC/SP2026/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20Modelinghttps://www.ieee-security.org/TC/SP2026/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20ModelingWed, 31 Dec 2025 16:00:00 GMTYapeng Ye (Purdue University USA), Zhuo Zhang (Purdue University USA), Qingkai Shi (Purdue University USA), Yousra Aafer (University of Waterloo Canada), Xiangyu Zhang (Purdue University USA)UTOPIA: Automatic Generation of Fuzz Driver using Unit Testshttps://www.ieee-security.org/TC/SP2026/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20Testshttps://www.ieee-security.org/TC/SP2026/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20TestsWed, 31 Dec 2025 16:00:00 GMTBokdeuk Jeong (Samsung Research Republic of Korea), Joonun Jang (Samsung Research Republic of Korea), Hayoon Yi (Samsung Research Republic of Korea), Jiin Moon (Samsung Research Republic of Korea), Junsik Kim (Samsung Research Republic of Korea), Intae Jeon (Samsung Research Republic of Korea), Taesoo Kim (Samsung Research Republic of Korea; Georgia Institute of Technology USA), WooChul Shim (Samsung Research Republic of Korea), Yong Ho Hwang (Samsung Research Republic of Korea)MEGA: Malleable Encryption Goes Awryhttps://www.ieee-security.org/TC/SP2026/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20Awryhttps://www.ieee-security.org/TC/SP2026/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20AwryWed, 31 Dec 2025 16:00:00 GMTMatilda Backendal (ETH Zurich), Haller Miro (ETH Zurich), Kenneth G. Paterson (ETH Zurich)DeHiREC: Detecting Hidden Voice Recorders via ADC Electromagnetic Radiationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20Radiationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20RadiationWed, 31 Dec 2025 16:00:00 GMTRuochen Zhou (Zhejiang University), Xiaoyu Ji (Zhejiang University), Chen Yan (Zhejiang University), Yi-Chao Chen (Shanghai Jiao Tong University; Microsoft Research Asia), Wenyuan Xu (Zhejiang University), Chaohao Li (Zhejiang University)Shedding Light on Inconsistencies in Grid Cybersecurity: Disconnects and Recommendationshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20Recommendationshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20RecommendationsWed, 31 Dec 2025 16:00:00 GMTBrian Singer (Carnegie Mellon University), Amritanshu Pandey (Carnegie Mellon University), Shimiao Li (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Craig Miller (Carnegie Mellon University), Lawrence Pileggi (Carnegie Mellon University), Vyas Sekar (Carnegie Mellon University)FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20Instantiationhttps://www.ieee-security.org/TC/SP2026/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20InstantiationWed, 31 Dec 2025 16:00:00 GMTNina Bindel (SandboxAQ), Cas Cremers (CISPA Helmholtz Center for Information Security), Mang Zhao (CISPA Helmholtz Center for Information Security)Clockwork Finance: Automated Analysis of Economic Security in Smart Contractshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20ContractsWed, 31 Dec 2025 16:00:00 GMTKushal Babel (Cornell Tech), Philip Daian (Cornell Tech), Mahimna Kelkar (Cornell Tech), Ari Juels (Cornell Tech)Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet wormshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormsWed, 31 Dec 2025 16:00:00 GMTHarm Griffioen (Hasso Plattner Institute for Digital Engineering University of Potsdam), Christian Doerr (Hasso Plattner Institute for Digital Engineering University of Potsdam)Detection of Inconsistencies in Privacy Practices of Browser Extensionshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20Extensionshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20ExtensionsWed, 31 Dec 2025 16:00:00 GMTDuc Bui (University of Michigan United States of America), Brian Tang (University of Michigan United States of America), Kang G. Shin (University of Michigan United States of America)RAB: Provable Robustness Against Backdoor Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20Attackshttps://www.ieee-security.org/TC/SP2026/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20AttacksWed, 31 Dec 2025 16:00:00 GMTMaurice Weber (ETH Zurich Switzerland), Xiaojun Xu (University of Illinois at Urbana-Champaign USA), Bojan Karlas (ETH Zurich Switzerland), Ce Zhang (ETH Zurich Switzerland), Bo Li (University of Illinois at Urbana-Champaign USA)SoK: Anti-Facial Recognition Technologyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Anti-Facial%20Recognition%20Technologyhttps://www.ieee-security.org/TC/SP2026/program-papers.html#SoK:%20Anti-Facial%20Recognition%20TechnologyWed, 31 Dec 2025 16:00:00 GMTEmily Wenger (University of Chicago), Shawn Shan (University of Chicago), Haitao Zheng (University of Chicago), Ben Y. Zhao (University of Chicago)Deepfake Text Detection: Limitations and Opportunitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20Opportunitieshttps://www.ieee-security.org/TC/SP2026/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20OpportunitiesWed, 31 Dec 2025 16:00:00 GMTJiameng Pu (Virginia Tech USA), Zain Sarwar (University Of Chicago USA), Sifat Muhammad Abdullah (Virginia Tech USA), Abdullah Rehman (Virginia Tech USA), Yoonjin Kim (Virginia Tech USA), Parantapa Bhattacharya (University Of Virginia USA), Mobin Javed (LUMS Pakistan), Bimal Viswanath (Virginia Tech USA)PCspooF: Compromising the Safety of Time-Triggered Ethernethttps://www.ieee-security.org/TC/SP2026/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20Ethernethttps://www.ieee-security.org/TC/SP2026/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20EthernetWed, 31 Dec 2025 16:00:00 GMTAndrew Loveless (University of Michigan; NASA Johnson Space Center), Linh Thi Xuan Phan (University of Pennsylvania), Ronald Dreslinski (University of Michigan), Baris Kasikci (University of Michigan)"It's up to the Consumer to be Smart": Understanding the Security and Privacy Attitudes of Smart Home Users on Reddithttps://www.ieee-security.org/TC/SP2026/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20Reddithttps://www.ieee-security.org/TC/SP2026/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20RedditWed, 31 Dec 2025 16:00:00 GMTJingjie Li (University of Wisconsin-Madison USA), Kaiwen Sun (University of Michigan USA), Brittany Skye Huff (University of Wisconsin-Madison USA), Anna Marie Bierley (University of Wisconsin-Madison USA), Younghyun Kim (University of Wisconsin-Madison USA), Florian Schaub (University of Michigan USA), Kassem Fawaz (University of Wisconsin-Madison USA)TEEzz: Fuzzing Trusted Applications on COTS Android Deviceshttps://www.ieee-security.org/TC/SP2026/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20Deviceshttps://www.ieee-security.org/TC/SP2026/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20DevicesWed, 31 Dec 2025 16:00:00 GMTMarcel Busch (EPFL), Aravind Machiry (Purdue University), Chad Spensky (Allthenticate), Giovanni Vigna (University of California Santa Barbara), Christopher Kruegel (University of California Santa Barbara), Mathias Payer (EPFL)"How technical do you get? I'm an English teacher": Teaching and Learning Cybersecurity and AI Ethics in High Schoolhttps://www.ieee-security.org/TC/SP2026/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20Schoolhttps://www.ieee-security.org/TC/SP2026/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20SchoolWed, 31 Dec 2025 16:00:00 GMTZachary Kilhoffer (University of Illinois at Urbana-Champaign USA), Zhixuan Zhou (University of Illinois at Urbana-Champaign USA), Firmiana Wang (University of Illinois Laboratory High School USA), Fahad Tamton (University of Illinois at Urbana-Champaign USA), Yun Huang (University of Illinois at Urbana-Champaign USA), Pilyoung Kim (University of Denver USA), Tom Yeh (University of Colorado Boulder USA), Yang Wang (University of Illinois at Urbana-Champaign USA)FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Informationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20Informationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20InformationTue, 31 Dec 2024 16:00:00 GMTXiaoyu Cao (Duke University), Jinyuan Jia (Duke University), Zaixi Zhang (University of Science and Technology of China), Neil Zhenqiang Gong (Duke University)It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenseshttps://www.ieee-security.org/TC/SP2025/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20Defenseshttps://www.ieee-security.org/TC/SP2025/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20DefensesTue, 31 Dec 2024 16:00:00 GMTSoheil Khodayari (CISPA Helmholtz Center for Information Security Germany), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security Germany)Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20PrivacyTue, 31 Dec 2024 16:00:00 GMTWenqiang Ruan (Fudan University China), Mingxin Xu (Fudan University China), Wenjing Fnag (Ant Group China), Li Wang (Ant Group China), Lei Wang (Ant Group China), Weili Han (Fudan University China)D-DAE: Defense-Penetrating Model Extraction Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20AttacksTue, 31 Dec 2024 16:00:00 GMTYanjiao Chen (Zhejiang University), Rui Guan (Wuhan University), Xueluan Gong (Wuhan University), Jianshuo Dong (Wuhan University), Meng Xue (Wuhan University)Examining Zero-Shot Vulnerability Repair with Large Language Modelshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20Modelshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20ModelsTue, 31 Dec 2024 16:00:00 GMTHammond Pearce (New York University), Benjamin Tan (University of Calgary), Baleegh Ahmad (New York University), Ramesh Karri (New York University), Brendan Dolan-Gavitt (New York University)Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20VulnerabilitiesTue, 31 Dec 2024 16:00:00 GMTErik Trickel (Arizona State University), Fabio Pagani (UC Santa Barbra), Chang Zhu (Arizona State University), Lukas Dresel (UC Santa Barbra), Giovanni Vigna (UC Santa Barbara), Christopher Kruegel (UC Santa Barbara), Ruoyu Wang (Arizona State University), Tiffany Bao (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupe (Arizona State University)WeRLman: To Tackle Whale (Transactions), Go Deep (RL)https://www.ieee-security.org/TC/SP2025/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)https://www.ieee-security.org/TC/SP2025/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)Tue, 31 Dec 2024 16:00:00 GMTRoi Bar-Zur (Technion IC3), Ameer Abu-Hanna (Technion), Ittay Eyal (Technion IC3), Aviv Tamar (Technion)Vulnerability Discovery for All: Experiences of Marginalization in Vulnerability Discoveryhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20Discoveryhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20DiscoveryTue, 31 Dec 2024 16:00:00 GMTKelsey R. Fulton (University of Maryland), Samantha Katcher (Tufts University), Kevin Song (University of Chicago), Marshini Chetty (University of Chicago), Michelle L. Mazurek (University of Maryland), Daniel Votipka (Tufts University), Chloé Messdaghi (Impactive Consulting)SQUIP: Exploiting the Scheduler Queue Contention Side Channelhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20Channelhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20ChannelTue, 31 Dec 2024 16:00:00 GMTStefan Gast (Lamarr Security Research Graz University of Technology), Jonas Juffinger (Lamarr Security Research Graz University of Technology), Martin Schwarzl (Graz University of Technology), Gururaj Saileshwar (Georgia Institute of Technology), Andreas Kogler (Graz University of Technology), Simone Franza (Graz University of Technology), Markus Köstl (Graz University of Technology), Daniel Gruss (Lamarr Security Research Graz University of Technology)SoK: Taxonomy of Attacks on Open-Source Software Supply Chainshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20Chainshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20ChainsTue, 31 Dec 2024 16:00:00 GMTPiergiorgio Ladisa (SAP Security Research Université de Rennes 1), Henrik Plate (SAP Security Research), Matias Martinez (Université Polytechnique Hauts-de-France), Olivier Barais (Université de Rennes 1 Inria IRISA)SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusionshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20Intrusionshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20IntrusionsTue, 31 Dec 2024 16:00:00 GMTMuhammad Adil Inam (University of Illinois at Urbana-Champaign), Yinfang Chen (University of Illinois at Urbana-Champaign), Akul Goyal (University of Illinois at Urbana-Champaign), Jason Liu (University of Illinois at Urbana-Champaign), Jaron Mink (University of Illinois at Urbana-Champaign), Noor Michael (University of Illinois at Urbana-Champaign), Sneha Gaur (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign), Wajih Ul Hassan (University of Virginia)No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Informationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20Informationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20InformationTue, 31 Dec 2024 16:00:00 GMTStephanie de Smale (National Cyber Security Centre The Netherlands & Delft University of Technology The Netherlands), Rik van Dijk (National Cyber Security Centre The Netherlands), Xander Bouwman (Delft University of Technology The Netherlands), Jeroen van der Ham (National Cyber Security Centre The Netherlands & University of Twente The Netherlands), Michel van Eeten (Delft University of Technology The Netherlands)Rethinking Searchable Symmetric Encryptionhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Rethinking%20Searchable%20Symmetric%20Encryptionhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Rethinking%20Searchable%20Symmetric%20EncryptionTue, 31 Dec 2024 16:00:00 GMTZichen Gui (ETH Zurich Switzerland), Kenneth G. Paterson (ETH Zurich Switzerland), Sikhar Patranabis (IBM Research India)SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenseshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20Defenseshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20DefensesTue, 31 Dec 2024 16:00:00 GMTNate Mathews (Rochester Institute of Technology), James K Holland (University of Minnesota), Se Eun Oh (Ewha Womans University), Mohammad Saidur Rahman (Rochester Institute of Technology), Nicholas Hopper (University of Minnesota), Matthew Wright (Rochester Institute of Technology)SoK: Certified Robustness for Deep Neural Networkshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20NetworksTue, 31 Dec 2024 16:00:00 GMTLinyi Li (University of Illinois Urbana-Champaign USA), Tao Xie (Key Laboratory of High Confidence Software Technologies MoE (Peking University) China), Bo Li (University of Illinois Urbana-Champaign USA)GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semanticshttps://www.ieee-security.org/TC/SP2025/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20Semanticshttps://www.ieee-security.org/TC/SP2025/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20SemanticsTue, 31 Dec 2024 16:00:00 GMTShu Wang (George Mason University USA), Xinda Wang (George Mason University USA), Kun Sun (George Mason University USA), Sushil Jajodia (George Mason University USA), Haining Wang (Virginia Tech USA), Qi Li (Tsinghua University China)AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20VulnerabilitiesTue, 31 Dec 2024 16:00:00 GMTZheyue Jiang (Fudan University), Yuan Zhang (Fudan University), Jun Xu (University of Utah), Xinqian Sun (Fudan University), Zhuang Liu (Fudan University), Min Yang (Fudan University)Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirectshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20Redirectshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20RedirectsTue, 31 Dec 2024 16:00:00 GMTXuewei Feng (Tsinghua University China), Qi Li (Tsinghua University and Zhongguancun Lab China), Kun Sun (George Mason University USA), Yuxiang Yang (Tsinghua University), Ke Xu (Tsinghua University and Zhongguancun Lab China)Inducing Wireless Chargers to Voice Out for Inaudible Command Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20AttacksTue, 31 Dec 2024 16:00:00 GMTDonghui Dai (The Hong Kong Polytechnic University China), Zhenlin An (The Hong Kong Polytechnic University China), Lei Yang (The Hong Kong Polytechnic University China)IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20Geolocationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20GeolocationTue, 31 Dec 2024 16:00:00 GMTErik Rye (University of Maryland), Robert Beverly (CMAND)SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsicalhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalTue, 31 Dec 2024 16:00:00 GMTMoses Ike (Georgia Institute of Technology USA), Kandy Phan (Sandia National Labs USA), Keaton Sadoski (Sandia National Labs USA), Romuald Valme (Sandia National Labs USA), Wenke Lee (Georgia Institute of Technology USA)Skilled or Gullible? Gender Stereotypes Related to Computer Security and Privacyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20Privacyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20PrivacyTue, 31 Dec 2024 16:00:00 GMTMiranda Wei (University of Washington USA), Pardis Emami-Naeini (Duke University USA), Franziska Roesner (University of Washington USA), Tadayoshi Kohno (University of Washington USA)PLA-LiDAR: Physical Laser Attacks against LiDAR-based 3D Object Detection in Autonomous Vehiclehttps://www.ieee-security.org/TC/SP2025/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20Vehiclehttps://www.ieee-security.org/TC/SP2025/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20VehicleTue, 31 Dec 2024 16:00:00 GMTZizhi Jin (Zhejiang University), Ji Xiaoyu (Zhejiang University), Yushi Cheng (Tsinghua University), Bo Yang (Zhejiang University), Chen Yan (Zhejiang University), Wenyuan Xu (Zhejiang University)Towards a Rigorous Statistical Analysis of Empirical Password Datasetshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20Datasetshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20DatasetsTue, 31 Dec 2024 16:00:00 GMTJeremiah Blocki (Purdue University USA), Peiyuan Liu (Purdue University USA)Spectre Declassified: Reading from the Right Place at the Wrong Timehttps://www.ieee-security.org/TC/SP2025/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20Timehttps://www.ieee-security.org/TC/SP2025/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20TimeTue, 31 Dec 2024 16:00:00 GMTBasavesh Ammanaghatta Shivakumar (Max Planck Institute for Security and Privacy Germany), Jack Barnes (The University of Adelaide Australia), Gilles Barthe (Max Planck Institute for Security and Privacy Germany; IMDEA Software Institute Spain), Sunjay Cauligi (Max Planck Institute for Security and Privacy Germany), Chitchanok Chuengsatiansup (The University of Adelaide Australia), Daniel Genkin (Georgia Institute of Technology USA), Sioli O'Connell (The University of Adelaide Australia), Peter Schwabe (Max Planck Institute for Security and Privacy Germany; Radboud University Netherlands), Rui Qi Sim (The University of Adelaide Australia), Yuval Yarom (The University of Adelaide Australia)CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammerhttps://www.ieee-security.org/TC/SP2025/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20Rowhammerhttps://www.ieee-security.org/TC/SP2025/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20RowhammerTue, 31 Dec 2024 16:00:00 GMTJonas Juffinger (Lamarr Security Research Graz University of Technology Austria), Lukas Lamster (Graz University of Technology Austria), Andreas Kogler (Graz University of Technology Austria), Maria Eichlseder (Graz University of Technology Austria), Moritz Lipp (Amazon Web Services Austria), Daniel Gruss (Graz University of Technology Austria)Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Deviceshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20Deviceshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20DevicesTue, 31 Dec 2024 16:00:00 GMTTyler Tucker (University of Florida), Hunter Searle (University of Florida), Kevin Butler (University of Florida), Patrick Traynor (University of Florida)D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modelinghttps://www.ieee-security.org/TC/SP2025/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20Modelinghttps://www.ieee-security.org/TC/SP2025/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20ModelingTue, 31 Dec 2024 16:00:00 GMTYapeng Ye (Purdue University USA), Zhuo Zhang (Purdue University USA), Qingkai Shi (Purdue University USA), Yousra Aafer (University of Waterloo Canada), Xiangyu Zhang (Purdue University USA)UTOPIA: Automatic Generation of Fuzz Driver using Unit Testshttps://www.ieee-security.org/TC/SP2025/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20Testshttps://www.ieee-security.org/TC/SP2025/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20TestsTue, 31 Dec 2024 16:00:00 GMTBokdeuk Jeong (Samsung Research Republic of Korea), Joonun Jang (Samsung Research Republic of Korea), Hayoon Yi (Samsung Research Republic of Korea), Jiin Moon (Samsung Research Republic of Korea), Junsik Kim (Samsung Research Republic of Korea), Intae Jeon (Samsung Research Republic of Korea), Taesoo Kim (Samsung Research Republic of Korea; Georgia Institute of Technology USA), WooChul Shim (Samsung Research Republic of Korea), Yong Ho Hwang (Samsung Research Republic of Korea)MEGA: Malleable Encryption Goes Awryhttps://www.ieee-security.org/TC/SP2025/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20Awryhttps://www.ieee-security.org/TC/SP2025/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20AwryTue, 31 Dec 2024 16:00:00 GMTMatilda Backendal (ETH Zurich), Haller Miro (ETH Zurich), Kenneth G. Paterson (ETH Zurich)DeHiREC: Detecting Hidden Voice Recorders via ADC Electromagnetic Radiationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20Radiationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20RadiationTue, 31 Dec 2024 16:00:00 GMTRuochen Zhou (Zhejiang University), Xiaoyu Ji (Zhejiang University), Chen Yan (Zhejiang University), Yi-Chao Chen (Shanghai Jiao Tong University; Microsoft Research Asia), Wenyuan Xu (Zhejiang University), Chaohao Li (Zhejiang University)Shedding Light on Inconsistencies in Grid Cybersecurity: Disconnects and Recommendationshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20Recommendationshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20RecommendationsTue, 31 Dec 2024 16:00:00 GMTBrian Singer (Carnegie Mellon University), Amritanshu Pandey (Carnegie Mellon University), Shimiao Li (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Craig Miller (Carnegie Mellon University), Lawrence Pileggi (Carnegie Mellon University), Vyas Sekar (Carnegie Mellon University)FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20Instantiationhttps://www.ieee-security.org/TC/SP2025/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20InstantiationTue, 31 Dec 2024 16:00:00 GMTNina Bindel (SandboxAQ), Cas Cremers (CISPA Helmholtz Center for Information Security), Mang Zhao (CISPA Helmholtz Center for Information Security)Clockwork Finance: Automated Analysis of Economic Security in Smart Contractshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20ContractsTue, 31 Dec 2024 16:00:00 GMTKushal Babel (Cornell Tech), Philip Daian (Cornell Tech), Mahimna Kelkar (Cornell Tech), Ari Juels (Cornell Tech)Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet wormshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormsTue, 31 Dec 2024 16:00:00 GMTHarm Griffioen (Hasso Plattner Institute for Digital Engineering University of Potsdam), Christian Doerr (Hasso Plattner Institute for Digital Engineering University of Potsdam)Detection of Inconsistencies in Privacy Practices of Browser Extensionshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20Extensionshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20ExtensionsTue, 31 Dec 2024 16:00:00 GMTDuc Bui (University of Michigan United States of America), Brian Tang (University of Michigan United States of America), Kang G. Shin (University of Michigan United States of America)RAB: Provable Robustness Against Backdoor Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20Attackshttps://www.ieee-security.org/TC/SP2025/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20AttacksTue, 31 Dec 2024 16:00:00 GMTMaurice Weber (ETH Zurich Switzerland), Xiaojun Xu (University of Illinois at Urbana-Champaign USA), Bojan Karlas (ETH Zurich Switzerland), Ce Zhang (ETH Zurich Switzerland), Bo Li (University of Illinois at Urbana-Champaign USA)SoK: Anti-Facial Recognition Technologyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Anti-Facial%20Recognition%20Technologyhttps://www.ieee-security.org/TC/SP2025/program-papers.html#SoK:%20Anti-Facial%20Recognition%20TechnologyTue, 31 Dec 2024 16:00:00 GMTEmily Wenger (University of Chicago), Shawn Shan (University of Chicago), Haitao Zheng (University of Chicago), Ben Y. Zhao (University of Chicago)Deepfake Text Detection: Limitations and Opportunitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20Opportunitieshttps://www.ieee-security.org/TC/SP2025/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20OpportunitiesTue, 31 Dec 2024 16:00:00 GMTJiameng Pu (Virginia Tech USA), Zain Sarwar (University Of Chicago USA), Sifat Muhammad Abdullah (Virginia Tech USA), Abdullah Rehman (Virginia Tech USA), Yoonjin Kim (Virginia Tech USA), Parantapa Bhattacharya (University Of Virginia USA), Mobin Javed (LUMS Pakistan), Bimal Viswanath (Virginia Tech USA)PCspooF: Compromising the Safety of Time-Triggered Ethernethttps://www.ieee-security.org/TC/SP2025/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20Ethernethttps://www.ieee-security.org/TC/SP2025/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20EthernetTue, 31 Dec 2024 16:00:00 GMTAndrew Loveless (University of Michigan; NASA Johnson Space Center), Linh Thi Xuan Phan (University of Pennsylvania), Ronald Dreslinski (University of Michigan), Baris Kasikci (University of Michigan)"It's up to the Consumer to be Smart": Understanding the Security and Privacy Attitudes of Smart Home Users on Reddithttps://www.ieee-security.org/TC/SP2025/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20Reddithttps://www.ieee-security.org/TC/SP2025/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20RedditTue, 31 Dec 2024 16:00:00 GMTJingjie Li (University of Wisconsin-Madison USA), Kaiwen Sun (University of Michigan USA), Brittany Skye Huff (University of Wisconsin-Madison USA), Anna Marie Bierley (University of Wisconsin-Madison USA), Younghyun Kim (University of Wisconsin-Madison USA), Florian Schaub (University of Michigan USA), Kassem Fawaz (University of Wisconsin-Madison USA)TEEzz: Fuzzing Trusted Applications on COTS Android Deviceshttps://www.ieee-security.org/TC/SP2025/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20Deviceshttps://www.ieee-security.org/TC/SP2025/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20DevicesTue, 31 Dec 2024 16:00:00 GMTMarcel Busch (EPFL), Aravind Machiry (Purdue University), Chad Spensky (Allthenticate), Giovanni Vigna (University of California Santa Barbara), Christopher Kruegel (University of California Santa Barbara), Mathias Payer (EPFL)"How technical do you get? I'm an English teacher": Teaching and Learning Cybersecurity and AI Ethics in High Schoolhttps://www.ieee-security.org/TC/SP2025/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20Schoolhttps://www.ieee-security.org/TC/SP2025/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20SchoolTue, 31 Dec 2024 16:00:00 GMTZachary Kilhoffer (University of Illinois at Urbana-Champaign USA), Zhixuan Zhou (University of Illinois at Urbana-Champaign USA), Firmiana Wang (University of Illinois Laboratory High School USA), Fahad Tamton (University of Illinois at Urbana-Champaign USA), Yun Huang (University of Illinois at Urbana-Champaign USA), Pilyoung Kim (University of Denver USA), Tom Yeh (University of Colorado Boulder USA), Yang Wang (University of Illinois at Urbana-Champaign USA)FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Informationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20Informationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20InformationSun, 31 Dec 2023 16:00:00 GMTXiaoyu Cao (Duke University), Jinyuan Jia (Duke University), Zaixi Zhang (University of Science and Technology of China), Neil Zhenqiang Gong (Duke University)It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenseshttps://www.ieee-security.org/TC/SP2024/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20Defenseshttps://www.ieee-security.org/TC/SP2024/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20DefensesSun, 31 Dec 2023 16:00:00 GMTSoheil Khodayari (CISPA Helmholtz Center for Information Security Germany), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security Germany)Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20PrivacySun, 31 Dec 2023 16:00:00 GMTWenqiang Ruan (Fudan University China), Mingxin Xu (Fudan University China), Wenjing Fnag (Ant Group China), Li Wang (Ant Group China), Lei Wang (Ant Group China), Weili Han (Fudan University China)D-DAE: Defense-Penetrating Model Extraction Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20AttacksSun, 31 Dec 2023 16:00:00 GMTYanjiao Chen (Zhejiang University), Rui Guan (Wuhan University), Xueluan Gong (Wuhan University), Jianshuo Dong (Wuhan University), Meng Xue (Wuhan University)Examining Zero-Shot Vulnerability Repair with Large Language Modelshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20Modelshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20ModelsSun, 31 Dec 2023 16:00:00 GMTHammond Pearce (New York University), Benjamin Tan (University of Calgary), Baleegh Ahmad (New York University), Ramesh Karri (New York University), Brendan Dolan-Gavitt (New York University)Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20VulnerabilitiesSun, 31 Dec 2023 16:00:00 GMTErik Trickel (Arizona State University), Fabio Pagani (UC Santa Barbra), Chang Zhu (Arizona State University), Lukas Dresel (UC Santa Barbra), Giovanni Vigna (UC Santa Barbara), Christopher Kruegel (UC Santa Barbara), Ruoyu Wang (Arizona State University), Tiffany Bao (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupe (Arizona State University)WeRLman: To Tackle Whale (Transactions), Go Deep (RL)https://www.ieee-security.org/TC/SP2024/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)https://www.ieee-security.org/TC/SP2024/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)Sun, 31 Dec 2023 16:00:00 GMTRoi Bar-Zur (Technion IC3), Ameer Abu-Hanna (Technion), Ittay Eyal (Technion IC3), Aviv Tamar (Technion)Vulnerability Discovery for All: Experiences of Marginalization in Vulnerability Discoveryhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20Discoveryhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20DiscoverySun, 31 Dec 2023 16:00:00 GMTKelsey R. Fulton (University of Maryland), Samantha Katcher (Tufts University), Kevin Song (University of Chicago), Marshini Chetty (University of Chicago), Michelle L. Mazurek (University of Maryland), Daniel Votipka (Tufts University), Chloé Messdaghi (Impactive Consulting)SQUIP: Exploiting the Scheduler Queue Contention Side Channelhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20Channelhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20ChannelSun, 31 Dec 2023 16:00:00 GMTStefan Gast (Lamarr Security Research Graz University of Technology), Jonas Juffinger (Lamarr Security Research Graz University of Technology), Martin Schwarzl (Graz University of Technology), Gururaj Saileshwar (Georgia Institute of Technology), Andreas Kogler (Graz University of Technology), Simone Franza (Graz University of Technology), Markus Köstl (Graz University of Technology), Daniel Gruss (Lamarr Security Research Graz University of Technology)SoK: Taxonomy of Attacks on Open-Source Software Supply Chainshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20Chainshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20ChainsSun, 31 Dec 2023 16:00:00 GMTPiergiorgio Ladisa (SAP Security Research Université de Rennes 1), Henrik Plate (SAP Security Research), Matias Martinez (Université Polytechnique Hauts-de-France), Olivier Barais (Université de Rennes 1 Inria IRISA)SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusionshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20Intrusionshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20IntrusionsSun, 31 Dec 2023 16:00:00 GMTMuhammad Adil Inam (University of Illinois at Urbana-Champaign), Yinfang Chen (University of Illinois at Urbana-Champaign), Akul Goyal (University of Illinois at Urbana-Champaign), Jason Liu (University of Illinois at Urbana-Champaign), Jaron Mink (University of Illinois at Urbana-Champaign), Noor Michael (University of Illinois at Urbana-Champaign), Sneha Gaur (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign), Wajih Ul Hassan (University of Virginia)No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Informationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20Informationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20InformationSun, 31 Dec 2023 16:00:00 GMTStephanie de Smale (National Cyber Security Centre The Netherlands & Delft University of Technology The Netherlands), Rik van Dijk (National Cyber Security Centre The Netherlands), Xander Bouwman (Delft University of Technology The Netherlands), Jeroen van der Ham (National Cyber Security Centre The Netherlands & University of Twente The Netherlands), Michel van Eeten (Delft University of Technology The Netherlands)Rethinking Searchable Symmetric Encryptionhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Rethinking%20Searchable%20Symmetric%20Encryptionhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Rethinking%20Searchable%20Symmetric%20EncryptionSun, 31 Dec 2023 16:00:00 GMTZichen Gui (ETH Zurich Switzerland), Kenneth G. Paterson (ETH Zurich Switzerland), Sikhar Patranabis (IBM Research India)SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenseshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20Defenseshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20DefensesSun, 31 Dec 2023 16:00:00 GMTNate Mathews (Rochester Institute of Technology), James K Holland (University of Minnesota), Se Eun Oh (Ewha Womans University), Mohammad Saidur Rahman (Rochester Institute of Technology), Nicholas Hopper (University of Minnesota), Matthew Wright (Rochester Institute of Technology)SoK: Certified Robustness for Deep Neural Networkshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20NetworksSun, 31 Dec 2023 16:00:00 GMTLinyi Li (University of Illinois Urbana-Champaign USA), Tao Xie (Key Laboratory of High Confidence Software Technologies MoE (Peking University) China), Bo Li (University of Illinois Urbana-Champaign USA)GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semanticshttps://www.ieee-security.org/TC/SP2024/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20Semanticshttps://www.ieee-security.org/TC/SP2024/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20SemanticsSun, 31 Dec 2023 16:00:00 GMTShu Wang (George Mason University USA), Xinda Wang (George Mason University USA), Kun Sun (George Mason University USA), Sushil Jajodia (George Mason University USA), Haining Wang (Virginia Tech USA), Qi Li (Tsinghua University China)AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20VulnerabilitiesSun, 31 Dec 2023 16:00:00 GMTZheyue Jiang (Fudan University), Yuan Zhang (Fudan University), Jun Xu (University of Utah), Xinqian Sun (Fudan University), Zhuang Liu (Fudan University), Min Yang (Fudan University)Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirectshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20Redirectshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20RedirectsSun, 31 Dec 2023 16:00:00 GMTXuewei Feng (Tsinghua University China), Qi Li (Tsinghua University and Zhongguancun Lab China), Kun Sun (George Mason University USA), Yuxiang Yang (Tsinghua University), Ke Xu (Tsinghua University and Zhongguancun Lab China)Inducing Wireless Chargers to Voice Out for Inaudible Command Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20AttacksSun, 31 Dec 2023 16:00:00 GMTDonghui Dai (The Hong Kong Polytechnic University China), Zhenlin An (The Hong Kong Polytechnic University China), Lei Yang (The Hong Kong Polytechnic University China)IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20Geolocationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20GeolocationSun, 31 Dec 2023 16:00:00 GMTErik Rye (University of Maryland), Robert Beverly (CMAND)SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsicalhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalSun, 31 Dec 2023 16:00:00 GMTMoses Ike (Georgia Institute of Technology USA), Kandy Phan (Sandia National Labs USA), Keaton Sadoski (Sandia National Labs USA), Romuald Valme (Sandia National Labs USA), Wenke Lee (Georgia Institute of Technology USA)Skilled or Gullible? Gender Stereotypes Related to Computer Security and Privacyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20Privacyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20PrivacySun, 31 Dec 2023 16:00:00 GMTMiranda Wei (University of Washington USA), Pardis Emami-Naeini (Duke University USA), Franziska Roesner (University of Washington USA), Tadayoshi Kohno (University of Washington USA)PLA-LiDAR: Physical Laser Attacks against LiDAR-based 3D Object Detection in Autonomous Vehiclehttps://www.ieee-security.org/TC/SP2024/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20Vehiclehttps://www.ieee-security.org/TC/SP2024/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20VehicleSun, 31 Dec 2023 16:00:00 GMTZizhi Jin (Zhejiang University), Ji Xiaoyu (Zhejiang University), Yushi Cheng (Tsinghua University), Bo Yang (Zhejiang University), Chen Yan (Zhejiang University), Wenyuan Xu (Zhejiang University)Towards a Rigorous Statistical Analysis of Empirical Password Datasetshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20Datasetshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20DatasetsSun, 31 Dec 2023 16:00:00 GMTJeremiah Blocki (Purdue University USA), Peiyuan Liu (Purdue University USA)Spectre Declassified: Reading from the Right Place at the Wrong Timehttps://www.ieee-security.org/TC/SP2024/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20Timehttps://www.ieee-security.org/TC/SP2024/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20TimeSun, 31 Dec 2023 16:00:00 GMTBasavesh Ammanaghatta Shivakumar (Max Planck Institute for Security and Privacy Germany), Jack Barnes (The University of Adelaide Australia), Gilles Barthe (Max Planck Institute for Security and Privacy Germany; IMDEA Software Institute Spain), Sunjay Cauligi (Max Planck Institute for Security and Privacy Germany), Chitchanok Chuengsatiansup (The University of Adelaide Australia), Daniel Genkin (Georgia Institute of Technology USA), Sioli O'Connell (The University of Adelaide Australia), Peter Schwabe (Max Planck Institute for Security and Privacy Germany; Radboud University Netherlands), Rui Qi Sim (The University of Adelaide Australia), Yuval Yarom (The University of Adelaide Australia)CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammerhttps://www.ieee-security.org/TC/SP2024/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20Rowhammerhttps://www.ieee-security.org/TC/SP2024/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20RowhammerSun, 31 Dec 2023 16:00:00 GMTJonas Juffinger (Lamarr Security Research Graz University of Technology Austria), Lukas Lamster (Graz University of Technology Austria), Andreas Kogler (Graz University of Technology Austria), Maria Eichlseder (Graz University of Technology Austria), Moritz Lipp (Amazon Web Services Austria), Daniel Gruss (Graz University of Technology Austria)Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Deviceshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20Deviceshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20DevicesSun, 31 Dec 2023 16:00:00 GMTTyler Tucker (University of Florida), Hunter Searle (University of Florida), Kevin Butler (University of Florida), Patrick Traynor (University of Florida)D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modelinghttps://www.ieee-security.org/TC/SP2024/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20Modelinghttps://www.ieee-security.org/TC/SP2024/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20ModelingSun, 31 Dec 2023 16:00:00 GMTYapeng Ye (Purdue University USA), Zhuo Zhang (Purdue University USA), Qingkai Shi (Purdue University USA), Yousra Aafer (University of Waterloo Canada), Xiangyu Zhang (Purdue University USA)UTOPIA: Automatic Generation of Fuzz Driver using Unit Testshttps://www.ieee-security.org/TC/SP2024/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20Testshttps://www.ieee-security.org/TC/SP2024/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20TestsSun, 31 Dec 2023 16:00:00 GMTBokdeuk Jeong (Samsung Research Republic of Korea), Joonun Jang (Samsung Research Republic of Korea), Hayoon Yi (Samsung Research Republic of Korea), Jiin Moon (Samsung Research Republic of Korea), Junsik Kim (Samsung Research Republic of Korea), Intae Jeon (Samsung Research Republic of Korea), Taesoo Kim (Samsung Research Republic of Korea; Georgia Institute of Technology USA), WooChul Shim (Samsung Research Republic of Korea), Yong Ho Hwang (Samsung Research Republic of Korea)MEGA: Malleable Encryption Goes Awryhttps://www.ieee-security.org/TC/SP2024/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20Awryhttps://www.ieee-security.org/TC/SP2024/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20AwrySun, 31 Dec 2023 16:00:00 GMTMatilda Backendal (ETH Zurich), Haller Miro (ETH Zurich), Kenneth G. Paterson (ETH Zurich)DeHiREC: Detecting Hidden Voice Recorders via ADC Electromagnetic Radiationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20Radiationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20RadiationSun, 31 Dec 2023 16:00:00 GMTRuochen Zhou (Zhejiang University), Xiaoyu Ji (Zhejiang University), Chen Yan (Zhejiang University), Yi-Chao Chen (Shanghai Jiao Tong University; Microsoft Research Asia), Wenyuan Xu (Zhejiang University), Chaohao Li (Zhejiang University)Shedding Light on Inconsistencies in Grid Cybersecurity: Disconnects and Recommendationshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20Recommendationshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20RecommendationsSun, 31 Dec 2023 16:00:00 GMTBrian Singer (Carnegie Mellon University), Amritanshu Pandey (Carnegie Mellon University), Shimiao Li (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Craig Miller (Carnegie Mellon University), Lawrence Pileggi (Carnegie Mellon University), Vyas Sekar (Carnegie Mellon University)FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20Instantiationhttps://www.ieee-security.org/TC/SP2024/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20InstantiationSun, 31 Dec 2023 16:00:00 GMTNina Bindel (SandboxAQ), Cas Cremers (CISPA Helmholtz Center for Information Security), Mang Zhao (CISPA Helmholtz Center for Information Security)Clockwork Finance: Automated Analysis of Economic Security in Smart Contractshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20ContractsSun, 31 Dec 2023 16:00:00 GMTKushal Babel (Cornell Tech), Philip Daian (Cornell Tech), Mahimna Kelkar (Cornell Tech), Ari Juels (Cornell Tech)Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet wormshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormsSun, 31 Dec 2023 16:00:00 GMTHarm Griffioen (Hasso Plattner Institute for Digital Engineering University of Potsdam), Christian Doerr (Hasso Plattner Institute for Digital Engineering University of Potsdam)Detection of Inconsistencies in Privacy Practices of Browser Extensionshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20Extensionshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20ExtensionsSun, 31 Dec 2023 16:00:00 GMTDuc Bui (University of Michigan United States of America), Brian Tang (University of Michigan United States of America), Kang G. Shin (University of Michigan United States of America)RAB: Provable Robustness Against Backdoor Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20Attackshttps://www.ieee-security.org/TC/SP2024/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20AttacksSun, 31 Dec 2023 16:00:00 GMTMaurice Weber (ETH Zurich Switzerland), Xiaojun Xu (University of Illinois at Urbana-Champaign USA), Bojan Karlas (ETH Zurich Switzerland), Ce Zhang (ETH Zurich Switzerland), Bo Li (University of Illinois at Urbana-Champaign USA)SoK: Anti-Facial Recognition Technologyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Anti-Facial%20Recognition%20Technologyhttps://www.ieee-security.org/TC/SP2024/program-papers.html#SoK:%20Anti-Facial%20Recognition%20TechnologySun, 31 Dec 2023 16:00:00 GMTEmily Wenger (University of Chicago), Shawn Shan (University of Chicago), Haitao Zheng (University of Chicago), Ben Y. Zhao (University of Chicago)Deepfake Text Detection: Limitations and Opportunitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20Opportunitieshttps://www.ieee-security.org/TC/SP2024/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20OpportunitiesSun, 31 Dec 2023 16:00:00 GMTJiameng Pu (Virginia Tech USA), Zain Sarwar (University Of Chicago USA), Sifat Muhammad Abdullah (Virginia Tech USA), Abdullah Rehman (Virginia Tech USA), Yoonjin Kim (Virginia Tech USA), Parantapa Bhattacharya (University Of Virginia USA), Mobin Javed (LUMS Pakistan), Bimal Viswanath (Virginia Tech USA)PCspooF: Compromising the Safety of Time-Triggered Ethernethttps://www.ieee-security.org/TC/SP2024/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20Ethernethttps://www.ieee-security.org/TC/SP2024/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20EthernetSun, 31 Dec 2023 16:00:00 GMTAndrew Loveless (University of Michigan; NASA Johnson Space Center), Linh Thi Xuan Phan (University of Pennsylvania), Ronald Dreslinski (University of Michigan), Baris Kasikci (University of Michigan)"It's up to the Consumer to be Smart": Understanding the Security and Privacy Attitudes of Smart Home Users on Reddithttps://www.ieee-security.org/TC/SP2024/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20Reddithttps://www.ieee-security.org/TC/SP2024/program-papers.html#%22It's%20up%20to%20the%20Consumer%20to%20be%20Smart%22:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20RedditSun, 31 Dec 2023 16:00:00 GMTJingjie Li (University of Wisconsin-Madison USA), Kaiwen Sun (University of Michigan USA), Brittany Skye Huff (University of Wisconsin-Madison USA), Anna Marie Bierley (University of Wisconsin-Madison USA), Younghyun Kim (University of Wisconsin-Madison USA), Florian Schaub (University of Michigan USA), Kassem Fawaz (University of Wisconsin-Madison USA)TEEzz: Fuzzing Trusted Applications on COTS Android Deviceshttps://www.ieee-security.org/TC/SP2024/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20Deviceshttps://www.ieee-security.org/TC/SP2024/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20DevicesSun, 31 Dec 2023 16:00:00 GMTMarcel Busch (EPFL), Aravind Machiry (Purdue University), Chad Spensky (Allthenticate), Giovanni Vigna (University of California Santa Barbara), Christopher Kruegel (University of California Santa Barbara), Mathias Payer (EPFL)"How technical do you get? I'm an English teacher": Teaching and Learning Cybersecurity and AI Ethics in High Schoolhttps://www.ieee-security.org/TC/SP2024/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20Schoolhttps://www.ieee-security.org/TC/SP2024/program-papers.html#%22How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher%22:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20SchoolSun, 31 Dec 2023 16:00:00 GMTZachary Kilhoffer (University of Illinois at Urbana-Champaign USA), Zhixuan Zhou (University of Illinois at Urbana-Champaign USA), Firmiana Wang (University of Illinois Laboratory High School USA), Fahad Tamton (University of Illinois at Urbana-Champaign USA), Yun Huang (University of Illinois at Urbana-Champaign USA), Pilyoung Kim (University of Denver USA), Tom Yeh (University of Colorado Boulder USA), Yang Wang (University of Illinois at Urbana-Champaign USA)Space Odyssey: An Experimental Software Security Analysis of Satelliteshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Space%20Odyssey:%20An%20Experimental%20Software%20Security%20Analysis%20of%20Satelliteshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Space%20Odyssey:%20An%20Experimental%20Software%20Security%20Analysis%20of%20SatellitesSat, 31 Dec 2022 16:00:00 GMTJohannes Willbold ( Ruhr University Bochum ), Moritz Schloegel ( Ruhr University Bochum ), Manuel Vögele ( Ruhr University Bochum ), Maximilian Gerhardt ( Ruhr University Bochum ), Thorsten Holz ( CISPA Helmholtz Center for Information Security ), Ali Abbasi ( CISPA Helmholtz Center for Information Security )SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsicalhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SCAPHY:%20Detecting%20Modern%20ICS%20Attacks%20by%20Correlating%20Behaviors%20in%20SCADA%20and%20PHYsicalSat, 31 Dec 2022 16:00:00 GMTMoses Ike ( Georgia Institute of Technology, USA ), Kandy Phan ( Sandia National Labs, USA ), Keaton Sadoski ( Sandia National Labs, USA ), Romuald Valme ( Sandia National Labs, USA ), Wenke Lee ( Georgia Institute of Technology, USA )Shedding Light on Inconsistencies in Grid Cybersecurity: Disconnects and Recommendationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20Recommendationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Shedding%20Light%20on%20Inconsistencies%20in%20Grid%20Cybersecurity:%20Disconnects%20and%20RecommendationsSat, 31 Dec 2022 16:00:00 GMTBrian Singer ( Carnegie Mellon University ), Amritanshu Pandey ( Carnegie Mellon University ), Shimiao Li ( Carnegie Mellon University ), Lujo Bauer ( Carnegie Mellon University ), Craig Miller ( Carnegie Mellon University ), Lawrence Pileggi ( Carnegie Mellon University ), Vyas Sekar ( Carnegie Mellon University )Red Team vs. Blue Team: A Real-World Hardware Trojan Detection Case Study Across Four Modern CMOS Technology Generationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Red%20Team%20vs.%20Blue%20Team:%20A%20Real-World%20Hardware%20Trojan%20Detection%20Case%20Study%20Across%20Four%20Modern%20CMOS%20Technology%20Generationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Red%20Team%20vs.%20Blue%20Team:%20A%20Real-World%20Hardware%20Trojan%20Detection%20Case%20Study%20Across%20Four%20Modern%20CMOS%20Technology%20GenerationsSat, 31 Dec 2022 16:00:00 GMTEndres Puschner ( Max Planck Institute for Security and Privacy, Germany ), Thorben Moos ( Université catholique de Louvain, Belgium ), Steffen Becker ( Ruhr University Bochum, Germany & Max Planck Institute for Security and Privacy, Germany ), Christian Kison ( Bundeskriminalamt, Germany ), Amir Moradi ( Ruhr University Bochum, Germany ), Christof Paar ( Max Planck Institute for Security and Privacy, Germany )SoK: Distributed Randomness Beaconshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Distributed%20Randomness%20Beaconshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Distributed%20Randomness%20BeaconsSat, 31 Dec 2022 16:00:00 GMTKevin Choi ( New York University, USA ), Aathira Manoj ( New York University, USA ), Joseph Bonneau ( New York University, USA and a16z crypto research, USA )WeRLman: To Tackle Whale (Transactions), Go Deep (RL)https://www.ieee-security.org/TC/SP2023/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)https://www.ieee-security.org/TC/SP2023/program-papers.html#WeRLman:%20To%20Tackle%20Whale%20(Transactions),%20Go%20Deep%20(RL)Sat, 31 Dec 2022 16:00:00 GMTRoi Bar-Zur ( Technion, IC3 ), Ameer Abu-Hanna ( Technion ), Ittay Eyal ( Technion, IC3 ), Aviv Tamar ( Technion )Three Birds with One Stone: Efficient Partitioning Attacks on Interdependent Cryptocurrency Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Three%20Birds%20with%20One%20Stone:%20Efficient%20Partitioning%20Attacks%20on%20Interdependent%20Cryptocurrency%20Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Three%20Birds%20with%20One%20Stone:%20Efficient%20Partitioning%20Attacks%20on%20Interdependent%20Cryptocurrency%20NetworksSat, 31 Dec 2022 16:00:00 GMTMuhammad Saad ( PayPal ), David Mohaisen ( University of Central Florida )Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Bitcoin-Enhanced%20Proof-of-Stake%20Security:%20Possibilities%20and%20Impossibilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Bitcoin-Enhanced%20Proof-of-Stake%20Security:%20Possibilities%20and%20ImpossibilitiesSat, 31 Dec 2022 16:00:00 GMTErtem Nusret Tas ( Stanford University ), David Tse ( Stanford University ), Fangyu Gai ( BabylonChain Inc. ), Sreeram Kannan ( University of Washington, Seattle ), Mohammad Ali Maddah-Ali ( University of Minnesota ), Fisher Yu ( BabylonChain Inc. )MEGA: Malleable Encryption Goes Awryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20Awryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#MEGA:%20Malleable%20Encryption%20Goes%20AwrySat, 31 Dec 2022 16:00:00 GMTMatilda Backendal ( ETH Zurich ), Haller Miro ( ETH Zurich ), Kenneth G. Paterson ( ETH Zurich )Practically-exploitable Cryptographic Vulnerabilities in Matrixhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practically-exploitable%20Cryptographic%20Vulnerabilities%20in%20Matrixhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practically-exploitable%20Cryptographic%20Vulnerabilities%20in%20MatrixSat, 31 Dec 2022 16:00:00 GMTMartin R. Albrecht ( King’s College London ), Sofía Celi ( Brave Software ), Benjamin Dowling ( Security of Advanced Systems Group, University of Sheffield ), Daniel Jones ( Information Security Group, Royal Holloway, University of London )DBREACH: Stealing from Databases Using Compression Side-Channelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#DBREACH:%20Stealing%20from%20Databases%20Using%20Compression%20Side-Channelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#DBREACH:%20Stealing%20from%20Databases%20Using%20Compression%20Side-ChannelsSat, 31 Dec 2022 16:00:00 GMTMathew Hogan ( Stanford University ), Yan Michalevsky ( Anjuna Security, Inc and Cryptosat, Inc. ), Saba Eskandarian ( UNC Chapel Hill )Weak Fiat-Shamir Attacks on Modern Proof Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Weak%20Fiat-Shamir%20Attacks%20on%20Modern%20Proof%20Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Weak%20Fiat-Shamir%20Attacks%20on%20Modern%20Proof%20SystemsSat, 31 Dec 2022 16:00:00 GMTQuang Dao ( Carnegie Mellon University ), Jim Miller ( Trail of Bits ), Opal Wright ( Trail of Bits ), Paul Grubbs ( University of Michigan )Attitudes towards Client-Side Scanning for CSAM, Terrorism, Drug Trafficking, Drug Use and Tax Evasion in Germanyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Attitudes%20towards%20Client-Side%20Scanning%20for%20CSAM,%20Terrorism,%20Drug%20Trafficking,%20Drug%20Use%20and%20Tax%20Evasion%20in%20Germanyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Attitudes%20towards%20Client-Side%20Scanning%20for%20CSAM,%20Terrorism,%20Drug%20Trafficking,%20Drug%20Use%20and%20Tax%20Evasion%20in%20GermanySat, 31 Dec 2022 16:00:00 GMTLisa Geierhaas ( University of Bonn ), Fabian Otto ( OmniQuest ), Maximilian Häring ( University of Bonn ), Matthew Smith ( University of Bonn, Fraunhofer FKIE )Deep perceptual hashing algorithms with hidden dual purpose: when client-side scanning does facial recognitionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Deep%20perceptual%20hashing%20algorithms%20with%20hidden%20dual%20purpose:%20when%20client-side%20scanning%20does%20facial%20recognitionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Deep%20perceptual%20hashing%20algorithms%20with%20hidden%20dual%20purpose:%20when%20client-side%20scanning%20does%20facial%20recognitionSat, 31 Dec 2022 16:00:00 GMTShubham Jain ( Imperial College London, United Kingdom ), Ana-Maria Cretu ( Imperial College London, United Kingdom ), Antoine Cully ( Imperial College London, United Kingdom ), Yves-Alexandre de Montjoye ( Imperial College London, United Kingdom )Public Verification for Private Hash Matchinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Public%20Verification%20for%20Private%20Hash%20Matchinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Public%20Verification%20for%20Private%20Hash%20MatchingSat, 31 Dec 2022 16:00:00 GMTSarah Scheffler ( Princeton University ), Anunay Kulshrestha ( Princeton University ), Jonathan Mayer ( Princeton University )Is Cryptographic Deniability Sufficient? Non-Expert Perceptions of Deniability in Secure Messaginghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Is%20Cryptographic%20Deniability%20Sufficient?%20Non-Expert%20Perceptions%20of%20Deniability%20in%20Secure%20Messaginghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Is%20Cryptographic%20Deniability%20Sufficient?%20Non-Expert%20Perceptions%20of%20Deniability%20in%20Secure%20MessagingSat, 31 Dec 2022 16:00:00 GMTNathan Reitinger ( University of Maryland, United States ), Nathan Malkin ( University of Maryland, United States ), Omer Akgul ( University of Maryland, United States ), Michelle L Mazurek ( University of Maryland, United States ), Ian Miers ( University of Maryland, United States )On the Evolution of (Hateful) Memes by Means of Multimodal Contrastive Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20the%20Evolution%20of%20(Hateful)%20Memes%20by%20Means%20of%20Multimodal%20Contrastive%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20the%20Evolution%20of%20(Hateful)%20Memes%20by%20Means%20of%20Multimodal%20Contrastive%20LearningSat, 31 Dec 2022 16:00:00 GMTYiting Qu ( CISPA Helmholtz Center for Information Security, Germany ), Xinlei He ( CISPA Helmholtz Center for Information Security, Germany ), Shannon Pierson ( London School of Economics and Political Science, UK ), Michael Backes ( CISPA Helmholtz Center for Information Security, Germany ), Yang Zhang ( CISPA Helmholtz Center for Information Security, Germany ), Savvas Zannettou ( Delft University of Technology, Netherlands )LAMBRETTA: Learning to Rank for Twitter Soft Moderationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#LAMBRETTA:%20Learning%20to%20Rank%20for%20Twitter%20Soft%20Moderationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#LAMBRETTA:%20Learning%20to%20Rank%20for%20Twitter%20Soft%20ModerationSat, 31 Dec 2022 16:00:00 GMTPujan Paudel ( Boston University ), Jeremy Blackburn ( Binghamton University ), Emiliano De Cristofaro ( University College London ), Savvas Zannettou ( Delft University of Technology ), Gianluca Stringhini ( Boston University )SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Let%20the%20Privacy%20Games%20Begin!%20A%20Unified%20Treatment%20of%20Data%20Inference%20Privacy%20in%20Machine%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Let%20the%20Privacy%20Games%20Begin!%20A%20Unified%20Treatment%20of%20Data%20Inference%20Privacy%20in%20Machine%20LearningSat, 31 Dec 2022 16:00:00 GMTAhmed Salem ( Microsoft, United Kingdom ), Giovanni Cherubin ( Microsoft, United Kingdom ), David Evans ( University of Virginia, United States ), Boris Koepf ( Microsoft, United Kingdom ), Andrew Paverd ( Microsoft, United Kingdom ), Anshuman Suri ( University of Virginia, United States ), Shruti Tople ( Microsoft, United Kingdom ), Santiago Zanella-Beguelin ( Microsoft, United Kingdom )Analyzing Leakage of Personally Identifiable Information in Language Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Analyzing%20Leakage%20of%20Personally%20Identifiable%20Information%20in%20Language%20Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Analyzing%20Leakage%20of%20Personally%20Identifiable%20Information%20in%20Language%20ModelsSat, 31 Dec 2022 16:00:00 GMTNils Lukas ( University of Waterloo ), Ahmed Salem ( Microsoft Research ), Robert Sim ( Microsoft Research ), Shruti Tople ( Microsoft Research ), Lukas Wutschitz ( Microsoft Research ), Santiago Zanella-Béguelin ( Microsoft Research )Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspectivehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Accuracy-Privacy%20Trade-off%20in%20Deep%20Ensemble:%20A%20Membership%20Inference%20Perspectivehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Accuracy-Privacy%20Trade-off%20in%20Deep%20Ensemble:%20A%20Membership%20Inference%20PerspectiveSat, 31 Dec 2022 16:00:00 GMTShahbaz Rezaei ( University of California at Davis ), Zubair Shafiq ( University of California at Davis ), Xin Liu ( University of California at Davis )D-DAE: Defense-Penetrating Model Extraction Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#D-DAE:%20Defense-Penetrating%20Model%20Extraction%20AttacksSat, 31 Dec 2022 16:00:00 GMTYanjiao Chen ( Zhejiang University ), Rui Guan ( Wuhan University ), Xueluan Gong ( Wuhan University ), Jianshuo Dong ( Wuhan University ), Meng Xue ( Wuhan University )SNAP: Efficient Extraction of Private Properties with Poisoninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SNAP:%20Efficient%20Extraction%20of%20Private%20Properties%20with%20Poisoninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SNAP:%20Efficient%20Extraction%20of%20Private%20Properties%20with%20PoisoningSat, 31 Dec 2022 16:00:00 GMTHarsh Chaudhari ( Northeastern University ), John Abascal ( Northeastern University ), Alina Oprea ( Northeastern University ), Matthew Jagielski ( Google Research ), Florian Tramèr ( ETH Zurich ), Jonathan Ullman ( Northeastern University )On the (In)security of Peer-to-Peer Decentralized Machine Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20the%20(In)security%20of%20Peer-to-Peer%20Decentralized%20Machine%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20the%20(In)security%20of%20Peer-to-Peer%20Decentralized%20Machine%20LearningSat, 31 Dec 2022 16:00:00 GMTDario Pasquini ( SPRING Lab; EPFL, Switzerland ), Mathilde Raynal ( SPRING Lab; EPFL, Switzerland ), Carmela Troncoso ( SPRING Lab; EPFL, Switzerland )Vectorized Batch Private Information Retrievalhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Vectorized%20Batch%20Private%20Information%20Retrievalhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Vectorized%20Batch%20Private%20Information%20RetrievalSat, 31 Dec 2022 16:00:00 GMTMuhammad Haris Mughees ( University of Illinois Urbana-Champaign, United States ), Ling Ren ( University of Illinois Urbana-Champaign, United States )RoFL: Robustness of Secure Federated Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#RoFL:%20Robustness%20of%20Secure%20Federated%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#RoFL:%20Robustness%20of%20Secure%20Federated%20LearningSat, 31 Dec 2022 16:00:00 GMTHidde Lycklama ( ETH Zurich ), Lukas Burkhalter ( ETH Zurich ), Alexander Viand ( ETH Zurich ), Nicolas Küchler ( ETH Zurich ), Anwar Hithnawi ( ETH Zurich )Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Flamingo:%20Multi-Round%20Single-Server%20Secure%20Aggregation%20with%20Applications%20to%20Private%20Federated%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Flamingo:%20Multi-Round%20Single-Server%20Secure%20Aggregation%20with%20Applications%20to%20Private%20Federated%20LearningSat, 31 Dec 2022 16:00:00 GMTYiping Ma ( University of Pennsylvania ), Jess Woods ( University of Pennsylvania ), Sebastian Angel ( University of Pennsylvania, Microsoft Research ), Antigoni Polychroniadou ( JP Morgan AI Research ), Tal Rabin ( University of Pennsylvania )SoK: Cryptographic Neural-Network Computationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Cryptographic%20Neural-Network%20Computationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Cryptographic%20Neural-Network%20ComputationSat, 31 Dec 2022 16:00:00 GMTLucien K. L ( Georgia Institute of Technology ), Sherman S. M. Chow ( Chinese University of Hong Kong )FLUTE: Fast and Secure Lookup Table Evaluationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#FLUTE:%20Fast%20and%20Secure%20Lookup%20Table%20Evaluationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#FLUTE:%20Fast%20and%20Secure%20Lookup%20Table%20EvaluationsSat, 31 Dec 2022 16:00:00 GMTAndreas Brüggemann ( Technical University of Darmstadt ), Robin Hundt ( Technical University of Darmstadt ), Thomas Schneider ( Technical University of Darmstadt ), Ajith Suresh ( Technical University of Darmstadt ), Hossein Yalame ( Technical University of Darmstadt )Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Bicoptor:%20Two-round%20Secure%20Three-party%20Non-linear%20Computation%20without%20Preprocessing%20for%20Privacy-preserving%20Machine%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Bicoptor:%20Two-round%20Secure%20Three-party%20Non-linear%20Computation%20without%20Preprocessing%20for%20Privacy-preserving%20Machine%20LearningSat, 31 Dec 2022 16:00:00 GMTLijing Zhou ( Huawei Technology, China ), Ziyu Wang ( Huawei Technology, China ), Hongrui Cui ( Shanghai Jiao Tong University, China ), Qingrui Song ( Huawei Technology, China ), Yu Yu ( Shanghai Jiao Tong University, China )Investigating the Password Policy Practices of Website Administratorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Investigating%20the%20Password%20Policy%20Practices%20of%20Website%20Administratorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Investigating%20the%20Password%20Policy%20Practices%20of%20Website%20AdministratorsSat, 31 Dec 2022 16:00:00 GMTSena Sahin ( Georgia Institute of Technology, USA ), Suood Al Roomi ( Georgia Institute of Technology, USA ; Kuwait University, Kuwait ), Tara Poteat ( Georgia Institute of Technology, USA ), Frank Li ( Georgia Institute of Technology, USA )“In Eighty Percent of the Cases, I Select the Password for Them”: Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenyahttps://www.ieee-security.org/TC/SP2023/program-papers.html#%E2%80%9CIn%20Eighty%20Percent%20of%20the%20Cases,%20I%20Select%20the%20Password%20for%20Them%E2%80%9D:%20Security%20and%20Privacy%20Challenges,%20Advice,%20and%20Opportunities%20at%20Cybercafes%20in%20Kenyahttps://www.ieee-security.org/TC/SP2023/program-papers.html#%E2%80%9CIn%20Eighty%20Percent%20of%20the%20Cases,%20I%20Select%20the%20Password%20for%20Them%E2%80%9D:%20Security%20and%20Privacy%20Challenges,%20Advice,%20and%20Opportunities%20at%20Cybercafes%20in%20KenyaSat, 31 Dec 2022 16:00:00 GMTCollins W. Munyendo ( The George Washington University ), Yasemin Acar ( Paderborn University ), Adam J. Aviv ( The George Washington University )Perceptions of Distributed Ledger Technology Key Management – An Interview Study with Finance Professionalshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Perceptions%20of%20Distributed%20Ledger%20Technology%20Key%20Management%20%E2%80%93%20An%20Interview%20Study%20with%20Finance%20Professionalshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Perceptions%20of%20Distributed%20Ledger%20Technology%20Key%20Management%20%E2%80%93%20An%20Interview%20Study%20with%20Finance%20ProfessionalsSat, 31 Dec 2022 16:00:00 GMTCarolyn Guthoff ( CISPA Helmholtz Center for Information Security, Germany, and Saarland University, Germany ), Simon Anell ( CISPA Helmholtz Center for Information Security, Germany, and Saarland University, Germany ), Johann Hainzinger ( Plutoneo Consulting GmbH, Germany ), Adrian Dabrowski ( CISPA Helmholtz Center for Information Security, Germany ), Katharina Krombholz ( CISPA Helmholtz Center for Information Security, Germany )Towards a Rigorous Statistical Analysis of Empirical Password Datasetshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20Datasetshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Towards%20a%20Rigorous%20Statistical%20Analysis%20of%20Empirical%20Password%20DatasetsSat, 31 Dec 2022 16:00:00 GMTJeremiah Blocki ( Purdue University, USA ), Peiyuan Liu ( Purdue University, USA )Confident Monte Carlo: Rigorous Analysis of Guessing Curves for Probabilistic Password Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Confident%20Monte%20Carlo:%20Rigorous%20Analysis%20of%20Guessing%20Curves%20for%20Probabilistic%20Password%20Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Confident%20Monte%20Carlo:%20Rigorous%20Analysis%20of%20Guessing%20Curves%20for%20Probabilistic%20Password%20ModelsSat, 31 Dec 2022 16:00:00 GMTPeiyuan Liu ( Purdue University, USA ), Jeremiah Blocki ( Purdue University, USA ), Wenjie Bai ( Purdue University, USA )Not Yet Another Digital ID: Privacy-preserving Humanitarian Aid Distributionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Not%20Yet%20Another%20Digital%20ID:%20Privacy-preserving%20Humanitarian%20Aid%20Distributionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Not%20Yet%20Another%20Digital%20ID:%20Privacy-preserving%20Humanitarian%20Aid%20DistributionSat, 31 Dec 2022 16:00:00 GMTBoya Wang ( EPFL ), Wouter Lueks ( CISPA Helmholtz Center for Information Security ), Justinas Sukaitis ( International Committee for the Red Cross ), Vincent Graf Narbel ( International Committee for the Red Cross ), Carmela Troncoso ( EPFL )Disguising Attacks with Explanation-Aware Backdoorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Disguising%20Attacks%20with%20Explanation-Aware%20Backdoorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Disguising%20Attacks%20with%20Explanation-Aware%20BackdoorsSat, 31 Dec 2022 16:00:00 GMTMaximilian Noppel ( KASTEL Security Research Labs, Karlsruhe Institute of Technology, Germany ), Lukas Peter ( KASTEL Security Research Labs, Karlsruhe Institute of Technology, Germany ), Christian Wressnegger ( KASTEL Security Research Labs, Karlsruhe Institute of Technology, Germany )Selective Amnesia: On Efficient, High-Fidelity and Blind Suppression of Backdoor Effects in Trojaned Machine Learning Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Selective%20Amnesia:%20On%20Efficient,%20High-Fidelity%20and%20Blind%20Suppression%20of%20Backdoor%20Effects%20in%20Trojaned%20Machine%20Learning%20Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Selective%20Amnesia:%20On%20Efficient,%20High-Fidelity%20and%20Blind%20Suppression%20of%20Backdoor%20Effects%20in%20Trojaned%20Machine%20Learning%20ModelsSat, 31 Dec 2022 16:00:00 GMTRui Zhu ( Indiana University Bloomington ), Di Tang ( Indiana University Bloomington ), Siyuan Tang ( Indiana University Bloomington ), XiaoFeng Wang ( Indiana University Bloomington ), Haixu Tang ( Indiana University Bloomington )AI-Guardian: Defeating Adversarial Attacks using Backdoorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#AI-Guardian:%20Defeating%20Adversarial%20Attacks%20using%20Backdoorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#AI-Guardian:%20Defeating%20Adversarial%20Attacks%20using%20BackdoorsSat, 31 Dec 2022 16:00:00 GMTHong Zhu ( Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China ), Shengzhi Zhang ( Boston University, USA ), Kai Chen ( Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China )Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiershttps://www.ieee-security.org/TC/SP2023/program-papers.html#Jigsaw%20Puzzle:%20Selective%20Backdoor%20Attack%20to%20Subvert%20Malware%20Classifiershttps://www.ieee-security.org/TC/SP2023/program-papers.html#Jigsaw%20Puzzle:%20Selective%20Backdoor%20Attack%20to%20Subvert%20Malware%20ClassifiersSat, 31 Dec 2022 16:00:00 GMTLimin Yang ( University of Illinois at Urbana-Champaign ), Zhi Chen ( University of Illinois at Urbana-Champaign ), Jacopo Cortellazzi ( King's College London and University College London ), Feargus Pendlebury ( University College London ), Kevin Tu ( University of Illinois at Urbana-Champaign ), Fabio Pierazzi ( King's College London ), Lorenzo Cavallaro ( University College London ), Gang Wang ( University of Illinois at Urbana-Champaign )BayBFed: Bayesian Backdoor Defense for Federated Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#BayBFed:%20Bayesian%20Backdoor%20Defense%20for%20Federated%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#BayBFed:%20Bayesian%20Backdoor%20Defense%20for%20Federated%20LearningSat, 31 Dec 2022 16:00:00 GMTKavita Kumari ( Technical University of Darmstadt, Germany ), Phillip Rieger ( Technical University of Darmstadt, Germany ), Hossein Fereidooni ( Technical University of Darmstadt, Germany ), Murtuza Jadliwala ( The University of Texas at San Antonio, United States ), Ahmad-Reza Sadeghi ( Technical University of Darmstadt, Germany )REDEEM MYSELF: Purifying Backdoors in Deep Learning Models using Self Attention Distillationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#REDEEM%20MYSELF:%20Purifying%20Backdoors%20in%20Deep%20Learning%20Models%20using%20Self%20Attention%20Distillationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#REDEEM%20MYSELF:%20Purifying%20Backdoors%20in%20Deep%20Learning%20Models%20using%20Self%20Attention%20DistillationSat, 31 Dec 2022 16:00:00 GMTXueluan Gong ( School of Computer Science, Wuhan University, China ), Yanjiao Chen ( College of Electrical Engineering, Zhejiang University, China ), Wang Yang ( School of Cyber Science and Engineering, Wuhan University, China ), Qian Wang ( School of Cyber Science and Engineering, Wuhan University, China ), Yuzhe Gu ( School of Cyber Science and Engineering, Wuhan University, China ), Huayang Huang ( School of Cyber Science and Engineering, Wuhan University, China ), Chao Shen ( School of Cyber Science and Engineering, Xi’an Jiaotong University, China )Threshold BBS+ Signatures for Distributed Anonymous Credential Issuancehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Threshold%20BBS+%20Signatures%20for%20Distributed%20Anonymous%20Credential%20Issuancehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Threshold%20BBS+%20Signatures%20for%20Distributed%20Anonymous%20Credential%20IssuanceSat, 31 Dec 2022 16:00:00 GMTJack Doerner ( Technion ), Yashvanth Kondi ( Aarhus University ), Eysa Lee ( Northeastern University ), abhi shelat ( Northeastern University ), LaKyah Tyner ( Northeastern University )zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructurehttps://www.ieee-security.org/TC/SP2023/program-papers.html#zk-creds:%20Flexible%20Anonymous%20Credentials%20from%20zkSNARKs%20and%20Existing%20Identity%20Infrastructurehttps://www.ieee-security.org/TC/SP2023/program-papers.html#zk-creds:%20Flexible%20Anonymous%20Credentials%20from%20zkSNARKs%20and%20Existing%20Identity%20InfrastructureSat, 31 Dec 2022 16:00:00 GMTMichael Rosenberg ( University of Maryland ), Jacob White ( Purdue University ), Christina Garman ( Purdue University ), Ian Miers ( University of Maryland )Private Access Control for Function Secret Sharinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Access%20Control%20for%20Function%20Secret%20Sharinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Access%20Control%20for%20Function%20Secret%20SharingSat, 31 Dec 2022 16:00:00 GMTSacha Servan-Schreiber ( MIT CSAIL ), Simon Beyzerov ( MIT PRIMES ), Eli Yablon ( MIT PRIMES ), Hyojae Park ( MIT PRIMES )MPCAuth: Multi-factor Authentication for Distributed-trust Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#MPCAuth:%20Multi-factor%20Authentication%20for%20Distributed-trust%20Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#MPCAuth:%20Multi-factor%20Authentication%20for%20Distributed-trust%20SystemsSat, 31 Dec 2022 16:00:00 GMTSijun Tan ( UC Berkeley ), Weikeng Chen ( UC Berkeley ), Ryan Deng ( UC Berkeley ), Raluca Ada Popa ( UC Berkeley )Silph: A Framework for Scalable and Accurate Generation of Hybrid MPC Protocolshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Silph:%20A%20Framework%20for%20Scalable%20and%20Accurate%20Generation%20of%20Hybrid%20MPC%20Protocolshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Silph:%20A%20Framework%20for%20Scalable%20and%20Accurate%20Generation%20of%20Hybrid%20MPC%20ProtocolsSat, 31 Dec 2022 16:00:00 GMTEdward Chen ( Carnegie Mellon University; Stanford University ), Jinhao Zhu ( Carnegie Mellon University ), Alex Ozdemir ( Stanford Univesity ), Riad Wahby ( Carnegie Mellon University ), Fraser Brown ( Carnegie Mellon University ), Wenting Zheng ( Carnegie Mellon University )SoK: Anti-Facial Recognition Technologyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Anti-Facial%20Recognition%20Technologyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Anti-Facial%20Recognition%20TechnologySat, 31 Dec 2022 16:00:00 GMTEmily Wenger ( University of Chicago ), Shawn Shan ( University of Chicago ), Haitao Zheng ( University of Chicago ), Ben Y. Zhao ( University of Chicago )Spoofing Real-world Face Authentication Systems through Optical Synthesishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spoofing%20Real-world%20Face%20Authentication%20Systems%20through%20Optical%20Synthesishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spoofing%20Real-world%20Face%20Authentication%20Systems%20through%20Optical%20SynthesisSat, 31 Dec 2022 16:00:00 GMTYueli Yan ( ShanghaiTech University ), Yuelin Liu ( ShanghaiTech University ), Zhice Yang ( ShanghaiTech University )ImU: Physical Impersonating Attack for Face Recognition System with Natural Style Changeshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ImU:%20Physical%20Impersonating%20Attack%20for%20Face%20Recognition%20System%20with%20Natural%20Style%20Changeshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ImU:%20Physical%20Impersonating%20Attack%20for%20Face%20Recognition%20System%20with%20Natural%20Style%20ChangesSat, 31 Dec 2022 16:00:00 GMTShengwei An ( Purdue University, USA ), Yuan Yao ( Nanjing University, China ), Qiuling Xu ( Purdue University, USA ), Shiqing Ma ( Rutgers University, USA ), Guanhong Tao ( Purdue University, USA ), Siyuan Cheng ( Purdue University, USA ), Kaiyuan Zhang ( Purdue University, USA ), Yingqi Liu ( Purdue University, USA ), Guangyu Shen ( Purdue University, USA ), Ian Kelk ( Clarifai Inc., USA ), Xiangyu Zhang ( Purdue University, USA )DepthFake: Spoofing 3D Face Authentication with a 2D Photohttps://www.ieee-security.org/TC/SP2023/program-papers.html#DepthFake:%20Spoofing%203D%20Face%20Authentication%20with%20a%202D%20Photohttps://www.ieee-security.org/TC/SP2023/program-papers.html#DepthFake:%20Spoofing%203D%20Face%20Authentication%20with%20a%202D%20PhotoSat, 31 Dec 2022 16:00:00 GMTZhihao Wu ( Zhejiang University, China ), Yushi Cheng ( Tsinghua University, China ), Jiahui Yang ( Zhejiang University, China ), Xiaoyu Ji ( Zhejiang University, China ), Wenyuan Xu ( Zhejiang University, China )Understanding the (In)Security of Cross-side Face Verification Systems in Mobile Apps: A System Perspectivehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Understanding%20the%20(In)Security%20of%20Cross-side%20Face%20Verification%20Systems%20in%20Mobile%20Apps:%20A%20System%20Perspectivehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Understanding%20the%20(In)Security%20of%20Cross-side%20Face%20Verification%20Systems%20in%20Mobile%20Apps:%20A%20System%20PerspectiveSat, 31 Dec 2022 16:00:00 GMTXiaohan Zhang ( Fudan University, China ), Haoqi Ye ( Fudan University, China ), Ziqi Huang ( Fudan University, China ), Xiao Ye ( Fudan University, China ), Yinzhi Cao ( Johns Hopkins University, USA ), Yuan Zhang ( Fudan University, China ), Min Yang ( Fudan University, China )Breaking Security-Critical Voice Authenticationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Breaking%20Security-Critical%20Voice%20Authenticationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Breaking%20Security-Critical%20Voice%20AuthenticationSat, 31 Dec 2022 16:00:00 GMTAndre Kassis ( University of Waterloo, Canada ), Urs Hengartner ( University of Waterloo, Canada )SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20A%20Critical%20Evaluation%20of%20Efficient%20Website%20Fingerprinting%20DefensesSat, 31 Dec 2022 16:00:00 GMTNate Mathews ( Rochester Institute of Technology ), James K Holland ( University of Minnesota ), Se Eun Oh ( Ewha Womans University ), Mohammad Saidur Rahman ( Rochester Institute of Technology ), Nicholas Hopper ( University of Minnesota ), Matthew Wright ( Rochester Institute of Technology )Fashion Faux Pas: Implicit Stylistic Fingerprints for Bypassing Browsers' Anti-Fingerprinting Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Fashion%20Faux%20Pas:%20Implicit%20Stylistic%20Fingerprints%20for%20Bypassing%20Browsers'%20Anti-Fingerprinting%20Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Fashion%20Faux%20Pas:%20Implicit%20Stylistic%20Fingerprints%20for%20Bypassing%20Browsers'%20Anti-Fingerprinting%20DefensesSat, 31 Dec 2022 16:00:00 GMTXu Lin ( University of Illinois Chicago, United States ), Frederico Araujo ( IBM Research, United States ), Teryl Taylor ( IBM Research, United States ), Jiyong Jang ( IBM Research, United States ), Jason Polakis ( University of Illinois Chicago, United States )Robust Multi-tab Website Fingerprinting Attacks in the Wildhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Robust%20Multi-tab%20Website%20Fingerprinting%20Attacks%20in%20the%20Wildhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Robust%20Multi-tab%20Website%20Fingerprinting%20Attacks%20in%20the%20WildSat, 31 Dec 2022 16:00:00 GMTXinhao Deng ( Tsinghua University, China ), Qilei Yin ( Zhongguancun Laboratory, China ), Zhuotao Liu ( Tsinghua University, China ), Xiyuan Zhao ( Tsinghua University, China ), Qi Li ( Tsinghua University, China ), Mingwei Xu ( Tsinghua University, China ), Ke Xu ( Tsinghua University, Beijing ), Jianping Wu ( Tsinghua University, China )Only Pay for What You Leak: Leveraging Sandboxes for a Minimally Invasive Browser Fingerprinting Defensehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Only%20Pay%20for%20What%20You%20Leak:%20Leveraging%20Sandboxes%20for%20a%20Minimally%20Invasive%20Browser%20Fingerprinting%20Defensehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Only%20Pay%20for%20What%20You%20Leak:%20Leveraging%20Sandboxes%20for%20a%20Minimally%20Invasive%20Browser%20Fingerprinting%20DefenseSat, 31 Dec 2022 16:00:00 GMTRyan Torok ( Princeton University ), Amit Levy ( Princeton University )It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20Defenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#It%E2%80%99s%20(DOM)%20Clobbering%20Time:%20Attack%20Techniques,%20Prevalence,%20and%20DefensesSat, 31 Dec 2022 16:00:00 GMTSoheil Khodayari ( CISPA Helmholtz Center for Information Security, Germany ), Giancarlo Pellegrino ( CISPA Helmholtz Center for Information Security, Germany )Scaling JavaScript Abstract Interpretation to Detect and Exploit Node.js Taint-style Vulnerabilityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scaling%20JavaScript%20Abstract%20Interpretation%20to%20Detect%20and%20Exploit%20Node.js%20Taint-style%20Vulnerabilityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scaling%20JavaScript%20Abstract%20Interpretation%20to%20Detect%20and%20Exploit%20Node.js%20Taint-style%20VulnerabilitySat, 31 Dec 2022 16:00:00 GMTMingqing Kang ( Johns Hopkins University ), Yichao Xu ( Johns Hopkins University ), Song Li ( Zhejiang University ), Rigel Gjomemo ( University of Illinois Chicago ), Jianwei Hou ( Renmin University of China ), V.N. Venkatakrishnan ( University of Illinois Chicago ), Yinzhi Cao ( Johns Hopkins University )Sound Verification of Security Protocols: From Design to Interoperable Implementationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Sound%20Verification%20of%20Security%20Protocols:%20From%20Design%20to%20Interoperable%20Implementationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Sound%20Verification%20of%20Security%20Protocols:%20From%20Design%20to%20Interoperable%20ImplementationsSat, 31 Dec 2022 16:00:00 GMTLinard Arquint ( ETH Zurich, Switzerland ), Felix A. Wolf ( ETH Zurich, Switzerland ), Joseph Lallemand ( Univ Rennes, CNRS, IRISA, France ), Ralf Sasse ( ETH Zurich, Switzerland ), Christoph Sprenger ( ETH Zurich, Switzerland ), Sven N. Wiesner ( ETH Zurich, Switzerland ), David Basin ( ETH Zurich, Switzerland ), Peter Müller ( ETH Zurich, Switzerland )Typing High-Speed Cryptography against Spectre v1https://www.ieee-security.org/TC/SP2023/program-papers.html#Typing%20High-Speed%20Cryptography%20against%20Spectre%20v1https://www.ieee-security.org/TC/SP2023/program-papers.html#Typing%20High-Speed%20Cryptography%20against%20Spectre%20v1Sat, 31 Dec 2022 16:00:00 GMTBasavesh Ammanaghatta Shivakumar ( MPI-SP ), Gilles Barthe ( MPI-SP and IMDEA Software Institute ), Benjamin Grégoire ( Inria and Université Côte d'Azur ), Vincent Laporte ( Université de Lorraine, CNRS and Inria ), Tiago Oliviera ( MPI-SP ), Swarn Priya ( Inria and Université Côte d'Azur ), Peter Schwabe ( MPI-SP & Radboud University ), Lucas Tabary-Maujean ( ENS Paris-Saclay )Less is more: refinement proofs for probabilistic proofshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Less%20is%20more:%20refinement%20proofs%20for%20probabilistic%20proofshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Less%20is%20more:%20refinement%20proofs%20for%20probabilistic%20proofsSat, 31 Dec 2022 16:00:00 GMTKunming Jiang ( Carnegie Mellon ), Devora Chait-Roth ( NYU ), Zachary DeStefano ( NYU ), Michael Walfish ( NYU ), Thomas Wies ( NYU )OWL: Compositional Verification of Security Protocols via an Information-Flow Type Systemhttps://www.ieee-security.org/TC/SP2023/program-papers.html#OWL:%20Compositional%20Verification%20of%20Security%20Protocols%20via%20an%20Information-Flow%20Type%20Systemhttps://www.ieee-security.org/TC/SP2023/program-papers.html#OWL:%20Compositional%20Verification%20of%20Security%20Protocols%20via%20an%20Information-Flow%20Type%20SystemSat, 31 Dec 2022 16:00:00 GMTJoshua Gancher ( Carnegie Mellon University, USA ), Sydney Gibson ( Carnegie Mellon University, USA ), Pratap Singh ( Carnegie Mellon University, USA ), Samvid Dharanikota ( Carnegie Mellon University, USA ), Bryan Parno ( Carnegie Mellon University, USA )AUC: Accountable Universal Composabilityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#AUC:%20Accountable%20Universal%20Composabilityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#AUC:%20Accountable%20Universal%20ComposabilitySat, 31 Dec 2022 16:00:00 GMTMike Graf ( University of Stuttgart ), Ralf Küsters ( University of Stuttgart ), Daniel Rausch ( University of Stuttgart )High-Order Masking of Lattice Signatures in Quasilinear Timehttps://www.ieee-security.org/TC/SP2023/program-papers.html#High-Order%20Masking%20of%20Lattice%20Signatures%20in%20Quasilinear%20Timehttps://www.ieee-security.org/TC/SP2023/program-papers.html#High-Order%20Masking%20of%20Lattice%20Signatures%20in%20Quasilinear%20TimeSat, 31 Dec 2022 16:00:00 GMTRafaël del Pino ( PQShield SAS, France ), Thomas Prest ( PQShield SAS, France ), Mélissa Rossi ( ANSSI, France ), Markku-Juhani Saarinen ( PQShield LTD, UK )Practical Timing Side-Channel Attacks on Memory Compressionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practical%20Timing%20Side-Channel%20Attacks%20on%20Memory%20Compressionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practical%20Timing%20Side-Channel%20Attacks%20on%20Memory%20CompressionSat, 31 Dec 2022 16:00:00 GMTMartin Schwarzl ( Graz University of Technology ), Pietro Borrello ( Sapienza University of Rome ), Gururaj Saileshwar ( NVIDIA Research ), Hanna Müller ( Graz University of Technology ), Michael Schwarz ( CISPA Helmholtz Center for Information Security ), Daniel Gruss ( Graz University of Technology )TEEzz: Fuzzing Trusted Applications on COTS Android Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TEEzz:%20Fuzzing%20Trusted%20Applications%20on%20COTS%20Android%20DevicesSat, 31 Dec 2022 16:00:00 GMTMarcel Busch ( EPFL ), Aravind Machiry ( Purdue University ), Chad Spensky ( Allthenticate ), Giovanni Vigna ( University of California, Santa Barbara ), Christopher Kruegel ( University of California, Santa Barbara ), Mathias Payer ( EPFL )Half&Half: Demystifying Intel’s Directional Branch Predictors for Fast, Secure Partitioned Executionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Half&Half:%20Demystifying%20Intel%E2%80%99s%20Directional%20Branch%20Predictors%20for%20Fast,%20Secure%20Partitioned%20Executionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Half&Half:%20Demystifying%20Intel%E2%80%99s%20Directional%20Branch%20Predictors%20for%20Fast,%20Secure%20Partitioned%20ExecutionSat, 31 Dec 2022 16:00:00 GMTHosein Yavarzadeh ( University of California San Diego ), Mohammadkazem Taram ( Purdue University ), Shravan Narayan ( University of California San Diego ), Deian Stefan ( University of California San Diego ), Dean Tullsen ( University of California San Diego )Improving Developers' Understanding of Regex Denial of Service Tools through Anti-Patterns and Fix Strategieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Improving%20Developers'%20Understanding%20of%20Regex%20Denial%20of%20Service%20Tools%20through%20Anti-Patterns%20and%20Fix%20Strategieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Improving%20Developers'%20Understanding%20of%20Regex%20Denial%20of%20Service%20Tools%20through%20Anti-Patterns%20and%20Fix%20StrategiesSat, 31 Dec 2022 16:00:00 GMTSk Adnan Hassan ( Virginia Tech, U.S.A. ), Zainab Aamir ( Stony Brook University, U.S.A. ), Dongyoon Lee ( Stony Brook University, U.S.A. ), James C. Davis ( Purdue University, U.S.A. ), Francisco Servant ( University of Málaga, Spain )Practical Program Modularization with Type-Based Dependence Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practical%20Program%20Modularization%20with%20Type-Based%20Dependence%20Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Practical%20Program%20Modularization%20with%20Type-Based%20Dependence%20AnalysisSat, 31 Dec 2022 16:00:00 GMTKangjie Lu ( University of Minnesota )WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#WarpAttack:%20Bypassing%20CFI%20through%20Compiler-Introduced%20Double-Fetcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#WarpAttack:%20Bypassing%20CFI%20through%20Compiler-Introduced%20Double-FetchesSat, 31 Dec 2022 16:00:00 GMTJianhao Xu ( Nanjing University, China ), Luca Di Bartolomeo ( EPFL, Switzerland ), Flavio Toffalini ( EPFL, Switzerland ), Bing Mao ( Nanjing University, China ), Mathias Payer ( EPFL, Switzerland )SoK: Certified Robustness for Deep Neural Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Certified%20Robustness%20for%20Deep%20Neural%20NetworksSat, 31 Dec 2022 16:00:00 GMTLinyi Li ( University of Illinois Urbana-Champaign, USA ), Tao Xie ( Key Laboratory of High Confidence Software Technologies, MoE (Peking University ), China ), Bo Li ( University of Illinois Urbana-Champaign, USA )RAB: Provable Robustness Against Backdoor Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#RAB:%20Provable%20Robustness%20Against%20Backdoor%20AttacksSat, 31 Dec 2022 16:00:00 GMTMaurice Weber ( ETH Zurich, Switzerland ), Xiaojun Xu ( University of Illinois at Urbana-Champaign, USA ), Bojan Karlas ( ETH Zurich, Switzerland ), Ce Zhang ( ETH Zurich, Switzerland ), Bo Li ( University of Illinois at Urbana-Champaign, USA )ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Maskinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#ObjectSeeker:%20Certifiably%20Robust%20Object%20Detection%20against%20Patch%20Hiding%20Attacks%20via%20Patch-agnostic%20Maskinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#ObjectSeeker:%20Certifiably%20Robust%20Object%20Detection%20against%20Patch%20Hiding%20Attacks%20via%20Patch-agnostic%20MaskingSat, 31 Dec 2022 16:00:00 GMTChong Xiang ( Princeton University ), Alexander Valtchanov ( Princeton University ), Saeed Mahloujifar ( Princeton University ), Prateek Mittal ( Princeton University )PublicCheck: Public Integrity Verification for Services of Run-time Deep Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#PublicCheck:%20Public%20Integrity%20Verification%20for%20Services%20of%20Run-time%20Deep%20Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#PublicCheck:%20Public%20Integrity%20Verification%20for%20Services%20of%20Run-time%20Deep%20ModelsSat, 31 Dec 2022 16:00:00 GMTShuo Wang ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Sharif Abuadbba ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Sidharth Agarwal ( Indian Institute of Technology Delhi, India ), Kristen Moore ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Ruoxi Sun ( CSIRO’s Data61, Australia ), Minhui Xue ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Surya Nepal ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Seyit Camtepe ( CSIRO’s Data61, Australia; Cybersecurity CRC, Australia ), Salil Kanhere ( University of New South Wales, Australia )FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Informationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20Informationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#FedRecover:%20Recovering%20from%20Poisoning%20Attacks%20in%20Federated%20Learning%20using%20Historical%20InformationSat, 31 Dec 2022 16:00:00 GMTXiaoyu Cao ( Duke University ), Jinyuan Jia ( Duke University ), Zaixi Zhang ( University of Science and Technology of China ), Neil Zhenqiang Gong ( Duke University )On The Empirical Effectiveness of Unrealistic Adversarial Hardening Against Realistic Adversarial Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20The%20Empirical%20Effectiveness%20of%20Unrealistic%20Adversarial%20Hardening%20Against%20Realistic%20Adversarial%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#On%20The%20Empirical%20Effectiveness%20of%20Unrealistic%20Adversarial%20Hardening%20Against%20Realistic%20Adversarial%20AttacksSat, 31 Dec 2022 16:00:00 GMTSalijona Dyrmishi ( University of Luxembourg, Luxembourg ), Salah Ghamizi ( University of Luxembourg, Luxembourg ), Thibault Simonetto ( University of Luxembourg, Luxembourg ), Yves Le Traon ( University of Luxembourg, Luxembourg ), Maxime Cordy ( University of Luxembourg, Luxembourg )Rethinking Searchable Symmetric Encryptionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Rethinking%20Searchable%20Symmetric%20Encryptionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Rethinking%20Searchable%20Symmetric%20EncryptionSat, 31 Dec 2022 16:00:00 GMTZichen Gui ( ETH Zurich, Switzerland ), Kenneth G. Paterson ( ETH Zurich, Switzerland ), Sikhar Patranabis ( IBM Research, India )Private Collaborative Data Cleaning via Non-Equi PSIhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Collaborative%20Data%20Cleaning%20via%20Non-Equi%20PSIhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Collaborative%20Data%20Cleaning%20via%20Non-Equi%20PSISat, 31 Dec 2022 16:00:00 GMTErik-Oliver Blass ( Airbus, Germany ), Florian Kerschbaum ( University of Waterloo, Canada )SPHINCS+C: Compressing SPHINCS+ With (Almost) No Costhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SPHINCS+C:%20Compressing%20SPHINCS+%20With%20(Almost)%20No%20Costhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SPHINCS+C:%20Compressing%20SPHINCS+%20With%20(Almost)%20No%20CostSat, 31 Dec 2022 16:00:00 GMTAndreas Hülsing ( TU Eindhoven ), Mikhail Kudinov ( TU Eindhoven ), Eyal Ronen ( Tel Aviv University ), Eylon Yogev ( Bar-Ilan University )Threshold Signatures in the Multiversehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Threshold%20Signatures%20in%20the%20Multiversehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Threshold%20Signatures%20in%20the%20MultiverseSat, 31 Dec 2022 16:00:00 GMTLeemon Baird ( Swirlds Labs ), Sanjam Garg ( University of California, Berkeley&NTT Research ), Abhishek Jain ( Johns Hopkins University ), Pratyay Mukherjee ( Supra Oracles ), Rohit Sinha ( Meta ), Mingyuan Wang ( University of California, Berkeley ), Yinuo Zhang ( University of California, Berkeley )FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20Instantiationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#FIDO2,%20CTAP%202.1,%20and%20WebAuthn%202:%20Provable%20Security%20and%20Post-Quantum%20InstantiationSat, 31 Dec 2022 16:00:00 GMTNina Bindel ( SandboxAQ ), Cas Cremers ( CISPA Helmholtz Center for Information Security ), Mang Zhao ( CISPA Helmholtz Center for Information Security )Token meets Wallet: Formalizing Privacy and Revocation for FIDO2https://www.ieee-security.org/TC/SP2023/program-papers.html#Token%20meets%20Wallet:%20Formalizing%20Privacy%20and%20Revocation%20for%20FIDO2https://www.ieee-security.org/TC/SP2023/program-papers.html#Token%20meets%20Wallet:%20Formalizing%20Privacy%20and%20Revocation%20for%20FIDO2Sat, 31 Dec 2022 16:00:00 GMTLucjan Hanzlik ( CISPA Helmholtz Center for Information Security, Germany ), Julian Loss ( CISPA Helmholtz Center for Information Security, Germany ), Benedikt Wagner ( CISPA Helmholtz Center for Information Security, Germany and Saarland University, Germany )SoK: Taxonomy of Attacks on Open-Source Software Supply Chainshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20Chainshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Taxonomy%20of%20Attacks%20on%20Open-Source%20Software%20Supply%20ChainsSat, 31 Dec 2022 16:00:00 GMTPiergiorgio Ladisa ( SAP Security Research, Université de Rennes 1 ), Henrik Plate ( SAP Security Research ), Matias Martinez ( Université Polytechnique Hauts-de-France ), Olivier Barais ( Université de Rennes 1, Inria, IRISA )It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Securityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#It%E2%80%99s%20like%20flossing%20your%20teeth:%20On%20the%20Importance%20and%20Challenges%20of%20Reproducible%20Builds%20for%20Software%20Supply%20Chain%20Securityhttps://www.ieee-security.org/TC/SP2023/program-papers.html#It%E2%80%99s%20like%20flossing%20your%20teeth:%20On%20the%20Importance%20and%20Challenges%20of%20Reproducible%20Builds%20for%20Software%20Supply%20Chain%20SecuritySat, 31 Dec 2022 16:00:00 GMTMarcel Fourné ( Max Planck Institute for Security and Privacy, Bochum, Germany ), Dominik Wermke ( CISPA Helmholtz Center for Information Security, Germany ), William Enck ( North Carolina State University, Raleigh, North Carolina, USA ), Sascha Fahl ( CISPA Helmholtz Center for Information Security, Germany ), Yasemin Acar ( Paderborn University, Germany, George Washington University, USA )Always Contribute Back: A Qualitative Study on Security Challenges of the Open Source Supply Chainhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Always%20Contribute%20Back:%20A%20Qualitative%20Study%20on%20Security%20Challenges%20of%20the%20Open%20Source%20Supply%20Chainhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Always%20Contribute%20Back:%20A%20Qualitative%20Study%20on%20Security%20Challenges%20of%20the%20Open%20Source%20Supply%20ChainSat, 31 Dec 2022 16:00:00 GMTDominik Wermke ( CISPA Helmholtz Center for Information Security ), Jan H. Klemmer ( Leibniz University Hannover ), Noah Wöhler ( CISPA Helmholtz Center for Information Security ), Juliane Schmüser ( CISPA Helmholtz Center for Information Security ), Harshini Sri Ramulu ( Paderborn University ), Yasemin Acar ( Paderborn University, George Washington University ), Sascha Fahl ( CISPA Helmholtz Center for Information Security )Continuous Intrusion: Characterizing the Security of Continuous Integration Serviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Continuous%20Intrusion:%20Characterizing%20the%20Security%20of%20Continuous%20Integration%20Serviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Continuous%20Intrusion:%20Characterizing%20the%20Security%20of%20Continuous%20Integration%20ServicesSat, 31 Dec 2022 16:00:00 GMTYacong Gu ( Qi An Xin Technology Research Institute, China ), Lingyun Ying ( Qi An Xin Technology Research Institute, China ), Huajun Chai ( Qi An Xin Technology Research Institute, China ), Chu Qiao ( University of Delaware, USA ), Haixin Duan ( Tsinghua University; Tsinghua University-QI-ANXIN Group JCNS, China ), Xing Gao ( University of Delaware, USA )Investigating Package Related Security Threats in Software Registrieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Investigating%20Package%20Related%20Security%20Threats%20in%20Software%20Registrieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Investigating%20Package%20Related%20Security%20Threats%20in%20Software%20RegistriesSat, 31 Dec 2022 16:00:00 GMTYacong Gu ( QI-ANXIN Technology Research Institute, China ), Lingyun Ying ( QI-ANXIN Technology Research Institute, China ), Yingyuan Pu ( Ocean University of China; QI-ANXIN Technology Research Institute, China ), Xiao Hu ( QI-ANXIN Technology Research Institute, China ), Huajun Chai ( QI-ANXIN Technology Research Institute, China ), Ruimin Wang ( Southeast University; QI-ANXIN Technology Research Institute, China ), Xing Gao ( University of Delaware, USA ), Haixin Duan ( Tsinghua University; Tsinghua University-QI-ANXIN Group JCNS, China )ShadowNet: A Secure and Efficient On-device Model Inference System for Convolutional Neural Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ShadowNet:%20A%20Secure%20and%20Efficient%20On-device%20Model%20Inference%20System%20for%20Convolutional%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ShadowNet:%20A%20Secure%20and%20Efficient%20On-device%20Model%20Inference%20System%20for%20Convolutional%20Neural%20NetworksSat, 31 Dec 2022 16:00:00 GMTZhichuang Sun ( Google ), Ruimin Sun ( Florida International University ), Changming Liu ( Northeastern University ), Amrita Roy Chowdhury ( University of California, San Diego ), Long Lu ( Northeastern University ), Somesh Jha ( University of Wisconsin-Madison )Deepfake Text Detection: Limitations and Opportunitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20Opportunitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Deepfake%20Text%20Detection:%20Limitations%20and%20OpportunitiesSat, 31 Dec 2022 16:00:00 GMTJiameng Pu ( Virginia Tech, USA ), Zain Sarwar ( University Of Chicago, USA ), Sifat Muhammad Abdullah ( Virginia Tech, USA ), Abdullah Rehman ( Virginia Tech, USA ), Yoonjin Kim ( Virginia Tech, USA ), Parantapa Bhattacharya ( University Of Virginia, USA ), Mobin Javed ( LUMS, Pakistan ), Bimal Viswanath ( Virginia Tech, USA )StyleFool: Fooling Video Classification Systems via Style Transferhttps://www.ieee-security.org/TC/SP2023/program-papers.html#StyleFool:%20Fooling%20Video%20Classification%20Systems%20via%20Style%20Transferhttps://www.ieee-security.org/TC/SP2023/program-papers.html#StyleFool:%20Fooling%20Video%20Classification%20Systems%20via%20Style%20TransferSat, 31 Dec 2022 16:00:00 GMTYuxin Cao ( Shenzhen International Graduate School, Tsinghua University, China ), Xi Xiao ( Shenzhen International Graduate School, Tsinghua University, China ), Ruoxi Sun ( CSIRO's Data61, Australia ), Derui Wang ( CSIRO's Data61, Australia ), Minhui Xue ( CSIRO's Data61, Australia ), Sheng Wen ( Swinburne University of Technology, Australia )GeeSolver: A Generic, Efficient, and Effortless Solver with Self-Supervised Learning for Breaking Text Captchashttps://www.ieee-security.org/TC/SP2023/program-papers.html#GeeSolver:%20A%20Generic,%20Efficient,%20and%20Effortless%20Solver%20with%20Self-Supervised%20Learning%20for%20Breaking%20Text%20Captchashttps://www.ieee-security.org/TC/SP2023/program-papers.html#GeeSolver:%20A%20Generic,%20Efficient,%20and%20Effortless%20Solver%20with%20Self-Supervised%20Learning%20for%20Breaking%20Text%20CaptchasSat, 31 Dec 2022 16:00:00 GMTRuijie Zhao ( Shanghai Jiao Tong University ), Xianwen Deng ( Shanghai Jiao Tong University ), Yanhao Wang ( QI-ANXIN ), Zhicong Yan ( Shanghai Jiao Tong University ), Zhengguang Han ( Shanghai Jiao Tong University ), Libo Chen ( Shanghai Jiao Tong University ), Zhi Xue ( Shanghai Jiao Tong University ), Yijun Wang ( Shanghai Jiao Tong University )TrojanModel: A Practical Trojan Attack against Automatic Speech Recognition Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TrojanModel:%20A%20Practical%20Trojan%20Attack%20against%20Automatic%20Speech%20Recognition%20Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TrojanModel:%20A%20Practical%20Trojan%20Attack%20against%20Automatic%20Speech%20Recognition%20SystemsSat, 31 Dec 2022 16:00:00 GMTWei Zong ( University of Wollongong, Australia ), Yang-Wai Chow ( University of Wollongong, Australia ), Willy Susilo ( University of Wollongong, Australia ), Kien Do ( Deakin University, Australia ), Svetha Venkatesh ( Deakin University, Australia )REGA: Scalable Rowhammer Mitigation with Refresh-Generating Activationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#REGA:%20Scalable%20Rowhammer%20Mitigation%20with%20Refresh-Generating%20Activationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#REGA:%20Scalable%20Rowhammer%20Mitigation%20with%20Refresh-Generating%20ActivationsSat, 31 Dec 2022 16:00:00 GMTMichele Marazzi ( ETH Zurich ), Flavien Solt ( ETH Zurich ), Patrick Jattke ( ETH Zurich ), Kubo Takashi ( Zentel Japan ), Kaveh Razavi ( ETH Zurich )CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammerhttps://www.ieee-security.org/TC/SP2023/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20Rowhammerhttps://www.ieee-security.org/TC/SP2023/program-papers.html#CSI:Rowhammer%20-%20Cryptographic%20Security%20and%20Integrity%20against%20RowhammerSat, 31 Dec 2022 16:00:00 GMTJonas Juffinger ( Lamarr Security Research, Graz University of Technology, Austria ), Lukas Lamster ( Graz University of Technology, Austria ), Andreas Kogler ( Graz University of Technology, Austria ), Maria Eichlseder ( Graz University of Technology, Austria ), Moritz Lipp ( Amazon Web Services, Austria ), Daniel Gruss ( Graz University of Technology, Austria )Jolt: Recovering TLS Signing Keys via Rowhammer Faultshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Jolt:%20Recovering%20TLS%20Signing%20Keys%20via%20Rowhammer%20Faultshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Jolt:%20Recovering%20TLS%20Signing%20Keys%20via%20Rowhammer%20FaultsSat, 31 Dec 2022 16:00:00 GMTKoksal Mus ( Worcester Polytechnic Institute ), Yarkın Doröz ( Worcester Polytechnic Institute ), M. Caner Tol ( Worcester Polytechnic Institute ), Kristi Rahman ( Worcester Polytechnic Institute ), Berk Sunar ( Worcester Polytechnic Institute )Hide and Seek with Spectres: Efficient discovery of speculative vulnerabilities with random testinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Hide%20and%20Seek%20with%20Spectres:%20Efficient%20discovery%20of%20speculative%20vulnerabilities%20with%20random%20testinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Hide%20and%20Seek%20with%20Spectres:%20Efficient%20discovery%20of%20speculative%20vulnerabilities%20with%20random%20testingSat, 31 Dec 2022 16:00:00 GMTOleksii Oleksenko and Boris Köpf ( Microsoft Research ), Marco Guarnieri ( IMDEA Software Institute ), Mark Silberstein ( Technion )Spectre Declassified: Reading from the Right Place at the Wrong Timehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20Timehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spectre%20Declassified:%20Reading%20from%20the%20Right%20Place%20at%20the%20Wrong%20TimeSat, 31 Dec 2022 16:00:00 GMTBasavesh Ammanaghatta Shivakumar ( Max Planck Institute for Security and Privacy, Germany ), Jack Barnes ( The University of Adelaide, Australia ), Gilles Barthe ( Max Planck Institute for Security and Privacy, Germany; IMDEA Software Institute, Spain ), Sunjay Cauligi ( Max Planck Institute for Security and Privacy, Germany ), Chitchanok Chuengsatiansup ( The University of Adelaide, Australia ), Daniel Genkin ( Georgia Institute of Technology, USA ), Sioli O'Connell ( The University of Adelaide, Australia ), Peter Schwabe ( Max Planck Institute for Security and Privacy, Germany; Radboud University, Netherlands ), Rui Qi Sim ( The University of Adelaide, Australia ), Yuval Yarom ( The University of Adelaide, Australia )Volttack: Control IoT Devices by Manipulating Power Supply Voltagehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Volttack:%20Control%20IoT%20Devices%20by%20Manipulating%20Power%20Supply%20Voltagehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Volttack:%20Control%20IoT%20Devices%20by%20Manipulating%20Power%20Supply%20VoltageSat, 31 Dec 2022 16:00:00 GMTKai Wang ( Zhejiang University, China ), Shilin Xiao ( Zhejiang University, China ), Xiaoyu Ji ( Zhejiang University, China ), Chen Yan ( Zhejiang University, China ), Chaohao Li ( Hangzhou Hikvision Digital Technology Co., Ltd., China ), Wenyuan Xu ( Zhejiang University, China )Inducing Wireless Chargers to Voice Out for Inaudible Command Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Inducing%20Wireless%20Chargers%20to%20Voice%20Out%20for%20Inaudible%20Command%20AttacksSat, 31 Dec 2022 16:00:00 GMTDonghui Dai ( The Hong Kong Polytechnic University, China ), Zhenlin An ( The Hong Kong Polytechnic University, China ), Lei Yang ( The Hong Kong Polytechnic University, China )mmSpoof: Resilient Spoofing of Automotive Millimeter-wave Radars using Reflect Arrayhttps://www.ieee-security.org/TC/SP2023/program-papers.html#mmSpoof:%20Resilient%20Spoofing%20of%20Automotive%20Millimeter-wave%20Radars%20using%20Reflect%20Arrayhttps://www.ieee-security.org/TC/SP2023/program-papers.html#mmSpoof:%20Resilient%20Spoofing%20of%20Automotive%20Millimeter-wave%20Radars%20using%20Reflect%20ArraySat, 31 Dec 2022 16:00:00 GMTRohith Reddy Vennam ( University of California San Diego ), Ish Kumar Jain ( University of California San Diego ), Kshitiz Bansal ( University of California San Diego ), Joshua Orozco ( University of California San Diego ), Puja Shukla ( University of California San Diego ), Aanjhan Ranganathan ( Northeastern University ), Dinesh Bharadia ( University of California San Diego )PLA-LiDAR: Physical Laser Attacks against LiDAR-based 3D Object Detection in Autonomous Vehiclehttps://www.ieee-security.org/TC/SP2023/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20Vehiclehttps://www.ieee-security.org/TC/SP2023/program-papers.html#PLA-LiDAR:%20Physical%20Laser%20Attacks%20against%20LiDAR-based%203D%20Object%20Detection%20in%20Autonomous%20VehicleSat, 31 Dec 2022 16:00:00 GMTZizhi Jin ( Zhejiang University ), Ji Xiaoyu ( Zhejiang University ), Yushi Cheng ( Tsinghua University ), Bo Yang ( Zhejiang University ), Chen Yan ( Zhejiang University ), Wenyuan Xu ( Zhejiang University )mmEcho: A mmWave-based Acoustic Eavesdropping Methodhttps://www.ieee-security.org/TC/SP2023/program-papers.html#mmEcho:%20A%20mmWave-based%20Acoustic%20Eavesdropping%20Methodhttps://www.ieee-security.org/TC/SP2023/program-papers.html#mmEcho:%20A%20mmWave-based%20Acoustic%20Eavesdropping%20MethodSat, 31 Dec 2022 16:00:00 GMTPengfei Hu ( Shandong University ), Wenhao Li ( Shandong University ), Riccardo Spolaor ( Shandong University ), Xiuzhen Cheng ( Shandong University )Side Eye: Characterizing the Limits of POV Acoustic Eavesdropping from Smartphone Cameras with Rolling Shutters and Movable Lenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Side%20Eye:%20Characterizing%20the%20Limits%20of%20POV%20Acoustic%20Eavesdropping%20from%20Smartphone%20Cameras%20with%20Rolling%20Shutters%20and%20Movable%20Lenseshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Side%20Eye:%20Characterizing%20the%20Limits%20of%20POV%20Acoustic%20Eavesdropping%20from%20Smartphone%20Cameras%20with%20Rolling%20Shutters%20and%20Movable%20LensesSat, 31 Dec 2022 16:00:00 GMTYan Long ( University of Michigan, USA ), Pirouz Naghavi ( University of Florida, USA ), Blas Kojusner ( University of Florida, USA ), Kevin Butler ( University of Florida, USA ), Sara Rampazzi ( University of Florida, USA ), Kevin Fu ( University of Michigan, USA )ADI: Adversarial Dominating Inputs in Vertical Federated Learning Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ADI:%20Adversarial%20Dominating%20Inputs%20in%20Vertical%20Federated%20Learning%20Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ADI:%20Adversarial%20Dominating%20Inputs%20in%20Vertical%20Federated%20Learning%20SystemsSat, 31 Dec 2022 16:00:00 GMTQi Pang ( Carnegie Mellon University, USA ), Yuanyuan Yuan ( Hong Kong University of Science and Technology, Hong Kong SAR ), Shuai Wang ( Hong Kong University of Science and Technology, Hong Kong SAR ), Wenting Zheng ( Carnegie Mellon University, USA )3DFed: Adaptive and Extensible Framework for Covert Backdoor Attack in Federated Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#3DFed:%20Adaptive%20and%20Extensible%20Framework%20for%20Covert%20Backdoor%20Attack%20in%20Federated%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#3DFed:%20Adaptive%20and%20Extensible%20Framework%20for%20Covert%20Backdoor%20Attack%20in%20Federated%20LearningSat, 31 Dec 2022 16:00:00 GMTHaoyang LI ( The Hong Kong Polytechnic University ), Qingqing Ye ( The Hong Kong Polytechnic University ), Haibo Hu ( The Hong Kong Polytechnic University ), Jin Li ( Guangzhou University ), Leixia Wang ( Renmin University of China ), Chengfang Fang ( Huawei International, Singapore ), Jie Shi ( Huawei International, Singapore )Scalable and Privacy-Preserving Federated Principal Component Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scalable%20and%20Privacy-Preserving%20Federated%20Principal%20Component%20Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scalable%20and%20Privacy-Preserving%20Federated%20Principal%20Component%20AnalysisSat, 31 Dec 2022 16:00:00 GMTDavid Froelicher ( MIT, USA ), Hyunghoon Cho ( Broad Institute of MIT and Harvard, USA ), Manaswitha Edupalli ( Broad Institute of MIT and Harvard, USA ), Joao Sa Sousa ( EPFL, Switzerland ), Jean-Philippe Bossuat ( Tune Insight SA, Switzerland ), Apostolos Pyrgelis ( EPFL, Switzerland ), Juan R. Troncoso-Pastoriza ( Tune Insight SA, Switzerland ), Bonnie Berger ( MIT, USA ), Jean-Pierre Hubaux ( EPFL, Switzerland )Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private,%20Efficient,%20and%20Accurate:%20Protecting%20Models%20Trained%20by%20Multi-party%20Learning%20with%20Differential%20PrivacySat, 31 Dec 2022 16:00:00 GMTWenqiang Ruan ( Fudan University, China ), Mingxin Xu ( Fudan University, China ), Wenjing Fnag ( Ant Group, China ), Li Wang ( Ant Group, China ), Lei Wang ( Ant Group, China ), Weili Han ( Fudan University, China )Spectral-DP: Differentially Private Deep Learning through Spectral Perturbation and Filteringhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spectral-DP:%20Differentially%20Private%20Deep%20Learning%20through%20Spectral%20Perturbation%20and%20Filteringhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Spectral-DP:%20Differentially%20Private%20Deep%20Learning%20through%20Spectral%20Perturbation%20and%20FilteringSat, 31 Dec 2022 16:00:00 GMTCe Feng ( Lehigh University ), Nuo Xu ( Lehigh University ), Wujie Wen ( Lehigh University ), Parv Venkitasubramaniam ( Lehigh University ), Caiwen Ding ( University of Connecticut )ELSA: Secure Aggregation for Federated Learning with Malicious Actorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ELSA:%20Secure%20Aggregation%20for%20Federated%20Learning%20with%20Malicious%20Actorshttps://www.ieee-security.org/TC/SP2023/program-papers.html#ELSA:%20Secure%20Aggregation%20for%20Federated%20Learning%20with%20Malicious%20ActorsSat, 31 Dec 2022 16:00:00 GMTMayank Rathee ( University of California, Berkeley, USA ), Conghao Shen ( Stanford University, USA ), Sameer Wagh ( Devron Corporation, USA ), Raluca Ada Popa ( University of California, Berkeley, USA )No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Informationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20Informationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#No%20One%20Drinks%20From%20the%20Firehose:%20How%20Organizations%20Filter%20and%20Prioritize%20Vulnerability%20InformationSat, 31 Dec 2022 16:00:00 GMTStephanie de Smale ( National Cyber Security Centre, The Netherlands & Delft University of Technology, The Netherlands ), Rik van Dijk ( National Cyber Security Centre, The Netherlands ), Xander Bouwman ( Delft University of Technology, The Netherlands ), Jeroen van der Ham ( National Cyber Security Centre, The Netherlands & University of Twente, The Netherlands ), Michel van Eeten ( Delft University of Technology, The Netherlands )Vulnerability Discovery for All: Experiences of Marginalization in Vulnerability Discoveryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20Discoveryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Vulnerability%20Discovery%20for%20All:%20Experiences%20of%20Marginalization%20in%20Vulnerability%20DiscoverySat, 31 Dec 2022 16:00:00 GMTKelsey R. Fulton ( University of Maryland ), Samantha Katcher ( Tufts University ), Kevin Song ( University of Chicago ), Marshini Chetty ( University of Chicago ), Michelle L. Mazurek ( University of Maryland ), Daniel Votipka ( Tufts University ), Chloé Messdaghi ( Impactive Consulting )We are a startup to the core: A qualitative interview study on the security and privacy development practices in Turkish software startupshttps://www.ieee-security.org/TC/SP2023/program-papers.html#We%20are%20a%20startup%20to%20the%20core:%20%20%20A%20qualitative%20interview%20study%20on%20the%20security%20and%20privacy%20development%20practices%20in%20Turkish%20software%20startupshttps://www.ieee-security.org/TC/SP2023/program-papers.html#We%20are%20a%20startup%20to%20the%20core:%20%20%20A%20qualitative%20interview%20study%20on%20the%20security%20and%20privacy%20development%20practices%20in%20Turkish%20software%20startupsSat, 31 Dec 2022 16:00:00 GMTDilara Kekulluoglu ( University of Edinburgh, UK ), Yasemin Acar ( The George Washington University, USA )How technical do you get? I'm an English teacher: Teaching and Learning Cybersecurity and AI Ethics in High Schoolhttps://www.ieee-security.org/TC/SP2023/program-papers.html#How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20Schoolhttps://www.ieee-security.org/TC/SP2023/program-papers.html#How%20technical%20do%20you%20get?%20I'm%20an%20English%20teacher:%20Teaching%20and%20Learning%20Cybersecurity%20and%20AI%20Ethics%20in%20High%20SchoolSat, 31 Dec 2022 16:00:00 GMTZachary Kilhoffer ( University of Illinois at Urbana-Champaign, USA ), Zhixuan Zhou ( University of Illinois at Urbana-Champaign, USA ), Firmiana Wang ( University of Illinois Laboratory High School, USA ), Fahad Tamton ( University of Illinois at Urbana-Champaign, USA ), Yun Huang ( University of Illinois at Urbana-Champaign, USA ), Pilyoung Kim ( University of Denver, USA ), Tom Yeh ( University of Colorado Boulder, USA ), Yang Wang ( University of Illinois at Urbana-Champaign, USA )Skilled or Gullible? Gender Stereotypes Related to Computer Security and Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Skilled%20or%20Gullible?%20Gender%20Stereotypes%20Related%20to%20Computer%20Security%20and%20PrivacySat, 31 Dec 2022 16:00:00 GMTMiranda Wei ( University of Washington, USA ), Pardis Emami-Naeini ( Duke University, USA ), Franziska Roesner ( University of Washington, USA ), Tadayoshi Kohno ( University of Washington, USA )Everybody’s Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Everybody%E2%80%99s%20Got%20ML,%20Tell%20Me%20What%20Else%20You%20Have:%20Practitioners'%20Perception%20of%20ML-Based%20Security%20Tools%20and%20Explanationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Everybody%E2%80%99s%20Got%20ML,%20Tell%20Me%20What%20Else%20You%20Have:%20Practitioners'%20Perception%20of%20ML-Based%20Security%20Tools%20and%20ExplanationsSat, 31 Dec 2022 16:00:00 GMTJaron Mink ( University of Illinois at Urbana-Champaign ), Hadjer Benkraouda ( University of Illinois at Urbana-Champaign ), Limin Yang ( University of Illinois at Urbana-Champaign ), Arridhana Ciptadi ( Truera ), Ali Ahmadzadeh ( Blue Hexagon ), Daniel Votipka ( Tufts University ), Gang Wang ( University of Illinois at Urbana-Champaign )Precise Detection of Kernel Data Races with Probabilistic Lockset Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Precise%20Detection%20of%20Kernel%20Data%20Races%20with%20Probabilistic%20Lockset%20Analysishttps://www.ieee-security.org/TC/SP2023/program-papers.html#Precise%20Detection%20of%20Kernel%20Data%20Races%20with%20Probabilistic%20Lockset%20AnalysisSat, 31 Dec 2022 16:00:00 GMTGabriel Ryan ( Columbia University ), Abhishek Shah ( Columbia University ), Dongdong She ( Columbia University ), Suman Jana ( Columbia University )SEGFUZZ: Segmentizing Thread Interleaving to Discover Kernel Concurrency Bugs through Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SEGFUZZ:%20Segmentizing%20Thread%20Interleaving%20to%20Discover%20Kernel%20Concurrency%20Bugs%20through%20Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#SEGFUZZ:%20Segmentizing%20Thread%20Interleaving%20to%20Discover%20Kernel%20Concurrency%20Bugs%20through%20FuzzingSat, 31 Dec 2022 16:00:00 GMTDae R. Jeong ( School of Computing, KAIST ), Byoungyoung Lee ( Department of Electrical and Computer Engineering, Seoul National University ), Insik Shin ( School of Computing, KAIST ), Youngjin Kwon ( School of Computing, KAIST )AEM: Facilitating Cross-Version Exploitability Assessment of Linux Kernel Vulnerabilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#AEM:%20Facilitating%20Cross-Version%20Exploitability%20Assessment%20of%20Linux%20Kernel%20VulnerabilitiesSat, 31 Dec 2022 16:00:00 GMTZheyue Jiang ( Fudan University ), Yuan Zhang ( Fudan University ), Jun Xu ( University of Utah ), Xinqian Sun ( Fudan University ), Zhuang Liu ( Fudan University ), Min Yang ( Fudan University )When Top-down Meets Bottom-up: Detecting and Exploiting Use-After-Cleanup Bugs in Linux Kernelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#When%20Top-down%20Meets%20Bottom-up:%20Detecting%20and%20Exploiting%20Use-After-Cleanup%20Bugs%20in%20Linux%20Kernelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#When%20Top-down%20Meets%20Bottom-up:%20Detecting%20and%20Exploiting%20Use-After-Cleanup%20Bugs%20in%20Linux%20KernelSat, 31 Dec 2022 16:00:00 GMTLin Ma ( Zhejiang University, China ), Duoming Zhou ( Zhejiang University, China ), Hanjie Wu ( Carnegie Mellon University, USA ), Yajin Zhou ( Zhejiang University, China ), Rui Chang ( Zhejiang University, China ), Hao Xiong ( Zhejiang University, China ), Lei Wu ( Zhejiang University, China ), Kui Ren ( Zhejiang University, China )RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#RSFuzzer:%20Discovering%20Deep%20SMI%20Handler%20Vulnerabilities%20in%20UEFI%20Firmware%20with%20Hybrid%20Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#RSFuzzer:%20Discovering%20Deep%20SMI%20Handler%20Vulnerabilities%20in%20UEFI%20Firmware%20with%20Hybrid%20FuzzingSat, 31 Dec 2022 16:00:00 GMTJiawei Yin ( Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Menghao Li ( Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Yuekang Li ( Nanyang Technological University ), Yong Yu ( Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Boru Lin ( Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Yanyan zou ( Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Yang Liu ( Nanyang Technological University ), Wei Huo ( nstitute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology ), Jingling Xue ( UNSW Sydney )A Theory to Instruct Differentially-Private Learning via Clipping Bias Reductionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#A%20Theory%20to%20Instruct%20Differentially-Private%20Learning%20via%20Clipping%20Bias%20Reductionhttps://www.ieee-security.org/TC/SP2023/program-papers.html#A%20Theory%20to%20Instruct%20Differentially-Private%20Learning%20via%20Clipping%20Bias%20ReductionSat, 31 Dec 2022 16:00:00 GMTHanshen Xiao ( MIT ), Zihang Xiang ( KAUST ), Di Wang ( KAUST ), Srinivas Devadas ( MIT )Continual Observation under User-level Differential Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Continual%20Observation%20under%20User-level%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Continual%20Observation%20under%20User-level%20Differential%20PrivacySat, 31 Dec 2022 16:00:00 GMTWei Dong ( Hong Kong University of Science and Technology, China ), Qiyao Luo ( Hong Kong University of Science and Technology, China ), Ke Yi ( Hong Kong University of Science and Technology, China )Locally Differentially Private Frequency Estimation Based on Convolution Frameworkhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Locally%20Differentially%20Private%20Frequency%20Estimation%20Based%20on%20Convolution%20Frameworkhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Locally%20Differentially%20Private%20Frequency%20Estimation%20Based%20on%20Convolution%20FrameworkSat, 31 Dec 2022 16:00:00 GMTHuiyu Fang ( Southeast University ), Liquan Chen ( Southeast University ), Yali Liu ( Jiangsu Normal University ), Yuan Gao ( Southeast University )TELEPATH: A Minecraft-based Covert Communication Systemhttps://www.ieee-security.org/TC/SP2023/program-papers.html#TELEPATH:%20A%20Minecraft-based%20Covert%20Communication%20Systemhttps://www.ieee-security.org/TC/SP2023/program-papers.html#TELEPATH:%20A%20Minecraft-based%20Covert%20Communication%20SystemSat, 31 Dec 2022 16:00:00 GMTZhen Sun ( Cornell Tech ), Vitaly Shmatikov ( Cornell Tech )Discop: Provably Secure Steganography in Practice Based on “Distribution Copies”https://www.ieee-security.org/TC/SP2023/program-papers.html#Discop:%20Provably%20Secure%20Steganography%20in%20Practice%20Based%20on%20%E2%80%9CDistribution%20Copies%E2%80%9Dhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Discop:%20Provably%20Secure%20Steganography%20in%20Practice%20Based%20on%20%E2%80%9CDistribution%20Copies%E2%80%9DSat, 31 Dec 2022 16:00:00 GMTJinyang Ding ( University of Science and Technology of China, China ), Kejiang Chen ( University of Science and Technology of China, China ), Yaofei Wang ( Hefei University of Technology, China ), Na Zhao ( University of Science and Technology of China, China ), Weiming Zhang ( University of Science and Technology of China, China ), Nenghai Yu ( University of Science and Technology of China, China )SQUIP: Exploiting the Scheduler Queue Contention Side Channelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20Channelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SQUIP:%20Exploiting%20the%20Scheduler%20Queue%20Contention%20Side%20ChannelSat, 31 Dec 2022 16:00:00 GMTStefan Gast ( Lamarr Security Research, Graz University of Technology ), Jonas Juffinger ( Lamarr Security Research, Graz University of Technology ), Martin Schwarzl ( Graz University of Technology ), Gururaj Saileshwar ( Georgia Institute of Technology ), Andreas Kogler ( Graz University of Technology ), Simone Franza ( Graz University of Technology ), Markus Köstl ( Graz University of Technology ), Daniel Gruss ( Lamarr Security Research, Graz University of Technology )Scatter and Split Securely: Defeating Cache Contention and Occupancy Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scatter%20and%20Split%20Securely:%20Defeating%20Cache%20Contention%20and%20Occupancy%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Scatter%20and%20Split%20Securely:%20Defeating%20Cache%20Contention%20and%20Occupancy%20AttacksSat, 31 Dec 2022 16:00:00 GMTLukas Giner ( Graz University of Technology, Austria ), Stefan Steinegger ( Graz University of Technology, Austria ), Antoon Purnal ( Ku Leuven, Belgium ), Maria Eichlseder ( Graz University of Technology, Austria ), Thomas Unterluggauer ( Intel Corporation ), Stefan Mangard ( Graz University of Technology, Austria ), Daniel Gruss ( Graz University of Technology, Austria )DevIOus: Device-Driven Side-Channel Attacks on the IOMMUhttps://www.ieee-security.org/TC/SP2023/program-papers.html#DevIOus:%20Device-Driven%20Side-Channel%20Attacks%20on%20the%20IOMMUhttps://www.ieee-security.org/TC/SP2023/program-papers.html#DevIOus:%20Device-Driven%20Side-Channel%20Attacks%20on%20the%20IOMMUSat, 31 Dec 2022 16:00:00 GMTTaehun Kim ( Korea University, Republic of Korea ), Hyeongjin Park ( Korea University, Republic of Korea ), Seokmin Lee ( Korea University, Republic of Korea ), Seunghee Shin ( The State University of New York at Binghamton, USA ), Junbeom Hur ( Korea University, Republic of Korea ), Youngjoo Shin ( Korea University, Republic of Korea )TBDhttps://www.ieee-security.org/TC/SP2023/program-papers.html#TBDhttps://www.ieee-security.org/TC/SP2023/program-papers.html#TBDSat, 31 Dec 2022 16:00:00 GMTA Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUshttps://www.ieee-security.org/TC/SP2023/program-papers.html#A%20Security%20RISC:%20Microarchitectural%20Attacks%20on%20Hardware%20RISC-V%20CPUshttps://www.ieee-security.org/TC/SP2023/program-papers.html#A%20Security%20RISC:%20Microarchitectural%20Attacks%20on%20Hardware%20RISC-V%20CPUsSat, 31 Dec 2022 16:00:00 GMTLukas Gerlach ( CISPA Helmholtz Center for Information Security ), Daniel Weber ( CISPA Helmholtz Center for Information Security ), Ruiyi Zhang ( CISPA Helmholtz Center for Information Security ), Michael Schwarz ( CISPA Helmholtz Center for Information Security )Examining Zero-Shot Vulnerability Repair with Large Language Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20Modelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Examining%20Zero-Shot%20Vulnerability%20Repair%20with%20Large%20Language%20ModelsSat, 31 Dec 2022 16:00:00 GMTHammond Pearce ( New York University ), Benjamin Tan ( University of Calgary ), Baleegh Ahmad ( New York University ), Ramesh Karri ( New York University ), Brendan Dolan-Gavitt ( New York University )Callee: Recovering Call Graphs for Binaries with Transfer and Contrastive Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Callee:%20Recovering%20Call%20Graphs%20for%20Binaries%20with%20Transfer%20and%20Contrastive%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Callee:%20Recovering%20Call%20Graphs%20for%20Binaries%20with%20Transfer%20and%20Contrastive%20LearningSat, 31 Dec 2022 16:00:00 GMTWenyu Zhu ( Tsinghua University & BNRist, China ), Zhiyao Feng ( Tsinghua University & BNRist, China ), Zihan Zhang ( Tsinghua University & BNRist, China ), Jianjun Chen ( Tsinghua University & Zhongguancun Laboratory, China ), Zhijian Ou ( Tsinghua University, China ), Min Yang ( Fudan University, China ), Chao Zhang ( Tsinghua University & BNRist & Zhongguancun Laboratory, China )XFL: Naming Functions in Binaries with Extreme Multi-label Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#XFL:%20Naming%20Functions%20in%20Binaries%20with%20Extreme%20Multi-label%20Learninghttps://www.ieee-security.org/TC/SP2023/program-papers.html#XFL:%20Naming%20Functions%20in%20Binaries%20with%20Extreme%20Multi-label%20LearningSat, 31 Dec 2022 16:00:00 GMTJames Patrick-Evans ( Royal Holloway, University of London ), Moritz Dannehl ( Bundeswehr University Munich ), Johannes Kinder ( Bundeswehr University Munich )D-ARM: Disassembling ARM Binaries by Lightweight Superset Instruction Interpretation and Graph Modelinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20Modelinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#D-ARM:%20Disassembling%20ARM%20Binaries%20by%20Lightweight%20Superset%20Instruction%20Interpretation%20and%20Graph%20ModelingSat, 31 Dec 2022 16:00:00 GMTYapeng Ye ( Purdue University, USA ), Zhuo Zhang ( Purdue University, USA ), Qingkai Shi ( Purdue University, USA ), Yousra Aafer ( University of Waterloo, Canada ), Xiangyu Zhang ( Purdue University, USA )GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semanticshttps://www.ieee-security.org/TC/SP2023/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20Semanticshttps://www.ieee-security.org/TC/SP2023/program-papers.html#GraphSPD:%20Graph-Based%20Security%20Patch%20Detection%20with%20Enriched%20Code%20SemanticsSat, 31 Dec 2022 16:00:00 GMTShu Wang ( George Mason University, USA ), Xinda Wang ( George Mason University, USA ), Kun Sun ( George Mason University, USA ), Sushil Jajodia ( George Mason University, USA ), Haining Wang ( Virginia Tech, USA ), Qi Li ( Tsinghua University, China )Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Effective%20ReDoS%20Detection%20by%20Principled%20Vulnerability%20Modeling%20and%20Exploit%20Generationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Effective%20ReDoS%20Detection%20by%20Principled%20Vulnerability%20Modeling%20and%20Exploit%20GenerationSat, 31 Dec 2022 16:00:00 GMTXinyi Wang ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Cen Zhang ( Nanyang Technological University ), Yeting Li ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Zhiwu Xu ( Shenzhen University ), Shuailin Huang ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Yi Liu ( Nanyang Technological University ), Yican Yao ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Yang Xiao ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Yanyan Zou ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Yang Liu ( Institute of Information Engineering, Chinese Academy of Sciences, China ), Wei Huo ( Institute of Information Engineering, Chinese Academy of Sciences, China )SoK: Decentralized Finance (DeFi) Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Decentralized%20Finance%20(DeFi)%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20Decentralized%20Finance%20(DeFi)%20AttacksSat, 31 Dec 2022 16:00:00 GMTLiyi Zhou ( Imperial College London ), Xihan Xiong ( Imperial College London ), Jens Ernstberger ( Technical University of Munich ), Stefanos Chaliasos ( Imperial College London ), Zhipeng Wang ( Imperial College London ), Ye Wang ( University of Macau ), Kaihua Qin ( Imperial College London ), Roger Wattenhofer ( ETH Zurich ), Dawn Song ( UC Berkeley ), Arthur Gervais ( University College London )BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amountshttps://www.ieee-security.org/TC/SP2023/program-papers.html#BlindHub:%20Bitcoin-Compatible%20Privacy-Preserving%20Payment%20Channel%20Hubs%20Supporting%20Variable%20Amountshttps://www.ieee-security.org/TC/SP2023/program-papers.html#BlindHub:%20Bitcoin-Compatible%20Privacy-Preserving%20Payment%20Channel%20Hubs%20Supporting%20Variable%20AmountsSat, 31 Dec 2022 16:00:00 GMTXianrui Qin ( The University of Hong Kong ), Shimin Pan ( The University of Hong Kong ), Arash Mirzaei ( Monash University ), Zhimei Sui ( Monash University ), Oguzhan Ersoy ( Radboud University and Delft University of Technology ), Amin Sakzad ( Monash University ), Muhammed Esgin ( Monash University and CSIRO’s Data61 ), Joseph K. Liu ( Monash University ), Jiangshan Yu ( Monash University ), Tsz Hon Yuen ( The University of Hong Kong )Optimistic Fast Confirmation While Tolerating Malicious Majority in Blockchainshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Optimistic%20Fast%20Confirmation%20While%20Tolerating%20Malicious%20Majority%20in%20Blockchainshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Optimistic%20Fast%20Confirmation%20While%20Tolerating%20Malicious%20Majority%20in%20BlockchainsSat, 31 Dec 2022 16:00:00 GMTRuomu Hou ( National University of Singapore ), Haifeng Yu ( National University of Singapore )Clockwork Finance: Automated Analysis of Economic Security in Smart Contractshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Clockwork%20Finance:%20Automated%20Analysis%20of%20Economic%20Security%20in%20Smart%20ContractsSat, 31 Dec 2022 16:00:00 GMTKushal Babel ( Cornell Tech ), Philip Daian ( Cornell Tech ), Mahimna Kelkar ( Cornell Tech ), Ari Juels ( Cornell Tech )Tyr: Finding Consensus Failure Bugs in Blockchain System with Behaviour Divergent Modelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Tyr:%20Finding%20Consensus%20Failure%20Bugs%20in%20Blockchain%20System%20with%20Behaviour%20Divergent%20Modelhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Tyr:%20Finding%20Consensus%20Failure%20Bugs%20in%20Blockchain%20System%20with%20Behaviour%20Divergent%20ModelSat, 31 Dec 2022 16:00:00 GMTYuanliang Chen ( Tsinghua University ), Fuchen Ma ( Tsinghua University ), Yuanhang Zhou ( Tsinghua University ), Yu Jiang ( Tsinghua University ), Ting Chen ( University of Electronic Science and Technology of China ), Jiaguang Sun ( Tsinghua University )Leaking Arbitrarily Many Secrets: Any-out-of-Many Proofs and Applications to RingCT Protocolshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Leaking%20Arbitrarily%20Many%20Secrets:%20Any-out-of-Many%20Proofs%20and%20Applications%20to%20RingCT%20Protocolshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Leaking%20Arbitrarily%20Many%20Secrets:%20Any-out-of-Many%20Proofs%20and%20Applications%20to%20RingCT%20ProtocolsSat, 31 Dec 2022 16:00:00 GMTTianyu Zheng ( The Hong Kong Polytechnic University ), Shang Gao ( The Hong Kong Polytechnic University ), Yubo Song ( Southeast University ), Bin Xiao ( The Hong Kong Polytechnic University )Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet wormshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Could%20you%20clean%20up%20the%20Internet%20with%20a%20Pit%20of%20Tar?%20Investigating%20tarpit%20feasibility%20on%20Internet%20wormsSat, 31 Dec 2022 16:00:00 GMTHarm Griffioen ( Hasso Plattner Institute for Digital Engineering, University of Potsdam ), Christian Doerr ( Hasso Plattner Institute for Digital Engineering, University of Potsdam )Beyond Phish: Toward Detecting Fraudulent e-Commerce Websites at Scalehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Beyond%20Phish:%20Toward%20Detecting%20Fraudulent%20e-Commerce%20Websites%20at%20Scalehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Beyond%20Phish:%20Toward%20Detecting%20Fraudulent%20e-Commerce%20Websites%20at%20ScaleSat, 31 Dec 2022 16:00:00 GMTMarzieh Bitaab ( Arizona State University ), Haehyun Cho ( Soongsil University ), Adam Oest ( PayPal, Inc. ), Zhuoer Lyu ( Arizona State University ), Wei Wang ( Palo Alto Networks ), Jorij Abraham ( Scam Adviser ), Ruoyu Wang ( Arizona State University ), Tiffany Bao ( Arizona State University ), Yan Shoshitaishvili ( Arizona State University ), Adam Doupé ( Arizona State University )Limits of I/O Based Ransomware Detection: An Imitation Based Attackhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Limits%20of%20I/O%20Based%20Ransomware%20Detection:%20An%20Imitation%20Based%20Attackhttps://www.ieee-security.org/TC/SP2023/program-papers.html#Limits%20of%20I/O%20Based%20Ransomware%20Detection:%20An%20Imitation%20Based%20AttackSat, 31 Dec 2022 16:00:00 GMTChijin Zhou ( Tsinghua University, China ), Lihua Guo ( Tsinghua University, China ), Yiwei Hou ( Tsinghua University, China ), Zhenya Ma ( Tsinghua University, China ), Quan Zhang ( Tsinghua University, China ), Mingzhe Wang ( Tsinghua University, China ), Zhe Liu ( Nanjing University of Aeronautics and Astronautics, China ), Yu Jiang ( Tsinghua University, China )From Grim Reality to Practical Solution: Malware Classification in Real-World Noisehttps://www.ieee-security.org/TC/SP2023/program-papers.html#From%20Grim%20Reality%20to%20Practical%20Solution:%20Malware%20Classification%20in%20Real-World%20Noisehttps://www.ieee-security.org/TC/SP2023/program-papers.html#From%20Grim%20Reality%20to%20Practical%20Solution:%20Malware%20Classification%20in%20Real-World%20NoiseSat, 31 Dec 2022 16:00:00 GMTXian Wu ( Northwestern University ), Wenbo Guo ( UC Berkeley ), Jia Yan ( Penn State ), Baris Coskun ( AWS ), Xinyu Xing ( Northwestern University )SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusionshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20Intrusionshttps://www.ieee-security.org/TC/SP2023/program-papers.html#SoK:%20History%20is%20a%20Vast%20Early%20Warning%20System:%20Auditing%20the%20Provenance%20of%20System%20IntrusionsSat, 31 Dec 2022 16:00:00 GMTMuhammad Adil Inam ( University of Illinois at Urbana-Champaign ), Yinfang Chen ( University of Illinois at Urbana-Champaign ), Akul Goyal ( University of Illinois at Urbana-Champaign ), Jason Liu ( University of Illinois at Urbana-Champaign ), Jaron Mink ( University of Illinois at Urbana-Champaign ), Noor Michael ( University of Illinois at Urbana-Champaign ), Sneha Gaur ( University of Illinois at Urbana-Champaign ), Adam Bates ( University of Illinois at Urbana-Champaign ), Wajih Ul Hassan ( University of Virginia )Collaborative Ad Transparency: Promises and Limitationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Collaborative%20Ad%20Transparency:%20Promises%20and%20Limitationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Collaborative%20Ad%20Transparency:%20Promises%20and%20LimitationsSat, 31 Dec 2022 16:00:00 GMTEleni Gkiouzepi ( Technical University of Berlin, Germany ), Athanasios Andreou ( Algorithmic Transparency Institute, USA ), Oana Goga ( CNRS, Inria, Institut Polytechnique de Paris, France ), Patrick Loiseau ( Inria, FairPlay team, France )Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Toss%20a%20Fault%20to%20Your%20Witcher:%20Applying%20Grey-box%20Coverage-Guided%20Mutational%20Fuzzing%20to%20Detect%20SQL%20and%20Command%20Injection%20VulnerabilitiesSat, 31 Dec 2022 16:00:00 GMTErik Trickel ( Arizona State University ), Fabio Pagani ( UC Santa Barbara ), Chang Zhu ( Arizona State University ), Lukas Dresel ( UC Santa Barbara ), Giovanni Vigna ( UC Santa Barbara ), Christopher Kruegel ( UC Santa Barbara ), Ruoyu Wang ( Arizona State University ), Tiffany Bao ( Arizona State University ), Yan Shoshitaishvili ( Arizona State University ), Adam Doupe ( Arizona State University )UTOPIA: Automatic Generation of Fuzz Driver using Unit Testshttps://www.ieee-security.org/TC/SP2023/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20Testshttps://www.ieee-security.org/TC/SP2023/program-papers.html#UTOPIA:%20Automatic%20Generation%20of%20Fuzz%20Driver%20using%20Unit%20TestsSat, 31 Dec 2022 16:00:00 GMTBokdeuk Jeong ( Samsung Research, Republic of Korea ), Joonun Jang ( Samsung Research, Republic of Korea ), Hayoon Yi ( Samsung Research, Republic of Korea ), Jiin Moon ( Samsung Research, Republic of Korea ), Junsik Kim ( Samsung Research, Republic of Korea ), Intae Jeon ( Samsung Research, Republic of Korea ), Taesoo Kim ( Samsung Research, Republic of Korea; Georgia Institute of Technology, USA ), WooChul Shim ( Samsung Research, Republic of Korea ), Yong Ho Hwang ( Samsung Research, Republic of Korea )SelectFuzz: Efficient Directed Fuzzing with Selective Path Explorationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SelectFuzz:%20Efficient%20Directed%20Fuzzing%20with%20Selective%20Path%20Explorationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#SelectFuzz:%20Efficient%20Directed%20Fuzzing%20with%20Selective%20Path%20ExplorationSat, 31 Dec 2022 16:00:00 GMTChanghua Luo ( Chinese University of Hong Kong ), Wei Meng ( Chinese University of Hong Kong ), Penghui Li ( Chinese University of Hong Kong )Finding Specification Blind Spots via Fuzz Testinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Finding%20Specification%20Blind%20Spots%20via%20Fuzz%20Testinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Finding%20Specification%20Blind%20Spots%20via%20Fuzz%20TestingSat, 31 Dec 2022 16:00:00 GMTRu Ji ( University of Waterloo ), Meng Xu ( University of Waterloo )ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#ODDFUZZ:%20Discovering%20Java%20Deserialization%20Vulnerabilities%20via%20Structure-Aware%20Directed%20Greybox%20Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#ODDFUZZ:%20Discovering%20Java%20Deserialization%20Vulnerabilities%20via%20Structure-Aware%20Directed%20Greybox%20FuzzingSat, 31 Dec 2022 16:00:00 GMTSicong Cao ( Yangzhou University, China ), Biao He ( Ant Group, China ), Xiaobing Sun ( Yangzhou University, China ), Yu Ouyang ( Ant Group, China ), Chao Zhang ( Tsinghua University, China ), Xiaoxue Wu ( Yangzhou University, China ), Ting Su ( East China Normal University ), Lili Bo ( Yangzhou University, China ), Bin Li ( Yangzhou University, China ), Chuanlei Ma ( Ant Group, China ), Jiajia Li ( Ant Group, China )The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Webhttps://www.ieee-security.org/TC/SP2023/program-papers.html#The%20Leaky%20Web:%20Automated%20Discovery%20of%20Cross-Site%20Information%20Leaks%20in%20Browsers%20and%20the%20Webhttps://www.ieee-security.org/TC/SP2023/program-papers.html#The%20Leaky%20Web:%20Automated%20Discovery%20of%20Cross-Site%20Information%20Leaks%20in%20Browsers%20and%20the%20WebSat, 31 Dec 2022 16:00:00 GMTJannis Rautenstrauch ( CISPA Helmholtz Center for Information Security, Germany ), Giancarlo Pellegrino ( CISPA Helmholtz Center for Information Security, Germany ), Ben Stock ( CISPA Helmholtz Center for Information Security, Germany )WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanismshttps://www.ieee-security.org/TC/SP2023/program-papers.html#WebSpec:%20Towards%20Machine-Checked%20Analysis%20of%20Browser%20Security%20Mechanismshttps://www.ieee-security.org/TC/SP2023/program-papers.html#WebSpec:%20Towards%20Machine-Checked%20Analysis%20of%20Browser%20Security%20MechanismsSat, 31 Dec 2022 16:00:00 GMTLorenzo Veronese ( TU Wien ), Benjamin Farinier ( Univ Rennes, Inria, CNRS, IRISA ), Pedro Bernardo ( TU Wien ), Mauro Tempesta ( TU Wien ), Marco Squarcina ( TU Wien ), Matteo Maffei ( TU Wien )Detection of Inconsistencies in Privacy Practices of Browser Extensionshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20Extensionshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Detection%20of%20Inconsistencies%20in%20Privacy%20Practices%20of%20Browser%20ExtensionsSat, 31 Dec 2022 16:00:00 GMTDuc Bui ( University of Michigan, United States of America ), Brian Tang ( University of Michigan, United States of America ), Kang G. Shin ( University of Michigan, United States of America )TeSec: Accurate Server-side Attack Investigation for Web Applicationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TeSec:%20Accurate%20Server-side%20Attack%20Investigation%20for%20Web%20Applicationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#TeSec:%20Accurate%20Server-side%20Attack%20Investigation%20for%20Web%20ApplicationsSat, 31 Dec 2022 16:00:00 GMTRuihua Wang ( KLISS, TNList, School of Software, Tsinghua University ), Yihao Peng ( KLISS, TNList, School of Software, Tsinghua University ), Yilun Sun ( KLISS, TNList, School of Software, Tsinghua University ), Xuancheng Zhang ( KLISS, TNList, School of Software, Tsinghua University ), Hai Wan ( KLISS, TNList, School of Software, Tsinghua University ), Xibin Zhao ( KLISS, TNList, School of Software, Tsinghua University )RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#RuleKeeper:%20GDPR-Aware%20Personal%20Data%20Compliance%20for%20Web%20Frameworkshttps://www.ieee-security.org/TC/SP2023/program-papers.html#RuleKeeper:%20GDPR-Aware%20Personal%20Data%20Compliance%20for%20Web%20FrameworksSat, 31 Dec 2022 16:00:00 GMTMafalda Ferreira ( INESC-ID / Instituto Superior Técnico, Universidade de Lisboa ), Tiago Brito ( INESC-ID / Instituto Superior Técnico, Universidade de Lisboa ), José Fragoso Santos ( INESC-ID / Instituto Superior Técnico, Universidade de Lisboa ), Nuno Santos ( INESC-ID / Instituto Superior Técnico, Universidade de Lisboa )Characterizing Everyday Misuse of Smart Home Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Characterizing%20Everyday%20Misuse%20of%20Smart%20Home%20Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Characterizing%20Everyday%20Misuse%20of%20Smart%20Home%20DevicesSat, 31 Dec 2022 16:00:00 GMTPhoebe Moh ( University of Maryland, United States ), Pubali Datta ( University of Illinois Urbana-Champaign, United States ), Noel Warford ( University of Maryland, United States ), Adam Bates ( University of Illinois Urbana-Champaign, United States ), Nathan Malkin ( University of Maryland, United States ), Michelle Mazurek ( University of Maryland, United States )It's up to the Consumer to be Smart: Understanding the Security and Privacy Attitudes of Smart Home Users on Reddithttps://www.ieee-security.org/TC/SP2023/program-papers.html#It's%20up%20to%20the%20Consumer%20to%20be%20Smart:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20Reddithttps://www.ieee-security.org/TC/SP2023/program-papers.html#It's%20up%20to%20the%20Consumer%20to%20be%20Smart:%20Understanding%20the%20Security%20and%20Privacy%20Attitudes%20of%20Smart%20Home%20Users%20on%20RedditSat, 31 Dec 2022 16:00:00 GMTJingjie Li ( University of Wisconsin-Madison, USA ), Kaiwen Sun ( University of Michigan, USA ), Brittany Skye Huff ( University of Wisconsin-Madison, USA ), Anna Marie Bierley ( University of Wisconsin-Madison, USA ), Younghyun Kim ( University of Wisconsin-Madison, USA ), Florian Schaub ( University of Michigan, USA ), Kassem Fawaz ( University of Wisconsin-Madison, USA )User Perceptions and Experiences with Smart Home Updateshttps://www.ieee-security.org/TC/SP2023/program-papers.html#User%20Perceptions%20and%20Experiences%20with%20Smart%20Home%20Updateshttps://www.ieee-security.org/TC/SP2023/program-papers.html#User%20Perceptions%20and%20Experiences%20with%20Smart%20Home%20UpdatesSat, 31 Dec 2022 16:00:00 GMTJulie Haney ( National Institute of Standards and Technology ), Susanne Furman ( 0000−0002−6017−9693 )Design and Evaluation of Inclusive Email Security Indicators for People with Visual Impairmentshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Design%20and%20Evaluation%20of%20Inclusive%20Email%20Security%20Indicators%20for%20People%20with%20Visual%20Impairmentshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Design%20and%20Evaluation%20of%20Inclusive%20Email%20Security%20Indicators%20for%20People%20with%20Visual%20ImpairmentsSat, 31 Dec 2022 16:00:00 GMTYaman Yu ( University of Illinois at Urbana-Champaign, USA ), Saidivya Ashok ( University of Illinois at Urbana-Champaign / CMU, USA ), Smirity Kaushi ( University of Illinois at Urbana-Champaign, USA ), Yang Wang ( University of Illinois at Urbana-Champaign, USA ), Gang Wang ( University of Illinois at Urbana-Champaign, USA )When and Why Do People Want Ad Targeting Explanations? Evidence from a Four-Week, Mixed-Methods Field Studyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#When%20and%20Why%20Do%20People%20Want%20Ad%20Targeting%20Explanations?%20Evidence%20from%20a%20Four-Week,%20Mixed-Methods%20Field%20Studyhttps://www.ieee-security.org/TC/SP2023/program-papers.html#When%20and%20Why%20Do%20People%20Want%20Ad%20Targeting%20Explanations?%20Evidence%20from%20a%20Four-Week,%20Mixed-Methods%20Field%20StudySat, 31 Dec 2022 16:00:00 GMTHao-Ping Lee ( Carnegie Mellon University, United States ), Jacob Logas ( Georgia Institute of Technology, United States ), Stephanie Yang ( Georgia Institute of Technology, United States ), Zhouyu Li ( North Carolina State University, United States ), Natã Barbosa ( University of Illinois at Urbana-Champaign, United States ), Yang Wang ( University of Illinois at Urbana-Champaign, United States ), Sauvik Das ( Carnegie Mellon University, United States )SecureCells: A Secure Compartmentalized Architecturehttps://www.ieee-security.org/TC/SP2023/program-papers.html#SecureCells:%20A%20Secure%20Compartmentalized%20Architecturehttps://www.ieee-security.org/TC/SP2023/program-papers.html#SecureCells:%20A%20Secure%20Compartmentalized%20ArchitectureSat, 31 Dec 2022 16:00:00 GMTAtri Bhattacharyya ( EPFL ), Florian Hofhammer ( EPFL ), Yuanlong Li ( EPFL ), Siddharth Gupta ( EPFL ), Andres Sanchez ( EPFL ), Babak Falsafi ( EPFL ), Mathias Payer ( EPFL )WaVe: A Verifiably Secure WebAssembly Sandboxing Runtimehttps://www.ieee-security.org/TC/SP2023/program-papers.html#WaVe:%20A%20Verifiably%20Secure%20WebAssembly%20Sandboxing%20Runtimehttps://www.ieee-security.org/TC/SP2023/program-papers.html#WaVe:%20A%20Verifiably%20Secure%20WebAssembly%20Sandboxing%20RuntimeSat, 31 Dec 2022 16:00:00 GMTEvan Johnson ( UC San Diego, USA ), Evan Laufer ( Stanford, USA ), Zijie Zhao ( UIUC, USA ), Dan Gohman ( Fastly Labs, USA ), Shravan Narayan ( UC San Diego, USA ), Stefan Savage ( UC San Diego, USA ), Deian Stefan ( UC San Diego, USA ), Fraser Brown ( Carnegie Mellon University, USA )uSWITCH: Fast Kernel Context Isolation with Implicit Context Switcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#uSWITCH:%20Fast%20Kernel%20Context%20Isolation%20with%20Implicit%20Context%20Switcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#uSWITCH:%20Fast%20Kernel%20Context%20Isolation%20with%20Implicit%20Context%20SwitchesSat, 31 Dec 2022 16:00:00 GMTDinglan Peng ( Purdue University ), Congyu Liu ( Purdue University ), Tapti Palit ( Purdue University ), Pedro Fonseca ( Purdue University ), Anjo Vahldiek-Oberwagner ( Intel Labs ), Mona Vij ( Intel Labs )Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecturehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Control%20Flow%20and%20Pointer%20Integrity%20Enforcement%20in%20a%20Secure%20Tagged%20Architecturehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Control%20Flow%20and%20Pointer%20Integrity%20Enforcement%20in%20a%20Secure%20Tagged%20ArchitectureSat, 31 Dec 2022 16:00:00 GMTRavi Theja Gollapudi ( State University of New York at Binghamton ), Gokturk Yuksek ( State University of New York at Binghamton ), David Demicco ( State University of New York at Binghamton ), Matthew Cole ( State University of New York at Binghamton ), Gaurav N Kothari ( State University of New York at Binghamton ), Rohit H Kulkarni ( State University of New York at Binghamton ), Xin Zhang ( State University of New York at Binghamton ), Kanad Ghose ( State University of New York at Binghamton ), Aravind Prakash ( State University of New York at Binghamton ), Zerksis Umrigar ( State University of New York at Binghamton )EC: Embedded Systems Compartmentalization via Intra-Kernel Isolationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#EC:%20Embedded%20Systems%20Compartmentalization%20via%20Intra-Kernel%20Isolationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#EC:%20Embedded%20Systems%20Compartmentalization%20via%20Intra-Kernel%20IsolationSat, 31 Dec 2022 16:00:00 GMTArslan Khan ( Purdue University ), Dongyan Xu ( Purdue University ), Dave Tian ( Purdue University )Low-Cost Privilege Separation with Compile Time Compartmentalization for Embedded Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Low-Cost%20Privilege%20Separation%20with%20Compile%20Time%20Compartmentalization%20for%20Embedded%20Systemshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Low-Cost%20Privilege%20Separation%20with%20Compile%20Time%20Compartmentalization%20for%20Embedded%20SystemsSat, 31 Dec 2022 16:00:00 GMTArslan Khan ( Purdue University ), Dongyan Xu ( Purdue University ), Dave Tian ( Purdue University )One Key to Rule Them All: Secure Group Pairing for Heterogeneous IoT Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#One%20Key%20to%20Rule%20Them%20All:%20Secure%20Group%20Pairing%20for%20Heterogeneous%20IoT%20Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#One%20Key%20to%20Rule%20Them%20All:%20Secure%20Group%20Pairing%20for%20Heterogeneous%20IoT%20DevicesSat, 31 Dec 2022 16:00:00 GMTHabiba Farrukh ( Purdue University, United States ), Muslum Ozgur Ozmen ( Purdue University, United States ), Faik Kerem Ors ( Purdue University, United States ), Z. Berkay Celik ( Purdue University, United States )Optimistic Access Control for the Smart Homehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Optimistic%20Access%20Control%20for%20the%20Smart%20Homehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Optimistic%20Access%20Control%20for%20the%20Smart%20HomeSat, 31 Dec 2022 16:00:00 GMTNathan Malkin ( University of Maryland ), Alan F. Luo ( University of Maryland ), Julio Poveda ( University of Maryland ), Michelle L. Mazurek ( University of Maryland )Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguardshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Protected%20or%20Porous:%20A%20Comparative%20Analysis%20of%20Threat%20Detection%20Capability%20of%20IoT%20Safeguardshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Protected%20or%20Porous:%20A%20Comparative%20Analysis%20of%20Threat%20Detection%20Capability%20of%20IoT%20SafeguardsSat, 31 Dec 2022 16:00:00 GMTAnna Maria Mandalari ( University College London, UK ), Hamed Haddadi ( Imperial College London, UK ), Daniel J. Dubois ( Northeastern University, US ), David Choffnes ( Northeastern University, US )LazyTAP: On-Demand Data Minimization for Trigger-Action Applicationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#LazyTAP:%20On-Demand%20Data%20Minimization%20for%20Trigger-Action%20Applicationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#LazyTAP:%20On-Demand%20Data%20Minimization%20for%20Trigger-Action%20ApplicationsSat, 31 Dec 2022 16:00:00 GMTMohammad M. Ahmadpanah ( Chalmers University of Technology, Sweden ), Daniel Hedin ( Chalmers University of Technology and Mälardalen University, Sweden ), Andrei Sabelfeld ( Chalmers University of Technology, Sweden )Blue's Clues: Practical Discovery of Non-Discoverable Bluetooth Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Blue's%20Clues:%20Practical%20Discovery%20of%20Non-Discoverable%20Bluetooth%20DevicesSat, 31 Dec 2022 16:00:00 GMTTyler Tucker ( University of Florida ), Hunter Searle ( University of Florida ), Kevin Butler ( University of Florida ), Patrick Traynor ( University of Florida )DeHiREC: Detecting Hidden Voice Recorders via ADC Electromagnetic Radiationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20Radiationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#DeHiREC:%20Detecting%20Hidden%20Voice%20Recorders%20via%20ADC%20Electromagnetic%20RadiationSat, 31 Dec 2022 16:00:00 GMTRuochen Zhou ( Zhejiang University ), Xiaoyu Ji ( Zhejiang University ), Chen Yan ( Zhejiang University ), Yi-Chao Chen ( Shanghai Jiao Tong University; Microsoft Research Asia ), Wenyuan Xu ( Zhejiang University ), Chaohao Li ( Zhejiang University )IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20Geolocationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#IPvSeeYou:%20Exploiting%20Leaked%20Identifiers%20in%20IPv6%20for%20Street-Level%20GeolocationSat, 31 Dec 2022 16:00:00 GMTErik Rye ( University of Maryland ), Robert Beverly ( CMAND )From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengershttps://www.ieee-security.org/TC/SP2023/program-papers.html#From%205G%20Sniffing%20to%20Harvesting%20Leakages%20of%20Privacy-Preserving%20Messengershttps://www.ieee-security.org/TC/SP2023/program-papers.html#From%205G%20Sniffing%20to%20Harvesting%20Leakages%20of%20Privacy-Preserving%20MessengersSat, 31 Dec 2022 16:00:00 GMTNorbert Ludant ( Northeastern University, USA ), Pieter Robyns ( Hasselt University - tUL - EDM and Belgian Cyber Command, Belgium ), Guevara Noubir ( Northeastern University, USA )Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirectshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20Redirectshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Man-in-the-Middle%20Attacks%20without%20Rogue%20AP:%20When%20WPAs%20Meet%20ICMP%20RedirectsSat, 31 Dec 2022 16:00:00 GMTXuewei Feng ( Tsinghua University, China ), Qi Li ( Tsinghua University and Zhongguancun Lab, China ), Kun Sun ( George Mason University, USA ), Yuxiang Yang ( Tsinghua University ), Ke Xu ( Tsinghua University and Zhongguancun Lab, China )Mew: Enabling Large-Scale and Dynamic Link-Flooding Defenses on Programmable Switcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Mew:%20Enabling%20Large-Scale%20and%20Dynamic%20Link-Flooding%20Defenses%20on%20Programmable%20Switcheshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Mew:%20Enabling%20Large-Scale%20and%20Dynamic%20Link-Flooding%20Defenses%20on%20Programmable%20SwitchesSat, 31 Dec 2022 16:00:00 GMTHuancheng Zhou ( Texas A&M University ), Sungmin Hong ( Texas A&M University ), Yangyang Liu ( The Hong Kong Polytechnic University ), Xiapu Luo ( The Hong Kong Polytechnic University ), Weichao Li ( Peng Cheng Laboratory ), Guofei Gu ( Texas A&M University )PCspooF: Compromising the Safety of Time-Triggered Ethernethttps://www.ieee-security.org/TC/SP2023/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20Ethernethttps://www.ieee-security.org/TC/SP2023/program-papers.html#PCspooF:%20Compromising%20the%20Safety%20of%20Time-Triggered%20EthernetSat, 31 Dec 2022 16:00:00 GMTAndrew Loveless ( University of Michigan; NASA Johnson Space Center ), Linh Thi Xuan Phan ( University of Pennsylvania ), Ronald Dreslinski ( University of Michigan ), Baris Kasikci ( University of Michigan )BLEDiff : Scalable and Property-Agnostic Noncompliance Checking for BLE Implementationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#BLEDiff%20:%20Scalable%20and%20Property-Agnostic%20Noncompliance%20Checking%20for%20BLE%20Implementationshttps://www.ieee-security.org/TC/SP2023/program-papers.html#BLEDiff%20:%20Scalable%20and%20Property-Agnostic%20Noncompliance%20Checking%20for%20BLE%20ImplementationsSat, 31 Dec 2022 16:00:00 GMTImtiaz Karim ( Purdue University ), Abdullah Al Ishtiaq ( Pennsylvania State University ), Syed Rafiul Hussain ( Pennsylvania State University ), Elisa Bertino ( Purdue University )VIDEZZO: Dependency-aware Virtual Device Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#VIDEZZO:%20Dependency-aware%20Virtual%20Device%20Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#VIDEZZO:%20Dependency-aware%20Virtual%20Device%20FuzzingSat, 31 Dec 2022 16:00:00 GMTQiang Liu ( Zhejiang University, China; EPFL, Switzerland ), Flavio Toffalini ( EPFL, Switzerland ), Yajin Zhou ( Zhejiang University, China ), Mathias Payer ( EPFL, Switzerland )DEVFUZZ: Automatic Device Model-Guided Device Driver Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#DEVFUZZ:%20Automatic%20Device%20Model-Guided%20Device%20Driver%20Fuzzinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#DEVFUZZ:%20Automatic%20Device%20Model-Guided%20Device%20Driver%20FuzzingSat, 31 Dec 2022 16:00:00 GMTYilun Wu ( Stony Brook University ), Tong Zhang ( Samsung Electronics ), Changhee Jung ( Purdue University ), Dongyoon Lee ( Stony Brook University )SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivershttps://www.ieee-security.org/TC/SP2023/program-papers.html#SyzDescribe:%20Principled,%20Automated,%20Static%20Generation%20of%20Syscall%20Descriptions%20for%20Kernel%20Drivershttps://www.ieee-security.org/TC/SP2023/program-papers.html#SyzDescribe:%20Principled,%20Automated,%20Static%20Generation%20of%20Syscall%20Descriptions%20for%20Kernel%20DriversSat, 31 Dec 2022 16:00:00 GMTYu Hao ( University of California, Riverside ), Guoren Li ( University of California, Riverside ), Xiaochen Zou ( University of California, Riverside ), Weiteng Chen ( University of California, Riverside ), Shitong Zhu ( University of California, Riverside ), Zhiyun Qian ( University of California, Riverside ), Ardalan Amiri Sani ( University of California, Irvine )QueryX: Symbolic Query on Decompiled Code for Finding Bugs in COTS Binarieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#QueryX:%20Symbolic%20Query%20on%20Decompiled%20Code%20for%20Finding%20Bugs%20in%20COTS%20Binarieshttps://www.ieee-security.org/TC/SP2023/program-papers.html#QueryX:%20Symbolic%20Query%20on%20Decompiled%20Code%20for%20Finding%20Bugs%20in%20COTS%20BinariesSat, 31 Dec 2022 16:00:00 GMTHyungSeok Han ( Theori Inc., KAIST ), JeongOh Kyea ( Theori Inc. ), Yonghwi Jin ( Theori Inc. ), Jinoh Kang ( Theori Inc. ), Brian Pak ( Theori Inc. ), Insu Yun ( KAIST )PyFET: Forensically Equivalent Transformation for Python Binary Decompilationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#PyFET:%20Forensically%20Equivalent%20Transformation%20for%20Python%20Binary%20Decompilationhttps://www.ieee-security.org/TC/SP2023/program-papers.html#PyFET:%20Forensically%20Equivalent%20Transformation%20for%20Python%20Binary%20DecompilationSat, 31 Dec 2022 16:00:00 GMTAli Ahad ( University of Virginia, USA ), Chijung Jung ( University of Virginia, USA ), Ammar Askar ( Georgia Institute of Technology, USA ), Doowon Kim ( University of Tennessee, USA ), Taesoo Kim ( Georgia Institute of Technology, USA ), Yonghwi Kwon ( University of Virginia, USA )Adaptive Risk-Limiting Comparison Auditshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Adaptive%20Risk-Limiting%20Comparison%20Auditshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Adaptive%20Risk-Limiting%20Comparison%20AuditsSat, 31 Dec 2022 16:00:00 GMTAbigail Harrison ( University of Connecticut ), Benjamin Fuller ( University of Connecticut ), Alexander Russell ( University of Connecticut )Blue Is the New Black (Market): Privacy Leaks and Re-Victimization from Police-Auctioned Cellphoneshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Blue%20Is%20the%20New%20Black%20(Market):%20Privacy%20Leaks%20and%20Re-Victimization%20from%20Police-Auctioned%20Cellphoneshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Blue%20Is%20the%20New%20Black%20(Market):%20Privacy%20Leaks%20and%20Re-Victimization%20from%20Police-Auctioned%20CellphonesSat, 31 Dec 2022 16:00:00 GMTRichard Roberts, Julio Poveda, Raley Roberts, and Dave Levin ( University of Maryland, College Park )No Privacy in the Electronics Repair Industryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#No%20Privacy%20in%20the%20Electronics%20Repair%20Industryhttps://www.ieee-security.org/TC/SP2023/program-papers.html#No%20Privacy%20in%20the%20Electronics%20Repair%20IndustrySat, 31 Dec 2022 16:00:00 GMTJason Ceci ( University of Guelph, Canada ), Jonah Stegman ( University of Guelph, Canada ), Hassan Khan ( University of Guelph, Canada )How IoT Re-using Threatens Your Sensitive Data: Exploring the User-Data Disposal in Used IoT Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#How%20IoT%20Re-using%20Threatens%20Your%20Sensitive%20Data:%20Exploring%20the%20User-Data%20Disposal%20in%20Used%20IoT%20Deviceshttps://www.ieee-security.org/TC/SP2023/program-papers.html#How%20IoT%20Re-using%20Threatens%20Your%20Sensitive%20Data:%20Exploring%20the%20User-Data%20Disposal%20in%20Used%20IoT%20DevicesSat, 31 Dec 2022 16:00:00 GMTPeiyu Liu ( Zhejiang University, China ), Shouling Ji ( Zhejiang University, China ), Lirong Fu ( Zhejiang University, China ), Kangjie Lu ( University of Minnesota, USA ), Xuhong Zhang ( Zhejiang University, China ), Jingchang Qin ( Zhejiang University, China ), Wenhai Wang ( Zhejiang University, China ), Wenzhi Chen ( Zhejiang University, China )Privacy Leakage via Unrestricted Motion-Position Sensors in the Age of Virtual Reality: A Study of Snooping Typed Input on Virtual Keyboardshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Privacy%20Leakage%20via%20Unrestricted%20Motion-Position%20Sensors%20in%20the%20Age%20of%20Virtual%20Reality:%20A%20Study%20of%20Snooping%20Typed%20Input%20on%20Virtual%20Keyboardshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Privacy%20Leakage%20via%20Unrestricted%20Motion-Position%20Sensors%20in%20the%20Age%20of%20Virtual%20Reality:%20A%20Study%20of%20Snooping%20Typed%20Input%20on%20Virtual%20KeyboardsSat, 31 Dec 2022 16:00:00 GMTYi Wu ( University of Tennessee, Knoxville, USA ), Cong Shi ( New Jersey Institute of Technology, USA ), Tianfang Zhang ( Rutgers University, USA ), Payton Walker ( Texas A&M University, College Station, USA ), Jian Liu ( University of Tennessee, Knoxville, USA ), Nitesh Saxena ( Texas A&M University, College Station, USA ), Yingying Chen ( Rutgers University, USA )Uncovering User Interactions on Smartphones via Contactless Wireless Charging Side Channelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Uncovering%20User%20Interactions%20on%20Smartphones%20via%20Contactless%20Wireless%20Charging%20Side%20Channelshttps://www.ieee-security.org/TC/SP2023/program-papers.html#Uncovering%20User%20Interactions%20on%20Smartphones%20via%20Contactless%20Wireless%20Charging%20Side%20ChannelsSat, 31 Dec 2022 16:00:00 GMTTao Ni ( City University of Hong Kong ), Xiaokuan Zhang ( George Mason University ), Chaoshun Zuo ( The Ohio State University ), Jianfeng Li ( The Hong Kong Polytechnic University ), Zhenyu Yan ( The Chinese University of Hong Kong ), Wubing Wang ( DBAPPSecurity Co., Ltd ), Weitao Xu ( City University of Hong Kong ), Xiapu Luo ( The Hong Kong Polytechnic University ), Qingchuan Zhao ( City University of Hong Kong )MagBackdoor: Beware of Your Loudspeaker as A Backdoor For Magnetic Injection Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#MagBackdoor:%20Beware%20of%20Your%20Loudspeaker%20as%20A%20Backdoor%20For%20Magnetic%20Injection%20Attackshttps://www.ieee-security.org/TC/SP2023/program-papers.html#MagBackdoor:%20Beware%20of%20Your%20Loudspeaker%20as%20A%20Backdoor%20For%20Magnetic%20Injection%20AttacksSat, 31 Dec 2022 16:00:00 GMTTiantian Liu ( Zhejiang University, Hangzhou, Zhejiang, China ), Feng Lin ( Zhejiang University, Hangzhou, Zhejiang, China ), Zhangsen Wang ( Zhejiang University, Hangzhou, Zhejiang, China ), Chao Wang ( Zhejiang University, Hangzhou, Zhejiang, China ), Zhongjie Ba ( Zhejiang University, Hangzhou, Zhejiang, China ), Li Lu ( Zhejiang University, Hangzhou, Zhejiang, China ), Wenyao Xu ( University at Buffalo, Buffalo, New York, USA ), Kui Ren ( Zhejiang University, Hangzhou, Zhejiang, China )Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Eye:%20On%20the%20Limits%20of%20Textual%20Screen%20Peeking%20via%20Eyeglass%20Reflections%20in%20Video%20Conferencinghttps://www.ieee-security.org/TC/SP2023/program-papers.html#Private%20Eye:%20On%20the%20Limits%20of%20Textual%20Screen%20Peeking%20via%20Eyeglass%20Reflections%20in%20Video%20ConferencingSat, 31 Dec 2022 16:00:00 GMTYan Long ( University of Michigan, USA ), Chen Yan ( Zhejiang University, China ), Shilin Xiao ( Zhejiang University, China ), Shivan Prasad ( University of Michigan, USA ), Wenyuan Xu ( Zhejiang University, China ), Kevin Fu ( University of Michigan, USA )Low-effort VR Headset User Authentication Using Head-reverberated Sounds with Replay Resistancehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Low-effort%20VR%20Headset%20User%20Authentication%20Using%20Head-reverberated%20Sounds%20with%20Replay%20Resistancehttps://www.ieee-security.org/TC/SP2023/program-papers.html#Low-effort%20VR%20Headset%20User%20Authentication%20Using%20Head-reverberated%20Sounds%20with%20Replay%20ResistanceSat, 31 Dec 2022 16:00:00 GMTRuxin Wang ( Louisiana State University ), Long Huang ( Louisiana State University ), Chen Wang ( Louisiana State University )"Adversarial Examples for Proof-of-Learning"https://www.ieee-security.org/TC/SP2022/program-papers.html#%22Adversarial%20Examples%20for%20Proof-of-Learning%22https://www.ieee-security.org/TC/SP2022/program-papers.html#%22Adversarial%20Examples%20for%20Proof-of-Learning%22Fri, 31 Dec 2021 16:00:00 GMTRui Zhang (Zhejiang University), Jian Liu (Zhejiang University), Yuan Ding (Zhejiang University), Zhibo Wang (Zhejiang University), Qingbiao Wu (Zhejiang University), Kui Ren (Zhejiang University), Jian Liu (Zhejiang University)"Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in Kenyahttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22Desperate%20Times%20Call%20for%20Desperate%20Measures%22:%20User%20Concerns%20with%20Mobile%20Loan%20Apps%20in%20Kenyahttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22Desperate%20Times%20Call%20for%20Desperate%20Measures%22:%20User%20Concerns%20with%20Mobile%20Loan%20Apps%20in%20KenyaFri, 31 Dec 2021 16:00:00 GMTCollins W. Munyendo (The George Washington University), Yasemin Acar (The George Washington University), Adam J. Aviv (The George Washington University), Yasemin Acar (George Washington University)"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papershttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22Flawed,%20but%20like%20democracy%20we%20don't%20have%20a%20better%20system%22:%20The%20Experts'%20Insights%20on%20the%20Peer%20Review%20Process%20of%20Evaluating%20Security%20Papershttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22Flawed,%20but%20like%20democracy%20we%20don't%20have%20a%20better%20system%22:%20The%20Experts'%20Insights%20on%20the%20Peer%20Review%20Process%20of%20Evaluating%20Security%20PapersFri, 31 Dec 2021 16:00:00 GMTAnanta Soneji (Arizona State University), Faris Bugra Kokulu (Arizona State University), Carlos Rubio-Medrano (Texas A&M University - Corpus Christi), Tiffany Bao (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupe (Arizona State University)"They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22They're%20not%20that%20hard%20to%20mitigate%22:%20What%20Cryptographic%20Library%20Developers%20Think%20About%20Timing%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#%22They're%20not%20that%20hard%20to%20mitigate%22:%20What%20Cryptographic%20Library%20Developers%20Think%20About%20Timing%20AttacksFri, 31 Dec 2021 16:00:00 GMTJan Jancar (Masaryk University), Marcel Fourné (Max Planck Institute for Security and Privacy), Daniel De Almeida Braga (Univ Rennes, CNRS, IRISA), Mohamed Sabt (Univ Rennes, CNRS, IRISA), Peter Schwabe (Max Planck Institute for Security and Privacy & Radboud University), Gilles Barthe (Max Planck Institute for Security and Privacy & IMDEA Software Institute), Pierre-Alain Fouque (Univ Rennes, CNRS, IRISA), Yasemin Acar (Max Planck Institute for Security and Privacy & George Washington University)27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire Universityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#27%20Years%20and%2081%20Million%20Opportunities%20Later:%20Investigating%20the%20Use%20of%20Email%20Encryption%20for%20an%20Entire%20Universityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#27%20Years%20and%2081%20Million%20Opportunities%20Later:%20Investigating%20the%20Use%20of%20Email%20Encryption%20for%20an%20Entire%20UniversityFri, 31 Dec 2021 16:00:00 GMTChristian Stransky (Leibniz University Hannover, Germany), Oliver Wiese (Freie Universität Berlin, Germany), Volker Roth (Freie Universität Berlin, Germany), Yasemin Acar (Max Planck Institute for Security and Privacy, Germany), Sascha Fahl (CISPA / Leibniz University Hannover, Germany)A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verificationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Formal%20Security%20Analysis%20of%20the%20W3C%20Web%20Payment%20APIs:%20Attacks%20and%20Verificationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Formal%20Security%20Analysis%20of%20the%20W3C%20Web%20Payment%20APIs:%20Attacks%20and%20VerificationFri, 31 Dec 2021 16:00:00 GMTQuoc Huy Do (University of Stuttgart, Germany), Pedram Hosseyni (University of Stuttgart, Germany), Ralf Küsters (University of Stuttgart, Germany), Guido Schmitz (University of Stuttgart, Germany and Royal Holloway, University of London, UK), Nils Wenzler (University of Stuttgart, Germany), Tim Würtele (University of Stuttgart, Germany)A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocolshttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Logic%20and%20an%20Interactive%20Prover%20for%20the%20Computational%20Post-Quantum%20Security%20of%20Protocolshttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Logic%20and%20an%20Interactive%20Prover%20for%20the%20Computational%20Post-Quantum%20Security%20of%20ProtocolsFri, 31 Dec 2021 16:00:00 GMTCas Cremers (CISPA Helmholtz Center for Information Security), Charlie Jacomme (CISPA - Helmholtz Center for Information Security), Caroline Fontaine (Université Paris-Saclay, CNRS, ENS Paris-Saclay, Laboratoire Méthodes Formelles), Cas Cremers (CISPA Helmholtz Center for Information Security)A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilitieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Secret-Free%20Hypervisor:%20Rethinking%20Isolation%20in%20the%20Age%20of%20Speculative%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Secret-Free%20Hypervisor:%20Rethinking%20Isolation%20in%20the%20Age%20of%20Speculative%20VulnerabilitiesFri, 31 Dec 2021 16:00:00 GMTHongyan Xia (Microsoft Research), David Zhang (Microsoft), Wei Liu (Microsoft), Istvan Haller (Microsoft Research), Bruce Sherwin (Microsoft), David Chisnall (Microsoft Research)A Systematic Look at Ciphertext Side Channels on AMD SEV-SNPhttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Systematic%20Look%20at%20Ciphertext%20Side%20Channels%20on%20AMD%20SEV-SNPhttps://www.ieee-security.org/TC/SP2022/program-papers.html#A%20Systematic%20Look%20at%20Ciphertext%20Side%20Channels%20on%20AMD%20SEV-SNPFri, 31 Dec 2021 16:00:00 GMTMengyuan Li (The Ohio State University), Luca Wilke (University of Lübeck), Jan Wichelmann (University of Lübeck), Thomas Eisenbarth (University of Lübeck), Radu Teodorescu (The Ohio State University), Yinqian Zhang (Southern University of Science and Technology)AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabularyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#AccEar:%20Accelerometer%20Acoustic%20Eavesdropping%20with%20Unconstrained%20Vocabularyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#AccEar:%20Accelerometer%20Acoustic%20Eavesdropping%20with%20Unconstrained%20VocabularyFri, 31 Dec 2021 16:00:00 GMTPengfei Hu (Shandong University), Hui Zhuang (Shandong University), Panneer Selvam Santhalingam (George Mason University), Riccardo Spolaor (Shandong University), Parth Pathak (George Mason University), Guoming Zhang (Shandong University), Xiuzhen Cheng (Shandong University)Adversarial Prefetch: New Cross-Core Cache Side Channel Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Adversarial%20Prefetch:%20New%20Cross-Core%20Cache%20Side%20Channel%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Adversarial%20Prefetch:%20New%20Cross-Core%20Cache%20Side%20Channel%20AttacksFri, 31 Dec 2021 16:00:00 GMTYanan Guo (University of Pittsburgh), Andrew Zigerelli (Independent), Youtao Zhang (Computer Science Department, University of Pittsburgh), Jun Yang (University of Pittsburgh)Analyzing Ground-Truth Data of Mobile Gambling Scamhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Analyzing%20Ground-Truth%20Data%20of%20Mobile%20Gambling%20Scamhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Analyzing%20Ground-Truth%20Data%20of%20Mobile%20Gambling%20ScamFri, 31 Dec 2021 16:00:00 GMTGeng Hong (Fudan University), Zhemin Yang (Fudan University), Sen Yang (Fudan University), Xiaojing Liao (Indiana University Bloomington), Xiaolin Du (Fudan University), Min Yang (Fudan University), Haixin Duan (Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp.)Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPKhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Annotating,%20Tracking,%20and%20Protecting%20Cryptographic%20Secrets%20with%20CryptoMPKhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Annotating,%20Tracking,%20and%20Protecting%20Cryptographic%20Secrets%20with%20CryptoMPKFri, 31 Dec 2021 16:00:00 GMTXuancheng Jin (Shanghai Jiao Tong University), Xuangan Xiao (Shanghai Jiao Tong University), Songlin Jia (Shanghai Jiao Tong University), Wang Gao (Shanghai Jiao Tong University), Hang Zhang (UC Riverside), Dawu Gu (Shanghai Jiao Tong University), Siqi Ma (The University of Queensland), Zhiyun Qian (UC Riverside), Juanru Li (Shanghai Jiao Tong University)Anti-Tamper Radio: System-Level Tamper Detection for Computing Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Anti-Tamper%20Radio:%20System-Level%20Tamper%20Detection%20for%20Computing%20Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Anti-Tamper%20Radio:%20System-Level%20Tamper%20Detection%20for%20Computing%20SystemsFri, 31 Dec 2021 16:00:00 GMTPaul Staat (Max Planck Institute for Security and Privacy), Johannes Tobisch (Max Planck Institute for Security and Privacy), Christian Zenger (PHYSEC GmbH), Christof Paar (Max Planck Institute for Security and Privacy)Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Are%20We%20There%20Yet?%20Timing%20and%20Floating-Point%20Attacks%20on%20Differential%20Privacy%20Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Are%20We%20There%20Yet?%20Timing%20and%20Floating-Point%20Attacks%20on%20Differential%20Privacy%20SystemsFri, 31 Dec 2021 16:00:00 GMTJiankai Jin (The University of Melbourne, Australia), Eleanor McMurtry (ETH Zurich), Benjamin Rubinstein (University of Melbourne, Australia), Olga Ohrimenko (The University of Melbourne)Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributionshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Asleep%20at%20the%20Keyboard?%20Assessing%20the%20Security%20of%20GitHub%20Copilot's%20Code%20Contributionshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Asleep%20at%20the%20Keyboard?%20Assessing%20the%20Security%20of%20GitHub%20Copilot's%20Code%20ContributionsFri, 31 Dec 2021 16:00:00 GMTHammond Pearce (NYU Tandon School of Engineering), Baleegh Ahmad (NYU Tandon School of Engineering), Benjamin Tan (NYU Tandon School of Engineering), Brendan Dolan-Gavitt (NYU Tandon School of Engineering), Ramesh Karri (NYU Tandon School of Engineering)Attacks on Wireless Coexistencehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Attacks%20on%20Wireless%20Coexistencehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Attacks%20on%20Wireless%20CoexistenceFri, 31 Dec 2021 16:00:00 GMTJiska Classen (TU Darmstadt, SEEMOO), Michael Hermann (TU Darmstadt, SEEMOO), Francesco Gringoli (University of Brescia), Matthias Hollick (TU Darmstadt, SEEMOO)Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Resthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Augury:%20Using%20Data%20Memory-Dependent%20Prefetchers%20to%20Leak%20Data%20at%20Resthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Augury:%20Using%20Data%20Memory-Dependent%20Prefetchers%20to%20Leak%20Data%20at%20RestFri, 31 Dec 2021 16:00:00 GMTJose Rodrigo Sanchez Vicarte (University of Illinois at Urbana-Champaign), Michael Flanders (University of Washington), Riccardo Paccagnella (University of Illinois at Urbana-Champaign), Grant Garrett-Grossman (University of Illinois at Urbana-Champaign), Adam Morrison (Tel Aviv University), Chris Fletcher (University of Illinois at Urbana-Champaign), David Kohlbrenner (University of Washington)Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Automated%20Attack%20Synthesis%20by%20Extracting%20Finite%20State%20Machines%20from%20Protocol%20Specification%20Documentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Automated%20Attack%20Synthesis%20by%20Extracting%20Finite%20State%20Machines%20from%20Protocol%20Specification%20DocumentsFri, 31 Dec 2021 16:00:00 GMTMaria Pacheco Gonzales (Purdue University), Max von Hippel (Northeastern University), Ben Weintraub (Northeastern University), Dan Goldwasser (Purdue University), Cristina Nita-Rotaru (Northeastern University)BEACON : Directed Grey-Box Fuzzing with Provable Path Pruninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#BEACON%20:%20Directed%20Grey-Box%20Fuzzing%20with%20Provable%20Path%20Pruninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#BEACON%20:%20Directed%20Grey-Box%20Fuzzing%20with%20Provable%20Path%20PruningFri, 31 Dec 2021 16:00:00 GMTHeqing Huang (The Hong Kong University of Science and Technology), Yiyuan Guo (The Hong Kong University of Science and Technology), Qingkai Shi (The Hong Kong University of Science and Technology), Peisen Yao (The Hong Kong University of Science and Technology), Rongxin Wu (Xiamen University), Charles Zhang (The Hong Kong University of Science and Technology)Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Federated Learninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Back%20to%20the%20Drawing%20Board:%20A%20Critical%20Evaluation%20of%20Poisoning%20Attacks%20on%20Federated%20Learninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Back%20to%20the%20Drawing%20Board:%20A%20Critical%20Evaluation%20of%20Poisoning%20Attacks%20on%20Federated%20LearningFri, 31 Dec 2021 16:00:00 GMTVirat Shejwalkar (UMass Amherst), Amir Houmansadr (UMass Amherst), Peter Kairouz (Google), Daniel Ramage (Google)Bad Characters: Imperceptible NLP Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Bad%20Characters:%20Imperceptible%20NLP%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Bad%20Characters:%20Imperceptible%20NLP%20AttacksFri, 31 Dec 2021 16:00:00 GMTNicholas Boucher (University of Cambridge), Ilia Shumailov (University of Cambridge, Vector Institute), Ross Anderson (University of Cambridge, University of Edinburgh), Nicolas Papernot (University of Toronto, Vector Institute)BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#BadEncoder:%20Backdoor%20Attacks%20to%20Pre-trained%20Encoders%20in%20Self-Supervised%20Learninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#BadEncoder:%20Backdoor%20Attacks%20to%20Pre-trained%20Encoders%20in%20Self-Supervised%20LearningFri, 31 Dec 2021 16:00:00 GMTJinyuan Jia (Duke University, USA), Yupei Liu (Duke University, USA), Neil Zhenqiang Gong (Duke University, USA)Blacksmith: Compromising Target Row Refresh by Rowhammering in the Frequency Domainhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Blacksmith:%20Compromising%20Target%20Row%20Refresh%20by%20Rowhammering%20in%20the%20Frequency%20Domainhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Blacksmith:%20Compromising%20Target%20Row%20Refresh%20by%20Rowhammering%20in%20the%20Frequency%20DomainFri, 31 Dec 2021 16:00:00 GMTPatrick Jattke (ETH Zurich), Victor van der Veen (Qualcomm Technologies Inc.), Pietro Frigo (Vrije Universiteit Amsterdam), Stijn Gunter (ETH Zurich), Kaveh Razavi (ETH Zurich)COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Serviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#COBRA:%20Dynamic%20Proactive%20Secret%20Sharing%20for%20Confidential%20BFT%20Serviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#COBRA:%20Dynamic%20Proactive%20Secret%20Sharing%20for%20Confidential%20BFT%20ServicesFri, 31 Dec 2021 16:00:00 GMTRobin Vassantlal (LASIGE, Faculdade de Ciencias, Universidade de Lisboa), Eduardo Alchieri (Universidade de Brasilia), Bernardo Ferreira (LASIGE, Faculdade de Ciencias, Universidade de Lisboa), Alysson Bessani (LASIGE, Faculdade de Ciencias, Universidade de Lisboa)Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Cats%20vs.%20Spectre:%20An%20Axiomatic%20Approach%20to%20Modeling%20Speculative%20Execution%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Cats%20vs.%20Spectre:%20An%20Axiomatic%20Approach%20to%20Modeling%20Speculative%20Execution%20AttacksFri, 31 Dec 2021 16:00:00 GMTHernán Ponce de León (Bundeswehr University Munich), Johannes Kinder (Bundeswehr University Munich)CirC: Compiler infrastructure for proof systems, software verification, and morehttps://www.ieee-security.org/TC/SP2022/program-papers.html#CirC:%20Compiler%20infrastructure%20for%20proof%20systems,%20software%20verification,%20and%20morehttps://www.ieee-security.org/TC/SP2022/program-papers.html#CirC:%20Compiler%20infrastructure%20for%20proof%20systems,%20software%20verification,%20and%20moreFri, 31 Dec 2021 16:00:00 GMTAlex Ozdemir (Stanford University), Fraser Brown (Stanford University, Carnegie Mellon University), Riad Wahby (Stanford University, Carnegie Mellon University, and Algorand), Alex Ozdemir (Stanford University)Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projectshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Committed%20to%20Trust:%20A%20Qualitative%20Study%20on%20Security%20&%20Trust%20in%20Open%20Source%20Software%20Projectshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Committed%20to%20Trust:%20A%20Qualitative%20Study%20on%20Security%20&%20Trust%20in%20Open%20Source%20Software%20ProjectsFri, 31 Dec 2021 16:00:00 GMTDominik Wermke (CISPA Helmholtz Center for Information Security), Noah Woehler (CISPA Helmholtz Center for Information Security), Jan H. Klemmer (Leibniz University Hannover), Marcel Fourné (Max Planck Institute for Security and Privacy), Yasemin Acar (George Washington University), Sascha Fahl (CISPA Helmholtz Center for Information Security, Leibniz University Hannover)Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Modelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Copy,%20Right?%20A%20Testing%20Framework%20for%20Copyright%20Protection%20of%20Deep%20Learning%20Modelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Copy,%20Right?%20A%20Testing%20Framework%20for%20Copyright%20Protection%20of%20Deep%20Learning%20ModelsFri, 31 Dec 2021 16:00:00 GMTJialuo Chen (Zhejiang University), Jingyi Wang (Zhejiang University), Tinglan Peng (Zhejiang University), Youcheng Sun (Queen's University Belfast, UK), Peng Cheng (Zhejiang University), Shouling Ji (Zhejiang University), Xingjun Ma (Deakin University), Bo Li (University of Illinois Urbana-Champaign), Dawn Song (University of California, Berkeley)DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#DEPCOMM:%20Graph%20Summarization%20on%20System%20Audit%20Logs%20for%20Attack%20Investigationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#DEPCOMM:%20Graph%20Summarization%20on%20System%20Audit%20Logs%20for%20Attack%20InvestigationFri, 31 Dec 2021 16:00:00 GMTZhiqiang Xu (Chinese Academy of Sciences, China), Pengcheng Fang (Case Western Reserve University, USA), Changlin Liu (Case Western Reserve University, USA), Xusheng Xiao (Case Western Reserve University, USA), Yu Wen (Chinese Academy of Sciences, China), Dan Meng (Chinese Academy of Sciences, China)DeepCASE: Semi-Supervised Contextual Analysis of Security Eventshttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepCASE:%20Semi-Supervised%20Contextual%20Analysis%20of%20Security%20Eventshttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepCASE:%20Semi-Supervised%20Contextual%20Analysis%20of%20Security%20EventsFri, 31 Dec 2021 16:00:00 GMTThijs van Ede (University of Twente), Hojjat Aghakhani (University of California, Santa Barbara), Noah Spahn (University of California, Santa Barbara), Riccardo Bortolameotti (ReaQta), Marco Cova (VMware, Inc.), Andrea Continella (University of Twente), Maarten van Steen (University of Twente), Andreas Peter (University of Twente), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California)DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplificationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepCoFFEA:%20Improved%20Flow%20Correlation%20Attacks%20on%20Tor%20via%20Metric%20Learning%20and%20Amplificationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepCoFFEA:%20Improved%20Flow%20Correlation%20Attacks%20on%20Tor%20via%20Metric%20Learning%20and%20AmplificationFri, 31 Dec 2021 16:00:00 GMTSe Eun Oh (Ewha Womans University), Taiji Yang (University of Minnesota), Nate Mathews (Rochester Institute of Technology), James K Holland (University of Minnesota), Mohammad Saidur Rahman (Rochester Institute of Technology), Nicholas Hopper (University of Minnesota), Matthew Wright (Rochester Institute of Technology)DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memorieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepSteal:%20Advanced%20Model%20Extractions%20Leveraging%20Efficient%20Weight%20Stealing%20in%20Memorieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#DeepSteal:%20Advanced%20Model%20Extractions%20Leveraging%20Efficient%20Weight%20Stealing%20in%20MemoriesFri, 31 Dec 2021 16:00:00 GMTAdnan Siraj Rakin (Arizona State University), Md Hafizul Islam Chowdhuryy (University of Central Florida), Fan Yao (University of Central Florida), Deliang Fan (Arizona State University)Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Delay%20Wreaks%20Havoc%20on%20Your%20Smart%20Home:%20Delay-based%20Automation%20Interference%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Delay%20Wreaks%20Havoc%20on%20Your%20Smart%20Home:%20Delay-based%20Automation%20Interference%20AttacksFri, 31 Dec 2021 16:00:00 GMTHaotian Chi (Temple University), Chenglong Fu (Temple University), Qiang Zeng (University of South Carolina, United States of America), Xiaojiang Du (Stevens Institute of Technology)Deployment of Source Address Validation by Network Operators: A Randomized Control Trialhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Deployment%20of%20Source%20Address%20Validation%20by%20Network%20Operators:%20A%20Randomized%20Control%20Trialhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Deployment%20of%20Source%20Address%20Validation%20by%20Network%20Operators:%20A%20Randomized%20Control%20TrialFri, 31 Dec 2021 16:00:00 GMTQasim Lone (Delft University of Technology), Alisa Frik (International Computer Science Institute / UC Berkeley), Matthew Luckie (University of Waikato), Maciej Korczynski (Grenoble INP), Michel van Eeten (Delft University of Technology), Carlos Ganan (Delft University of Technology)Device Fingerprinting with Peripheral Timestampshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Device%20Fingerprinting%20with%20Peripheral%20Timestampshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Device%20Fingerprinting%20with%20Peripheral%20TimestampsFri, 31 Dec 2021 16:00:00 GMTJohn Monaco (Naval Postgraduate School, USA)Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Censushttps://www.ieee-security.org/TC/SP2022/program-papers.html#Differential%20Privacy%20and%20Swapping:%20Examining%20De-Identification's%20Impact%20on%20Minority%20Representation%20and%20Privacy%20Preservation%20in%20the%20U.S.%20Censushttps://www.ieee-security.org/TC/SP2022/program-papers.html#Differential%20Privacy%20and%20Swapping:%20Examining%20De-Identification's%20Impact%20on%20Minority%20Representation%20and%20Privacy%20Preservation%20in%20the%20U.S.%20CensusFri, 31 Dec 2021 16:00:00 GMTSarah Radway (Tufts University), Miranda Christ (Columbia University), Steven Bellovin (Columbia University)Differentially Private Histograms in the Shuffle Model from Fake Usershttps://www.ieee-security.org/TC/SP2022/program-papers.html#Differentially%20Private%20Histograms%20in%20the%20Shuffle%20Model%20from%20Fake%20Usershttps://www.ieee-security.org/TC/SP2022/program-papers.html#Differentially%20Private%20Histograms%20in%20the%20Shuffle%20Model%20from%20Fake%20UsersFri, 31 Dec 2021 16:00:00 GMTAlbert Cheu (Georgetown University), Maxim Zhilyaev (MindStrong Inc.)Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trusthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Domains%20Do%20Change%20Their%20Spots:%20Quantifying%20Potential%20Abuse%20of%20Residual%20Trusthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Domains%20Do%20Change%20Their%20Spots:%20Quantifying%20Potential%20Abuse%20of%20Residual%20TrustFri, 31 Dec 2021 16:00:00 GMTJohnny So (Stony Brook University, USA), Najmeh Miramirkhani (Stony Brook University, USA), Michael Ferdman (Stony Brook University, USA), Nick Nikiforakis (Stony Brook University, USA)Effective Seed Scheduling for Fuzzing with Graph Centrality Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Effective%20Seed%20Scheduling%20for%20Fuzzing%20with%20Graph%20Centrality%20Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Effective%20Seed%20Scheduling%20for%20Fuzzing%20with%20Graph%20Centrality%20AnalysisFri, 31 Dec 2021 16:00:00 GMTDongdong She (Columbia University), Abhishek Shah (Columbia University), Suman Jana (Columbia University)Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Evaluating%20Physical-Layer%20BLE%20Location%20Tracking%20Attacks%20on%20Mobile%20Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Evaluating%20Physical-Layer%20BLE%20Location%20Tracking%20Attacks%20on%20Mobile%20DevicesFri, 31 Dec 2021 16:00:00 GMTHadi Givehchian (UC San Diego), Nishant Bhaskar (UC San Diego), Eliana Rodriguez Herrera (UC San Diego), Hector Lopez Soto (UC San Diego), Christian Dameff (UC San Diego), Dinesh Bharadia (UC San Diego), Aaron Schulman (UC San Diego)Exploit the Last Straw That Breaks Android Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Exploit%20the%20Last%20Straw%20That%20Breaks%20Android%20Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Exploit%20the%20Last%20Straw%20That%20Breaks%20Android%20SystemsFri, 31 Dec 2021 16:00:00 GMTLei Zhang (Fudan University, China), Keke Lian (Fudan University, China), Haoyu Xiao (Fudan University, China), Zhibo Zhang (Fudan University, China), Peng Liu (The Pennsylvania State University, United States of America), Yuan Zhang (Fudan University, China), Min Yang (Fudan University, China), Haixin Duan (Tsinghua University, China)Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Exposed%20Infrastructures:%20Discovery,%20Attacks%20and%20Remediation%20of%20Insecure%20ICS%20Remote%20Management%20Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Exposed%20Infrastructures:%20Discovery,%20Attacks%20and%20Remediation%20of%20Insecure%20ICS%20Remote%20Management%20DevicesFri, 31 Dec 2021 16:00:00 GMTTakayuki Sasaki (Yokohama National University), Akira Fujita (Yokohama National University/National Institute of Information and Communications Technology), Carlos Hernandez Ganan (TU Delft/Yokohama National University), Michel van Eeten (TU Delft/Yokohama National University), Katsunari Yoshioka (Yokohama National University), Tsutomu Matsumoto (Yokohama National University)FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#FSAFlow:%20Lightweight%20and%20Fast%20Dynamic%20Path%20Tracking%20and%20Control%20for%20Privacy%20Protection%20on%20Android%20Using%20Hybrid%20Analysis%20with%20State-Reduction%20Strategyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#FSAFlow:%20Lightweight%20and%20Fast%20Dynamic%20Path%20Tracking%20and%20Control%20for%20Privacy%20Protection%20on%20Android%20Using%20Hybrid%20Analysis%20with%20State-Reduction%20StrategyFri, 31 Dec 2021 16:00:00 GMTZhi Yang (PLA Information Engineering University, Zhengzhou, China), Zhanhui Yuan (PLA Information Engineering University, Zhengzhou, China), Xingyuan Chen (PLA Information Engineering University, Zhengzhou, China), Shuyuan Jin (SUN YAT-SEN University, Guangzhou, China.), Lei Sun (PLA Information Engineering University, Zhengzhou, China), Xuehui Du (PLA Information Engineering University, Zhengzhou, China), Wenfa Li (Beijing Union University, Beijing, Chian)Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Finding%20SMM%20Privilege-Escalation%20Vulnerabilities%20in%20UEFI%20Firmware%20with%20Protocol-Centric%20Static%20Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Finding%20SMM%20Privilege-Escalation%20Vulnerabilities%20in%20UEFI%20Firmware%20with%20Protocol-Centric%20Static%20AnalysisFri, 31 Dec 2021 16:00:00 GMTJiawei Yin (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China and School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China), Wei Huo (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China; School of CyberSpace Security at University of Chinese Academy of Sciences, China), Menghao Li (Institute of Information Engineering, Chinese Academy of Sciences), Wei Wu (Huawei Technologies), Dandan Sun (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China), Jianhua Zhou (Key Laboratory of Network Assessment Technology, Institute of Information Engineering, Chinese Academy of Sciences, China), Jingling Xue (University of New South Wales)Finding and Exploiting CPU Features using MSR Templatinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Finding%20and%20Exploiting%20CPU%20Features%20using%20MSR%20Templatinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Finding%20and%20Exploiting%20CPU%20Features%20using%20MSR%20TemplatingFri, 31 Dec 2021 16:00:00 GMTAndreas Kogler (Graz University of Technology), Daniel Weber (CISPA Helmholtz Center for Information Security), Martin Haubenwallner (Graz University of Technology), Moritz Lipp (Graz University of Technology), Daniel Gruss (Graz University of Technology), Michael Schwarz (CISPA Helmholtz Center for Information Security), Moritz Lipp (Amazon Web Services)Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilitieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Formal%20Model-Driven%20Discovery%20of%20Bluetooth%20Protocol%20Design%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Formal%20Model-Driven%20Discovery%20of%20Bluetooth%20Protocol%20Design%20VulnerabilitiesFri, 31 Dec 2021 16:00:00 GMTJianliang Wu (Purdue University), Ruoyu Wu (Purdue University), Dongyan Xu (Purdue University), Dave (Jing) Tian (Purdue University), Antonio Bianchi (Purdue University)Foundations of Dynamic BFThttps://www.ieee-security.org/TC/SP2022/program-papers.html#Foundations%20of%20Dynamic%20BFThttps://www.ieee-security.org/TC/SP2022/program-papers.html#Foundations%20of%20Dynamic%20BFTFri, 31 Dec 2021 16:00:00 GMTSisi Duan (Tsinghua University), Haibin Zhang (independent)Four Attacks and a Proof for Telegramhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Four%20Attacks%20and%20a%20Proof%20for%20Telegramhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Four%20Attacks%20and%20a%20Proof%20for%20TelegramFri, 31 Dec 2021 16:00:00 GMTMartin R. Albrecht (Royal Holloway, University of London, United Kingdom), Lenka Mareková (Royal Holloway, University of London, United Kingdom), Kenneth G. Paterson (ETH Zurich, Switzerland), Igors Stepanovs (ETH Zurich, Switzerland)FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#FuzzUSB:%20Hybrid%20Stateful%20Fuzzing%20of%20USB%20Gadget%20Stackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#FuzzUSB:%20Hybrid%20Stateful%20Fuzzing%20of%20USB%20Gadget%20StacksFri, 31 Dec 2021 16:00:00 GMTKyungtae Kim (Purdue University), Taegyu Kim (Purdue University), Ertza Warraich (Purdue University), Byoungyoung Lee (Seoul National University), Kevin Butler (University of Florida), Antonio Bianchi (Purdue University), Dave (Jing) Tian (Purdue University)GREBE: Unveiling Exploitation Potential for Linux Kernel Bugshttps://www.ieee-security.org/TC/SP2022/program-papers.html#GREBE:%20Unveiling%20Exploitation%20Potential%20for%20Linux%20Kernel%20Bugshttps://www.ieee-security.org/TC/SP2022/program-papers.html#GREBE:%20Unveiling%20Exploitation%20Potential%20for%20Linux%20Kernel%20BugsFri, 31 Dec 2021 16:00:00 GMTZhenpeng Lin (Pennsylvania State University), Yueqi Chen (Pennsylvania State University), Dongliang Mu (Huazhong University of Science and Technology), Chensheng Yu (George Washington University), Yuhang Wu (Pennsylvania State University), Xinyu Xing (Pennsylvania State University), Kang Li (Baidu Security)Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Goshawk:%20Hunting%20Memory%20Corruptions%20via%20Structure-Aware%20and%20Object-Centric%20Memory%20Operation%20Synopsishttps://www.ieee-security.org/TC/SP2022/program-papers.html#Goshawk:%20Hunting%20Memory%20Corruptions%20via%20Structure-Aware%20and%20Object-Centric%20Memory%20Operation%20SynopsisFri, 31 Dec 2021 16:00:00 GMTYunlong Lyu (University of Science and Technology of China), Yi Fang (Feiyu Security), Yiwei Zhang (Shanghai Jiao Tong University), Qibin Sun (University of Science and Technology of China), Siqi Ma (The University of New South Wales Canberra), Elisa Bertino (Purdue University), Kangjie Lu (University of Minnesota), Juanru Li (Shanghai Jiao Tong University)Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighborshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Graphics%20Peeping%20Unit:%20Exploiting%20EM%20Side-Channel%20Information%20of%20GPUs%20to%20Eavesdrop%20on%20Your%20Neighborshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Graphics%20Peeping%20Unit:%20Exploiting%20EM%20Side-Channel%20Information%20of%20GPUs%20to%20Eavesdrop%20on%20Your%20NeighborsFri, 31 Dec 2021 16:00:00 GMTZihao Zhan (Vanderbilt University), Zhengkai Zhang (Clemson University), Sisheng Liang (Clemson University), Fan Yao (University of Central Florida), Xenofon Koutsoukos (Vanderbilt University)HAMRAZ: Resilient Partitioning and Replicationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#HAMRAZ:%20Resilient%20Partitioning%20and%20Replicationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#HAMRAZ:%20Resilient%20Partitioning%20and%20ReplicationFri, 31 Dec 2021 16:00:00 GMTXiao Li (University of California, Riverside, USA), Farzin Houshmand (University of California, Riverside, USA), Mohsen Lesani (University of California, Riverside, USA)HardLog: Practical Tamper-Proof System Auditing Using a Novel Audit Devicehttps://www.ieee-security.org/TC/SP2022/program-papers.html#HardLog:%20Practical%20Tamper-Proof%20System%20Auditing%20Using%20a%20Novel%20Audit%20Devicehttps://www.ieee-security.org/TC/SP2022/program-papers.html#HardLog:%20Practical%20Tamper-Proof%20System%20Auditing%20Using%20a%20Novel%20Audit%20DeviceFri, 31 Dec 2021 16:00:00 GMTAdil Ahmad (Purdue), Sangho Lee (Microsoft Research), Marcus Peinado (Microsoft Research)Hardening Circuit-Design IP Against Reverse-Engineering Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Hardening%20Circuit-Design%20IP%20Against%20Reverse-Engineering%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Hardening%20Circuit-Design%20IP%20Against%20Reverse-Engineering%20AttacksFri, 31 Dec 2021 16:00:00 GMTAnimesh Chhotaray (University of Florida, USA), Thomas Shrimpton (University of Florida, USA)Hark: A Deep Learning System for Navigating Privacy Feedback at Scalehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Hark:%20A%20Deep%20Learning%20System%20for%20Navigating%20Privacy%20Feedback%20at%20Scalehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Hark:%20A%20Deep%20Learning%20System%20for%20Navigating%20Privacy%20Feedback%20at%20ScaleFri, 31 Dec 2021 16:00:00 GMTHamza Harkous (Google Inc.), Sai Teja Peddinti (Google Inc.), Rishabh Khandelwal (University of Wisconsin - Madison), Animesh Srivastava‚Äé (Google Inc.), Nina Taft (Google Inc.)Heapster: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Imageshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Heapster:%20Analyzing%20the%20Security%20of%20Dynamic%20Allocators%20for%20Monolithic%20Firmware%20Imageshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Heapster:%20Analyzing%20the%20Security%20of%20Dynamic%20Allocators%20for%20Monolithic%20Firmware%20ImagesFri, 31 Dec 2021 16:00:00 GMTFabio Gritti (University of California, Santa Barbara), Fabio Pagani (University of California, Santa Barbara), Ilya Grishchenko (University of California, Santa Barbara), Lukas Dresel (University of California, Santa Barbara), Nilo Redini (Qualcomm Inc.), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Studyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20Does%20Usable%20Security%20(Not)%20End%20Up%20in%20Software%20Products?%20Results%20From%20a%20Qualitative%20Interview%20Studyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20Does%20Usable%20Security%20(Not)%20End%20Up%20in%20Software%20Products?%20Results%20From%20a%20Qualitative%20Interview%20StudyFri, 31 Dec 2021 16:00:00 GMTMarco Gutfleisch (Ruhr University Bochum, Germany), Jan H. Klemmer (Leibniz University Hannover, Germany), Niklas Busch (Leibniz University Hannover, Germany), Yasemin Acar (Max Planck Institute for Security and Privacy, Germany), M. Angela Sasse (Ruhr University Bochum, Germany), Sascha Fahl (CISPA / Leibniz University Hannover, Germany)How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20Not%20to%20Protect%20Your%20IP%20-%20An%20Industry-Wide%20Break%20of%20IEEE%201735%20Implementationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20Not%20to%20Protect%20Your%20IP%20-%20An%20Industry-Wide%20Break%20of%20IEEE%201735%20ImplementationsFri, 31 Dec 2021 16:00:00 GMTJulian Speith (Max Planck Institute for Security and Privacy), Florian Schweins (Ruhr-University Bochum), Maik Ender (Max Planck Institute for Security and Privacy), Marc Fyrbiak (Max Planck Institute for Security and Privacy), Alexander May (Ruhr-University Bochum), Christof Paar (Max Planck Institute for Security and Privacy)How to Attack and Generate Honeywordshttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20to%20Attack%20and%20Generate%20Honeywordshttps://www.ieee-security.org/TC/SP2022/program-papers.html#How%20to%20Attack%20and%20Generate%20HoneywordsFri, 31 Dec 2021 16:00:00 GMTDing Wang (Nankai University), Yunkai Zou (Nankai University), Qiying Dong (Nankai University), Yuanming Song (Peking University), Xinyi Huang (Fujian Normal University)IRQDebloat: Reducing Driver Attack Surface in Embedded Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#IRQDebloat:%20Reducing%20Driver%20Attack%20Surface%20in%20Embedded%20Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#IRQDebloat:%20Reducing%20Driver%20Attack%20Surface%20in%20Embedded%20DevicesFri, 31 Dec 2021 16:00:00 GMTZhenghao Hu (New York University), Brendan Dolan-Gavitt (NYU)IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#IRShield:%20A%20Countermeasure%20Against%20Adversarial%20Physical-Layer%20Wireless%20Sensinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#IRShield:%20A%20Countermeasure%20Against%20Adversarial%20Physical-Layer%20Wireless%20SensingFri, 31 Dec 2021 16:00:00 GMTPaul Staat (Max Planck Institute for Security and Privacy), Simon Mulzer (Ruhr University Bochum), Stefan Roth (Ruhr University Bochum), Veelasha Moonsamy (Ruhr University Bochum), Markus Heinrichs (TH Köln – University of Applied Sciences, Cologne, Germany), Rainer Kronberger (TH Köln – University of Applied Sciences, Cologne, Germany), Aydin Sezgin (Ruhr University Bochum), Christof Paar (Max Planck Institute for Security and Privacy)Investigating Influencer VPN Ads on YouTubehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Investigating%20Influencer%20VPN%20Ads%20on%20YouTubehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Investigating%20Influencer%20VPN%20Ads%20on%20YouTubeFri, 31 Dec 2021 16:00:00 GMTOmer Akgul (University of Maryland), Richard Roberts (University of Maryland), Moses Namara (Clemson University), Dave Levin (University of Maryland), Michelle L. Mazurek (University of Maryland)Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Invisible%20Finger:%20Practical%20Electromagnetic%20Interference%20Attack%20on%20Touchscreen-based%20Electronic%20Deviceshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Invisible%20Finger:%20Practical%20Electromagnetic%20Interference%20Attack%20on%20Touchscreen-based%20Electronic%20DevicesFri, 31 Dec 2021 16:00:00 GMTHaoqi Shan (University of Florida), Boyi Zhang (University of Florida), Zihao Zhan (University of Florida), Dean Sullivan (University of New Hampshire), Shuo Wang (University of Florida), Yier Jin (University of Florida)IronMask: Versatile Verification of Masking Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#IronMask:%20Versatile%20Verification%20of%20Masking%20Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#IronMask:%20Versatile%20Verification%20of%20Masking%20SecurityFri, 31 Dec 2021 16:00:00 GMTSonia Belaid (CryptoExperts), Darius Mercadier (CryptoExperts), Matthieu Rivain (CryptoExperts), Abdul Rahman Taleb (CryptoExperts)Jigsaw: Efficient and Scalable Path Constraints Fuzzinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Jigsaw:%20Efficient%20and%20Scalable%20Path%20Constraints%20Fuzzinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Jigsaw:%20Efficient%20and%20Scalable%20Path%20Constraints%20FuzzingFri, 31 Dec 2021 16:00:00 GMTJu Chen (UC, Riverside), Jinghan Wang (UC, Riverside), Chengyu Song (UC, Riverside), Heng Yin (UC, Riverside)LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#LinkTeller:%20Recovering%20Private%20Edges%20from%20Graph%20Neural%20Networks%20via%20Influence%20Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#LinkTeller:%20Recovering%20Private%20Edges%20from%20Graph%20Neural%20Networks%20via%20Influence%20AnalysisFri, 31 Dec 2021 16:00:00 GMTFan Wu (University of Illinois at Urbana-Champaign, USA), Yunhui Long (University of Illinois at Urbana-Champaign, USA), Ce Zhang (ETH Zurich, Switzerland), Bo Li (University of Illinois at Urbana-Champaign, USA)Locally Differentially Private Sparse Vector Aggregationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Locally%20Differentially%20Private%20Sparse%20Vector%20Aggregationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Locally%20Differentially%20Private%20Sparse%20Vector%20AggregationFri, 31 Dec 2021 16:00:00 GMTMingxun Zhou (Carnegie Mellon University), Tianhao Wang (Carnegie Mellon University and University of Virginia), T-H. Hubert Chan (The University of Hong Kong), Giulia Fanti (Carnegie Mellon University), Elaine Shi (Carnegie Mellon University)Low-Bandwidth Threshold ECDSA via Pseudorandom Correlation Generatorshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Low-Bandwidth%20Threshold%20ECDSA%20via%20Pseudorandom%20Correlation%20Generatorshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Low-Bandwidth%20Threshold%20ECDSA%20via%20Pseudorandom%20Correlation%20GeneratorsFri, 31 Dec 2021 16:00:00 GMTDamiano Abram (Aarhus University), Ariel Nof (Technion), Claudio Orlandi (Aarhus University), Peter Scholl (Aarhus University), Omer Shlomovits (ZenGo X)MatRiCT+: More Efficient Post-Quantum Private Blockchain Paymentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#MatRiCT+:%20More%20Efficient%20Post-Quantum%20Private%20Blockchain%20Paymentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#MatRiCT+:%20More%20Efficient%20Post-Quantum%20Private%20Blockchain%20PaymentsFri, 31 Dec 2021 16:00:00 GMTMuhammed F. Esgin (Monash University and CSIRO's Data61, Australia), Ron Steinfeld (Monash University, Australia), Raymond K. Zhao (Monash University, Australia)Measuring and Mitigating the Risk of IP Reuse on Public Cloudshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Measuring%20and%20Mitigating%20the%20Risk%20of%20IP%20Reuse%20on%20Public%20Cloudshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Measuring%20and%20Mitigating%20the%20Risk%20of%20IP%20Reuse%20on%20Public%20CloudsFri, 31 Dec 2021 16:00:00 GMTEric Pauley (Pennsylvania State University), Ryan Sheatsley (Pennsylvania State University), Blaine Hoak (Pennsylvania State University), Quinn Burke (Pennsylvania State University), Yohan Beugin (Pennsylvania State University), Patrick McDaniel (Pennsylvania State University)Membership inference attacks from first principleshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Membership%20inference%20attacks%20from%20first%20principleshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Membership%20inference%20attacks%20from%20first%20principlesFri, 31 Dec 2021 16:00:00 GMTNicholas Carlini (Google Brain), Steve Chien (Google Brain), Milad Nasr (UMASS), Shuang Song (Google Research, Brain), Andreas Terzis (Google, Inc.), Florian Tramer (Google Brain)MeshUp: Stateless Cache Side-channel Attack on CPU Meshhttps://www.ieee-security.org/TC/SP2022/program-papers.html#MeshUp:%20Stateless%20Cache%20Side-channel%20Attack%20on%20CPU%20Meshhttps://www.ieee-security.org/TC/SP2022/program-papers.html#MeshUp:%20Stateless%20Cache%20Side-channel%20Attack%20on%20CPU%20MeshFri, 31 Dec 2021 16:00:00 GMTJunpeng Wan (Fudan University), Yanxiang Bi (Fudan University), Zhe Zhou (Fudan University), Zhou Li (University of California, Irvine)Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectureshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Mind%20the%20Gap:%20Studying%20the%20Insecurity%20of%20Provably%20Secure%20Embedded%20Trusted%20Execution%20Architectureshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Mind%20the%20Gap:%20Studying%20the%20Insecurity%20of%20Provably%20Secure%20Embedded%20Trusted%20Execution%20ArchitecturesFri, 31 Dec 2021 16:00:00 GMTMarton Bognar (KU Leuven), Jo Van Bulck (KU Leuven), Frank Piessens (KU Leuven)Mitigating Information Leakage Vulnerabilities with Type-based Data Isolationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Mitigating%20Information%20Leakage%20Vulnerabilities%20with%20Type-based%20Data%20Isolationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Mitigating%20Information%20Leakage%20Vulnerabilities%20with%20Type-based%20Data%20IsolationFri, 31 Dec 2021 16:00:00 GMTAlyssa Milburn (Vrije Universiteit Amsterdam, The Netherlands), Erik van der Kouwe (Vrije Universiteit Amsterdam, The Netherlands), Cristiano Giuffrida (Vrije Universiteit Amsterdam, The Netherlands)Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Model%20Orthogonalization:%20Class%20Distance%20Hardening%20in%20Neural%20Networks%20for%20Better%20Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Model%20Orthogonalization:%20Class%20Distance%20Hardening%20in%20Neural%20Networks%20for%20Better%20SecurityFri, 31 Dec 2021 16:00:00 GMTGuanhong Tao (Purdue University), Yingqi Liu (Purdue University), Guangyu Shen (Purdue University), Qiuling Xu (Purdue University), Shengwei An (Purdue University), Zhuo Zhang (Purdue University), Xiangyu Zhang (Purdue University)Model Stealing Attacks Against Inductive Graph Neural Networkshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Model%20Stealing%20Attacks%20Against%20Inductive%20Graph%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Model%20Stealing%20Attacks%20Against%20Inductive%20Graph%20Neural%20NetworksFri, 31 Dec 2021 16:00:00 GMTYun Shen (Norton Research Group), Xinlei He (CISPA Helmholtz Center for Information Security), Yufei Han (Inria), Yang Zhang (CISPA Helmholtz Center for Information Security)Multi-Server Verifiable Computation of Low-Degree Polynomialshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Multi-Server%20Verifiable%20Computation%20of%20Low-Degree%20Polynomialshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Multi-Server%20Verifiable%20Computation%20of%20Low-Degree%20PolynomialsFri, 31 Dec 2021 16:00:00 GMTLiang Feng Zhang (ShanghaiTech University), Huaxiong Wang (Nanyang Technological University)Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Noise-SDR:%20Arbitrary%20Modulation%20of%20Electromagnetic%20Noise%20from%20Unprivileged%20Software%20and%20Its%20Impact%20on%20Emission%20Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Noise-SDR:%20Arbitrary%20Modulation%20of%20Electromagnetic%20Noise%20from%20Unprivileged%20Software%20and%20Its%20Impact%20on%20Emission%20SecurityFri, 31 Dec 2021 16:00:00 GMTGiovanni Camurati (EURECOM, France), Aurélien Francillon (EURECOM, France)Noise: A Library of Verified High-Performance Secure Channel Protocol Implementationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Noise:%20A%20Library%20of%20Verified%20High-Performance%20Secure%20Channel%20Protocol%20Implementationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Noise:%20A%20Library%20of%20Verified%20High-Performance%20Secure%20Channel%20Protocol%20ImplementationsFri, 31 Dec 2021 16:00:00 GMTSon Ho (INRIA), Jonathan Protzenko (Microsoft Research), Abhishek Bichhawat (IIT Gandhinagar), Karthikeyan Bhargavan (INRIA)PATA: Fuzzing with Path Aware Taint Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#PATA:%20Fuzzing%20with%20Path%20Aware%20Taint%20Analysishttps://www.ieee-security.org/TC/SP2022/program-papers.html#PATA:%20Fuzzing%20with%20Path%20Aware%20Taint%20AnalysisFri, 31 Dec 2021 16:00:00 GMTJie Liang (Tsinghua University, China), Mingzhe Wang (Tsinghua University, China), Chijin Zhou (Tsinghua University, China), Zhiyong Wu (Tsinghua University, China), Yu Jiang (Tsinghua University, China), (Jianzhong Liu (Tsinghua University, China), Zhe Liu (Nanjing University of Aeronautics and Astronautics, China), Jiaguang Sun (Tsinghua University, China)PCR-Auth: Solving Authentication Puzzle Challenges with Encoded Palm Contact Responseshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PCR-Auth:%20Solving%20Authentication%20Puzzle%20Challenges%20with%20Encoded%20Palm%20Contact%20Responseshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PCR-Auth:%20Solving%20Authentication%20Puzzle%20Challenges%20with%20Encoded%20Palm%20Contact%20ResponsesFri, 31 Dec 2021 16:00:00 GMTLong Huang (Louisiana State University), Chen Wang (Louisiana State University)PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicleshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PGPATCH:%20Policy-Guided%20Logic%20Bug%20Patching%20for%20Robotic%20Vehicleshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PGPATCH:%20Policy-Guided%20Logic%20Bug%20Patching%20for%20Robotic%20VehiclesFri, 31 Dec 2021 16:00:00 GMTHyungsub Kim (Purdue University), Muslum Ozgur Ozmen (Purdue University), Z. Berkay Celik (Purdue University), Antonio Bianchi (Purdue University), Dongyan Xu (Purdue University)PICCOLO: Exposing Complex Backdoors in NLP Transformer Modelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PICCOLO:%20Exposing%20Complex%20Backdoors%20in%20NLP%20Transformer%20Modelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#PICCOLO:%20Exposing%20Complex%20Backdoors%20in%20NLP%20Transformer%20ModelsFri, 31 Dec 2021 16:00:00 GMTYingqi Liu (Purdue Univ.), Guangyu Shen (Purdue University), Guanhong Tao (Purdue University), Shengwei An (Purdue University), Shiqing Ma (Rutgers University), Xiangyu Zhang (Purdue University)PROTRR: Principled yet Optimal In-DRAM Target Row Refreshhttps://www.ieee-security.org/TC/SP2022/program-papers.html#PROTRR:%20Principled%20yet%20Optimal%20In-DRAM%20Target%20Row%20Refreshhttps://www.ieee-security.org/TC/SP2022/program-papers.html#PROTRR:%20Principled%20yet%20Optimal%20In-DRAM%20Target%20Row%20RefreshFri, 31 Dec 2021 16:00:00 GMTMichele Marazzi (ETH Zurich), Patrick Jattke (ETH Zurich), Flavien Solt (ETH Zurich), Kaveh Razavi (ETH Zurich)Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homeshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Peekaboo:%20A%20Hub-Based%20Approach%20to%20Enable%20Transparency%20in%20Data%20Processing%20within%20Smart%20Homeshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Peekaboo:%20A%20Hub-Based%20Approach%20to%20Enable%20Transparency%20in%20Data%20Processing%20within%20Smart%20HomesFri, 31 Dec 2021 16:00:00 GMTHaojian Jin (Carnegie Mellon University), Gregory William Joseph Liu (Carnegie Mellon University), David Ethan Hwang (Carnegie Mellon University), Swarun Kumar (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University), Jason Hong (Carnegie Mellon University)Phishing in Organizations: Findings from a Large-Scale and Long-Term Studyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Phishing%20in%20Organizations:%20Findings%20from%20a%20Large-Scale%20and%20Long-Term%20Studyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Phishing%20in%20Organizations:%20Findings%20from%20a%20Large-Scale%20and%20Long-Term%20StudyFri, 31 Dec 2021 16:00:00 GMTDaniele Lain (ETH Zurich), Kari Kostiainen (ETH Zurich), Srdjan Capkun (ETH Zurich)Practical Asynchronous Distributed Key Generationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Practical%20Asynchronous%20Distributed%20Key%20Generationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Practical%20Asynchronous%20Distributed%20Key%20GenerationFri, 31 Dec 2021 16:00:00 GMTSourav Das (UIUC), Tom Yurek (UIUC), Zhuolun Xiang (UIUC), Andrew Miller (UIUC), Lefteris Kokoris-Kogias (IST Austria), Ling Ren (UIUC)Practical EMV Relay Protectionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Practical%20EMV%20Relay%20Protectionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Practical%20EMV%20Relay%20ProtectionFri, 31 Dec 2021 16:00:00 GMTAndreea-Ina Radu (University of Birmingham, UK), Tom Chothia (University of Birmingham, UK), Christopher J.P. Newton (University of Surrey, UK), Ioana Boureanu (University of Surrey, UK), Liqun Chen (University of Surrey, UK)Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSAhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Privacy-from-Birth:%20Protecting%20Sensed%20Data%20from%20Malicious%20Sensors%20with%20VERSAhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Privacy-from-Birth:%20Protecting%20Sensed%20Data%20from%20Malicious%20Sensors%20with%20VERSAFri, 31 Dec 2021 16:00:00 GMTIvan De Oliveira Nunes (Rochester Institute of Technology), Seoyeon Hwang (UC Irvine), Sashidhar Jakkamsetti (UC Irvine), Gene Tsudik (UC Irvine)Private Nearest Neighbor Search with Sublinear Communication and Malicious Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Private%20Nearest%20Neighbor%20Search%20with%20Sublinear%20Communication%20and%20Malicious%20Securityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Private%20Nearest%20Neighbor%20Search%20with%20Sublinear%20Communication%20and%20Malicious%20SecurityFri, 31 Dec 2021 16:00:00 GMTSacha Servan-Schreiber (Massachusetts Institute of Technology), Simon Langowski (Massachusetts Institute of Technology), Srinivas Devadas (Massachusetts Institute of Technology)ProVerif with Lemmas, Induction, Fast Subsumption, and Much Morehttps://www.ieee-security.org/TC/SP2022/program-papers.html#ProVerif%20with%20Lemmas,%20Induction,%20Fast%20Subsumption,%20and%20Much%20Morehttps://www.ieee-security.org/TC/SP2022/program-papers.html#ProVerif%20with%20Lemmas,%20Induction,%20Fast%20Subsumption,%20and%20Much%20MoreFri, 31 Dec 2021 16:00:00 GMTBruno Blanchet (Inria Paris), Vincent Cheval (Inria Paris), Véronique Cortier (Université de Lorraine, CNRS, Inria)Property Inference from Poisoninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Property%20Inference%20from%20Poisoninghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Property%20Inference%20from%20PoisoningFri, 31 Dec 2021 16:00:00 GMTSaeed Mahloujifar (Princeton), Esha Ghosh (Microsoft Research), Melissa Chase (Microsoft Research)Publicly Accountable Robust Multi-Party Computationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Publicly%20Accountable%20Robust%20Multi-Party%20Computationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Publicly%20Accountable%20Robust%20Multi-Party%20ComputationFri, 31 Dec 2021 16:00:00 GMTMarc Rivinius (University of Stuttgart), Pascal Reisert (University of Stuttgart), Daniel Rausch (University of Stuttgart), Ralf Küsters (University of Stuttgart)Quantifying Blockchain Extractable Value:How dark is the forest?https://www.ieee-security.org/TC/SP2022/program-papers.html#Quantifying%20Blockchain%20Extractable%20Value:How%20dark%20is%20the%20forest?https://www.ieee-security.org/TC/SP2022/program-papers.html#Quantifying%20Blockchain%20Extractable%20Value:How%20dark%20is%20the%20forest?Fri, 31 Dec 2021 16:00:00 GMTKaihua Qin (Imperial College London), Liyi Zhou (Imperial College London), Arthur Gervais (Imperial College London)RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZonehttps://www.ieee-security.org/TC/SP2022/program-papers.html#RT-TEE:%20Real-time%20System%20Availability%20for%20Cyber-physical%20Systems%20using%20ARM%20TrustZonehttps://www.ieee-security.org/TC/SP2022/program-papers.html#RT-TEE:%20Real-time%20System%20Availability%20for%20Cyber-physical%20Systems%20using%20ARM%20TrustZoneFri, 31 Dec 2021 16:00:00 GMTJinwen Wang (Washington University in St. Louis), Ao Li (Washington University in St. Louis), Haoran Li (Washington University in St. Louis), Chenyang Lu (Washington University in St. Louis), Ning Zhang (Washington University in St. Louis)Reconstructing Training Data with Informed Adversarieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Reconstructing%20Training%20Data%20with%20Informed%20Adversarieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Reconstructing%20Training%20Data%20with%20Informed%20AdversariesFri, 31 Dec 2021 16:00:00 GMTBorja Balle (DeepMind), Giovanni Cherubin (Alan Turing Institute), Jamie Hayes (DeepMind), Giovanni Cherubin (Alan Turing Institute)Repairing DoS Vulnerability of Real-World Regexeshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Repairing%20DoS%20Vulnerability%20of%20Real-World%20Regexeshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Repairing%20DoS%20Vulnerability%20of%20Real-World%20RegexesFri, 31 Dec 2021 16:00:00 GMTNariyoshi Chida (NTT Secure Platform Laboratories), Tachio Terauchi (Waseda University)Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platformshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Robbery%20on%20DevOps:%20Understanding%20and%20Mitigating%20Illicit%20Cryptomining%20on%20Continuous%20Integration%20Service%20Platformshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Robbery%20on%20DevOps:%20Understanding%20and%20Mitigating%20Illicit%20Cryptomining%20on%20Continuous%20Integration%20Service%20PlatformsFri, 31 Dec 2021 16:00:00 GMTZhi Li (School of Cyber Science and Engineering, Huazhong University of Science and Technology, China; School of Computer Science and Technology, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing Technology and System Lab, China; Big Data Security Engineering Research Center, China), Weijie Liu (Indiana University Bloomington, USA), Hongbo Chen (Indiana University Bloomington, USA), XiaoFeng Wang (Indiana University Bloomington, USA), Xiaojing Liao (Indiana University Bloomington, USA), Luyi Xing (Indiana University Bloomington, USA), Mingming Zha (Indiana University Bloomington, USA), Hai Jin (School of Computer Science and Technology, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing, Deqing Zou (School of Cyber Science and Engineering, Huazhong University of Science and Technology, China; National Engineering Research Center for Big Data Technology and Sytem, China; Cluster and Grid Computing Lab, China; Services Computing Technology and System Lab, China; Big Data Security Engineering Research Center, China Technology and System Lab, China; Big Data Security Engineering Research Center, China)SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Secondshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SAILFISH:%20Vetting%20Smart%20Contract%20State-Inconsistency%20Bugs%20in%20Secondshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SAILFISH:%20Vetting%20Smart%20Contract%20State-Inconsistency%20Bugs%20in%20SecondsFri, 31 Dec 2021 16:00:00 GMTPriyanka Bose (University of California, Santa Barbara), Dipanjan Das (University of California, Santa Barbara), Yanju Chen (University of California, Santa Barbara), Yu Feng (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (UC Santa Barbara)SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectorshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SIRAJ:%20A%20Unified%20Framework%20for%20Aggregation%20of%20Malicious%20Entity%20Detectorshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SIRAJ:%20A%20Unified%20Framework%20for%20Aggregation%20of%20Malicious%20Entity%20DetectorsFri, 31 Dec 2021 16:00:00 GMTSaravanan Thirumuruganathan (QCRI), Mohamed Nabeel (QCRI), Euijin Choo (Qatar Computing Research Institute), Issa Khalil (Qatar Computing Research Institute (QCRI), HBKU), Ting Yu (Qatar Computing Research Institute)SMILE: Secure Memory Introspection for Live Enclavehttps://www.ieee-security.org/TC/SP2022/program-papers.html#SMILE:%20Secure%20Memory%20Introspection%20for%20Live%20Enclavehttps://www.ieee-security.org/TC/SP2022/program-papers.html#SMILE:%20Secure%20Memory%20Introspection%20for%20Live%20EnclaveFri, 31 Dec 2021 16:00:00 GMTLei Zhou (Southern University of Science and Technology (SUSTech)), Xuhua Ding (Singapore Management University), Fengwei Zhang (Southern University of Science and Technology (SUSTech))SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SNARKBlock:%20Federated%20Anonymous%20Blocklisting%20from%20Hidden%20Common%20Input%20Aggregate%20Proofshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SNARKBlock:%20Federated%20Anonymous%20Blocklisting%20from%20Hidden%20Common%20Input%20Aggregate%20ProofsFri, 31 Dec 2021 16:00:00 GMTMichael Rosenberg (University of Maryland), Mary Maller (Ethereum Foundation), Ian Miers (University of Maryland)SPURT: Scalable Distributed Randomness Beacon with Transparent Setuphttps://www.ieee-security.org/TC/SP2022/program-papers.html#SPURT:%20Scalable%20Distributed%20Randomness%20Beacon%20with%20Transparent%20Setuphttps://www.ieee-security.org/TC/SP2022/program-papers.html#SPURT:%20Scalable%20Distributed%20Randomness%20Beacon%20with%20Transparent%20SetupFri, 31 Dec 2021 16:00:00 GMTSourav Das (UIUC), Vinith Krishnan (UIUC), Irene Isaac (UIUC), Ling Ren (UIUC)SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macroshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SYMBEXCEL:%20Automated%20Analysis%20and%20Understanding%20of%20Malicious%20Excel%204.0%20Macroshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SYMBEXCEL:%20Automated%20Analysis%20and%20Understanding%20of%20Malicious%20Excel%204.0%20MacrosFri, 31 Dec 2021 16:00:00 GMTNicola Ruaro (UC Santa Barbara), Fabio Pagani (UC Santa Barbara), Stefano Ortolani (VMware), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara)Sabre: Sender-Anonymous Messaging with Fast Auditshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Sabre:%20Sender-Anonymous%20Messaging%20with%20Fast%20Auditshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Sabre:%20Sender-Anonymous%20Messaging%20with%20Fast%20AuditsFri, 31 Dec 2021 16:00:00 GMTAdithya Vadapalli (Indiana University Bloomington), Kyle Storrier (University of Calgary), Ryan Henry (University of Calgary)Scraping Sticky Leftovers: App User Information Left on Servers After Account Deletionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Scraping%20Sticky%20Leftovers:%20App%20User%20Information%20Left%20on%20Servers%20After%20Account%20Deletionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Scraping%20Sticky%20Leftovers:%20App%20User%20Information%20Left%20on%20Servers%20After%20Account%20DeletionFri, 31 Dec 2021 16:00:00 GMTPreethi Santhanam (Wichita State University), Hoang Dang (Wichita State University), Zhiyong Shan (Wichita State University), Iulian Neamtiu (New Jersey Institute of Technology)SecFloat: Accurate Floating-Point meets Secure 2-Party Computationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SecFloat:%20Accurate%20Floating-Point%20meets%20Secure%202-Party%20Computationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SecFloat:%20Accurate%20Floating-Point%20meets%20Secure%202-Party%20ComputationFri, 31 Dec 2021 16:00:00 GMTDeevashwer Rathee (UC Berkeley), Anwesh Bhattacharya (Microsoft Research India), Rahul Sharma (Microsoft Research India), Divya Gupta (Microsoft Research India), Nishanth Chandran (Microsoft Research India), Aseem Rastogi (Microsoft Research India)Security Analysis of the MLS Key Derivationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Security%20Analysis%20of%20the%20MLS%20Key%20Derivationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Security%20Analysis%20of%20the%20MLS%20Key%20DerivationFri, 31 Dec 2021 16:00:00 GMTChris Brzuska (Aalto University, Finland), Eric Cornelissen (Aalto University, Finland), Konrad Kohbrok (Aalto University, Finland)Security Foundations for Application-Based Covert Communication Channelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Security%20Foundations%20for%20Application-Based%20Covert%20Communication%20Channelshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Security%20Foundations%20for%20Application-Based%20Covert%20Communication%20ChannelsFri, 31 Dec 2021 16:00:00 GMTJames K Howes IV (University of Florida), Marios Georgiou (Galois), Alex Malozemoff (Galois), Thomas Shrimpton (University of Florida)ShadeWatcher: Recommendation-guided Cyber Threat Analysis using System Audit Recordshttps://www.ieee-security.org/TC/SP2022/program-papers.html#ShadeWatcher:%20Recommendation-guided%20Cyber%20Threat%20Analysis%20using%20System%20Audit%20Recordshttps://www.ieee-security.org/TC/SP2022/program-papers.html#ShadeWatcher:%20Recommendation-guided%20Cyber%20Threat%20Analysis%20using%20System%20Audit%20RecordsFri, 31 Dec 2021 16:00:00 GMTJun Zeng (National University of Singapore), Xiang Wang (National University of Singapore), Jiahao Liu (National University of Singapore), Yinfang Chen (University of Illinois - Urbana Champaign), Zhenkai Liang (National University of Singapore), Tat-Seng Chua (National University of Singapore), Zheng Leong Chua (Independent Researcher)ShorTor: Improving Tor Network Latency via Multi-hop Overlay Routinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#ShorTor:%20Improving%20Tor%20Network%20Latency%20via%20Multi-hop%20Overlay%20Routinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#ShorTor:%20Improving%20Tor%20Network%20Latency%20via%20Multi-hop%20Overlay%20RoutingFri, 31 Dec 2021 16:00:00 GMTKyle Hogan (MIT), Sacha Servan-Schreiber (MIT), Zachary Newman (MIT), Ben Weintraub (Northeastern University), Cristina Nita-Rotaru (Northeastern University), Srinivas Devadas (MIT)SoK: A Framework for Unifying At-Risk User Researchhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20A%20Framework%20for%20Unifying%20At-Risk%20User%20Researchhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20A%20Framework%20for%20Unifying%20At-Risk%20User%20ResearchFri, 31 Dec 2021 16:00:00 GMTNoel Warford (University of Maryland), Tara Matthews (Google), Kaitlyn Yang (University of Maryland), Omer Akgul (University of Maryland), Sunny Consolvo (Google), Patrick Gage Kelley (Google), Nathan Malkin (University of Maryland), Michelle L. Mazurek (University of Maryland), Manya Sleeper (Google), Kurt Thomas (Google)SoK: Authentication in Augmented and Virtual Realityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Authentication%20in%20Augmented%20and%20Virtual%20Realityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Authentication%20in%20Augmented%20and%20Virtual%20RealityFri, 31 Dec 2021 16:00:00 GMTSophie Stephenson (University of Wisconsin--Madison), Bijeeta Pal (Cornell University), Stephen Fan (University of Wisconsin--Madison), Earlence Fernandes (UW Madison), Yuhang Zhao (University of Wisconsin-Madison), Rahul Chatterjee (University of Wisconsin--Madison)SoK: Demystifying Binary Lifters Through the Lens of Downstream Applicationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Demystifying%20Binary%20Lifters%20Through%20the%20Lens%20of%20Downstream%20Applicationshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Demystifying%20Binary%20Lifters%20Through%20the%20Lens%20of%20Downstream%20ApplicationsFri, 31 Dec 2021 16:00:00 GMTZhibo Liu (The Hong Kong University of Science and Technology), Yuanyuan Yuan (The Hong Kong University of Science and Technology), Shuai Wang (The Hong Kong University of Science and Technology), Yuyan Bao (University of Waterloo)SoK: How Robust is Image Classification Deep Neural Network Watermarking?https://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20How%20Robust%20is%20Image%20Classification%20Deep%20Neural%20Network%20Watermarking?https://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20How%20Robust%20is%20Image%20Classification%20Deep%20Neural%20Network%20Watermarking?Fri, 31 Dec 2021 16:00:00 GMTNils Lukas (University of Waterloo), Edward Jiang (University of Waterloo), Xinda Li (University of Waterloo), Florian Kerschbaum (University of Waterloo)SoK: Practical Foundations for Software Spectre Defenseshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Practical%20Foundations%20for%20Software%20Spectre%20Defenseshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Practical%20Foundations%20for%20Software%20Spectre%20DefensesFri, 31 Dec 2021 16:00:00 GMTSunjay Cauligi (UC San Diego), Craig Disselkoen (UC San Diego), Daniel Moghimi (UC San Diego), Gilles Barthe (MPI-SP and IMDEA Software Institute), Deian Stefan (UC San Diego)SoK: Social Cybersecurityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Social%20Cybersecurityhttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20Social%20CybersecurityFri, 31 Dec 2021 16:00:00 GMTYuxi Wu (Georgia Institute of Technology), W. Keith Edwards (Georgia Institute of Technology), Sauvik Das (Georgia Institute of Technology)SoK: The Dual Nature of Technology in Sexual Assaulthttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20The%20Dual%20Nature%20of%20Technology%20in%20Sexual%20Assaulthttps://www.ieee-security.org/TC/SP2022/program-papers.html#SoK:%20The%20Dual%20Nature%20of%20Technology%20in%20Sexual%20AssaultFri, 31 Dec 2021 16:00:00 GMTBorke Obada-Obieh (The University of British Columbia), Yue Huang (University of British Columbia), Lucrezia Spagnolo (Vesta Social Innovation Technologies), Konstantin (Kosta) Beznosov (University of British Columbia)SpecHammer: Combining Spectre and Rowhammer for New Speculative Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SpecHammer:%20Combining%20Spectre%20and%20Rowhammer%20for%20New%20Speculative%20Attackshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SpecHammer:%20Combining%20Spectre%20and%20Rowhammer%20for%20New%20Speculative%20AttacksFri, 31 Dec 2021 16:00:00 GMTYoussef Tobah (The University of Michigan), Andrew Kwong (University of Michigan), Ingab Kang (University of Michigan), Daniel Genkin (Georgia Institute of Technology), Kang G. Shin (The University of Michigan)Sphinx: Enabling Privacy-Preserving Online Learning over the Cloudhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Sphinx:%20Enabling%20Privacy-Preserving%20Online%20Learning%20over%20the%20Cloudhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Sphinx:%20Enabling%20Privacy-Preserving%20Online%20Learning%20over%20the%20CloudFri, 31 Dec 2021 16:00:00 GMTHan Tian (Hong Kong University of Science and Technology), Chaoliang Zeng (Hong Kong University of Science and Technology), Zhenghang Ren (Hong Kong University of Science and Technology), Di Chai (Hong Kong University of Science and Technology), Junxue ZHANG (Hong Kong University of Science and Technology), Kai Chen (Hong Kong University of Science and Technology), Qiang Yang (Hong Kong University of Science and Technology)Spinning Language Models: Risks of Propaganda-as-a-Service and Countermeasureshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spinning%20Language%20Models:%20Risks%20of%20Propaganda-as-a-Service%20and%20Countermeasureshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spinning%20Language%20Models:%20Risks%20of%20Propaganda-as-a-Service%20and%20CountermeasuresFri, 31 Dec 2021 16:00:00 GMTEugene Bagdasaryan (Cornell Tech), Vitaly Shmatikov (Cornell Tech)Spiral: Fast, High-Rate Single-Server PIR via FHE Compositionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spiral:%20Fast,%20High-Rate%20Single-Server%20PIR%20via%20FHE%20Compositionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spiral:%20Fast,%20High-Rate%20Single-Server%20PIR%20via%20FHE%20CompositionFri, 31 Dec 2021 16:00:00 GMTSamir Jordan Menon (None), David J. Wu (UT Austin)Spook.js: Attacking Chrome Strict Site Isolation via Speculative Executionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spook.js:%20Attacking%20Chrome%20Strict%20Site%20Isolation%20via%20Speculative%20Executionhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Spook.js:%20Attacking%20Chrome%20Strict%20Site%20Isolation%20via%20Speculative%20ExecutionFri, 31 Dec 2021 16:00:00 GMTAyush Agarwal (University of Michigan, USA), Sioli O’Connell (University of Adelaide, Australia), Jason Kim (Georgia Institute of Technology, USA), Shaked Yehezkel (Tel Aviv University, Israel), Daniel Genkin (Georgia Institute of Technology, USA), Eyal Ronen (Tel Aviv University, Israel), Yuval Yarom (University of Adelaide, Australia)Statistical Quantification of Differential Privacy: A Local Approachhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Statistical%20Quantification%20of%20Differential%20Privacy:%20A%20Local%20Approachhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Statistical%20Quantification%20of%20Differential%20Privacy:%20A%20Local%20ApproachFri, 31 Dec 2021 16:00:00 GMTÖnder Askin (Ruhr-University Bochum), Tim Kutta (Ruhr-University Bochum), Holger Dette (Ruhr-University Bochum)Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defensehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Surakav:%20Generating%20Realistic%20Traces%20for%20a%20Strong%20Website%20Fingerprinting%20Defensehttps://www.ieee-security.org/TC/SP2022/program-papers.html#Surakav:%20Generating%20Realistic%20Traces%20for%20a%20Strong%20Website%20Fingerprinting%20DefenseFri, 31 Dec 2021 16:00:00 GMTJiajun GONG (The Hong Kong University of Science and Technology), Wuqi Zhang (The Hong Kong University of Science and Technology), Charles Zhang (The Hong Kong University of Science and Technology), Tao Wang (Simon Fraser University)SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithmshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SwarmFlawFinder:%20Discovering%20and%20Exploiting%20Logic%20Flaws%20of%20Swarm%20Algorithmshttps://www.ieee-security.org/TC/SP2022/program-papers.html#SwarmFlawFinder:%20Discovering%20and%20Exploiting%20Logic%20Flaws%20of%20Swarm%20AlgorithmsFri, 31 Dec 2021 16:00:00 GMTChijung Jung (University of Virginia), Ali Ahad (University of Virginia), Yuseok Jeon (UNIST), Yonghwi Kwon (University of Virginia)TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#TASHAROK:%20Using%20Mechanism%20Design%20for%20Enhancing%20Security%20Resource%20Allocation%20in%20Interdependent%20Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#TASHAROK:%20Using%20Mechanism%20Design%20for%20Enhancing%20Security%20Resource%20Allocation%20in%20Interdependent%20SystemsFri, 31 Dec 2021 16:00:00 GMTMustafa Abdallah (Purdue University), Daniel Woods (University of Innsbruck), Parinaz Naghizadeh (Ohio State University), Issa Khalil (Qatar Computing Research Institute (QCRI), HBKU), Timothy Cason (Purdue University), Shreyas Sundaram (Purdue University), Saurabh Bagchi (Purdue University)TROLLMAGNIFIER: Detecting State-Sponsored Troll Accounts on Reddit?https://www.ieee-security.org/TC/SP2022/program-papers.html#TROLLMAGNIFIER:%20Detecting%20State-Sponsored%20Troll%20Accounts%20on%20Reddit?https://www.ieee-security.org/TC/SP2022/program-papers.html#TROLLMAGNIFIER:%20Detecting%20State-Sponsored%20Troll%20Accounts%20on%20Reddit?Fri, 31 Dec 2021 16:00:00 GMTMohammad Hammas Saeed (Boston University), Shiza Ali (Boston University), Jeremy Blackburn (Binghamton University), Emiliano De Cristofaro (University College London), Savvas Zannettou (TU Delft), Gianluca Stringhini (Boston University)The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#The%20State%20of%20the%20SameSite:%20Studying%20the%20Usage,%20Effectiveness,%20and%20Adequacy%20of%20SameSite%20Cookieshttps://www.ieee-security.org/TC/SP2022/program-papers.html#The%20State%20of%20the%20SameSite:%20Studying%20the%20Usage,%20Effectiveness,%20and%20Adequacy%20of%20SameSite%20CookiesFri, 31 Dec 2021 16:00:00 GMTSoheil Khodayari (CISPA Helmholtz Center for Information Security, Germany), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security, Germany)Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprintshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Time-Print:%20Authenticating%20USB%20Flash%20Drives%20with%20Novel%20Timing%20Fingerprintshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Time-Print:%20Authenticating%20USB%20Flash%20Drives%20with%20Novel%20Timing%20FingerprintsFri, 31 Dec 2021 16:00:00 GMTPatrick Cronin (University of Delaware), Xing Gao (University of Delaware), Haining Wang (Virginia Tech), Chase Cotton (University of Delaware)Timing-Based Browsing Privacy Vulnerabilities Via Site Isolationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Timing-Based%20Browsing%20Privacy%20Vulnerabilities%20Via%20Site%20Isolationhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Timing-Based%20Browsing%20Privacy%20Vulnerabilities%20Via%20Site%20IsolationFri, 31 Dec 2021 16:00:00 GMTZihao Jin (Microsoft Research Asia and Tsinghua University, China), Ziqiao Kong (Microsoft Research Asia, China), Shuo Chen (Microsoft Research Asia), Haixin Duan (Tsinghua University, China)Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deploymentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Towards%20Automated%20Auditing%20for%20Account%20and%20Session%20Management%20Flaws%20in%20Single%20Sign-On%20Deploymentshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Towards%20Automated%20Auditing%20for%20Account%20and%20Session%20Management%20Flaws%20in%20Single%20Sign-On%20DeploymentsFri, 31 Dec 2021 16:00:00 GMTMohammad Ghasemisharif (University of Illinois at Chicago), Chris Kanich (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago)Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drifthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Transcending%20TRANSCEND:%20Revisiting%20Malware%20Classification%20in%20the%20Presence%20of%20Concept%20Drifthttps://www.ieee-security.org/TC/SP2022/program-papers.html#Transcending%20TRANSCEND:%20Revisiting%20Malware%20Classification%20in%20the%20Presence%20of%20Concept%20DriftFri, 31 Dec 2021 16:00:00 GMTFederico Barbero (King's College London & University of Cambridge), Feargus Pendlebury (ICSI & King's College London & Royal Holloway, University of London), Fabio Pierazzi (King's College London), Lorenzo Cavallaro (University College London)Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settingshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Transfer%20Attacks%20Revisited:%20A%20Large-Scale%20Empirical%20Study%20in%20Real%20Computer%20Vision%20Settingshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Transfer%20Attacks%20Revisited:%20A%20Large-Scale%20Empirical%20Study%20in%20Real%20Computer%20Vision%20SettingsFri, 31 Dec 2021 16:00:00 GMTYuhao Mao (Zhejiang University), Saizhuo Wang (Zhejiang University), Shouling Ji (Zhejiang University), Xuhong Zhang (Zhejiang University), Zhenguang Liu (Zhejiang Gongshang University), Jun Zhou (Ant Financial Services Group), Raheem Beyah (Georgia Institute of Technology), Ting Wang (Penn State)Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Universal%203-Dimensional%20Perturbations%20for%20Black-Box%20Attacks%20on%20Video%20Recognition%20Systemshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Universal%203-Dimensional%20Perturbations%20for%20Black-Box%20Attacks%20on%20Video%20Recognition%20SystemsFri, 31 Dec 2021 16:00:00 GMTShangyu Xie (Illinois Institute of Technology, USA), Han Wang (Illinois Institute of Technology, USA), Yu Kong (Rochester Institute of Technology, USA), Yuan Hong (Illinois Institute of Technology, USA)Universal Atomic Swaps: Secure Exchange of Coins Across All Blockchainshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Universal%20Atomic%20Swaps:%20Secure%20Exchange%20of%20Coins%20Across%20All%20Blockchainshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Universal%20Atomic%20Swaps:%20Secure%20Exchange%20of%20Coins%20Across%20All%20BlockchainsFri, 31 Dec 2021 16:00:00 GMTSri AravindaKrishnan Thyagarajan (Friedrich Alexander University of Erlangen-Nürnberg), Giulio Malavolta (Max Planck Institute for Security and Privacy), Pedro Moreno-Sanchez (IMDEA Software Institute)Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchainshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Using%20Throughput-Centric%20Byzantine%20Broadcast%20to%20Tolerate%20Malicious%20Majority%20in%20Blockchainshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Using%20Throughput-Centric%20Byzantine%20Broadcast%20to%20Tolerate%20Malicious%20Majority%20in%20BlockchainsFri, 31 Dec 2021 16:00:00 GMTRuomu Hou (National University of Singapore), Haifeng Yu (National University of Singapore), Prateek Saxena (National University of Singapore)WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreenshttps://www.ieee-security.org/TC/SP2022/program-papers.html#WIGHT:%20Wired%20Ghost%20Touch%20Attack%20on%20Capacitive%20Touchscreenshttps://www.ieee-security.org/TC/SP2022/program-papers.html#WIGHT:%20Wired%20Ghost%20Touch%20Attack%20on%20Capacitive%20TouchscreensFri, 31 Dec 2021 16:00:00 GMTYan Jiang (Zhejiang University), Xiaoyu Ji (Zhejiang University), Kai Wang (Zhejiang University), Chen Yan (Zhejiang University), Richard Mitev (Technische University of Darmstadt), Ahmad-Reza Sadeghi (Technical University of Darmstadt), Wenyuan Xu (Zhejiang University)Waldo: A Private Time-Series Database from Function Secret-Sharinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Waldo:%20A%20Private%20Time-Series%20Database%20from%20Function%20Secret-Sharinghttps://www.ieee-security.org/TC/SP2022/program-papers.html#Waldo:%20A%20Private%20Time-Series%20Database%20from%20Function%20Secret-SharingFri, 31 Dec 2021 16:00:00 GMTEmma Dauterman (UC Berkeley), Mayank Rathee (UC Berkeley), Raluca Popa (UC Berkeley), Ion Stoica (UC Berkeley)Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniqueshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Why%20Crypto-detectors%20Fail:%20A%20Systematic%20Evaluation%20of%20Cryptographic%20Misuse%20Detection%20Techniqueshttps://www.ieee-security.org/TC/SP2022/program-papers.html#Why%20Crypto-detectors%20Fail:%20A%20Systematic%20Evaluation%20of%20Cryptographic%20Misuse%20Detection%20TechniquesFri, 31 Dec 2021 16:00:00 GMTAmit Seal Ami (William & Mary), Nathan Cooper (William & Mary), Kaushal Kafle (William & Mary), Kevin Moran (George Mason University), Denys Poshyvanyk (William & Mary), Adwait Nadkarni (William & Mary)Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssemblyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Wobfuscator:%20Obfuscating%20JavaScript%20Malware%20via%20Opportunistic%20Translation%20to%20WebAssemblyhttps://www.ieee-security.org/TC/SP2022/program-papers.html#Wobfuscator:%20Obfuscating%20JavaScript%20Malware%20via%20Opportunistic%20Translation%20to%20WebAssemblyFri, 31 Dec 2021 16:00:00 GMTAlan Romano (University at Buffalo, SUNY), Daniel Lehmann (University of Stuttgart), Michael Pradel (University of Stuttgart), Weihang Wang (University at Buffalo, SUNY)WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networkshttps://www.ieee-security.org/TC/SP2022/program-papers.html#WtaGraph:%20Web%20Tracking%20and%20Advertising%20Detection%20using%20Graph%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2022/program-papers.html#WtaGraph:%20Web%20Tracking%20and%20Advertising%20Detection%20using%20Graph%20Neural%20NetworksFri, 31 Dec 2021 16:00:00 GMTZhiju Yang (Colorado School of Mines), Weiping Pei (Colorado School of Mines), Monchu Chen (Appen), Chuan Yue (Colorado School of Mines)ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofshttps://www.ieee-security.org/TC/SP2022/program-papers.html#ZeeStar:%20Private%20Smart%20Contracts%20by%20Homomorphic%20Encryption%20and%20Zero-knowledge%20Proofshttps://www.ieee-security.org/TC/SP2022/program-papers.html#ZeeStar:%20Private%20Smart%20Contracts%20by%20Homomorphic%20Encryption%20and%20Zero-knowledge%20ProofsFri, 31 Dec 2021 16:00:00 GMTSamuel Steffen (ETH Zurich), Benjamin Bichsel (ETH Zurich), Roger Baumgartner (ETH Zurich), Martin Vechev (ETH Zurich)mmSpy: Spying Phone Calls using mmWave Radarshttps://www.ieee-security.org/TC/SP2022/program-papers.html#mmSpy:%20Spying%20Phone%20Calls%20using%20mmWave%20Radarshttps://www.ieee-security.org/TC/SP2022/program-papers.html#mmSpy:%20Spying%20Phone%20Calls%20using%20mmWave%20RadarsFri, 31 Dec 2021 16:00:00 GMTSuryoday Basak (Penn State University), Mahanth Gowda (Penn State University)vSGX: Virtualizing SGX Enclaves on AMD SEVhttps://www.ieee-security.org/TC/SP2022/program-papers.html#vSGX:%20Virtualizing%20SGX%20Enclaves%20on%20AMD%20SEVhttps://www.ieee-security.org/TC/SP2022/program-papers.html#vSGX:%20Virtualizing%20SGX%20Enclaves%20on%20AMD%20SEVFri, 31 Dec 2021 16:00:00 GMTShixuan Zhao (The Ohio State University), Mengyuan Li (The Ohio State University), Yinqian Zhang (Southern University of Science and Technology), Zhiqiang Lin (Ohio State University)A Decentralized and Encrypted National Gun Registryhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Decentralized%20and%20Encrypted%20National%20Gun%20Registryhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Decentralized%20and%20Encrypted%20National%20Gun%20RegistryThu, 31 Dec 2020 16:00:00 GMTSeny Kamara (Brown University), Tarik Moataz (Aroki Systems), Andrew Park (Brown University), Lucy Qin (Brown University)A First Look at Zoombombinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20First%20Look%20at%20Zoombombinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20First%20Look%20at%20ZoombombingThu, 31 Dec 2020 16:00:00 GMTChen Ling (Boston University), Utkucan Balcı (Binghamton University), Jeremy Blackburn (Binghamton University), Gianluca Stringhini (Boston University)A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Novel%20Dynamic%20Analysis%20Infrastructure%20to%20Instrument%20Untrusted%20Execution%20Flow%20Across%20User-Kernel%20Spaceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Novel%20Dynamic%20Analysis%20Infrastructure%20to%20Instrument%20Untrusted%20Execution%20Flow%20Across%20User-Kernel%20SpacesThu, 31 Dec 2020 16:00:00 GMTJiaqi Hong (Singapore Management University), Xuhua Ding (Singapore Management University)A Secure and Formally Verified Linux KVM Hypervisorhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Secure%20and%20Formally%20Verified%20Linux%20KVM%20Hypervisorhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Secure%20and%20Formally%20Verified%20Linux%20KVM%20HypervisorThu, 31 Dec 2020 16:00:00 GMTShih-Wei Li (Columbia University), Xupeng Li (Columbia University), John Hui (Columbia University), Jason Nieh (Columbia University), Ronghui Gu (Columbia University)A Security Model and Fully Verified Implementation for the IETF QUIC Record Layerhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Security%20Model%20and%20Fully%20Verified%20Implementation%20for%20the%20IETF%20QUIC%20Record%20Layerhttps://www.ieee-security.org/TC/SP2021/program-papers.html#A%20Security%20Model%20and%20Fully%20Verified%20Implementation%20for%20the%20IETF%20QUIC%20Record%20LayerThu, 31 Dec 2020 16:00:00 GMTAntoine Delignat-Lavaud (Microsoft Research), Cedric Fournet (Microsoft Research), Bryan Parno (Carnegie Mellon University), Jonathan Protzenko (Microsoft Research), Tahina Ramananandro (Microsoft Research), Jay Bosamiya (Carnegie Mellon University), Joseph Lallemand (Loria, Inria Nancy Grand Est), Itsaka Rakotonirina (Loria, Inria Nancy Grand Est), Yi Zhou (Carnegie Mellon University), Joseph Lallemand (ETH Zürich)A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubshttps://www.ieee-security.org/TC/SP2021/program-papers.html#A2L:%20Anonymous%20Atomic%20Locks%20for%20Scalability%20in%20Payment%20Channel%20Hubshttps://www.ieee-security.org/TC/SP2021/program-papers.html#A2L:%20Anonymous%20Atomic%20Locks%20for%20Scalability%20in%20Payment%20Channel%20HubsThu, 31 Dec 2020 16:00:00 GMTErkan Tairi (TU Wien), Pedro Moreno-Sanchez (IMDEA Software Institute), Matteo Maffei (TU Wien)ARBITRAR : User-Guided API Misuse Detectionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#ARBITRAR%20:%20User-Guided%20API%20Misuse%20Detectionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#ARBITRAR%20:%20User-Guided%20API%20Misuse%20DetectionThu, 31 Dec 2020 16:00:00 GMTZiyang Li (University of Pennsylvania), Aravind Machiry (Purdue University), Binghong Chen (Georgia Institute of Technology), Ke Wang (Visa Research), Mayur Naik (University of Pennsylvania), Le Song (Georgia Institute of Technology)Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hidinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Adversarial%20Watermarking%20Transformer:%20Towards%20Tracing%20Text%20Provenance%20with%20Data%20Hidinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Adversarial%20Watermarking%20Transformer:%20Towards%20Tracing%20Text%20Provenance%20with%20Data%20HidingThu, 31 Dec 2020 16:00:00 GMTSahar Abdelnabi (CISPA Helmholtz Center for Information Security), Mario Fritz (CISPA Helmholtz Center for Information Security)Adversary Instantiation: Lower bounds for differentially private machine learninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Adversary%20Instantiation:%20Lower%20bounds%20for%20differentially%20private%20machine%20learninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Adversary%20Instantiation:%20Lower%20bounds%20for%20differentially%20private%20machine%20learningThu, 31 Dec 2020 16:00:00 GMTMilad Nasr (University of Massachusetts Amherst), Shuang Song (Google), Abhradeep Guha Thakurta (Google), Nicolas Papernot (Google), Nicholas Carlini (Google)An I/O Separation Model for Formal Verification of Kernel Implementationshttps://www.ieee-security.org/TC/SP2021/program-papers.html#An%20I/O%20Separation%20Model%20for%20Formal%20Verification%20of%20Kernel%20Implementationshttps://www.ieee-security.org/TC/SP2021/program-papers.html#An%20I/O%20Separation%20Model%20for%20Formal%20Verification%20of%20Kernel%20ImplementationsThu, 31 Dec 2020 16:00:00 GMTMiao Yu (Carnegie Mellon University), Virgil Gligor (Carnegie Mellon University), Limin Jia (Carnegie Mellon University)An Interactive Prover for Protocol Verification in the Computational Modelhttps://www.ieee-security.org/TC/SP2021/program-papers.html#An%20Interactive%20Prover%20for%20Protocol%20Verification%20in%20the%20Computational%20Modelhttps://www.ieee-security.org/TC/SP2021/program-papers.html#An%20Interactive%20Prover%20for%20Protocol%20Verification%20in%20the%20Computational%20ModelThu, 31 Dec 2020 16:00:00 GMTDavid Baelde (LSV, CNRS, ENS Paris-Saclay, Université Paris-Saclay), Stéphanie Delaune (Univ Rennes, CNRS, IRISA), Charlie Jacomme (CISPA Helmholtz Center for Information Security), Adrien Koutsos (INRIA Paris), Solene Moreau (Univ Rennes, CNRS, IRISA), Charlie Jacomme (LSV & CNRS & ENS Paris-Saclay & INRIA & Université Paris-Saclay, Paris, France)Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomingshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Android%20Custom%20Permissions%20Demystified:%20From%20Privilege%20Escalation%20to%20Design%20Shortcomingshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Android%20Custom%20Permissions%20Demystified:%20From%20Privilege%20Escalation%20to%20Design%20ShortcomingsThu, 31 Dec 2020 16:00:00 GMTRui Li (Shandong University), Wenrui Diao (Shandong University), Zhou Li (University of California, Irvine), Jianqi Du (Shandong University), Shanqing Guo (Shandong University)BUFFing signature schemes beyond unforgeability and the case of post-quantum signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#BUFFing%20signature%20schemes%20beyond%20unforgeability%20and%20the%20case%20of%20post-quantum%20signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#BUFFing%20signature%20schemes%20beyond%20unforgeability%20and%20the%20case%20of%20post-quantum%20signaturesThu, 31 Dec 2020 16:00:00 GMTCas Cremers (CISPA Helmholtz Center for Information Security), Samed Düzlü (TU Darmstadt), Rune Fiedler (TU Darmstadt), Marc Fischlin (TU Darmstadt), Christian Janson (TU Darmstadt)Bitcoin-Compatible Virtual Channelshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bitcoin-Compatible%20Virtual%20Channelshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bitcoin-Compatible%20Virtual%20ChannelsThu, 31 Dec 2020 16:00:00 GMTLukas Aumayr (Technische Universität Wien), Oguzhan Ersoy (Delft University of Technology), Andreas Erwig (Technische Universität Darmstadt), Sebastian Faust (Technische Universität Darmstadt), Kristina Hostáková (ETH Zürich), Matteo Maffei (Technische Universität Wien), Pedro Moreno-Sanchez (Technische Universität Wien), Siavash Riahi (Technische Universität Darmstadt)Black Widow: Blackbox Data-driven Web Scanninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Black%20Widow:%20Blackbox%20Data-driven%20Web%20Scanninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Black%20Widow:%20Blackbox%20Data-driven%20Web%20ScanningThu, 31 Dec 2020 16:00:00 GMTBenjamin Eriksson (Chalmers University of Technology), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security), Andrei Sabelfeld (Chalmers University of Technology)Bomberman: Defining and Defeating Hardware Ticking Timebombs at Design-timehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bomberman:%20Defining%20and%20Defeating%20Hardware%20Ticking%20Timebombs%20at%20Design-timehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bomberman:%20Defining%20and%20Defeating%20Hardware%20Ticking%20Timebombs%20at%20Design-timeThu, 31 Dec 2020 16:00:00 GMTTimothy Trippel (University of Michigan), Kang G. Shin (University of Michigan), Kevin B. Bush (MIT Lincoln Laboratory), Matthew Hicks (Virginia Tech)Bookworm Game: Automatic Discovery of LTE Vulnerabilities Through Documentation Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bookworm%20Game:%20Automatic%20Discovery%20of%20LTE%20Vulnerabilities%20Through%20Documentation%20Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#Bookworm%20Game:%20Automatic%20Discovery%20of%20LTE%20Vulnerabilities%20Through%20Documentation%20AnalysisThu, 31 Dec 2020 16:00:00 GMTYi Chen (Indiana University Bloomington), Yepeng Yao (Institute of Information Engineering, CAS), XiaoFeng Wang (Indiana University Bloomington), Dandan Xu (Institute of Information Engineering, CAS), Xiaozhong Liu (Indiana University Bloomington), Chang Yue (Institute of Information Engineering, CAS), Kai Chen (Institute of Information Engineering, CAS), Haixu Tang (Indiana University Bloomington), Baoxu Liu (Institute of Information Engineering, CAS)Breaking the Specification: PDF Certificationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Breaking%20the%20Specification:%20PDF%20Certificationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Breaking%20the%20Specification:%20PDF%20CertificationThu, 31 Dec 2020 16:00:00 GMTSimon Rohlmann (Ruhr University Bochum), Vladislav Mladenov (Ruhr University Bochum), Christian Mainka (Ruhr University Bochum), Jörg Schwenk (Ruhr University Bochum)CANnon: Reliable and Stealthy Remote Shutdown Attacks via Unaltered Automotive Microcontrollershttps://www.ieee-security.org/TC/SP2021/program-papers.html#CANnon:%20Reliable%20and%20Stealthy%20Remote%20Shutdown%20Attacks%20via%20Unaltered%20Automotive%20Microcontrollershttps://www.ieee-security.org/TC/SP2021/program-papers.html#CANnon:%20Reliable%20and%20Stealthy%20Remote%20Shutdown%20Attacks%20via%20Unaltered%20Automotive%20MicrocontrollersThu, 31 Dec 2020 16:00:00 GMTSekar Kulandaivel (Carnegie Mellon University), Shalabh Jain (Research and Technology Center, Robert Bosch LLC, USA), Jorge Guajardo (Research and Technology Center, Robert Bosch LLC, USA), Vyas Sekar (Carnegie Mellon University)CRYLOGGER: Detecting Crypto Misuses Dynamicallyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CRYLOGGER:%20Detecting%20Crypto%20Misuses%20Dynamicallyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CRYLOGGER:%20Detecting%20Crypto%20Misuses%20DynamicallyThu, 31 Dec 2020 16:00:00 GMTLuca Piccolboni (Columbia University), Giuseppe Di Guglielmo (Columbia University), Luca P. Carloni (Columbia University), Simha Sethumadhavan (Columbia University)CacheOut: Leaking Data on Intel CPUs via Cache Evictionshttps://www.ieee-security.org/TC/SP2021/program-papers.html#CacheOut:%20Leaking%20Data%20on%20Intel%20CPUs%20via%20Cache%20Evictionshttps://www.ieee-security.org/TC/SP2021/program-papers.html#CacheOut:%20Leaking%20Data%20on%20Intel%20CPUs%20via%20Cache%20EvictionsThu, 31 Dec 2020 16:00:00 GMTStephan van Schaik (University of Michigan), Marina Minkin (University of Michigan), Andrew Kwong (University of Michigan), Daniel Genkin (University of Michigan), Yuval Yarom (University of Adelaide and Data61)CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountabilityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CanDID:%20Can-Do%20Decentralized%20Identity%20with%20Legacy%20Compatibility,%20Sybil-Resistance,%20and%20Accountabilityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CanDID:%20Can-Do%20Decentralized%20Identity%20with%20Legacy%20Compatibility,%20Sybil-Resistance,%20and%20AccountabilityThu, 31 Dec 2020 16:00:00 GMTSai Krishna Deepak Maram (Cornell Tech), Fan Zhang (Cornell Tech), Harjasleen Malvai (Cornell), Ari Juels (Cornell Tech), Alexander Frolov (Cornell), Nerla Jean-Louis (University of Illinois at Urbana-Champaign), Andrew Miller (University of Illinois at Urbana-Champaign), Tyler Kell (Cornell Tech)Co-Inflow: Coarse-Grained Information Flow Control for Java-like Languageshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Co-Inflow:%20Coarse-Grained%20Information%20Flow%20Control%20for%20Java-like%20Languageshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Co-Inflow:%20Coarse-Grained%20Information%20Flow%20Control%20for%20Java-like%20LanguagesThu, 31 Dec 2020 16:00:00 GMTJian Xiang (Harvard University), Stephen Chong (Harvard University)Compact Certificates of Collective Knowledgehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compact%20Certificates%20of%20Collective%20Knowledgehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compact%20Certificates%20of%20Collective%20KnowledgeThu, 31 Dec 2020 16:00:00 GMTSilvio Micali (Algorand and MIT), Leonid Reyzin (Algorand and Boston University), Georgios Vlachos (), Riad S. Wahby (Algorand and Stanford), Nickolai Zeldovich (Algorand and MIT)Compositional Non-Interference for Fine-Grained Concurrent Programshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compositional%20Non-Interference%20for%20Fine-Grained%20Concurrent%20Programshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compositional%20Non-Interference%20for%20Fine-Grained%20Concurrent%20ProgramsThu, 31 Dec 2020 16:00:00 GMTDan Frumin (Radboud University), Robbert Krebbers (TU Delft), Lars Birkedal (Aarhus University)Compositional Security for Reentrant Applicationshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compositional%20Security%20for%20Reentrant%20Applicationshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Compositional%20Security%20for%20Reentrant%20ApplicationsThu, 31 Dec 2020 16:00:00 GMTEthan Cecchetti (Cornell University), Siqiu Yao (Cornell University), Haobin Ni (Cornell University), Andrew C. Myers (Cornell University)ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#ConDySTA:%20Context-Aware%20Dynamic%20Supplement%20to%20Static%20Taint%20Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#ConDySTA:%20Context-Aware%20Dynamic%20Supplement%20to%20Static%20Taint%20AnalysisThu, 31 Dec 2020 16:00:00 GMTXueling Zhang (University of Texas at San Antonio), Xiaoyin Wang (University of Texas at San Antonio), Rocky Slavin (University of Texas at San Antonio), Jianwei Niu (University of Texas at San Antonio)CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#CrawlPhish:%20Large-scale%20Analysis%20of%20Client-side%20Cloaking%20Techniques%20in%20Phishinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#CrawlPhish:%20Large-scale%20Analysis%20of%20Client-side%20Cloaking%20Techniques%20in%20PhishingThu, 31 Dec 2020 16:00:00 GMTPenghui Zhang (Arizona State University), Adam Oest (Arizona State University), Haehyun Cho (Arizona State University), Zhibo Sun (Arizona State University), RC Johnson (PayPal), Brad Wardman (PayPal), Shaown Sarker (North Carolina State University), Alexandros Kapravelos (North Carolina State University), Tiffany Bao (Arizona State University), Ruoyu Wang (Arizona State University), Yan Shoshitaishvili (Arizona State University), Adam Doupé (Arizona State University), Gail-Joon Ahn (Arizona State University and Samsung Research)Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More)https://www.ieee-security.org/TC/SP2021/program-papers.html#Cross%20Layer%20Attacks%20and%20How%20to%20Use%20Them%20(for%20DNS%20Cache%20Poisoning,%20Device%20Tracking%20and%20More)https://www.ieee-security.org/TC/SP2021/program-papers.html#Cross%20Layer%20Attacks%20and%20How%20to%20Use%20Them%20(for%20DNS%20Cache%20Poisoning,%20Device%20Tracking%20and%20More)Thu, 31 Dec 2020 16:00:00 GMTAmit Klein (Bar Ilan University)Cross-Domain Access Control Encryption -- Arbitrary-policy, Constant-size, Efficienthttps://www.ieee-security.org/TC/SP2021/program-papers.html#Cross-Domain%20Access%20Control%20Encryption%20--%20Arbitrary-policy,%20Constant-size,%20Efficienthttps://www.ieee-security.org/TC/SP2021/program-papers.html#Cross-Domain%20Access%20Control%20Encryption%20--%20Arbitrary-policy,%20Constant-size,%20EfficientThu, 31 Dec 2020 16:00:00 GMTXiuhua Wang (The Chinese University of Hong Kong), Sherman S. M. Chow (The Chinese University of Hong Kong)CrossTalk: Speculative Data Leaks Across Cores Are Realhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CrossTalk:%20Speculative%20Data%20Leaks%20Across%20Cores%20Are%20Realhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CrossTalk:%20Speculative%20Data%20Leaks%20Across%20Cores%20Are%20RealThu, 31 Dec 2020 16:00:00 GMTHany Ragab (Vrije Universiteit Amsterdam), Alyssa Milburn (Vrije Universiteit Amsterdam), Kaveh Razavi (Vrije Universiteit Amsterdam), Herbert Bos (Vrije Universiteit Amsterdam), Cristiano Giuffrida (Vrije Universiteit Amsterdam), Kaveh Razavi (ETH Zurich)CryptGPU: Fast Privacy-Preserving Machine Learning on the GPUhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CryptGPU:%20Fast%20Privacy-Preserving%20Machine%20Learning%20on%20the%20GPUhttps://www.ieee-security.org/TC/SP2021/program-papers.html#CryptGPU:%20Fast%20Privacy-Preserving%20Machine%20Learning%20on%20the%20GPUThu, 31 Dec 2020 16:00:00 GMTSijun Tan (University of Virginia), Brian Knott (Facebook AI Research), Yuan Tian (University of Virginia), David J. Wu (University of Virginia)DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#DIANE:%20Identifying%20Fuzzing%20Triggers%20in%20Apps%20to%20Generate%20Under-constrained%20Inputs%20for%20IoT%20Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#DIANE:%20Identifying%20Fuzzing%20Triggers%20in%20Apps%20to%20Generate%20Under-constrained%20Inputs%20for%20IoT%20DevicesThu, 31 Dec 2020 16:00:00 GMTNilo Redini (UC Santa Barbara), Andrea Continella (University of Twente), Dipanjan Das (UC Santa Barbara), Giulio De Pasquale (UC Santa Barbara), Noah Spahn (UC Santa Barbara), Aravind Machiry (UC Santa Barbara), Antonio Bianchi (Purdue University), Christopher Kruegel (UC Santa Barbara), Giovanni Vigna (UC Santa Barbara)DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#DICE:%20Automatic%20Emulation%20of%20DMA%20Input%20Channels%20for%20Dynamic%20Firmware%20Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#DICE:%20Automatic%20Emulation%20of%20DMA%20Input%20Channels%20for%20Dynamic%20Firmware%20AnalysisThu, 31 Dec 2020 16:00:00 GMTAlejandro Mera (Northeastern University), Bo Feng (Northeastern University), Long Lu (Northeastern University), Engin Kirda (Northeastern University)DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugshttps://www.ieee-security.org/TC/SP2021/program-papers.html#DIFUZZRTL:%20Differential%20Fuzz%20Testing%20to%20Find%20CPU%20Bugshttps://www.ieee-security.org/TC/SP2021/program-papers.html#DIFUZZRTL:%20Differential%20Fuzz%20Testing%20to%20Find%20CPU%20BugsThu, 31 Dec 2020 16:00:00 GMTJaewon Hur (Seoul National University), Suhwan Song (Seoul National University), Dongup Kwon (Seoul National University), Eunjin Baek (Seoul National University), Jangwoo Kim (Seoul National University), Byoungyoung Lee (Seoul National University)DP-Sniper: Black-Box Discovery of Differential Privacy Violations using Classifiershttps://www.ieee-security.org/TC/SP2021/program-papers.html#DP-Sniper:%20Black-Box%20Discovery%20of%20Differential%20Privacy%20Violations%20using%20Classifiershttps://www.ieee-security.org/TC/SP2021/program-papers.html#DP-Sniper:%20Black-Box%20Discovery%20of%20Differential%20Privacy%20Violations%20using%20ClassifiersThu, 31 Dec 2020 16:00:00 GMTBenjamin Bichsel (ETH Zurich), Samuel Steffen (ETH Zurich), Ilija Bogunovic (ETH Zurich), Martin Vechev (ETH Zurich)Data Privacy in Trigger-Action Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Data%20Privacy%20in%20Trigger-Action%20Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Data%20Privacy%20in%20Trigger-Action%20SystemsThu, 31 Dec 2020 16:00:00 GMTYunang Chen (University of Wisconsin-Madison), Amrita Roy Chowdhury (University of Wisconsin-Madison), Ruizhe Wang (University of Wisconsin-Madison), Andrei Sabelfeld (Chalmers University of Technology), Rahul Chatterjee (University of Wisconsin-Madison), Earlence Fernandes (University of Wisconsin-Madison)Defensive Technology Use by Political Activists During the Sudanese Revolutionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Defensive%20Technology%20Use%20by%20Political%20Activists%20During%20the%20Sudanese%20Revolutionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Defensive%20Technology%20Use%20by%20Political%20Activists%20During%20the%20Sudanese%20RevolutionThu, 31 Dec 2020 16:00:00 GMTAlaa Daffalla (University of Kansas), Lucy Simko (University of Washington), Tadayoshi Kohno (University of Washington), Alexandru G. Bardas (University of Kansas)Detecting AI Trojans Using Meta Neural Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#Detecting%20AI%20Trojans%20Using%20Meta%20Neural%20Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#Detecting%20AI%20Trojans%20Using%20Meta%20Neural%20AnalysisThu, 31 Dec 2020 16:00:00 GMTXiaojun Xu (University of Illinois at Urbana-Champaign), Qi Wang (University of Illinois at Urbana-Champaign), Huichen Li (University of Illinois at Urbana-Champaign), Nikita Borisov (University of Illinois at Urbana-Champaign), Carl A. Gunter (University of Illinois at Urbana-Champaign), Bo Li (University of Illinois at Urbana-Champaign)Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Detecting%20Filter%20List%20Evasion%20with%20Event-Loop-Turn%20Granularity%20JavaScript%20Signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Detecting%20Filter%20List%20Evasion%20with%20Event-Loop-Turn%20Granularity%20JavaScript%20SignaturesThu, 31 Dec 2020 16:00:00 GMTQuan Chen (North Carolina State University), Peter Snyder (Brave Software), Ben Livshits (Brave Software), Alexandros Kapravelos (North Carolina State University)Did you mix me? Formally Verifying Verifiable Mix Nets in Electronic Votinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Did%20you%20mix%20me?%20Formally%20Verifying%20Verifiable%20Mix%20Nets%20in%20Electronic%20Votinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Did%20you%20mix%20me?%20Formally%20Verifying%20Verifiable%20Mix%20Nets%20in%20Electronic%20VotingThu, 31 Dec 2020 16:00:00 GMTThomas Haines (Norwegian University of Science and Technology), Rajeev Gore (Australian National University), Bhavesh Sharma (Australian National University), Thomas Haines (Norwegian University of Science and Technology)Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majorityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Diogenes:%20Lightweight%20Scalable%20RSA%20Modulus%20Generation%20with%20a%20Dishonest%20Majorityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Diogenes:%20Lightweight%20Scalable%20RSA%20Modulus%20Generation%20with%20a%20Dishonest%20MajorityThu, 31 Dec 2020 16:00:00 GMTCarmit Hazay (Bar-Ilan University), Megan Chen (Northeastern U.), Yuval Ishai (Technion), Yuriy Kashnikov (Ligero Inc.), Daniele Micciancio (UC San Diego), Tarik Riviere (Ligero Inc.), abhi shelat (Northeastern U.), Ruihan Wang (Ligero Inc.), Muthu Venkitasubramaniam (U. of Rochester)Doing good by fighting fraud: Ethical anti-fraudsystems for mobile paymentshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Doing%20good%20by%20fighting%20fraud:%20Ethical%20anti-fraudsystems%20for%20mobile%20paymentshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Doing%20good%20by%20fighting%20fraud:%20Ethical%20anti-fraudsystems%20for%20mobile%20paymentsThu, 31 Dec 2020 16:00:00 GMTZainul Abi Din (UC Davis), Hari Venugopalan (UC Davis), Henry Lin (Bouncer Technologies), Adam Wushensky (Bouncer Technologies), Steven Liu (Bouncer Technologies), Samuel T. King (UC Davis and Bouncer Technologies)DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protectionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#DynPTA:%20Combining%20Static%20and%20Dynamic%20Analysis%20for%20Practical%20Selective%20Data%20Protectionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#DynPTA:%20Combining%20Static%20and%20Dynamic%20Analysis%20for%20Practical%20Selective%20Data%20ProtectionThu, 31 Dec 2020 16:00:00 GMTTapti Palit (Stony Brook University), Jarin Firose Moon (Stony Brook University), Fabian Monrose (University of North Carolina, Chapel Hill), Michalis Polychronakis (Stony Brook University)Ebb-and-Flow Protocols: A Resolution of the Availability-Finality Dilemmahttps://www.ieee-security.org/TC/SP2021/program-papers.html#Ebb-and-Flow%20Protocols:%20A%20Resolution%20of%20the%20Availability-Finality%20Dilemmahttps://www.ieee-security.org/TC/SP2021/program-papers.html#Ebb-and-Flow%20Protocols:%20A%20Resolution%20of%20the%20Availability-Finality%20DilemmaThu, 31 Dec 2020 16:00:00 GMTJoachim Neu (Stanford University), Ertem Nusret Tas (Stanford University), David Tse (Stanford University)Electromagnetic Covert Channels Can Be Super Resilienthttps://www.ieee-security.org/TC/SP2021/program-papers.html#Electromagnetic%20Covert%20Channels%20Can%20Be%20Super%20Resilienthttps://www.ieee-security.org/TC/SP2021/program-papers.html#Electromagnetic%20Covert%20Channels%20Can%20Be%20Super%20ResilientThu, 31 Dec 2020 16:00:00 GMTCheng Shen (Peking University), Tian Liu (Peking University), Jun Huang (MIT), Rui Tan (Nanyang Technological University)Epochal Signatures for Deniable Group Chatshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Epochal%20Signatures%20for%20Deniable%20Group%20Chatshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Epochal%20Signatures%20for%20Deniable%20Group%20ChatsThu, 31 Dec 2020 16:00:00 GMTFlorian Weber (TU Eindhoven), Andreas Hülsing (TU Eindhoven)Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviorshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Fingerprinting%20the%20Fingerprinters:%20Learning%20to%20Detect%20Browser%20Fingerprinting%20Behaviorshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Fingerprinting%20the%20Fingerprinters:%20Learning%20to%20Detect%20Browser%20Fingerprinting%20BehaviorsThu, 31 Dec 2020 16:00:00 GMTUmar Iqbal (The University of Iowa), Steven Englehardt (Mozilla Corporation ), Zubair Shafiq (University of California, Davis)Good Bot, Bad Bot: Characterizing Automated Browsing Activityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Good%20Bot,%20Bad%20Bot:%20Characterizing%20Automated%20Browsing%20Activityhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Good%20Bot,%20Bad%20Bot:%20Characterizing%20Automated%20Browsing%20ActivityThu, 31 Dec 2020 16:00:00 GMTXigao Li (Stony Brook University), Babak Amin Azad (Stony Brook University), Amir Rahmati (Stony Brook University), Nick Nikiforakis (Stony Brook University)HackEd: A Pedagogical Analysis of Online Vulnerability Discovery Exerciseshttps://www.ieee-security.org/TC/SP2021/program-papers.html#HackEd:%20A%20Pedagogical%20Analysis%20of%20Online%20Vulnerability%20Discovery%20Exerciseshttps://www.ieee-security.org/TC/SP2021/program-papers.html#HackEd:%20A%20Pedagogical%20Analysis%20of%20Online%20Vulnerability%20Discovery%20ExercisesThu, 31 Dec 2020 16:00:00 GMTDaniel Votipka (Tufts University), Eric Zhang (University of Maryland), Michelle Mazurek (University of Maryland)Happer: Unpacking Android Apps via a Hardware-Assisted Approachhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Happer:%20Unpacking%20Android%20Apps%20via%20a%20Hardware-Assisted%20Approachhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Happer:%20Unpacking%20Android%20Apps%20via%20a%20Hardware-Assisted%20ApproachThu, 31 Dec 2020 16:00:00 GMTLei Xue (The Hong Kong Polytechnic University), Hao Zhou (The Hong Kong Polytechnic University), Xiapu Luo (The Hong Kong Polytechnic University), Yajin Zhou (Zhejiang University), Yang Shi (Tongji University), Guofei Gu (Texas A&M University), Fengwei Zhang (Southern University of Science and Technology (SUSTech)), Man Ho Au (The University of Hong Kong)Hardware-Software Contracts for Secure Speculationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Hardware-Software%20Contracts%20for%20Secure%20Speculationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Hardware-Software%20Contracts%20for%20Secure%20SpeculationThu, 31 Dec 2020 16:00:00 GMTMarco Guarnieri (IMDEA Software Institute), Boris Köpf (Microsoft Research), Jan Reineke (Saarland University), Pepe Vila (IMDEA Software Institute)Hear "No Evil", See "Kenansville": Efficient and Transferable Black-Box Attacks on Speech Recognition and Voice Identification Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Hear%20%22No%20Evil%22,%20See%20%22Kenansville%22:%20Efficient%20and%20Transferable%20Black-Box%20Attacks%20on%20Speech%20Recognition%20and%20Voice%20Identification%20Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Hear%20%22No%20Evil%22,%20See%20%22Kenansville%22:%20Efficient%20and%20Transferable%20Black-Box%20Attacks%20on%20Speech%20Recognition%20and%20Voice%20Identification%20SystemsThu, 31 Dec 2020 16:00:00 GMTHadi Abdullah (University of Florida), Muhammad Sajidur Rahman (University of Florida), Washington Garcia (University of Florida), Kevin Warren (University of Florida), Anurag Swarnim Yadav (University of Florida), Tom Shrimpton (University of Florida), Patrick Traynor (University of Florida)High-Assurance Cryptography in the Spectre Erahttps://www.ieee-security.org/TC/SP2021/program-papers.html#High-Assurance%20Cryptography%20in%20the%20Spectre%20Erahttps://www.ieee-security.org/TC/SP2021/program-papers.html#High-Assurance%20Cryptography%20in%20the%20Spectre%20EraThu, 31 Dec 2020 16:00:00 GMTGilles Barthe (Max Planck Institute for Security and Privacy and IMDEA Software Institute), Sunjay Cauligi (University of California San Diego), Benjamin Gregoire (INRIA Sophia Antipolis), Adrien Koutsos (Inria Paris, Max Planck Institute for Security and Privacy), Kevin Liao (Max Planck Institute for Security and Privacy and Massachusetts Institute of Technology), Tiago Oliveira (University of Porto (FCUP) and INESC TEC), Swarn Priya (Purdue University), Tamara Rezk (INRIA Sophia Antipolis), Peter Schwabe (Max Planck Institute for Security and Privacy)High-Frequency Trading on Decentralized On-Chain Exchangeshttps://www.ieee-security.org/TC/SP2021/program-papers.html#High-Frequency%20Trading%20on%20Decentralized%20On-Chain%20Exchangeshttps://www.ieee-security.org/TC/SP2021/program-papers.html#High-Frequency%20Trading%20on%20Decentralized%20On-Chain%20ExchangesThu, 31 Dec 2020 16:00:00 GMTLiyi Zhou (Imperial College London), Kaihua Qin (Imperial College London), Christof Ferreira Torres (University of Luxembourg), Duc V Le (Purdue University), Arthur Gervais (Imperial College London)How Did That Get In My Phone? Unwanted App Distribution on Android Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#How%20Did%20That%20Get%20In%20My%20Phone?%20Unwanted%20App%20Distribution%20on%20Android%20Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#How%20Did%20That%20Get%20In%20My%20Phone?%20Unwanted%20App%20Distribution%20on%20Android%20DevicesThu, 31 Dec 2020 16:00:00 GMTPlaton Kotzias (NortonLifelock Research Group), Juan Caballero (IMDEA Software Institute), Leyla Bilge (NortonLifelock Research Group)Improving Password Guessing via Representation Learninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Improving%20Password%20Guessing%20via%20Representation%20Learninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Improving%20Password%20Guessing%20via%20Representation%20LearningThu, 31 Dec 2020 16:00:00 GMTDario Pasquini (Sapienza University of Rome; Stevens Institute of Technology; Institute of Applied Computing CNR), Ankit Gangwal (University of Padua; Stevens Institute of Technology), Giuseppe Ateniese (Stevens Institute of Technology), Massimo Bernaschi (Institute of Applied Computing CNR), Mauro Conti (University of Padua)Invisible Probe: Timing Attacks with PCIe Congestion Side-channelhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Invisible%20Probe:%20Timing%20Attacks%20with%20PCIe%20Congestion%20Side-channelhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Invisible%20Probe:%20Timing%20Attacks%20with%20PCIe%20Congestion%20Side-channelThu, 31 Dec 2020 16:00:00 GMTMingtian Tan (Fudan University), Junpeng Wan (Fudan University), Zhe Zhou (Fudan University), Zhou Li (University of California, Irvine)Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Invisible%20for%20both%20Camera%20and%20LiDAR:%20Security%20of%20Multi-Sensor%20Fusion%20based%20Perception%20in%20Autonomous%20Driving%20Under%20Physical-World%20Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Invisible%20for%20both%20Camera%20and%20LiDAR:%20Security%20of%20Multi-Sensor%20Fusion%20based%20Perception%20in%20Autonomous%20Driving%20Under%20Physical-World%20AttacksThu, 31 Dec 2020 16:00:00 GMTYulong Cao* (University of Michigan), Ningfei Wang* (University of California, Irvine), Chaowei Xiao* (NVIDIA Research and Arizona State University), Dawei Yang* (University of Michigan), Jin Fang (Baidu Research and National Engineering Laboratory of Deep Learning Technology and Application, China), Ruigang Yang (Inceptio), Qi Alfred Chen (University of California, Irvine), Mingyan Liu (University of Michigan), Bo Li (University of Illinois at Urbana-Champaign), (*co-first authors)Is Private Learning Possible with Instance Encoding?https://www.ieee-security.org/TC/SP2021/program-papers.html#Is%20Private%20Learning%20Possible%20with%20Instance%20Encoding?https://www.ieee-security.org/TC/SP2021/program-papers.html#Is%20Private%20Learning%20Possible%20with%20Instance%20Encoding?Thu, 31 Dec 2020 16:00:00 GMTNicholas Carlini (Google), Samuel Deng (Columbia), Sanjam Garg (UC Berkeley), Somesh Jha (UW-Madison), Saeed Mahloujifar (Princeton), Mohammad Mahmoody (University of Virginia), Abhradeep Thakurta (Google), Florian Tramer (Stanford University)Journey to the Center of the Cookie Ecosystem: Unraveling Actors' Roles and Relationshipshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Journey%20to%20the%20Center%20of%20the%20Cookie%20Ecosystem:%20Unraveling%20Actors'%20Roles%20and%20Relationshipshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Journey%20to%20the%20Center%20of%20the%20Cookie%20Ecosystem:%20Unraveling%20Actors'%20Roles%20and%20RelationshipsThu, 31 Dec 2020 16:00:00 GMTIskander Sanchez-Rola (NortonLifeLock Research Group), Matteo Dell'Amico (NortonLifeLock Research Group), Davide Balzarotti (EURECOM), Pierre-Antoine Vervier (NortonLifeLock Research Group), Leyla Bilge (NortonLifeLock Research Group), Iskander ()Keep the Dirt: Tainted TreeKEM, Adaptively and Actively Secure Continuous Group Key Agreementhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Keep%20the%20Dirt:%20Tainted%20TreeKEM,%20Adaptively%20and%20Actively%20Secure%20Continuous%20Group%20Key%20Agreementhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Keep%20the%20Dirt:%20Tainted%20TreeKEM,%20Adaptively%20and%20Actively%20Secure%20Continuous%20Group%20Key%20AgreementThu, 31 Dec 2020 16:00:00 GMTJoel Alwen (Wickr Inc.), Margarita Capretto (Universidad Nacional de Rosario), Miguel Cueto (ENS Lyon), Chethan Kamath (Northeastern University), Karen Klein (IST Austria), Ilia Markov (IST Austria), Guillermo Pascual-Perez (IST Austria), Krzysztof Pietrzak (IST Austria), Michael Walter (IST Austria), Michelle Yeo (IST Austria)Learning Differentially Private Mechanismshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Learning%20Differentially%20Private%20Mechanismshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Learning%20Differentially%20Private%20MechanismsThu, 31 Dec 2020 16:00:00 GMTSubhajit Roy (IIT Kanpur), Justin Hsu (University of Wisconsin--Madison), Aws Albarghouthi (University of Wisconsin--Madison)Lightweight Techniques for Private Heavy Hittershttps://www.ieee-security.org/TC/SP2021/program-papers.html#Lightweight%20Techniques%20for%20Private%20Heavy%20Hittershttps://www.ieee-security.org/TC/SP2021/program-papers.html#Lightweight%20Techniques%20for%20Private%20Heavy%20HittersThu, 31 Dec 2020 16:00:00 GMTDan Boneh (Stanford), Elette Boyle (IDC Herzliya), Henry Corrigan-Gibbs (MIT CSAIL), Niv Gilboa (Ben-Gurion University), Yuval Ishai (Technion)Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Linking%20Bluetooth%20LE%20&%20Classic%20and%20Implications%20for%20Privacy-Preserving%20Bluetooth-Based%20Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Linking%20Bluetooth%20LE%20&%20Classic%20and%20Implications%20for%20Privacy-Preserving%20Bluetooth-Based%20ProtocolsThu, 31 Dec 2020 16:00:00 GMTNorbert Ludant (Northeastern University), Tien D. Vo-Huu (Northeastern University), Sashank Narain (University of Massachusetts Lowell), Guevara Noubir (Northeastern University)Lockable Signatures for Blockchains: Scriptless Scripts for all Signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Lockable%20Signatures%20for%20Blockchains:%20Scriptless%20Scripts%20for%20all%20Signatureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Lockable%20Signatures%20for%20Blockchains:%20Scriptless%20Scripts%20for%20all%20SignaturesThu, 31 Dec 2020 16:00:00 GMTSri AravindaKrishnan Thyagarajan (Friedrich Alexander Universität Erlangen-Nürnberg), Giulio Malavolta (Max Planck Institute for Security and Privacy)MAD-HTLC: Because HTLC is Crazy-Cheap to Attackhttps://www.ieee-security.org/TC/SP2021/program-papers.html#MAD-HTLC:%20Because%20HTLC%20is%20Crazy-Cheap%20to%20Attackhttps://www.ieee-security.org/TC/SP2021/program-papers.html#MAD-HTLC:%20Because%20HTLC%20is%20Crazy-Cheap%20to%20AttackThu, 31 Dec 2020 16:00:00 GMTItay Tsabary (Technion), Matan Yechieli (Technion), Alex Manuskin (ZenGo), Ittay Eyal (Technion, VMware)Machine Unlearninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Machine%20Unlearninghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Machine%20UnlearningThu, 31 Dec 2020 16:00:00 GMTLucas Bourtoule (University of Toronto; Vector Institute), Varun Chandrasekaran (University of Wisconsin-Madison), Christopher A. Choquette-Choo (University of Toronto; Vector Institute), Hengrui Jia (University of Toronto; Vector Institute), Adelin Travers (University of Toronto; Vector Institute), Baiwu Zhang (University of Toronto; Vector Institute), David Lie (University of Toronto), Nicolas Papernot (University of Toronto; Vector Institute)Manipulation Attacks in Local Differential Privacyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Manipulation%20Attacks%20in%20Local%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Manipulation%20Attacks%20in%20Local%20Differential%20PrivacyThu, 31 Dec 2020 16:00:00 GMTAlbert Cheu (Northeastern University), Adam Smith (Boston University), Jonathan Ullman (Northeastern University)Many-out-of-Many Proofs and Applications to Anonymous Zetherhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Many-out-of-Many%20Proofs%20and%20Applications%20to%20Anonymous%20Zetherhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Many-out-of-Many%20Proofs%20and%20Applications%20to%20Anonymous%20ZetherThu, 31 Dec 2020 16:00:00 GMTBenjamin E. Diamond (J.P. Morgan)Merkle^2: A Low-Latency Transparency Log Systemhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Merkle^2:%20A%20Low-Latency%20Transparency%20Log%20Systemhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Merkle^2:%20A%20Low-Latency%20Transparency%20Log%20SystemThu, 31 Dec 2020 16:00:00 GMTYuncong Hu (UC Berkeley), Kian Hooshmand (UC Berkeley), Rajeswari Harika Kalidhindi (UC Berkeley), Seung Jin Yang (UC Berkeley), Raluca Popa (UC Berkeley)Method Confusion Attack on Bluetooth Pairinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Method%20Confusion%20Attack%20on%20Bluetooth%20Pairinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#Method%20Confusion%20Attack%20on%20Bluetooth%20PairingThu, 31 Dec 2020 16:00:00 GMTMaximilian von Tschirschnitz (Technical University Munich), Ludwig Peuckert (Technical University Munich), Fabian Franzen (Technical University Munich), Jens Grossklags (Technical University Munich)NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#NTFUZZ:%20Enabling%20Type-Aware%20Kernel%20Fuzzing%20on%20Windows%20with%20Static%20Binary%20Analysishttps://www.ieee-security.org/TC/SP2021/program-papers.html#NTFUZZ:%20Enabling%20Type-Aware%20Kernel%20Fuzzing%20on%20Windows%20with%20Static%20Binary%20AnalysisThu, 31 Dec 2020 16:00:00 GMTJaeseung Choi (KAIST), Kangsu Kim (KAIST), Daejin Lee (KAIST), Sang Kil Cha (KAIST)OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binaryhttps://www.ieee-security.org/TC/SP2021/program-papers.html#OSPREY:%20Recovery%20of%20Variable%20and%20Data%20Structure%20via%20Probabilistic%20Analysis%20for%20Stripped%20Binaryhttps://www.ieee-security.org/TC/SP2021/program-papers.html#OSPREY:%20Recovery%20of%20Variable%20and%20Data%20Structure%20via%20Probabilistic%20Analysis%20for%20Stripped%20BinaryThu, 31 Dec 2020 16:00:00 GMTZhuo Zhang (Purdue University), Yapeng Ye (Purdue University), Wei You (Renmin University of China), Guanhong Tao (Purdue University), Wen-chuan Lee (Purdue University), Yonghwi Kwon (University of Virginia), Yousra Aafer (University of Waterloo), Xiangyu Zhang (Purdue University)On the Anonymity Guarantees of Anonymous Proof-of-Stake Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#On%20the%20Anonymity%20Guarantees%20of%20Anonymous%20Proof-of-Stake%20Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#On%20the%20Anonymity%20Guarantees%20of%20Anonymous%20Proof-of-Stake%20ProtocolsThu, 31 Dec 2020 16:00:00 GMTVarun Madathil (North Carolina State University), Alessandra Scafuro (North Carolina State University), Kartik Nayak (Duke University), Markulf Kohlweiss (University of Edinburgh)On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#On%20the%20Just-In-Time%20Discovery%20of%20Profit-Generating%20Transactions%20in%20DeFi%20Protocolshttps://www.ieee-security.org/TC/SP2021/program-papers.html#On%20the%20Just-In-Time%20Discovery%20of%20Profit-Generating%20Transactions%20in%20DeFi%20ProtocolsThu, 31 Dec 2020 16:00:00 GMTLiyi Zhou (Imperial College London), Kaihua Qin (Imperial College London), Antoine Cully (Imperial College London), Benjamin Livshits (Imperial College London), Arthur Gervais (Imperial College London)One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#One%20Engine%20to%20Fuzz%20'em%20All:%20Generic%20Language%20Processor%20Testing%20with%20Semantic%20Validationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#One%20Engine%20to%20Fuzz%20'em%20All:%20Generic%20Language%20Processor%20Testing%20with%20Semantic%20ValidationThu, 31 Dec 2020 16:00:00 GMTYongheng Chen (Georgia Institute of Technology), Rui Zhong (Pennsylvania State University), Hong Hu (Pennsylvania State University), Hangfan Zhang (Pennsylvania State University), Yupeng Yang (University of Electronic Science and Technology of China), Dinghao Wu (Pennsylvania State University), Wenke Lee (Georgia Institute of Technology)PLATYPUS: Software-based Power Side-Channel Attacks on x86https://www.ieee-security.org/TC/SP2021/program-papers.html#PLATYPUS:%20Software-based%20Power%20Side-Channel%20Attacks%20on%20x86https://www.ieee-security.org/TC/SP2021/program-papers.html#PLATYPUS:%20Software-based%20Power%20Side-Channel%20Attacks%20on%20x86Thu, 31 Dec 2020 16:00:00 GMTMoritz Lipp (Graz University of Technology), Andreas Kogler (Graz University of Technology), David Oswald (The University of Birmingham, UK), Michael Schwarz (CISPA Helmholtz Center for Information Security), Catherine Easdon (Graz University of Technology), Claudio Canella (Graz University of Technology), Daniel Gruss (Graz University of Technology), Catherine Easdon (Graz University of Technology)Pegasus: Bridging Polynomial and Non-polynomial Evaluations in Homomorphic Encryptionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Pegasus:%20Bridging%20Polynomial%20and%20Non-polynomial%20Evaluations%20in%20Homomorphic%20Encryptionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Pegasus:%20Bridging%20Polynomial%20and%20Non-polynomial%20Evaluations%20in%20Homomorphic%20EncryptionThu, 31 Dec 2020 16:00:00 GMTWen-jie Lu (Alibaba Group), Zhicong Huang (Alibaba Group), Cheng Hong (Alibaba Group), Yiping Ma (University of Pennsylvania), Fuping Qu (Alibaba Group)Poltergeist: Acoustic Adversarial Machine Learning against Cameras and Computer Visionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Poltergeist:%20Acoustic%20Adversarial%20Machine%20Learning%20against%20Cameras%20and%20Computer%20Visionhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Poltergeist:%20Acoustic%20Adversarial%20Machine%20Learning%20against%20Cameras%20and%20Computer%20VisionThu, 31 Dec 2020 16:00:00 GMTXiaoyu Ji (Zhejiang University), Yushi Cheng (Zhejiang University), Yuepeng Zhang (Zhejiang University), Kai Wang (Zhejiang University), Chen Yan (Zhejiang University), Kevin Fu (University of Michigan), Wenyuan Xu (Zhejiang University)Post-Quantum WireGuardhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Post-Quantum%20WireGuardhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Post-Quantum%20WireGuardThu, 31 Dec 2020 16:00:00 GMTAndreas Hülsing (Eindhoven University of Technology, NL), Kai-Chun Ning (KPN B.V., NL), Peter Schwabe (Radboud University, NL), Florian Weber (Eindhoven University of Technology, NL), Philip R. Zimmermann (Delft University of Technology & KPN B.V., NL)Proactive Threshold Wallets with Offline Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Proactive%20Threshold%20Wallets%20with%20Offline%20Deviceshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Proactive%20Threshold%20Wallets%20with%20Offline%20DevicesThu, 31 Dec 2020 16:00:00 GMTYashvanth Kondi (Northeastern University), Bernardo Magri (Aarhus University), Claudio Orlandi (Aarhus University), Omer Shlomovits (ZenGo X)Proof-of-Learning: Definitions and Practicehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Proof-of-Learning:%20Definitions%20and%20Practicehttps://www.ieee-security.org/TC/SP2021/program-papers.html#Proof-of-Learning:%20Definitions%20and%20PracticeThu, 31 Dec 2020 16:00:00 GMTHengrui Jia (University of Toronto and Vector Institute), Mohammad Yaghini (University of Toronto and Vector Institute), Christopher A. Choquette-Choo (University of Toronto and Vector Institute), Natalie Dullerud (University of Toronto and Vector Institute), Anvith Thudi (University of Toronto and Vector Institute), Varun Chandrasekaran (University of Wisconsin-Madison), Nicolas Papernot (University of Toronto and Vector Institute)Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix Ithttps://www.ieee-security.org/TC/SP2021/program-papers.html#Randomized%20Last-Level%20Caches%20Are%20Still%20Vulnerable%20to%20Cache%20Side-Channel%20Attacks!%20But%20We%20Can%20Fix%20Ithttps://www.ieee-security.org/TC/SP2021/program-papers.html#Randomized%20Last-Level%20Caches%20Are%20Still%20Vulnerable%20to%20Cache%20Side-Channel%20Attacks!%20But%20We%20Can%20Fix%20ItThu, 31 Dec 2020 16:00:00 GMTWei Song (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Boya Li (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Zihan Xue (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Zhenzhen Li (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Wenhao Wang (State Key Laboratory of Information Security, Institute of Information Engineering, CAS), Peng Liu (The Pennsylvania State University)Reading between the Lines: An Extensive Evaluation of the Security and Privacy Implications of EPUB Reading Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Reading%20between%20the%20Lines:%20An%20Extensive%20Evaluation%20of%20the%20Security%20and%20Privacy%20Implications%20of%20EPUB%20Reading%20Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Reading%20between%20the%20Lines:%20An%20Extensive%20Evaluation%20of%20the%20Security%20and%20Privacy%20Implications%20of%20EPUB%20Reading%20SystemsThu, 31 Dec 2020 16:00:00 GMTGertjan Franken (imec-DistriNet, KU Leuven), Tom Van Goethem (imec-DistriNet, KU Leuven), Wouter Joosen (imec-DistriNet, KU Leuven)Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model.https://www.ieee-security.org/TC/SP2021/program-papers.html#Real-World%20Snapshots%20vs.%20Theory:%20Questioning%20the%20t-Probing%20Security%20Model.https://www.ieee-security.org/TC/SP2021/program-papers.html#Real-World%20Snapshots%20vs.%20Theory:%20Questioning%20the%20t-Probing%20Security%20Model.Thu, 31 Dec 2020 16:00:00 GMTThilo Krachenfels (Technische Universität Berlin), Amir Moradi (Ruhr-Universität Bochum), Jean-Pierre Seifert (Technische Universität Berlin), Fatemeh Ganji (Worcester Polytechnic Institute), Shahin Tajik (Worcester Polytechnic Institute)Red Belly: A Secure, Fair and Scalable Open Blockchainhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Red%20Belly:%20A%20Secure,%20Fair%20and%20Scalable%20Open%20Blockchainhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Red%20Belly:%20A%20Secure,%20Fair%20and%20Scalable%20Open%20BlockchainThu, 31 Dec 2020 16:00:00 GMTTyler Crain (University of Sydney), Christopher Natoli (University of Sydney), Vincent Gramoli (University of Sydney and EPFL)Response-Hiding Encrypted Ranges: Revisiting Security via Parametrized Leakage-Abuse Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Response-Hiding%20Encrypted%20Ranges:%20Revisiting%20Security%20via%20Parametrized%20Leakage-Abuse%20Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Response-Hiding%20Encrypted%20Ranges:%20Revisiting%20Security%20via%20Parametrized%20Leakage-Abuse%20AttacksThu, 31 Dec 2020 16:00:00 GMTEvgenios Kornaropoulos (UC Berkeley), Charalampos Papamanthou (University of Maryland), Roberto Tamassia (Brown University)Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilitieshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Revealer:%20Detecting%20and%20Exploiting%20Regular%20Expression%20Denial-of-Service%20Vulnerabilitieshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Revealer:%20Detecting%20and%20Exploiting%20Regular%20Expression%20Denial-of-Service%20VulnerabilitiesThu, 31 Dec 2020 16:00:00 GMTYinxi Liu (The Chinese University of Hong Kong), Mingxue Zhang (The Chinese University of Hong Kong), Wei Meng (The Chinese University of Hong Kong)Runtime Recovery of Web Applications under Zero-Day ReDoS Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Runtime%20Recovery%20of%20Web%20Applications%20under%20Zero-Day%20ReDoS%20Attackshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Runtime%20Recovery%20of%20Web%20Applications%20under%20Zero-Day%20ReDoS%20AttacksThu, 31 Dec 2020 16:00:00 GMTZhihao Bai (Johns Hopkins University), Ke Wang (Peking University), Hang Zhu (Johns Hopkins University), Yinzhi Cao (Johns Hopkins University), Xin Jin (Peking University)SGUARD: Towards Fixing Vulnerable Smart Contracts Automaticallyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SGUARD:%20Towards%20Fixing%20Vulnerable%20Smart%20Contracts%20Automaticallyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SGUARD:%20Towards%20Fixing%20Vulnerable%20Smart%20Contracts%20AutomaticallyThu, 31 Dec 2020 16:00:00 GMTTai D. Nguyen (Singapore Management University), Long H. Pham (Singapore Management University), Jun Sun (Singapore Management University)SIRNN: A Math Library for Secure RNN Inferencehttps://www.ieee-security.org/TC/SP2021/program-papers.html#SIRNN:%20A%20Math%20Library%20for%20Secure%20RNN%20Inferencehttps://www.ieee-security.org/TC/SP2021/program-papers.html#SIRNN:%20A%20Math%20Library%20for%20Secure%20RNN%20InferenceThu, 31 Dec 2020 16:00:00 GMTDeevashwer Rathee (Microsoft), Mayank Rathee (Microsoft), Rahul Kranti Kiran Goli (Microsoft), Divya Gupta (Microsoft), Rahul Sharma (Microsoft), Nishanth Chandran (Microsoft), Aseem Rastogi (Microsoft)STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewritinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#STOCHFUZZ:%20Sound%20and%20Cost-effective%20Fuzzing%20of%20Stripped%20Binaries%20by%20Incremental%20and%20Stochastic%20Rewritinghttps://www.ieee-security.org/TC/SP2021/program-papers.html#STOCHFUZZ:%20Sound%20and%20Cost-effective%20Fuzzing%20of%20Stripped%20Binaries%20by%20Incremental%20and%20Stochastic%20RewritingThu, 31 Dec 2020 16:00:00 GMTZhuo Zhang (Purdue University), Wei You (Renmin University of China), Guanhong Tao (Purdue University), Yousra Aafer (University of Waterloo), Xuwei Liu (Purdue University), Xiangyu Zhang (Purdue University)Self-Supervised Euphemism Detection and Identification for Content Moderationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Self-Supervised%20Euphemism%20Detection%20and%20Identification%20for%20Content%20Moderationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Self-Supervised%20Euphemism%20Detection%20and%20Identification%20for%20Content%20ModerationThu, 31 Dec 2020 16:00:00 GMTWanzheng Zhu (University of Illinois, at Urbana-Champaign), Hongyu Gong (Facebook), Rohan Bansal (Carnegie Mellon University), Zachary Weinberg (University of Massachusetts, Amherst), Nicolas Christin (Carnegie Mellon University), Giulia Fanti (Carnegie Mellon University), Suma Bhat (University of Illinois, at Urbana-Champaign)SmartPulse: Automated Checking of Temporal Properties in Smart Contractshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SmartPulse:%20Automated%20Checking%20of%20Temporal%20Properties%20in%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SmartPulse:%20Automated%20Checking%20of%20Temporal%20Properties%20in%20Smart%20ContractsThu, 31 Dec 2020 16:00:00 GMTJon Stephens (The University of Texas at Austin), Kostas Ferles (The University of Texas at Austin), Benjamin Mariano (The University of Texas at Austin), Shuvendu Lahiri (Microsoft Research), Isil Dillig (The University of Texas at Austin)SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly but Were Afraid to Askhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20All%20You%20Ever%20Wanted%20to%20Know%20About%20x86/x64%20Binary%20Disassembly%20but%20Were%20Afraid%20to%20Askhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20All%20You%20Ever%20Wanted%20to%20Know%20About%20x86/x64%20Binary%20Disassembly%20but%20Were%20Afraid%20to%20AskThu, 31 Dec 2020 16:00:00 GMTChengbin Pang (Stevens Institute of Technology; Nanjing University), Ruotong Yu (Stevens Institute of Technology), Yaohui Chen (Facebook Inc.), Eric Koskinen (Stevens Institute of Technology), Georgios Portokalidis (Stevens Institute of Technology), Bing Mao (Nanjing University), Jun Xu (Stevens Institute of Technology)SoK: Computer-Aided Cryptographyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Computer-Aided%20Cryptographyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Computer-Aided%20CryptographyThu, 31 Dec 2020 16:00:00 GMTManuel Barbosa (University of Porto and INESC TEC), Gilles Barthe (Max Planck Institute for Security and Privacy; IMDEA Software Institute), Karthik Bhargavan (INRIA Paris), Bruno Blanchet (INRIA Paris), Cas Cremers (CISPA Helmholtz Center for Information Security), Kevin Liao (Max Planck Institute for Security and Privacy; Massachusetts Institute of Technology), Bryan Parno (Carnegie Mellon University)SoK: Fully Homomorphic Encryption Compilershttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Fully%20Homomorphic%20Encryption%20Compilershttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Fully%20Homomorphic%20Encryption%20CompilersThu, 31 Dec 2020 16:00:00 GMTAlexander Viand (ETH Zurich), Patrick Jattke (ETH Zurich), Anwar Hithnawi (ETH Zurich)SoK: Hate, Harassment, and the Changing Landscape of Online Abusehttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Hate,%20Harassment,%20and%20the%20Changing%20Landscape%20of%20Online%20Abusehttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Hate,%20Harassment,%20and%20the%20Changing%20Landscape%20of%20Online%20AbuseThu, 31 Dec 2020 16:00:00 GMTKurt Thomas (Google), Deepak Kumar (University of Illinois, Urbana-Champaign), Michael Bailey (University of Illinois, Urbana-Champaign), Sarah Meiklejohn (University College London), Thomas Ristenpart (Cornell Tech), Devdatta Akhawe (Independent Researcher), Dan Boneh (Stanford), Zakir Durumeric (Stanford), Damon McCoy (New York University), Gianluca Stringhini (Boston University), Sunny Consolvo (Google), Patrick Gage Kelley (Google), Elie Bursztein (Google), Nicki Dell (Cornell)SoK: Quantifying Cyber Riskhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Quantifying%20Cyber%20Riskhttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Quantifying%20Cyber%20RiskThu, 31 Dec 2020 16:00:00 GMTDaniel W Woods (University of Innsbruck), Rainer Böhme (University of Innsbruck)SoK: Security and Privacy in the Age of Commercial Droneshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Security%20and%20Privacy%20in%20the%20Age%20of%20Commercial%20Droneshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20Security%20and%20Privacy%20in%20the%20Age%20of%20Commercial%20DronesThu, 31 Dec 2020 16:00:00 GMTBen Nassi (Ben-Gurion University of the Negev), Ron Bitton (Ben-Gurion University of the Negev), Ryusuke Masuoka (Fujitsu System Integration Laboratories), Asaf Shabtai (Ben-Gurion University of the Negev), Yuval Elovici (Ben-Gurion University of the Negev)SoK: The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20The%20Faults%20in%20our%20ASRs:%20An%20Overview%20of%20Attacks%20against%20Automatic%20Speech%20Recognition%20and%20Speaker%20Identification%20Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#SoK:%20The%20Faults%20in%20our%20ASRs:%20An%20Overview%20of%20Attacks%20against%20Automatic%20Speech%20Recognition%20and%20Speaker%20Identification%20SystemsThu, 31 Dec 2020 16:00:00 GMTHadi Abdullah (University of Florida), Kevin Warren (University of Florida), Vincent Bindschaedler (University of Florida), Nicolas Papernot (University of Toronto), Patrick Traynor (University of Florida)Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Landhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Survivalism:%20Systematic%20Analysis%20of%20Windows%20Malware%20Living-Off-The-Landhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Survivalism:%20Systematic%20Analysis%20of%20Windows%20Malware%20Living-Off-The-LandThu, 31 Dec 2020 16:00:00 GMTFrederick Barr-Smith (Oxford University), Xabier Ugarte-Pedrero (Cisco Systems), Mariano Graziano (Cisco Systems), Riccardo Spolaor (Oxford University), Ivan Martinovic (Oxford University)Systematic Analysis of Randomization-Based Protected Cache Architectureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Systematic%20Analysis%20of%20Randomization-Based%20Protected%20Cache%20Architectureshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Systematic%20Analysis%20of%20Randomization-Based%20Protected%20Cache%20ArchitecturesThu, 31 Dec 2020 16:00:00 GMTAntoon Purnal (imec-COSIC, KU Leuven), Lukas Giner (Graz University of Technology), Daniel Gruss (Graz University of Technology), Ingrid Verbauwhede (imec-COSIC, KU Leuven)The EMV Standard: Break, Fix, Verifyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#The%20EMV%20Standard:%20Break,%20Fix,%20Verifyhttps://www.ieee-security.org/TC/SP2021/program-papers.html#The%20EMV%20Standard:%20Break,%20Fix,%20VerifyThu, 31 Dec 2020 16:00:00 GMTDavid Basin (Department of Computer Science, ETH Zurich), Ralf Sasse (Department of Computer Science, ETH Zurich), Jorge Toro-Pozo (Department of Computer Science, ETH Zurich)The Provable Security of Ed25519: Theory and Practicehttps://www.ieee-security.org/TC/SP2021/program-papers.html#The%20Provable%20Security%20of%20Ed25519:%20Theory%20and%20Practicehttps://www.ieee-security.org/TC/SP2021/program-papers.html#The%20Provable%20Security%20of%20Ed25519:%20Theory%20and%20PracticeThu, 31 Dec 2020 16:00:00 GMTJacqueline Brendel (CISPA), Cas Cremers (CISPA), Dennis Jackson (ETH Zurich), Mang Zhao (CISPA - Helmholtz Center for Information Security)They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websiteshttps://www.ieee-security.org/TC/SP2021/program-papers.html#They%20Would%20do%20Better%20if%20They%20Worked%20Together:%20The%20Case%20of%20Interaction%20Problems%20Between%20Password%20Managers%20and%20Websiteshttps://www.ieee-security.org/TC/SP2021/program-papers.html#They%20Would%20do%20Better%20if%20They%20Worked%20Together:%20The%20Case%20of%20Interaction%20Problems%20Between%20Password%20Managers%20and%20WebsitesThu, 31 Dec 2020 16:00:00 GMTNicolas Huaman (Leibniz University Hannover), Sabrina Amft (Leibniz University Hannover), Marten Oltrogge (CISPA Helmholtz Center for Information Security), Yasemin Acar (Leibniz University Hannover and Max Planck Institute for Security and Privacy (MPI-SP)), Sascha Fahl (Leibniz University Hannover)Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystemhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Trouble%20Over-The-Air:%20An%20Analysis%20of%20FOTA%20Apps%20in%20the%20Android%20Ecosystemhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Trouble%20Over-The-Air:%20An%20Analysis%20of%20FOTA%20Apps%20in%20the%20Android%20EcosystemThu, 31 Dec 2020 16:00:00 GMTEduardo Blázquez (Universidad Carlos III de Madrid), Sergio Pastrana (Universidad Carlos III de Madrid), Álvaro Feal (IMDEA Networks Institute / Universidad Carlos III de Madrid), Julien Gamba (IMDEA Networks Institute / Universidad Carlos III de Madrid), Platon Kotzias (NortonLifelock Research Group), Narseo Vallina-Rodriguez (IMDEA Networks Institute / ICSI / AppCensus Inc.), Juan Tapiador (Universidad Carlos III de Madrid)Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customizationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Trust,%20But%20Verify:%20A%20Longitudinal%20Analysis%20Of%20Android%20OEM%20Compliance%20and%20Customizationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#Trust,%20But%20Verify:%20A%20Longitudinal%20Analysis%20Of%20Android%20OEM%20Compliance%20and%20CustomizationThu, 31 Dec 2020 16:00:00 GMTAndrea Possemato (IDEMIA/Eurecom), Simone Aonzo (Eurecom), Davide Balzarotti (Eurecom), Yanick Fratantonio (Eurecom)Using Selective Memoization to Defeat Regular Expression Denial of Service (ReDoS)https://www.ieee-security.org/TC/SP2021/program-papers.html#Using%20Selective%20Memoization%20to%20Defeat%20Regular%20Expression%20Denial%20of%20Service%20(ReDoS)https://www.ieee-security.org/TC/SP2021/program-papers.html#Using%20Selective%20Memoization%20to%20Defeat%20Regular%20Expression%20Denial%20of%20Service%20(ReDoS)Thu, 31 Dec 2020 16:00:00 GMTJames Davis (Virginia Tech / Purdue University), Francisco Servant (Virginia Tech), Dongyoon Lee (Stony Brook University)When Function Signature Recovery Meets Compiler Optimizationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#When%20Function%20Signature%20Recovery%20Meets%20Compiler%20Optimizationhttps://www.ieee-security.org/TC/SP2021/program-papers.html#When%20Function%20Signature%20Recovery%20Meets%20Compiler%20OptimizationThu, 31 Dec 2020 16:00:00 GMTYan Lin (Singapore Management University), Debin Gao (Singapore Management University)Which Privacy and Security Attributes Most Impact Consumers‚ Risk Perception and Willingness to Purchase IoT Devices?https://www.ieee-security.org/TC/SP2021/program-papers.html#Which%20Privacy%20and%20Security%20Attributes%20Most%20Impact%20Consumers%E2%80%9A%20Risk%20Perception%20and%20Willingness%20to%20Purchase%20IoT%20Devices?https://www.ieee-security.org/TC/SP2021/program-papers.html#Which%20Privacy%20and%20Security%20Attributes%20Most%20Impact%20Consumers%E2%80%9A%20Risk%20Perception%20and%20Willingness%20to%20Purchase%20IoT%20Devices?Thu, 31 Dec 2020 16:00:00 GMTPardis Emami-Naeini (University of Washington), Janarth Dheenadhayalan (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)Who is Real Bob? Adversarial Attacks on Speaker Recognition Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Who%20is%20Real%20Bob?%20Adversarial%20Attacks%20on%20Speaker%20Recognition%20Systemshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Who%20is%20Real%20Bob?%20Adversarial%20Attacks%20on%20Speaker%20Recognition%20SystemsThu, 31 Dec 2020 16:00:00 GMTGuangke Chen (ShanghaiTech University; Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences; University of Chinese Academy of Sciences), Sen Chen (Tianjin University; Nanyang Technological University), Lingling Fan (Nanyang Technological University), Xiaoning Du (Nanyang Technological University), Zhe Zhao (ShanghaiTech University), Fu Song (ShanghaiTech University; Shanghai Engineering Research Center of Intelligent Vision and Imaging), Yang Liu (Nanyang Technological University)Wolverine: Fast, Scalable, and Communication-Efficient Zero-Knowledge Proofs for Boolean and Arithmetic Circuitshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Wolverine:%20Fast,%20Scalable,%20and%20Communication-Efficient%20Zero-Knowledge%20Proofs%20for%20Boolean%20and%20Arithmetic%20Circuitshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Wolverine:%20Fast,%20Scalable,%20and%20Communication-Efficient%20Zero-Knowledge%20Proofs%20for%20Boolean%20and%20Arithmetic%20CircuitsThu, 31 Dec 2020 16:00:00 GMTChenkai Weng (Northwestern University), Kang Yang (State Key Laboratory of Cryptology), Jonathan Katz (University of Maryland), Xiao Wang (Northwestern University)Zero Knowledge for Everything and Everyone: Fast ZK Processor with Cached ORAM for ANSI C Programshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Zero%20Knowledge%20for%20Everything%20and%20Everyone:%20Fast%20ZK%20Processor%20with%20Cached%20ORAM%20for%20ANSI%20C%20Programshttps://www.ieee-security.org/TC/SP2021/program-papers.html#Zero%20Knowledge%20for%20Everything%20and%20Everyone:%20Fast%20ZK%20Processor%20with%20Cached%20ORAM%20for%20ANSI%20C%20ProgramsThu, 31 Dec 2020 16:00:00 GMTDavid Heath (Georgia Institute of Technology), Yibin Yang (Georgia Institute of Technology), David Devecsery (Georgia Institute of Technology), Vladimir Kolesnikov (Georgia Institute of Technology)A Programming Framework for Differential Privacy with Accuracy Concentration Boundshttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Programming%20Framework%20for%20Differential%20Privacy%20with%20Accuracy%20Concentration%20Boundshttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Programming%20Framework%20for%20Differential%20Privacy%20with%20Accuracy%20Concentration%20BoundsTue, 31 Dec 2019 16:00:00 GMTElisabet Lobo-Vesga (Chalmers University of Technology), Alejandro Russo (Chalmers University of Technology), Marco Gaboardi (Boston University)A Security Analysis of the Facebook Ad Libraryhttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Security%20Analysis%20of%20the%20Facebook%20Ad%20Libraryhttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Security%20Analysis%20of%20the%20Facebook%20Ad%20LibraryTue, 31 Dec 2019 16:00:00 GMTLaura Edelson (New York University), Tobias Lauinger (New York University), Damon McCoy (New York University)A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Networkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Stealthier%20Partitioning%20Attack%20against%20Bitcoin%20Peer-to-Peer%20Networkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Stealthier%20Partitioning%20Attack%20against%20Bitcoin%20Peer-to-Peer%20NetworkTue, 31 Dec 2019 16:00:00 GMTMuoi Tran (National University of Singapore), Inho Choi (National University of Singapore), Gi Jun Moon (Korea University), Anh Vu (Japan Advanced Institute of Science and Technology), Min Suk Kang (National University of Singapore)A Tale of Sea and Sky: On the Security of Maritime VSAT Communicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Tale%20of%20Sea%20and%20Sky:%20On%20the%20Security%20of%20Maritime%20VSAT%20Communicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#A%20Tale%20of%20Sea%20and%20Sky:%20On%20the%20Security%20of%20Maritime%20VSAT%20CommunicationsTue, 31 Dec 2019 16:00:00 GMTJames Pavur (Oxford University), Daniel Moser (armasuisse), Martin Strohmeier (armasuisse), Vincent Lenders (armasuisse), Ivan Martinovic (Oxford University)AdGraph: A Graph-Based Approach to Ad and Tracker Blockinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#AdGraph:%20A%20Graph-Based%20Approach%20to%20Ad%20and%20Tracker%20Blockinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#AdGraph:%20A%20Graph-Based%20Approach%20to%20Ad%20and%20Tracker%20BlockingTue, 31 Dec 2019 16:00:00 GMTUmar Iqbal (University of Iowa / Brave Software), Peter Snyder (Brave Software), Shitong Zhu (UC Riverside), Benjamin Livshits (Brave Software / Imperial College London), Zhiyun Qian (UC Riverside), Zubair Shafiq (University of Iowa)An Analysis of Pre-installed Android Softwarehttps://www.ieee-security.org/TC/SP2020/program-papers.html#An%20Analysis%20of%20Pre-installed%20Android%20Softwarehttps://www.ieee-security.org/TC/SP2020/program-papers.html#An%20Analysis%20of%20Pre-installed%20Android%20SoftwareTue, 31 Dec 2019 16:00:00 GMTJulien Gamba (IMDEA Networks Institute, Universidad Carlos III de Madrid), Mohammed Rashed (Universidad Carlos III de Madrid), Abbas Razaghpanah (Stony Brook University), Juan Tapiador (Universidad Carlos III de Madrid), Narseo Vallina-Rodriguez (IMDEA Networks Institute, ICSI)Are Anonymity-Seekers Just Like Everybody Else? An Analysis of Contributions to Wikipedia from Torhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Are%20Anonymity-Seekers%20Just%20Like%20Everybody%20Else?%20%20An%20Analysis%20of%20Contributions%20to%20Wikipedia%20from%20Torhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Are%20Anonymity-Seekers%20Just%20Like%20Everybody%20Else?%20%20An%20Analysis%20of%20Contributions%20to%20Wikipedia%20from%20TorTue, 31 Dec 2019 16:00:00 GMTChau Tran (New York University), Kaylea Champion (University of Washington), Andrea Forte (Drexel University), Benjamin Mako Hill (University of Washington), Rachel Greenstadt (New York University)Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Are%20We%20Susceptible%20to%20Rowhammer?%20%20An%20End-to-End%20Methodology%20for%20Cloud%20Providershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Are%20We%20Susceptible%20to%20Rowhammer?%20%20An%20End-to-End%20Methodology%20for%20Cloud%20ProvidersTue, 31 Dec 2019 16:00:00 GMTLucian Cojocar (Microsoft Research), Jeremie Kim (ETH Zurich, CMU), Minesh Patel (ETH Zurich), Lillian Tsai (MIT), Stefan Saroiu (Microsoft Research), Alec Wolman (Microsoft Research), Onur Mutlu (ETH Zurich, CMU)Ask the Experts: What Should Be on an IoT Privacy and Security Label?https://www.ieee-security.org/TC/SP2020/program-papers.html#Ask%20the%20Experts:%20What%20Should%20Be%20on%20an%20IoT%20Privacy%20and%20Security%20Label?https://www.ieee-security.org/TC/SP2020/program-papers.html#Ask%20the%20Experts:%20What%20Should%20Be%20on%20an%20IoT%20Privacy%20and%20Security%20Label?Tue, 31 Dec 2019 16:00:00 GMTPardis Emami-Naeini (Carnegie Mellon University), Yuvraj Agarwal (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University), Hanan Hibshi (Carnegie Mellon University)Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Appshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Automatic%20Uncovering%20of%20Hidden%20Behaviors%20from%20Input%20Validation%20in%20Mobile%20Appshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Automatic%20Uncovering%20of%20Hidden%20Behaviors%20from%20Input%20Validation%20in%20Mobile%20AppsTue, 31 Dec 2019 16:00:00 GMTQuingchuan Zhao (The Ohio State University), Chaoshun Zuo (The Ohio State University), Brendan Dolan-Gavitt (New York University), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security, Germany), Zhiqiang Lin (The Ohio State University)Automatically Detecting Bystanders in Photos to Reduce Privacy Riskshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Automatically%20Detecting%20Bystanders%20in%20Photos%20to%20Reduce%20Privacy%20Riskshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Automatically%20Detecting%20Bystanders%20in%20Photos%20to%20Reduce%20Privacy%20RisksTue, 31 Dec 2019 16:00:00 GMTRakibul Hasan (Indiana University), David Crandall (Indiana University), Mario Fritz (CISPA Helmholtz Center for Information Security, Germany), Apu Kapadia (Indiana University)BIAS: Bluetooth Impersonation AttackShttps://www.ieee-security.org/TC/SP2020/program-papers.html#BIAS:%20Bluetooth%20Impersonation%20AttackShttps://www.ieee-security.org/TC/SP2020/program-papers.html#BIAS:%20Bluetooth%20Impersonation%20AttackSTue, 31 Dec 2019 16:00:00 GMTDaniele Antonioli (École Polytechnique Fédérale de Lausanne (EPFL)), Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security, Germany), Kasper Rasmussen (University of Oxford)Binsec/Rel: Efficient Relational Symbolic Execution for Constant-Time at Binary-Levelhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Binsec/Rel:%20Efficient%20Relational%20Symbolic%20Execution%20for%20Constant-Time%20at%20Binary-Levelhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Binsec/Rel:%20Efficient%20Relational%20Symbolic%20Execution%20for%20Constant-Time%20at%20Binary-LevelTue, 31 Dec 2019 16:00:00 GMTLesly-Ann Daniel (CEA, List, Université Paris-Sacley), Sébastien Bardin (CEA, List, Université Paris-Sacley), Tamara Rezk (INRIA Sophia-Antipolis, INDES Project, France)Breaking and (Partially) Fixing Provably Secure Onion Routinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#Breaking%20and%20(Partially)%20Fixing%20Provably%20Secure%20Onion%20Routinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#Breaking%20and%20(Partially)%20Fixing%20Provably%20Secure%20Onion%20RoutingTue, 31 Dec 2019 16:00:00 GMTChristiane Kuhn (KIT Karlsruhe), Martin Beck (TU Dresden), Thorsten Strufe (Karlsruhe Institute of Technology (KIT) and Centre of Tactile Internet (TU Dresden))Browsing Unicity: On the Limits of Anonymizing Web Tracking Datahttps://www.ieee-security.org/TC/SP2020/program-papers.html#Browsing%20Unicity:%20On%20the%20Limits%20of%20Anonymizing%20Web%20Tracking%20Datahttps://www.ieee-security.org/TC/SP2020/program-papers.html#Browsing%20Unicity:%20On%20the%20Limits%20of%20Anonymizing%20Web%20Tracking%20DataTue, 31 Dec 2019 16:00:00 GMTClemens Deußer (TU Dresden), Steffen Passmann (INFOnline GMbH), Thorsten Strufe (Karlsruhe Institute of Technology (KIT) and Centre of Tactile Internet (TU Dresden))Burglars' IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Cloudshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Burglars'%20IoT%20Paradise:%20Understanding%20and%20Mitigating%20Security%20Risks%20of%20General%20Messaging%20Protocols%20on%20IoT%20Cloudshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Burglars'%20IoT%20Paradise:%20Understanding%20and%20Mitigating%20Security%20Risks%20of%20General%20Messaging%20Protocols%20on%20IoT%20CloudsTue, 31 Dec 2019 16:00:00 GMTYan Jia (Xidian University / University of Chinese Academy of Sciences / Indana University at Bloomington), Luyi Xing (Indiana University at Bloomington), Yuhang Mao (Xidian University / University of Chinese Academy of Sciences), Dongfang Zhao (Indiana University at Bloomington), XiaoFeng Wang (Indiana University at Bloomington), Shangru Zhao (Xidian University / University of Chinese Academy of Sciences), Yuqing Zhang (Xidian University / University of Chinese Academy of Sciences)C3APSULe: Cross-FPGA Covert-Channel Attacks through Power Supply Unit Leakagehttps://www.ieee-security.org/TC/SP2020/program-papers.html#C3APSULe:%20Cross-FPGA%20Covert-Channel%20Attacks%20through%20Power%20Supply%20Unit%20Leakagehttps://www.ieee-security.org/TC/SP2020/program-papers.html#C3APSULe:%20Cross-FPGA%20Covert-Channel%20Attacks%20through%20Power%20Supply%20Unit%20LeakageTue, 31 Dec 2019 16:00:00 GMTIlias Giechaskiel (University of Oxford), Kasper Bonne Rasmussen (University of Oxford), Jakub Szefer (Yale University)Can Voters Detect Malicious Manipulation of Ballot Marking Devices?https://www.ieee-security.org/TC/SP2020/program-papers.html#Can%20Voters%20Detect%20Malicious%20Manipulation%20of%20Ballot%20Marking%20Devices?https://www.ieee-security.org/TC/SP2020/program-papers.html#Can%20Voters%20Detect%20Malicious%20Manipulation%20of%20Ballot%20Marking%20Devices?Tue, 31 Dec 2019 16:00:00 GMTMatthew Bernhard (University of Michigan), Allison McDonald (University of Michigan), Henry Meng (University of Michigan), Jensen Hwa (University of Michigan), Nakul Bajaj (The Harker School), Kevin Chang (University of Michigan), J. Alex Halderman (University of Michigan)Combating Dependence Explosion in Forensic Analysis Using Alternative Tag Propagation Semanticshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Combating%20Dependence%20Explosion%20in%20Forensic%20Analysis%20Using%20Alternative%20Tag%20Propagation%20Semanticshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Combating%20Dependence%20Explosion%20in%20Forensic%20Analysis%20Using%20Alternative%20Tag%20Propagation%20SemanticsTue, 31 Dec 2019 16:00:00 GMTMd Nahid Hossain (Stony Brook University), Sanaz Sheikhi (Stony Brook University), R. Sekar (Stony Brook University)Cornucopia: Temporal Safety for CHERI Heapshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Cornucopia:%20Temporal%20Safety%20for%20CHERI%20Heapshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Cornucopia:%20Temporal%20Safety%20for%20CHERI%20HeapsTue, 31 Dec 2019 16:00:00 GMTNathaniel Wesley Filardo (University of Cambridge), Brett F. Gutstein (University of Cambridge), Jonathan Woodruff (University of Cambridge), Sam Ainsworth (University of Cambridge), Lucian Paul-Trifu (University of Cambridge), Brooks Davis (SRI International), Hongyan Xia (University of Cambridge), Edward Tomasz Napierala (University of Cambridge), Alexander Richardson (University of Cambridge), John Baldwin (Ararat River Consulting), David Chisnall (Microsoft Research / University of Cambridge), Jessica Clarke (University of Cambridge), Khilan Gudka (University of Cambridge), Alexandre Joannou (University of Cambridge), A. Theodore Markettos (University of Cambridge), Alfredo Mazzinghi (University of Cambridge), Robert Norton (University of Cambridge), Michael Roe (University of Cambridge), Peter Sewell (University of Cambridge), Stacey Son (University of Cambridge), Timothy M. Jones (University of Cambridge), Simon Moore (University of Cambridge), Peter G. Neumann (SRI International), Robert N. M. Watson (University of Cambridge)CrypTFlow : Secure TensorFlow Inferencehttps://www.ieee-security.org/TC/SP2020/program-papers.html#CrypTFlow%20:%20Secure%20TensorFlow%20Inferencehttps://www.ieee-security.org/TC/SP2020/program-papers.html#CrypTFlow%20:%20Secure%20TensorFlow%20InferenceTue, 31 Dec 2019 16:00:00 GMTNishant Kumar (Microsoft Research, India), Mayank Rathee (Microsoft Research, India), Nishanth Chandran (Microsoft Research, India), Divya Gupta (Microsoft Research, India), Aseem Rastogi (Microsoft Research, India), Rahul Sharma (Microsoft Research, India)Detection of Electromagnetic Interference Attacks on Sensor Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Detection%20of%20Electromagnetic%20Interference%20Attacks%20on%20Sensor%20Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Detection%20of%20Electromagnetic%20Interference%20Attacks%20on%20Sensor%20SystemsTue, 31 Dec 2019 16:00:00 GMTYouqian Zhang (University of Oxford), Kasper Rasmussen (University of Oxford)Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe's Transparancy and Consent Frameworkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Do%20Cookie%20Banners%20Respect%20My%20Choice?%20%20Measuring%20Legal%20Compliance%20of%20Banners%20from%20IAB%20Europe's%20Transparancy%20and%20Consent%20Frameworkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Do%20Cookie%20Banners%20Respect%20My%20Choice?%20%20Measuring%20Legal%20Compliance%20of%20Banners%20from%20IAB%20Europe's%20Transparancy%20and%20Consent%20FrameworkTue, 31 Dec 2019 16:00:00 GMTCélestin Matte (Inria, France), Nataliia Bielova (Inria, France), Cristiana Santos (Inria, France)Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwdhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Dragonblood:%20Analyzing%20the%20Dragonfly%20Handshake%20of%20WPA3%20and%20EAP-pwdhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Dragonblood:%20Analyzing%20the%20Dragonfly%20Handshake%20of%20WPA3%20and%20EAP-pwdTue, 31 Dec 2019 16:00:00 GMTMathy Vanhoef (New York University Abu Dhabi), Eyal Ronen (Tel Aviv University / KU Leuven)Efficient and Secure Multiparty Computation from Fixed-Key Block Ciphershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Efficient%20and%20Secure%20Multiparty%20Computation%20from%20Fixed-Key%20Block%20Ciphershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Efficient%20and%20Secure%20Multiparty%20Computation%20from%20Fixed-Key%20Block%20CiphersTue, 31 Dec 2019 16:00:00 GMTChun Guo (Université catholique de Louvain), Jonathan Katz (University of Maryland), Xiao Wang (Northwestern University), Yu Yu (Shanghai Jiao Tong University)Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environmenthttps://www.ieee-security.org/TC/SP2020/program-papers.html#Enabling%20Rack-scale%20Confidential%20Computing%20using%20Heterogeneous%20Trusted%20Execution%20Environmenthttps://www.ieee-security.org/TC/SP2020/program-papers.html#Enabling%20Rack-scale%20Confidential%20Computing%20using%20Heterogeneous%20Trusted%20Execution%20EnvironmentTue, 31 Dec 2019 16:00:00 GMTJianping Zhu (University of Chinese Academy of Sciences), Rui Hou (University of Chinese Academy of Sciences), XiaoFeng Wang (Indiana University at Bloomington), Wenhao Wang (University of Chinese Academy of Sciences), Jianfeng Cao (University of Chinese Academy of Sciences), Boyan Zhao (University of Chinese Academy of Sciences), Zhongpu Wang (University of Chinese Academy of Sciences), Yuhui Zhang (University of Chinese Academy of Sciences), Jiameng Ying (University of Chinese Academy of Sciences), Lixin Zhang (Institute of Computing Technology, CAS), Dan Meng (University of Chinese Academy of Sciences)Even Black Cats Cannot Stay Hidden in the Dark: Full-band De-anonymization of Bluetooth Classic Deviceshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Even%20Black%20Cats%20Cannot%20Stay%20Hidden%20in%20the%20Dark:%20Full-band%20De-anonymization%20of%20Bluetooth%20Classic%20Deviceshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Even%20Black%20Cats%20Cannot%20Stay%20Hidden%20in%20the%20Dark:%20Full-band%20De-anonymization%20of%20Bluetooth%20Classic%20DevicesTue, 31 Dec 2019 16:00:00 GMTMarco Cominelli (CNIT / University of Brescia), Francesco Gringoli (CNIT / University of Brescia), Margus Lind (Context Information Security, Scotland), Paul Patras (The University of Edinburgh), Guevara Noubir (Northeastern University)EverCrypt: A Fast, Verified, Cross-Platform Crytographic Providerhttps://www.ieee-security.org/TC/SP2020/program-papers.html#EverCrypt:%20%20A%20Fast,%20Verified,%20Cross-Platform%20Crytographic%20Providerhttps://www.ieee-security.org/TC/SP2020/program-papers.html#EverCrypt:%20%20A%20Fast,%20Verified,%20Cross-Platform%20Crytographic%20ProviderTue, 31 Dec 2019 16:00:00 GMTJonathan Protzenko (Microsoft Research), Bryan Parno (Carnegie Melon University), Aymeric Fromherz (Carnegie Melon University), Chris Hawblitzel (Microsoft Research), Marina Polubelova (Inria, France), Karthikeyan Bhargavan (Inria, France), Benjamin Beurdouche (Inria, France), Joonwon Choi (MIT / Microsoft Research), Antione Delignat-Lavaud (Microsoft Research), Cédric Fournet (Microsoft Research), Natalia Kulatova (Inria, France), Tahina Ramananandro (Microsoft Research), Aseem Rastogi (Microsoft Research, India), Nikhil Swamy (Microsoft Research), Christoph Wintersteiger (Microsoft Research, UK), Santiago Zanella-Beguelin (Microsoft Research, UK)Ex-vivo dynamic analysis framework for Android device drivershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Ex-vivo%20dynamic%20analysis%20framework%20for%20Android%20device%20drivershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Ex-vivo%20dynamic%20analysis%20framework%20for%20Android%20device%20driversTue, 31 Dec 2019 16:00:00 GMTIvan Pustogarov (University of Toronto), Qian Wu (University of Toronto), David Lie (University of Toronto)Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instabilityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Flash%20Boys%202.0:%20Frontrunning%20in%20Decentralized%20Exchanges,%20Miner%20Extractable%20Value,%20and%20Consensus%20Instabilityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Flash%20Boys%202.0:%20Frontrunning%20in%20Decentralized%20Exchanges,%20Miner%20Extractable%20Value,%20and%20Consensus%20InstabilityTue, 31 Dec 2019 16:00:00 GMTPhilip Daian (Cornell Tech), Steven Goldfeder (Cornell Tech), Tyler Kell (Cornell Tech), Yunqi Li (UIUC), Xueyuan Zhao (Carnegie Mellon University), Iddo Bentov (Cornell Tech), Lorenz Breidenbach (ETH Zurich), Ari Juels (Cornell Tech)Flaw Label: Exploiting IPv6 Flow Labelhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Flaw%20Label:%20Exploiting%20IPv6%20Flow%20Labelhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Flaw%20Label:%20Exploiting%20IPv6%20Flow%20LabelTue, 31 Dec 2019 16:00:00 GMTJonathan Berger (Bar-Ilan University), Amit Klein (Bar-Ilan University), Benny Pinkas (Bar-Ilan University)FlyClient: Super-Light Clients for Cryptocurrencieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#FlyClient:%20Super-Light%20Clients%20for%20Cryptocurrencieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#FlyClient:%20Super-Light%20Clients%20for%20CryptocurrenciesTue, 31 Dec 2019 16:00:00 GMTBenedikt Bünz (Stanford University), Lucianna Kiffer (Northeastern University), Loi Luu (Kyber Network), Mahdi Zamani (Visa Research)Fuzzing JavaScript Engines with Aspect-preserving Mutationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Fuzzing%20JavaScript%20Engines%20with%20Aspect-preserving%20Mutationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Fuzzing%20JavaScript%20Engines%20with%20Aspect-preserving%20MutationTue, 31 Dec 2019 16:00:00 GMTSoyeon Park (Georgia Institute of Technology), Wen Xu (Georgia Institute of Technology), Insu Yun (Georgia Institute of Technology), Daehee Jang (Georgia Institute of Technology), Taesoo Kim (Georgia Institute of Technology)Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Gesture%20Authentication%20for%20Smartphones:%20Evaluation%20of%20Gesture%20Password%20Selection%20Policieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Gesture%20Authentication%20for%20Smartphones:%20Evaluation%20of%20Gesture%20Password%20Selection%20PoliciesTue, 31 Dec 2019 16:00:00 GMTEunyong Cheon (UNIST, Republic of Korea), Yonghwan Shin (UNIST, Republic of Korea), Jun Ho Huh (Samsung Research, Republic of Korea), Hyoungshick Kim (Sungkyunkwan University, Republic of Korea), Ian Oakley (UNIST, Republic of Korea)High Precision Open-World Website Fingerprintinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#High%20Precision%20Open-World%20Website%20Fingerprintinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#High%20Precision%20Open-World%20Website%20FingerprintingTue, 31 Dec 2019 16:00:00 GMTTao Wang (Hong Kong University of Science and Technology)HopSkipJumpAttack: A Query-Efficient Decision-Based Attackhttps://www.ieee-security.org/TC/SP2020/program-papers.html#HopSkipJumpAttack:%20A%20Query-Efficient%20Decision-Based%20Attackhttps://www.ieee-security.org/TC/SP2020/program-papers.html#HopSkipJumpAttack:%20A%20Query-Efficient%20Decision-Based%20AttackTue, 31 Dec 2019 16:00:00 GMTJianbo Chen (University of California, Berkeley), Michael I. Jordan (University of California, Berkeley), Martin J. Wainwright (University of California, Berkeley / Voleon Group)How Not to Prove Your Election Outcomehttps://www.ieee-security.org/TC/SP2020/program-papers.html#How%20Not%20to%20Prove%20Your%20Election%20Outcomehttps://www.ieee-security.org/TC/SP2020/program-papers.html#How%20Not%20to%20Prove%20Your%20Election%20OutcomeTue, 31 Dec 2019 16:00:00 GMTThomas Haines (Norweigian University of Science and Technology), Sarah Jamie Lewis (Open Privacy Research Society), Olivier Pereira (UCLouvian ICTEAM), Vanessa Teague (The University of Melbourne)Humpty Dumpty: Controlling Word Meanings via Corpus Poisoninghttps://www.ieee-security.org/TC/SP2020/program-papers.html#Humpty%20Dumpty:%20Controlling%20Word%20Meanings%20via%20Corpus%20Poisoninghttps://www.ieee-security.org/TC/SP2020/program-papers.html#Humpty%20Dumpty:%20Controlling%20Word%20Meanings%20via%20Corpus%20PoisoningTue, 31 Dec 2019 16:00:00 GMTRoei Schuster (Tel Aviv University), Tal Schuster (CSAIL / MIT), Yoav Meri (Cornell Tech), Vitaly Shmatikov (Cornell Tech)HydRand: Efficient Continuous Distributed Randomnesshttps://www.ieee-security.org/TC/SP2020/program-papers.html#HydRand:%20Efficient%20Continuous%20Distributed%20Randomnesshttps://www.ieee-security.org/TC/SP2020/program-papers.html#HydRand:%20Efficient%20Continuous%20Distributed%20RandomnessTue, 31 Dec 2019 16:00:00 GMTPhilipp Schindler (SBA Research), Aljosha Judmayer (SBA Research), Nicholas Stifter (SBA Research / TU Wien), Edgar Weippl (SBA Research / TU Wien)ICAS: An Extensible Framework for Estimating the Susceptibility of IC Layouts to Additive Trojanshttps://www.ieee-security.org/TC/SP2020/program-papers.html#ICAS:%20An%20Extensible%20Framework%20for%20Estimating%20the%20Susceptibility%20of%20IC%20Layouts%20to%20Additive%20Trojanshttps://www.ieee-security.org/TC/SP2020/program-papers.html#ICAS:%20An%20Extensible%20Framework%20for%20Estimating%20the%20Susceptibility%20of%20IC%20Layouts%20to%20Additive%20TrojansTue, 31 Dec 2019 16:00:00 GMTTimothy Trippel (University of Michigan), Kang Shin (University of Michigan), Kevin Bush (MIT Lincoln Laboratory), Matthew Hicks (Virginia Tech)ICLab: A Global, Longitudinal Internet Censorship Measurement Platformhttps://www.ieee-security.org/TC/SP2020/program-papers.html#ICLab:%20A%20Global,%20Longitudinal%20Internet%20Censorship%20Measurement%20Platformhttps://www.ieee-security.org/TC/SP2020/program-papers.html#ICLab:%20A%20Global,%20Longitudinal%20Internet%20Censorship%20Measurement%20PlatformTue, 31 Dec 2019 16:00:00 GMTArian Akhavan Niaki (University of Massachusetts, Amherst), Shinyoung Cho (University of Massachusetts, Amherst / Stony Brook University), Zachary Weinberg (Carnegie Mellon University), Nguyen Phong Hoang (Stony Brook University), Abbas Razaghpanah (Stony Brook University), Nicholas Christin (Carnegie Mellon University), Phillipa Gill (Stony Brook University)IJON: Exploring Deep State Spaces via Fuzzinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#IJON:%20Exploring%20Deep%20State%20Spaces%20via%20Fuzzinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#IJON:%20Exploring%20Deep%20State%20Spaces%20via%20FuzzingTue, 31 Dec 2019 16:00:00 GMTCornelius Aschermann (Ruhr University Bochum), Sergej Schumilo (Ruhr University Bochum), Ali Abbasi (Ruhr University Bochum), Thorsten Holz (Ruhr University Bochum)Influencing Photo Sharing Decisions on Social Media: A Case of Paradoxical Findingshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Influencing%20Photo%20Sharing%20Decisions%20on%20Social%20Media:%20%20A%20Case%20of%20Paradoxical%20Findingshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Influencing%20Photo%20Sharing%20Decisions%20on%20Social%20Media:%20%20A%20Case%20of%20Paradoxical%20FindingsTue, 31 Dec 2019 16:00:00 GMTMary Jean Amon (University of Colorado Boulder), Rakibul Hasan (Indiana University), Kurt Hugenberg (Indiana University), Bennett Bertenthal (Indiana University), Apu Kapadia (Indiana University)Intriguing Properties of Adversarial ML Attacks in the Problem Spacehttps://www.ieee-security.org/TC/SP2020/program-papers.html#Intriguing%20Properties%20of%20Adversarial%20ML%20Attacks%20in%20the%20Problem%20Spacehttps://www.ieee-security.org/TC/SP2020/program-papers.html#Intriguing%20Properties%20of%20Adversarial%20ML%20Attacks%20in%20the%20Problem%20SpaceTue, 31 Dec 2019 16:00:00 GMTFabio Pierazzi (King's College London), Feargus Pendlebury (King's College London & Royal Holloway, University of London & The Alan Turing Institute), Jacopo Cortellazzi (King's College London), Lorenzo Cavallaro (King's College London)Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authenticationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Is%20FIDO2%20the%20Kingslayer%20of%20User%20Authentication?%20A%20Comparative%20Usability%20Study%20of%20FIDO2%20Passwordless%20Authenticationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Is%20FIDO2%20the%20Kingslayer%20of%20User%20Authentication?%20A%20Comparative%20Usability%20Study%20of%20FIDO2%20Passwordless%20AuthenticationTue, 31 Dec 2019 16:00:00 GMTSanam Ghorbani Lyastani (CISPA Helmholtz Center for Information Security, Germany), Michael Schilling (CISPA Helmholtz Center for Information Security, Germany), Michaela Neumayr (CISPA Helmholtz Center for Information Security, Germany), Michael Backes (CISPA Helmholtz Center for Information Security, Germany), Sven Bugiel (CISPA Helmholtz Center for Information Security, Germany)JIT Leaks: Inducing Timing Side Channels through Just-In-Time Compilationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#JIT%20Leaks:%20Inducing%20Timing%20Side%20Channels%20through%20Just-In-Time%20Compilationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#JIT%20Leaks:%20Inducing%20Timing%20Side%20Channels%20through%20Just-In-Time%20CompilationTue, 31 Dec 2019 16:00:00 GMTTegan Brennan (University of California, Santa Barbara), Nicolás Rosner (University of California, Santa Barbara), Tevfik Bultan (University of California, Santa Barbara)KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmwarehttps://www.ieee-security.org/TC/SP2020/program-papers.html#KARONTE:%20Detecting%20Insecure%20Multi-binary%20Interactions%20in%20Embedded%20Firmwarehttps://www.ieee-security.org/TC/SP2020/program-papers.html#KARONTE:%20Detecting%20Insecure%20Multi-binary%20Interactions%20in%20Embedded%20FirmwareTue, 31 Dec 2019 16:00:00 GMTNilo Redini (University of California, Santa Barbara), Aravind Machiry (University of California, Santa Barbara), Ruoyu Wang (Arizona State University), Chad Spensky (University of California, Santa Barbara), Andrea Continella (University of California, Santa Barbara), Yan Shoshitaishvili (Arizona State University), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOShttps://www.ieee-security.org/TC/SP2020/program-papers.html#Kobold:%20Evaluating%20Decentralized%20Access%20Control%20for%20Remote%20NSXPC%20Methods%20on%20iOShttps://www.ieee-security.org/TC/SP2020/program-papers.html#Kobold:%20Evaluating%20Decentralized%20Access%20Control%20for%20Remote%20NSXPC%20Methods%20on%20iOSTue, 31 Dec 2019 16:00:00 GMTLuke Deshotels (North Carolina State University / Samsung Research America), Costin Carabaș (University POLITEHNICA of Bucharest), Jordan Beichler (North Carolina State University), Răzvan Deaconescu (University POLITEHNICA of Bucharest), William Enck (North Carolina State University)Krace: Data Race Fuzzing for Kernel File Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Krace:%20Data%20Race%20Fuzzing%20for%20Kernel%20File%20Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Krace:%20Data%20Race%20Fuzzing%20for%20Kernel%20File%20SystemsTue, 31 Dec 2019 16:00:00 GMTMeng Xu (Georgia Institute of Technology), Sanidhya Kashyap (Georgia Institute of Technology), Hanqing Zhao (Georgia Institute of Technology), Taesoo Kim (Georgia Institute of Technology)LVI: Hijacking Transient Execution through Microarchitectural Load Value Injectionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#LVI:%20%20Hijacking%20Transient%20Execution%20through%20Microarchitectural%20Load%20Value%20Injectionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#LVI:%20%20Hijacking%20Transient%20Execution%20through%20Microarchitectural%20Load%20Value%20InjectionTue, 31 Dec 2019 16:00:00 GMTJo Van Bulck (imec-DistriNet, KU Leuven), Daniel Moghimi (Worchester Polytechnic Institute), Michael Schwarz (Graz University of Technology), Moritz Lipp (Graz University of Technology), Marina Minkin (University of Michigan), Daniel Genkin (University of Michigan), Yuval Yarom (University of Adalaide and Data61), Berk Sunar (Worchester Polytechnic Institute), Daniel Gruss (Graz University of Technology), Frank Piessens (imec-DistriNet, KU Leuven)Leveraging EM Side-Channel Information to Detect Rowhammer Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Leveraging%20EM%20Side-Channel%20Information%20to%20Detect%20Rowhammer%20Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Leveraging%20EM%20Side-Channel%20Information%20to%20Detect%20Rowhammer%20AttacksTue, 31 Dec 2019 16:00:00 GMTZhenkai Zhang (Texas Tech University), Zihao Zhan (Vanderbilt University), Daniel Balasubramanian (Vanderbilt University), Bo Li (Univeristy of Illinios at Urbana-Champaign), Peter Volgyesi (Vanderbilt University), Xenofon Koutsoukos (Vanderbilt University)MarkUs: Drop-in use-after-free prevention for low-level languageshttps://www.ieee-security.org/TC/SP2020/program-papers.html#MarkUs:%20Drop-in%20use-after-free%20prevention%20for%20low-level%20languageshttps://www.ieee-security.org/TC/SP2020/program-papers.html#MarkUs:%20Drop-in%20use-after-free%20prevention%20for%20low-level%20languagesTue, 31 Dec 2019 16:00:00 GMTSam Ainsworth (University of Cambridge), Timothy Jones (University of Cambridge)Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Meddling%20Middlemen:%20Empirical%20Analysis%20of%20the%20Risks%20of%20Data-Saving%20Mobile%20Browsershttps://www.ieee-security.org/TC/SP2020/program-papers.html#Meddling%20Middlemen:%20Empirical%20Analysis%20of%20the%20Risks%20of%20Data-Saving%20Mobile%20BrowsersTue, 31 Dec 2019 16:00:00 GMTBrian Kondracki (Stony Brook University), Assel Aliyeva (Boston University), Manuel Egele (Boston University), Jason Polakis (University of Illinios at Chicago), Nick Nikiforakis (Stony Brook University)Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurementhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Message%20Time%20of%20Arrival%20Codes:%20A%20Fundamental%20Primitive%20for%20Secure%20Distance%20Measurementhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Message%20Time%20of%20Arrival%20Codes:%20A%20Fundamental%20Primitive%20for%20Secure%20Distance%20MeasurementTue, 31 Dec 2019 16:00:00 GMTPatrick Leu (ETH Zurich), Mridula Singh (ETH Zurich), Marc Roeschlin (ETH Zurich), Kenneth Paterson (ETH Zurich), Srdjan Capkun (ETH Zurich)NetCAT: Practical Cache Attacks for the Networkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#NetCAT:%20%20Practical%20Cache%20Attacks%20for%20the%20Networkhttps://www.ieee-security.org/TC/SP2020/program-papers.html#NetCAT:%20%20Practical%20Cache%20Attacks%20for%20the%20NetworkTue, 31 Dec 2019 16:00:00 GMTMichael Kurth (Vrije Universiteit Amsterdam, The Netherlands; ETH Zurich, Switzerland), Ben Gras (Vrije Universiteit Amsterdam, The Netherlands), Dennis Andriesse (Vrije Universiteit Amsterdam, The Netherlands), Cristiano Giuffrida (Vrije Universiteit Amsterdam, The Netherlands), Herbert Bos (Vrije Universiteit Amsterdam, The Netherlands), Kaveh Razavi (Vrije Universiteit Amsterdam, The Netherlands)Neutaint: Efficient Dynamic Taint Analysis with Neural Networkshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Neutaint:%20Efficient%20Dynamic%20Taint%20Analysis%20with%20Neural%20Networkshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Neutaint:%20Efficient%20Dynamic%20Taint%20Analysis%20with%20Neural%20NetworksTue, 31 Dec 2019 16:00:00 GMTDongdong She (Columbia University), Yizheng Chen (Columbia University), Abhishek Shah (Columbia University), Baishakhi Ray (Columbia University), Suman Jana (Columbia University)OAT: Attesting Operation Integrity of Embedded Deviceshttps://www.ieee-security.org/TC/SP2020/program-papers.html#OAT:%20Attesting%20Operation%20Integrity%20of%20Embedded%20Deviceshttps://www.ieee-security.org/TC/SP2020/program-papers.html#OAT:%20Attesting%20Operation%20Integrity%20of%20Embedded%20DevicesTue, 31 Dec 2019 16:00:00 GMTZhichuang Sun (Northeastern University), Bo Feng (Northeastern University), Long Lu (Northeastern University), Somesh Jha (University of Wisconsin-Madison)OHIE: Blockchain Scaling Made Simplehttps://www.ieee-security.org/TC/SP2020/program-papers.html#OHIE:%20Blockchain%20Scaling%20Made%20Simplehttps://www.ieee-security.org/TC/SP2020/program-papers.html#OHIE:%20Blockchain%20Scaling%20Made%20SimpleTue, 31 Dec 2019 16:00:00 GMTHaifeng Yu (National University of Singapore), Ivica Nikolic (National University of Singapore), Ruomu Hou (National University of Singapore), Prateek Saxena (National University of Singapore)PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planninghttps://www.ieee-security.org/TC/SP2020/program-papers.html#PMP:%20Cost-effective%20Forced%20Execution%20with%20Probabilistic%20Memory%20Pre-planninghttps://www.ieee-security.org/TC/SP2020/program-papers.html#PMP:%20Cost-effective%20Forced%20Execution%20with%20Probabilistic%20Memory%20Pre-planningTue, 31 Dec 2019 16:00:00 GMTWei You (Purdue University), Zhuo Zhang (Purdue University), Yonghwi Kwon (University of Virginia), Yousra Aafer (Purdue University), Fei Peng (Purdue University), Yu Shi (Purdue University), Carson Harmon (Purdue University), Xiangyu Zhang (Purdue University)Pangolin:Incremental Hybrid Fuzzing with Polyhedral Path Abstractionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Pangolin:Incremental%20Hybrid%20Fuzzing%20with%20Polyhedral%20Path%20Abstractionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Pangolin:Incremental%20Hybrid%20Fuzzing%20with%20Polyhedral%20Path%20AbstractionTue, 31 Dec 2019 16:00:00 GMTHeqing Huang (The Hong Kong University of Science and Technology), Peisen Yao (The Hong Kong University of Science and Technology), Rongxin Wu (Xiamen University), Qingkai Shi (The Hong Kong University of Science and Technology), Charles Zhang (The Hong Kong University of Science and Technology)Path Oblivious Heap: Optimal and Practical Oblivious Priority Queuehttps://www.ieee-security.org/TC/SP2020/program-papers.html#Path%20Oblivious%20Heap:%20Optimal%20and%20Practical%20Oblivious%20Priority%20Queuehttps://www.ieee-security.org/TC/SP2020/program-papers.html#Path%20Oblivious%20Heap:%20Optimal%20and%20Practical%20Oblivious%20Priority%20QueueTue, 31 Dec 2019 16:00:00 GMTElaine Shi (Cornell University)Plundervolt: Software-based Fault Injection Attacks against Intel SGXhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Plundervolt:%20Software-based%20Fault%20Injection%20Attacks%20against%20Intel%20SGXhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Plundervolt:%20Software-based%20Fault%20Injection%20Attacks%20against%20Intel%20SGXTue, 31 Dec 2019 16:00:00 GMTKit Murdock (University of Birmingham), David Oswald (University of Birmingham), Flavio Garcia (University of Birmingham), Jo Van Bulck (imec-DistriNet, KU Leuven), Daniel Gruss (Graz University of Technology), Frank Piessens (imec-DistriNet, KU Leuven)Privacy Risks of General-Purpose Language Modelshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Privacy%20Risks%20of%20General-Purpose%20Language%20Modelshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Privacy%20Risks%20of%20General-Purpose%20Language%20ModelsTue, 31 Dec 2019 16:00:00 GMTXudong Pan (Fudan University), Mi Zhang (Fudan University), Shouling Ji (Zhejiiang University / Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies), Min Yang (Fudan University)Private Resource Allocators and Their Applicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Private%20Resource%20Allocators%20and%20Their%20Applicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Private%20Resource%20Allocators%20and%20Their%20ApplicationsTue, 31 Dec 2019 16:00:00 GMTSebastian Angel (University of Pennsylvania), Sampath Kannan (University of Pennsylvania), Zachary Ratliff (Raytheon BBN Technologies)Pseudorandom Black Swans: Cache Attacks on CTR_DRBGhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Pseudorandom%20Black%20Swans:%20Cache%20Attacks%20on%20CTR_DRBGhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Pseudorandom%20Black%20Swans:%20Cache%20Attacks%20on%20CTR_DRBGTue, 31 Dec 2019 16:00:00 GMTShaanan Cohney (University of Pennsylvania), Andrew Kwong (University of Michigan), Sharar Paz (Tel Aviv University), Daniel Genkin (University of Michigan), Nadia Heninger (University of California, San Diego), Eyal Ronen (Tel Eviv University / COSIC), Yuval Yarom (University of Adalaide / Data61)RAMBleed: Reading Bits in Memory Without Accessing Themhttps://www.ieee-security.org/TC/SP2020/program-papers.html#RAMBleed:%20%20Reading%20Bits%20in%20Memory%20Without%20Accessing%20Themhttps://www.ieee-security.org/TC/SP2020/program-papers.html#RAMBleed:%20%20Reading%20Bits%20in%20Memory%20Without%20Accessing%20ThemTue, 31 Dec 2019 16:00:00 GMTAndrew Kwong (University of Michigan), Daniel Genkin (University of Michigan), Daniel Gruss (Graz University of Technology), Yuval Yarom (University of Adalaide and Data61)Replicated State Machines Without Replicated Executionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Replicated%20State%20Machines%20Without%20Replicated%20Executionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Replicated%20State%20Machines%20Without%20Replicated%20ExecutionTue, 31 Dec 2019 16:00:00 GMTJonathan Lee (Microsoft Research), Kirill Nikitin (EPFL), Srinath Setty (Microsoft Research)RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitizationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#RetroWrite:%20Statically%20Instrumenting%20COTS%20Binaries%20for%20Fuzzing%20and%20Sanitizationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#RetroWrite:%20Statically%20Instrumenting%20COTS%20Binaries%20for%20Fuzzing%20and%20SanitizationTue, 31 Dec 2019 16:00:00 GMTSushant Dinesh (Purdue University), Nathan Burow (Purdue University), Dongyan Xu (Purdue University), Mathias Payer (EPFL)Rigorous Engineering for Hardware Security: Formal Modelling and Proof in the CHERI Design and Implementation Processhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Rigorous%20Engineering%20for%20Hardware%20Security:%20%20Formal%20Modelling%20and%20Proof%20in%20the%20CHERI%20Design%20and%20Implementation%20Processhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Rigorous%20Engineering%20for%20Hardware%20Security:%20%20Formal%20Modelling%20and%20Proof%20in%20the%20CHERI%20Design%20and%20Implementation%20ProcessTue, 31 Dec 2019 16:00:00 GMTKyndylan Nienhuis (University of Cambridge), Alexandre Joannou (University of Cambridge), Thomas Bauereiss (University of Cambridge), Anthony Fox (ARM Limited), Michael Roe (University of Cambridge), Brian Campbell (University of Edinburgh), Matthew Naylor (University of Cambridge), Robert Norton (University of Cambridge), Simon Moore (University of Cambridge), Peter Neumann (SRI International), Ian Stark (University of Edinburgh), Robert Watson (University of Cambridge), Peter Sewell (University of Cambridge)SAVIOR: Towards Bug-Driven Hybrid Testinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#SAVIOR:%20Towards%20Bug-Driven%20Hybrid%20Testinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#SAVIOR:%20Towards%20Bug-Driven%20Hybrid%20TestingTue, 31 Dec 2019 16:00:00 GMTYaohui Chen (Northeastern University), Peng Li (Baidu USA), Jun Xu (Stevens Institute of Technology), Shengjian Guo (Baidu USA), Rundong Zhou (Baidu USA), Yulong Zhang (Baidu USA), Tao Wei (Baidu USA), Long Lu (Northeastern University)SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SEIMI:%20Efficient%20and%20Secure%20SMAP-Enabled%20Intra-process%20Memory%20Isolationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SEIMI:%20Efficient%20and%20Secure%20SMAP-Enabled%20Intra-process%20Memory%20IsolationTue, 31 Dec 2019 16:00:00 GMTZhe Wang (Institute of Computing Technology, CAS, University of Chinese Academy of Sciences), Chenggang Wu (Institute of Computing Technology, CAS, University of Chinese Academy of Sciences), Mengyao Xie (Institute of Computing Technology, CAS, University of Chinese Academy of Sciences), Yinqian Zhang (The Ohio State University), Kangjie Lu (University of Minnesota), Xiaofeng Zhang (Institute of Computing Technology, CAS, University of Chinese Academy of Sciences), Yuanming Lai (Institute of Computing Technology, CAS, University of Chinese Academy of Sciences), Yang Kang (Institute of Computing Technology, CAS), Min Yang (Fudan University)SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptionshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SEVurity:%20No%20Security%20Without%20Integrity%20-%20Breaking%20Integrity-Free%20Memory%20Encryption%20with%20Minimal%20Assumptionshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SEVurity:%20No%20Security%20Without%20Integrity%20-%20Breaking%20Integrity-Free%20Memory%20Encryption%20with%20Minimal%20AssumptionsTue, 31 Dec 2019 16:00:00 GMTLuca Wilke (University of Lübeck), Jan Wichelmann (University of Lübeck), Mathias Morbitzer (Fraunhofer AISEC), Thomas Eisenbarth (University of Lübeck)SPECCFI: Mitigating Spectre Attacks Using CFI Imformed Speculationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SPECCFI:%20%20Mitigating%20Spectre%20Attacks%20Using%20CFI%20Imformed%20Speculationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SPECCFI:%20%20Mitigating%20Spectre%20Attacks%20Using%20CFI%20Imformed%20SpeculationTue, 31 Dec 2019 16:00:00 GMTEsmaeil Mohammadian Koruyeh (University of California, Riverside), Shirin Hajl Amin Shirazi (University of California, Riverside), Khaled Khasawneh (George Mason University), Chengyu Song (University of California, Riverside), Nael Abu-Ghazaleh (University of California, Riverside)SPIDER: Enabling Fast Patch Propagation in Related Software Repositorieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SPIDER:%20Enabling%20Fast%20Patch%20Propagation%20in%20Related%20Software%20Repositorieshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SPIDER:%20Enabling%20Fast%20Patch%20Propagation%20in%20Related%20Software%20RepositoriesTue, 31 Dec 2019 16:00:00 GMTAravind Machiry (University of California, Santa Barbara), Nilo Redini (University of California, Santa Barbara), Eric Camellini (Politecnico di Milano), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara)Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Productshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Security%20Update%20Labels:%20Establishing%20Economic%20Incentives%20for%20Security%20Patching%20of%20IoT%20Consumer%20Productshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Security%20Update%20Labels:%20Establishing%20Economic%20Incentives%20for%20Security%20Patching%20of%20IoT%20Consumer%20ProductsTue, 31 Dec 2019 16:00:00 GMTPhilipp Morgner (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Christoph Mai (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Nicole Koschate-Fischer (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Felix Freiling (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Zinaida Benenson (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU))Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Semantic%20Understanding%20of%20Smart%20Contracts:%20Executable%20Operational%20Semantics%20of%20Solidityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Semantic%20Understanding%20of%20Smart%20Contracts:%20Executable%20Operational%20Semantics%20of%20SolidityTue, 31 Dec 2019 16:00:00 GMTJiao Jiao (Nanyang Technological University), Shuanglong Kan (Nanyang Technological University), Shang-Wei Lin (Nanyang Technological University), David Sanán (Nanyang Technological University), Yang Liu (Nanyang Technological University), Jun Sun (Singapore Management University)SoK: A Minimalist Approach to Formalizing Analog Sensor Securityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20A%20Minimalist%20Approach%20to%20Formalizing%20Analog%20Sensor%20Securityhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20A%20Minimalist%20Approach%20to%20Formalizing%20Analog%20Sensor%20SecurityTue, 31 Dec 2019 16:00:00 GMTChen Yan (Zhejiang University), Hocheol Shin (KAIST), Connor Bolton (University of Michigan), Wenyuan Xu (Zhejiang University), Yongdae Kim (KAIST), Kevin Fu (University of Michigan)SoK: Cyber Insurance - Technical Challenges and a System Security Roadmaphttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Cyber%20Insurance%20-%20Technical%20Challenges%20and%20a%20System%20Security%20Roadmaphttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Cyber%20Insurance%20-%20Technical%20Challenges%20and%20a%20System%20Security%20RoadmapTue, 31 Dec 2019 16:00:00 GMTSavino Dambra (Eurecom), Leyla Bilge (Symantec Research Labs), Davide Balzarotti (Eurecom)SoK: Differential Privacy as a Causal Propertyhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Differential%20Privacy%20as%20a%20Causal%20Propertyhttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Differential%20Privacy%20as%20a%20Causal%20PropertyTue, 31 Dec 2019 16:00:00 GMTMichael Carl Tschantz (International Computer Science Institute), Shayak Sen (Carnegie Melon University), Anupam Datta (Carnegie Melon University)SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Understanding%20the%20Prevailing%20Security%20Vulnerabilities%20in%20TrustZone-assisted%20TEE%20Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#SoK:%20Understanding%20the%20Prevailing%20Security%20Vulnerabilities%20in%20TrustZone-assisted%20TEE%20SystemsTue, 31 Dec 2019 16:00:00 GMTDavid Cerdeira (Universidade do Minho), Nuno Santos (INESC-ID / Instituto Superior Técnico, Universidade de Lisboa), Pedro Fonseca (Purdue University), Sandro Pinto (Universidade do Minho)Spectector: Principled Detection of Speculative Information Flowshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Spectector:%20%20Principled%20Detection%20of%20Speculative%20Information%20Flowshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Spectector:%20%20Principled%20Detection%20of%20Speculative%20Information%20FlowsTue, 31 Dec 2019 16:00:00 GMTMarco Guarnieri (IMDEA Software Institute), Boris Köpf (Microsoft Research), José Morales (IMDEA Software Institute), Jan Reineke (Saarland University), Andrés Sánchez (IMDEA Software Institute)Sync HotStuff: Simple and Practical Synchronous State Machine Replicationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Sync%20HotStuff:%20Simple%20and%20Practical%20Synchronous%20State%20Machine%20Replicationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Sync%20HotStuff:%20Simple%20and%20Practical%20Synchronous%20State%20Machine%20ReplicationTue, 31 Dec 2019 16:00:00 GMTIttai Abraham (Vmware Research), Dahlia Malkhi (Calibra), Kartik Nayak (Duke University), Ling Ren (University of Illinois at Urbana-Champaign), Maofan Yin (Cornell University)TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#TARDIS:%20Rolling%20Back%20The%20Clock%20On%20CMS-Targeting%20Cyber%20Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#TARDIS:%20Rolling%20Back%20The%20Clock%20On%20CMS-Targeting%20Cyber%20AttacksTue, 31 Dec 2019 16:00:00 GMTRanjita Pai Kasturi (Georgia Institute of Technology), Yiting Sun (Georgia Institute of Technology), Ruian Duan (Georgia Institute of Technology), Omar Alrawi (Georgia Institute of Technology), Ehsan Asdar (Georgia Institute of Technology), Victor Zhu (Georgia Institute of Technology), Yonghwi Kwon (University of Virginia), Brendan Saltaformaggio (Georgia Institute of Technology)TRRespass: Exploiting the Many Sides of Target Row Refreshhttps://www.ieee-security.org/TC/SP2020/program-papers.html#TRRespass:%20%20Exploiting%20the%20Many%20Sides%20of%20Target%20Row%20Refreshhttps://www.ieee-security.org/TC/SP2020/program-papers.html#TRRespass:%20%20Exploiting%20the%20Many%20Sides%20of%20Target%20Row%20RefreshTue, 31 Dec 2019 16:00:00 GMTPietro Frigo (Vrije Universiteit Amsterdam, The Netherlands), Emanuele Vannacci (Vrije Universiteit Amsterdam, The Netherlands), Hasan Hassan (ETH Zürich), Victor van der Veen (Qualcomm Technologies, Inc.), Onur Mutlu (ETH Zürich), Cristiano Giuffrida (Vrije Universiteit Amsterdam, The Netherlands), Herbert Bos (Vrije Universiteit Amsterdam, The Netherlands), Kaveh Razavi (Vrije Universiteit Amsterdam, The Netherlands)Tactical Provenance Analysis for Endpoint Detection and Response Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Tactical%20Provenance%20Analysis%20for%20Endpoint%20Detection%20and%20Response%20Systemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Tactical%20Provenance%20Analysis%20for%20Endpoint%20Detection%20and%20Response%20SystemsTue, 31 Dec 2019 16:00:00 GMTWajih Ul Hassan (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign), Daniel Marino (NortonLifeLock Research Group)TextExerciser: Feedback-driven Text Input Exercising for Android Applicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#TextExerciser:%20Feedback-driven%20Text%20Input%20Exercising%20for%20Android%20Applicationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#TextExerciser:%20Feedback-driven%20Text%20Input%20Exercising%20for%20Android%20ApplicationsTue, 31 Dec 2019 16:00:00 GMTYuyu He (Fudan University), Lei Zhang (Fudan University), Zhemin Yang (Fudan University), Yinzhi Cao (Johns Hopkins University), Keke Lian (Fudan University), Shuai Li (Fudan University), Wei Yang (University of Texas at Dallas), Zhibo Zhang (Fudan University), Min Yang (Fudan University), Yuan Zhang (Fudan University), Haixin Duan (Fudan University)The Last Mile: High-Assurance and High-Speed Cryptographic Implementationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Last%20Mile:%20%20High-Assurance%20and%20High-Speed%20Cryptographic%20Implementationshttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Last%20Mile:%20%20High-Assurance%20and%20High-Speed%20Cryptographic%20ImplementationsTue, 31 Dec 2019 16:00:00 GMTJosé Bacelar Almeida (University of Minho / INESC TEC), Manuel Barbosa (University of Porto (FCUP) / INESC TEC), Gilles Barthe (MPI for Security and Privacy / IMDEA Software), Benjamin Grégoire (Inria), Adrien Koutsos (LSV, CNRS, ENS Paris-Saclay), Vincent Laporte (Inria), Tiago Oliveira (University of Porto (FCUP) / INESC TEC), Pierre-Yves Strub (Ecole Polytechnique)The Many Kinds of Creepware Used for Interpersonal Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Many%20Kinds%20of%20Creepware%20Used%20for%20Interpersonal%20Attackshttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Many%20Kinds%20of%20Creepware%20Used%20for%20Interpersonal%20AttacksTue, 31 Dec 2019 16:00:00 GMTKevin Roundy (NortonLifeLock Research Group), Paula Barmaimon Mendelberg (Cornell Tech), Nicola Dell (Cornell Tech), Damon McCoy (New York University), Daniel Nissani (Cornell Tech), Thomas Ristenpart (Cornell Tech), Acar Tamersoy (NortonLifeLock Research Group)The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distributionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20State%20of%20the%20Uniform:%20Attacks%20on%20Encrypted%20Databases%20Beyond%20the%20Uniform%20Query%20Distributionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20State%20of%20the%20Uniform:%20Attacks%20on%20Encrypted%20Databases%20Beyond%20the%20Uniform%20Query%20DistributionTue, 31 Dec 2019 16:00:00 GMTEvgenios Kornaropoulos (UC Berkeley), Charalampos Papamanthou (University of Maryland), Roberto Tamassia (Brown University)The Value of Collaboration in Convex Machine Learning with Differential Privacyhttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Value%20of%20Collaboration%20in%20Convex%20Machine%20Learning%20with%20Differential%20Privacyhttps://www.ieee-security.org/TC/SP2020/program-papers.html#The%20Value%20of%20Collaboration%20in%20Convex%20Machine%20Learning%20with%20Differential%20PrivacyTue, 31 Dec 2019 16:00:00 GMTNan Wu (Macquarie University), Farhad Farokhi (CSIRO's Data61 / The University of Melbourne), David Smith (CSIRO's Data61 / Austrailian National University), Mohamed Ali Kaafar (CSIRO's Data61 / Macquarie University)This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINshttps://www.ieee-security.org/TC/SP2020/program-papers.html#This%20PIN%20Can%20Be%20Easily%20Guessed:%20Analyzing%20the%20Security%20of%20Smartphone%20Unlock%20PINshttps://www.ieee-security.org/TC/SP2020/program-papers.html#This%20PIN%20Can%20Be%20Easily%20Guessed:%20Analyzing%20the%20Security%20of%20Smartphone%20Unlock%20PINsTue, 31 Dec 2019 16:00:00 GMTPhilipp Markert (Ruhr University Bochum), Daniel Bailey (Ruhr University Bochum), Maximilian Golla (Max Planck Institute for Security and Privacy), Markus Dürmuth (Ruhr University Bochum), Adam Aviv (The George Washington University)Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Throwing%20Darts%20in%20the%20Dark?%20Detecting%20Bots%20with%20Limited%20Data%20using%20Neural%20Data%20Augmentationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Throwing%20Darts%20in%20the%20Dark?%20Detecting%20Bots%20with%20Limited%20Data%20using%20Neural%20Data%20AugmentationTue, 31 Dec 2019 16:00:00 GMTSteve T.K. Jan (University of Illinios at Urbana-Champaign / Virginia Tech), Qingying Hao (University of Illinios at Urbana-Champaign), Tianrui Hu (Virginia Tech), Jiameng Pu (Virginia Tech), Sonal Oswal (Radware, Isreal), Gang Wang (University of Illinios at Urbana-Champaign), Bimal Viswanath (Virginia Tech)Towards Effective Differential Privacy Communication for Users' Data Sharing Decision and Comprehensionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20Effective%20Differential%20Privacy%20Communication%20for%20Users'%20Data%20Sharing%20Decision%20and%20Comprehensionhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20Effective%20Differential%20Privacy%20Communication%20for%20Users'%20Data%20Sharing%20Decision%20and%20ComprehensionTue, 31 Dec 2019 16:00:00 GMTAiping Xiong (Penn State University), Tianhao Wang (Purdue University), Ninghui Li (Purdue University), Somesh Jha (University of Wisconsin-Madison)Towards Scalable Threshold Cryptosystemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20Scalable%20Threshold%20Cryptosystemshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20Scalable%20Threshold%20CryptosystemsTue, 31 Dec 2019 16:00:00 GMTAlin Tomescu (MIT CSAIL), Robert Chen (MIT PRIMES / Lexington High School), Yiming Zheng (MIT PRIMES / Lexington High School), Ittai Abraham (VMware Research), Benny Pinkas (VMware Research / Bar Ilan University), Guy Golan Gueta (VMware Research), Srinivas Devadas (MIT CSAIL)Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyseshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20a%20Natural%20Perspective%20of%20Smart%20Homes%20for%20Practical%20Security%20and%20Safety%20Analyseshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Towards%20a%20Natural%20Perspective%20of%20Smart%20Homes%20for%20Practical%20Security%20and%20Safety%20AnalysesTue, 31 Dec 2019 16:00:00 GMTSunil Manandhar (William & Mary), Kevin Moran (William & Mary), Kaushal Kafle (William & Mary), Ruhao Tang (William & Mary), Denys Poshyvanyk (William & Mary), Adwait Nadkarni (William & Mary)Transparent Polynomial Delegation and Its Applications to Zero Knowledge Proofhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Transparent%20Polynomial%20Delegation%20and%20Its%20Applications%20to%20Zero%20Knowledge%20Proofhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Transparent%20Polynomial%20Delegation%20and%20Its%20Applications%20to%20Zero%20Knowledge%20ProofTue, 31 Dec 2019 16:00:00 GMTJiaheng Zhang (UC Berkeley), Tiancheng Xie (UC Berkeley), Yupeng Zhang (Texas A&M University), Dawn Song (UC Berkeley)Transys: Leveraging Common Security Properties Across Hardware Designshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Transys:%20Leveraging%20Common%20Security%20Properties%20Across%20Hardware%20Designshttps://www.ieee-security.org/TC/SP2020/program-papers.html#Transys:%20Leveraging%20Common%20Security%20Properties%20Across%20Hardware%20DesignsTue, 31 Dec 2019 16:00:00 GMTRui Zhang (University of North Carolina at Chapel Hill), Cynthia Sturton (University of North Carolina at Chapel Hill)Unexpected Data Dependency Creation and Chaining: A New Attack to SDNhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Unexpected%20Data%20Dependency%20Creation%20and%20Chaining:%20A%20New%20Attack%20to%20SDNhttps://www.ieee-security.org/TC/SP2020/program-papers.html#Unexpected%20Data%20Dependency%20Creation%20and%20Chaining:%20A%20New%20Attack%20to%20SDNTue, 31 Dec 2019 16:00:00 GMTFeng Xiao (The Pennsylvania State University), Jinquan Zhang (The Pennsylvania State University), Jianwei Huang (Texas A&M University), Guofei Gu (Texas A&M University), Dinghao Wu (The Pennsylvania State University), Peng Liu (The Pennsylvania State University)VerX: Safety Verification of Smart Contractshttps://www.ieee-security.org/TC/SP2020/program-papers.html#VerX:%20Safety%20Verification%20of%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2020/program-papers.html#VerX:%20Safety%20Verification%20of%20Smart%20ContractsTue, 31 Dec 2019 16:00:00 GMTAnton Permenev (ChainSecurity), Dimitar Dimitrov (ETH Zurich), Petar Tsankov (ChainSecurity), Dana Drachsler-Cohen (ETH Zurich), Martin Vechev (ETH Zurich)VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contractshttps://www.ieee-security.org/TC/SP2020/program-papers.html#VeriSmart:%20A%20Highly%20Precise%20Safety%20Verifier%20for%20Ethereum%20Smart%20Contractshttps://www.ieee-security.org/TC/SP2020/program-papers.html#VeriSmart:%20A%20Highly%20Precise%20Safety%20Verifier%20for%20Ethereum%20Smart%20ContractsTue, 31 Dec 2019 16:00:00 GMTSunbeom So (Korea University), Myungho Lee (Korea University), Jisu Park (Korea University), Heejo Lee (Korea University), Hakjoo Oh (Korea University)WaveSpy: Remote and Through-wall Screen Attack via mmWave Sensinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#WaveSpy:%20Remote%20and%20Through-wall%20Screen%20Attack%20via%20mmWave%20Sensinghttps://www.ieee-security.org/TC/SP2020/program-papers.html#WaveSpy:%20Remote%20and%20Through-wall%20Screen%20Attack%20via%20mmWave%20SensingTue, 31 Dec 2019 16:00:00 GMTZhengxiong Li (University of Buffalo, SUNY), Fenglong Ma (University of Buffalo, SUNY), Aditya Singh Rathore (University of Buffalo, SUNY), Zhuolin Yang (University of Buffalo, SUNY), Baicheng Chen (University of Buffalo, SUNY), Lu Su (University of Buffalo, SUNY), Wenyao Xu (University of Buffalo, SUNY)ZEXE: Enabling Decentralized Private Computationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#ZEXE:%20Enabling%20Decentralized%20Private%20Computationhttps://www.ieee-security.org/TC/SP2020/program-papers.html#ZEXE:%20Enabling%20Decentralized%20Private%20ComputationTue, 31 Dec 2019 16:00:00 GMTSean Bowe (Zcash), Alessandro Chiesa (University of California, Berkeley), Matthew Green (Johns Hopkins University), Ian Miers (Cornell Tech), Pratyush Mishra (University of California, Berkeley), Howard Wu (University of California, Berkeley)_ I Know Where You Parked Last Summer _ Automated Reverse Engineering and Privacy Analysis of Modern Carshttps://www.ieee-security.org/TC/SP2020/program-papers.html#_%20I%20Know%20Where%20You%20Parked%20Last%20Summer%20_%20Automated%20Reverse%20Engineering%20and%20Privacy%20Analysis%20of%20Modern%20Carshttps://www.ieee-security.org/TC/SP2020/program-papers.html#_%20I%20Know%20Where%20You%20Parked%20Last%20Summer%20_%20Automated%20Reverse%20Engineering%20and%20Privacy%20Analysis%20of%20Modern%20CarsTue, 31 Dec 2019 16:00:00 GMTDaniel Frassinelli (CISPA Helmholtz Center for Information Security, Saarland Informatics Campus, Germany), Sohyeon Park (CISPA Helmholtz Center for Information Security, Saarland Informatics Campus, Germany), Stefan Nürnberger (CISPA Helmholtz Center for Information Security, Saarland Informatics Campus, Germany)xMP: Selective Memory Protection for Kernel and User Spacehttps://www.ieee-security.org/TC/SP2020/program-papers.html#xMP:%20Selective%20Memory%20Protection%20for%20Kernel%20and%20User%20Spacehttps://www.ieee-security.org/TC/SP2020/program-papers.html#xMP:%20Selective%20Memory%20Protection%20for%20Kernel%20and%20User%20SpaceTue, 31 Dec 2019 16:00:00 GMTSergej Proskurin (Technical University of Munich), Marius Momeu (Technical University of Munich), Seyedhamed Ghavamnia (Stony Brook University), Vasileios Kemerlis (Brown University), Michalis Polychronakis (Stony Brook University)