Skip to content

Full Program (Main Conference)


 

Day 3 (Wednesday, 3 July 2024)
  Systems Track
(Grand Ballroom 1)
Hardware, CPS and ML Track
(Grand Ballroom 2)
Formal Guarantees Track
(Grand Ballroom 3)
07:45 – 08:30 Registration & Breakfast
08:30 – 09:00 Opening Remark
(Grand Ballroom)

Slides: Opening Remarks by General Chairs     Opening Remarks by PC Chairs 
09:00 – 10:00 Keynote 1: Robert Deng (Singapore Management University, Singapore)
Toward Practical Client-Side Encryption in Cloud Computing
(Grand Ballroom)
Session Chair: Jianying Zhou

Slide: Keynote 1
Note: Only ACM ASIACCS’24 registered attendants can request the password at eyasu_chekole@sutd.edu.sg. No circulation of the file without permission.
10:00 – 10:30 Tea Break
10:30 – 12:30 Session 1: Network Security
Session Chair: Michalis Polychronakis
Session 2: Side Channels
Session Chair: Mihalis Maniatakos
Session 3: Privacy-Preserving Protocols
Session Chair: Joseph Liu
  Towards Robust Domain Generation Algorithm Classification 
Arthur Drichel, Marc Meyer, Ulrike Meyer (RWTH Aachen University)

Kirin: Hitting the Internet with Distributed BGP Announcements 
Lars Prehn (Max Planck Institute for Informatics); Pawel Foremski (IITiS PAN / DomainTools); Oliver Gasser (IPinfo / Max Planck Institute for Informatics)

X-Ray-TLS: Transparent Decryption of TLS Sessions by Extracting Session Keys from Memory 
Florent Moriconi (EURECOM, Amadeus); Olivier Levillain (Samovar, Télécom SudParis, Institut Polytechnique de Paris); Aurélien Francillon, Raphael Troncy (EURECOM)

Semantic Ranking for Automated Adversarial Technique Annotation in Security Text 
Udesh Kumarasinghe (University of Colombo); Ahmed Lekssays, Husrev Taha Sencar, Sabri Boughorbel (Qatar Computing Research Institute); Charitha Elvitigala (C2SI); Preslav Nakov (MBZUAI)

Exposed by Default: A Security Analysis of Home Router Default Settings
Junjian Ye (Nanjing University of Posts and Telecommunications); Xavier de Carné de Carnavalet (The Hong Kong Polytechnic University); Lianying Zhao (Carleton University); Mengyuan Zhang (Vrije Universiteit Amsterdam); Lifa Wu, Wei Zhang (Nanjing University of Posts and Telecommunications)

Look What’s There! Utilizing the Internet’s Existing Data for Censorship Circumvention with OPPRESSION
Sebastian Zillien (Worms University of Applied Sciences); Tobias Schmidbauer (Nuremberg Institute of Technology); Mario Kubek (Georgia State University); Joerg Keller (FernUniversität in Hagen); Steffen Wendzel (Worms University of Applied Sciences/FernUniversität in Hagen)

Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments 
Xiangmin Shen (Northwestern University); Zhenyuan Li (Zhejiang University); Graham Burleigh, Lingzhi Wang, Yan Chen (Northwestern University)

C2Miner: Tricking IoT Malware into Revealing Live Command & Control Servers
Ali Davanian, Michail Faloutsos (University of California Riverside); Martina Lindorfer (TU Wien)

Generic and Automated Drive-by GPU Cache Attacks from the Browser
Lukas Giner, Roland Czerny, Christoph Gruber, Fabian Rauscher, Andreas Kogler (Graz University of Technology); Daniel De Almeida Braga (University of Rennes, CNRS, IRISA); Daniel Gruss (Graz University of Technology)

Cloud-Based Machine Learning Models as Covert Communication Channels
Torsten Krauß, Jasper Stang, Alexandra Dmitrienko (University of Würzburg)

WebGPU-SPY: Finding Fingerprints in the Sandbox through GPU Cache Attacks
Ethan Ferguson, Adam Wilson, Hoda Naghibijouybari (Binghamton University)

SoK: Can We Really Detect Cache Side-Channel Attacks by Monitoring Performance Counters?
William Kosasih (University of Adelaide); Yusi Feng (Institute of Information Engineering, Chinese Academy of Sciences; University of Chinese Academy of Sciences); Chitchanok Chuengsatiansup (The University of Melbourne); Yuval Yarom (Ruhr University Bochum); Ziyuan Zhu (Institute of Information Engineering, Chinese Academy of Sciences)

Non-Fusion Based Coherent Cache Randomization Using Cross-Domain Accesses
Kartik Ramkrishnan (University Of Minnesota); Stephen McCamant, Antonia Zhai (University of Minnesota); Pen Chung Yew (University of Minnesota at Twin Cities)

Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization
Tiziano Marinaro (CISPA Helmholtz Center for Information Security and Saarland University); Pablo Buiras, Andreas Lindner, Roberto Guanciale, Hamed Nemati (KTH Royal Institute of Technology)

Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8
Markus Bauer, Lorenz Hetterich, Michael Schwarz, Christian Rossow (CISPA Helmholtz Center for Information Security)

ABBY: Automating leakage modelling for side-channel analysis
Omid Bazangani, Alexandre Iooss, Ileana Buhan, Lejla Batina (Radboud University)

Privacy-Preserving Popularity-Based Deduplication against Malicious Behaviors of the Cloud
Xiaowei Ge, Guanxiong Ha (College of Cyber Science, Nankai University); Chunfu Jia (Nankai University); Zhen Su (College of Cyber Science, Nankai University)

Nomadic: Normalising Maliciously-Secure Distance with Cosine Similarity for Two-Party Biometric Authentication
Nan Cheng (University of St. Gallen); Melek Önen (EURECOM); Aikaterini Mitrokotsa (University of St. Gallen); Oubaïda Chouchane, Massimiliano Todisco (EURECOM); Alberto Ibarrondo (Copper.co)

SiGBDT: Large-Scale Gradient Boosting Decision Tree Training via Function Secret Sharing
Yufan Jiang, Fei Mei, Tianxiang Dai, Yong Li (Huawei European Research Center)

zkMatrix: Batched Short Proof for Committed Matrix Multiplication
Mingshu Cong (The University of Hong Kong); Tsz Hon Yuen (Monash University); Siu-Ming Yiu (The University of Hong Kong)

Efficient Privacy-Preserving Approximation of the Kidney Exchange Problem
Malte Breuer, Ulrike Meyer (RWTH Aachen University); Susanne Wetzel (Stevens Institute of Technology)

Honest Majority Multiparty Computation over Rings with Constant Online Communication
Minghua Zhao (Shanghai Fudan Microelectronics Group Company Limited)

Ratel: MPC-extensions for Smart Contracts
Yunqi Li, Kyle Soska (University of Illinois at Urbana-Champaign); Zhen Huang (Shanghai Jiao Tong University); Sylvain Bellemare (The Initiative for CryptoCurrencies and Contracts); Mikerah Quintyne-Collins (HashCloack Inc.); Lun Wang (Google); Xiaoyuan Liu, Dawn Song (University of California, Berkeley); Andrew Miller (University of Illinois at Urbana-Champaign)
12:30 – 14:00 Lunch
14:00 – 17:00 Poster Session
 

POSTER: Seccomp profiling with Dynamic Analysis via ChatGPT-assisted Test Code Generation
Somin Song (Cisco Research); Ashish Kundu (Cisco Ressearch); Byungchul Tak (Kyungpook National University)

POSTER: Addressing the Privacy by Use Challenges in Verifiable Credential based Digital Wallets
Jongkil Jay Jeong, Robin Doss, Lu-xing Yang, Mohamed Abdelrazek, Zoe Wang, Ashish Nanda (Deakin University, Australia); Praveen Gauravaram, Keerthivasan Viswanathan (TCS Australia)

POSTER: Brave: Byzantine-Resilient and Privacy-Preserving Peer-to-Peer Federated Learning
Zhangchen Xu, Fengqing Jiang, Luyao Niu (University of Washington); Jinyuan Jia (Pennsylvania State University); Radha Poovendran (University of Washington)

POSTER: Double-Dip: Thwarting Label-Only Membership Inference Attacks with Transfer Learning and Randomization
Arezoo Rajabi, Reeya Pimple, Aiswarya Janardhanan, Surudhi Asokraj (University of Washington); Bhaskar Ramasubramanian (Western Washington University); Radha Poovendran (Department of Electrical and Computer Engineering, University of Washington)

POSTER: Game of Trojans: Adaptive Adversaries Against Output-based Trojaned-Model Detectors 
Dinuka Sahabandu (University of Washington); Xiaojun Xu (University of Illinois at Urbana-Champaign); Arezoo Rajabi, Luyao Niu (University of Washington); Bhaskar Ramasubramanian (Western Washington University); Bo Li (UIUC); Radha Poovendran (Department of Electrical and Computer Engineering, University of Washington)

POSTER: Defense against False Data Injection Attack in a Cyber-Physical System
Sushree Padhan, Ashok Kumar Turuk (National Institute of Technology Rourkela)

POSTER: MalaQ – A Malware Against Quantum Computer
Siyi Wang (Nanyang Technological University); Alex Jin (National University of Singapore); Suman Deb (Nanyang Technological University); Tarun Dutta, Manas Mukherjee (National University of Singapore); Anupam Chattopadhyay (Nanyang Technological University)

POSTER: Identifying and Mitigating Vulnerabilities in LLM-Integrated Applications
Fengqing Jiang, Zhangchen Xu, Luyao Niu (University of Washington); Boxin Wang (Nvidia); Jinyuan Jia (Penn State); Bo Li (University of Chicago); Radha Poovendran (Department of Electrical and Computer Engineering, University of Washington)

POSTER: On the Feasibility of Inferring SGX Execution through PMU
Woomin Lee, Taehun Kim, Youngjoo Shin (Korea University)

POSTER: Multi-Block Fusion Mechanism for Multi-label Vulnerability Detection in Smart Contracts
Van Tong (Hanoi University of Science and Technology); Cuong Dao (Hanoi University of Civil Engineering); Thep Dong, Hai Anh Tran, Duc Tran (Hanoi University of Science and Technology); Truong X. Tran (The Pennsylvania State University)

POSTER: iTieProbe: Is IoT Device Provisioning secure against MAC Layer authentication-token based replay attacks?
Anand Agrawal (BITS Pilani, Hyderabad Campus); Rajib Ranjan Maiti (BITS PILANI, Hyderabad Campus)

14:00 – 15:30 Session 4: Wireless and Mobile Security
Session Chair: Hongxin Hu
Session 5: Hardware Security
Session Chair: Aurélien Francillon
Session 6: Post Quantum
Session Chair: Haiyang Xue
  Physical-Layer Public Key Encryption Through Massive MIMO
Senlin Liu, Tong Gao, Yijian Liu, Xianhui Lu (Institute of Information Engineering, CAS, University of Chinese Academy of Sciences)

Battle of Wits: To What Extent Can Fraudsters Disguise Their Tracks in International bypass Fraud? 
Anne Josiane Kouam (TU Berlin); Aline Carneiro Viana (INRIA); Alain Tchana (Grenoble INP)

Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware 
Antonio Ruggia (University of Genova); Dario Nisi, Savino Dambra (EURECOM); Alessio Merlo (CASD – School for Advanced Defense Studies); Davide Balzarotti, Simone Aonzo (EURECOM)

TriSAS: Toward Dependable Inter-SAS Coordination with Auditability
Shanghao Shi (Virginia Tech); Yang Xiao (University of Kentucky); Changlai Du, Yi Shi (Virginia Tech); Chonggang Wang, Robert Gazda (InterDigital); Y. Thomas Hou, Eric Burger, Luiz DaSilva, Wenjing Lou (Virginia Tech)

Key Establishment for Secure Asymmetric Cross-Technology Communication 
Wei Wang (Saint Louis University); Xin Liu (The Ohio State University); Zicheng Chi (Cleveland State University); Stuart Ray (Saint Louis University); Ting Zhu (The Ohio State University)
Secure Data-Binding in FPGA-based Hardware Architectures utilizing PUFs
Florian Frank, Martin Schmid, Felix Klement (University of Passau); Purushothaman Palani (Virginia Tech); Andreas Weber, Elif Bilge Kavun (University of Passau); Wenjie Xiong (Virginia Tech); Tolga Arul, Stefan Katzenbeisser (University of Passau)

SoK: Rowhammer on Commodity Operating Systems
Zhi Zhang (The University of Western Australia); Decheng Chen, Jiahao Qi (School of Microelectronics, South China University of Technology, China); Yueqiang Cheng (NIO); Shijie Jiang, Yiyang Lin (School of Microelectronics, South China University of Technology, China); Yansong Gao, Surya Nepal (CSIRO’s Data61); Yi Zou (School of Microelectronics, South China University of Technology, China); Jiliang Zhang (College of Integrated Circuits, Hunan University, China); Yang Xiang (School of Software and Electrical Engineering, Swinburne University of Technology, Australia)

SRAM Imprinting for System Protection and Differentiation
Jubayer Mahmod, Matthew Hicks (Virginia Tech)

Mayhem: Targeted Corruption of Register and Stack Variables
Andrew Adiletta, M. Caner Tol, Yarkın Doröz, Berk Sunar (Worcester Polytechnic Institute)

On The Effect of Replacement Policies on The Security of Randomized Cache Architectures
Moritz Peters (Horst Görtz Institute for IT-Security, Ruhr University Bochum); Nicolas Gaudin (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Jan Philipp Thoma (Horst Görtz Institute for IT-Security, Ruhr University Bochum); Vianney Lapôtre (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Pascal Cotret (UMR 6285, Lab-STICC, ENSTA Bretagne, Brest, France); Guy Gogniat (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Tim Güneysu (Ruhr University Bochum, Bochum, DFKI GmbH, Bremen)

PowSpectre: Powering Up Speculation Attacks with TSX-based Replay
Md Hafizul Islam Chowdhuryy (University of Central Florida); Zhenkai Zhang (Clemson University); Fan Yao (University of Central Florida)
HQsFL: A Novel Training Strategy for Constructing High-performance and Quantum-safe Federated Learning 
Bo Yu, Huajie Shen, Qian Xu, Wei He, Wankui Mao, Qing Zhang (Bestpay Co., Ltd.); Fan Zhang (Zhejiang University)

Efficient Post-Quantum Secure Deterministic Threshold Wallets from Isogenies
Poulami Das (CISPA Helmholtz Center for Information Security); Andreas Erwig (Technical University of Darmstadt); Michael Meyer (University of Regensburg); Patrick Struck (University of Konstanz)

REPQC: Reverse Engineering and Backdooring Hardware Accelerators for Post-quantum Cryptography
Samuel Pagliarini (Carnegie Mellon University/Tallinn University of Technology); Aikata Aikata (Institute of Applied Information Processing and Communications, Graz University of Technology); Malik Imran (Tallinn University of Technology); Sujoy Sinha Roy (Institute of Applied Information Processing and Communications, Graz University of Technology)

Pairwise and Parallel: Enhancing the Key Mismatch Attacks on Kyber and Beyond
Mingyao Shao (Institute of Information Engineering, CAS & School of Cyber Security, UCAS); Yuejun Liu (School of Cyber Science and Engineering, NJUST ); Yongbin Zhou (School of Cyber Science and Engineering, NJUST & Institute of Information Enginee, CAS & School of Cyber Security, UCAS)

SoK: CryptographicEstimators – a Software Library for Cryptographic Hardness Estimation
Andre Esser, Javier Verbel, Floyd Zweydinger, Emanuele Bellini (Technology Innovation Institute)

OPRFs from Isogenies: Designs and Analysis
Lena Heimberger, Tobias Hennerbichler (Graz University of Technology); Fredrik Meisingseth (Graz University of Technology and Know-Center); Sebastian Ramacher (AIT Austrian Institute of Technology); Christian Rechberger (Graz University of Technology)
15:30 – 16:00 Tea Break
16:00 – 17:00 Session 7: Measurements
Session Chair: Marc Dacier
Session 8: IoT and Voice Assistants
Session Chair: Sridhar Adepu
Session 9: Formal Methods
Session Chair: Sudipta Chattopadhyay
  External Attack-Surface of Modern Organizations
Nethanel Gelernter (IONIX ); Haya Schulmann (Goethe-Universität Frankfurt); Michael Waid-
ner (Fraunhofer SIT and TU Darmstadt)

Cryptography in the Wild: An Empirical Analysis of Vulnerabilities in Cryptographic Libraries
Jenny Blessing (University of Cambridge); Michael Specter (Georgia Institute of Technology); Daniel J. Weitzner (MIT )

Username Squatting on Online Social Networks: A Study on X
Anastasios Lepipas, Anastasia Borovykh, Soteris Demetriou (Imperial College London)

Deep Dive into Client-Side Anti-Phishing: A Longitudinal Study Bridging Academia and Industry
Rana Pourmohamad, Steven Wirsz, Adam Oest, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Adam Doupé, Rida A. Bazzi (Arizona State University)
Command Hijacking on Voice-Controlled IoT in Amazon Alexa Platform
Wenbo Ding (University at Buffalo); Song Liao, Long Cheng (Clemson University); Xianghang Mi (University of Science and Technology of China); Ziming Zhao, Hongxin Hu (University at Buffalo)

WhisperVoiceTrace: A Comprehensive Analysis of Voice Command Fingerprinting
Hyojin Kim, Minji Jo, Jiwoo Hong, Hosung Kang (Ewha Womans University); Nate Mathews (Rochester Institute of Technology); Se Eun Oh (Ewha Womans University)

SpotOn: Adversarially Robust Keyword Spotting on Resource-Constrained IoT Platforms 
Mehreen Jabbeen, Vireshwar Kumar (Indian Institute of Technology, Delhi); Rijurekha Sen (IIT Delhi)

OASIS: An Intrusion Detection System Embedded in Bluetooth Low Energy Controllers
Romain Cayre (EURECOM); Vincent Nicomette, Guillaume Auriol, Mohamed Kaâniche (LAAS-CNRS); Aurélien Francillon (EURECOM)
A Formal Analysis of Data Distribution Service Security
Binghan Wang, Hui Li, Jingjing Guan (Beijing University of Posts and Telecommunications, Beijing, China)

Formal Verification and Solutions for Estonian E-Voting 
Sevdenur Baloglu, Sergiu Bursuc, Sjouke Mauw, Jun Pang (University of Luxembourg)

Camel: E2E Verifiable Instant Runoff Voting without Tallying Authorities
Luke Harrison, Samiran Bag, Feng Hao (University of Warwick)

Segment-Based Formal Verification of WiFi Fragmentation and Power Save Mode
Zilin Shen, Imtiaz Karim, Elisa Bertino (Purdue University)

 

 

Day 4 (Thursday, 4 July 2024)
  Systems Track
(Grand Ballroom 1)
Hardware, CPS and ML Track
(Grand Ballroom 2)
Formal Guarantees Track
(Grand Ballroom 3)
08:00 – 08:30 Breakfast
08:30 – 10:30 Session 10: Web Security
Session Chair: Qingyang Wang
Session 11: Cyber-Physical Systems
Session Chair: Daisuke Mashima
Session 12: Crypto and Privacy
Session Chair: Yu Zheng
  FakeX: A Framework for Detecting Fake Reviews of Browser Extensions
Eric Olsson, Benjamin Eriksson (Chalmers University of Technology); Pablo Picazo-Sanchez (Chalmers University of Technology, Halmstad University); Lukas Andersson, Andrei Sabelfeld (Chalmers University of Technology)

What is in the Chrome Web Store
Sheryl Hsu, Manda Tran (Stanford University); Aurore Fass (Stanford University, CISPA Helmholtz Center for Information Security)

Sync-Millibottleneck Attack on Microservices Cloud Architecture
Xuhang Gu, Qingyang Wang (Louisiana State University); Qiben Yan (Michigan State University); Jianshu Liu (Louisiana State University); Calton Pu (Georgia Tech)

Towards Understanding and Improving Security-Relevant Web Application Logging
Merve Sahin, Noemi Daniele (SAP Security Research)

RootFree Attacks: Exploiting Mobile Platform’s Super Apps From Desktop
Chao Wang (The Ohio State University); Yue Zhang (Drexel University); Zhiqiang Lin (The Ohio State University)

Who’s Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact
Jannis Rautenstrauch, Ben Stock (CISPA Helmholtz Center for Information Security)

Beneath the Phishing Scripts: A Script-Level Analysis of Phishing Kits and Their Impact on Real-World Phishing Websites
Woonghee Lee, Junbeom Hur (Korea University); Doowon Kim (University of Tennessee, Knoxville)

BinAdapter: Leveraging Continual Learning for Inferring Function Symbol Names in a Binary
Nozima Murodova, Hyungjoon Koo (Sungkyunkwan University)

The SA4P Framework: Sensing and Actuation as a Privilege
Piet De Vaere (ETH Zürich); Felix Stöger, Adrian Perrig (ETH Zürich); Gene Tsudik (UCI )

ConFIDe: A PWM-Driven Control-Fused Intrusion Detection System for Hardware Security in Unmanned Aerial Vehicles
Muneeba Asif (Florida International University); Ahmad Mohammad (Middle Tennessee State University); Mohammad Ashiqur Rahman, Kemal Akkaya (Florida International University)

Catch me if you can: Covert Information Leakage from Drones using MAVLink Protocol
Maryna Veksler, Kemal Akkaya, Selcuk Uluagac (Florida International University)

Diagnosis-guided Attack Recovery for Securing Robotic Vehicles from Sensor Deception Attacks
Pritam Dash (University of British Columbia); Guanpeng Li (University of Iowa); Mehdi Karimibiuki, Karthik Pattabiraman (University of British Columbia)

FAKEPCD: Fake Point Cloud Detection via Source Attribution
Yiting Qu, Zhikun Zhang (CISPA Helmholtz Center for Information Security); Yun Shen (Netapp); Michael Backes, Yang Zhang (CISPA Helmholtz Center for Information Security)

On Practicality of Using ARM TrustZone Trusted Execution Environment for Securing Programmable Logic Controllers
Zhiang Li (National University of Singapore); Daisuke Mashima, Wen Shei Ong, Ertem Esiner (Illinois ARCS); Zbigniew Kalbarczyk (University of Illinois at Urbana-Champaign); Ee-Chien Chang (School of Computing, NUS)

Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication
Eric Wagner (Fraunhofer FKIE & RWTH Aachen University); David Heye (RWTH Aachen University & Fraunhofer FKIE); Martin Serror (Fraunhofer FKIE); Ike Kunze, Klaus Wehrle (RWTH Aachen University); Martin Henze (RWTH Aachen University & Fraunhofer FKIE)

Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System
Khaled Sarieddine, Mohammad Ali Sayed (Concordia University); Sadegh Torabi (George Mason University); Ribal Attallah, Danial Jafarigiv (Hydro-Quebec Research Institute); Chadi Assi (Concordia University); Mourad Debbabi (Security Research Centre, Concordia University, Quebec, Canada)
Exploiting Data Redundancy in CKKS Encoding for High-Speed Homomorphic Encryption
Amir Sabbagh Molahosseini (Queen’s University Belfast); Hans Vandierendonck (Queen’s University of Belfast)

Efficient Unbalanced Quorum PSI from Homomorphic Encryption
Xinpeng Yang, Liang Cai, Yinghao Wang, Keting Yin, Lu Sun (Zhejiang University); Jingwei Hu (Nanyang Technological University)

SweetPAKE: Key exchange with decoy passwords
Afonso Arriaga (SnT, University of Luxembourg); Peter Y.A. Ryan (SnT, Univeristy of Luxembourg); Marjan Skrobot (SnT, University of Luxembourg)

MOSAIC: A Prune-and-Assemble Approach for Efficient Model Pruning in Privacy-Preserving Deep Learning
Yifei Cai (Old Dominion University); Qiao Zhang (Chongqing University); Rui Ning, Chunsheng Xin (Old Dominion University); Hongyi Wu (University of Arizona)

LightPIR: Single-Server PIR via FHE without Gaussian Noise
Han Xia, Mingsheng Wang (Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, CAS; School of Cyber Security, University of Chinese Academy of Sciences)

Reconstructing Chameleon Hash: Full Security and the Multi-Party Setting
Kwan Yin Chan (The University of Hong Kong); Liqun Chen, Yangguang Tian (University of Surrey); Tsz Hon Yuen (Monash University)

Skye: An Expanding PRF based Fast KDF and its Applications
Amit Singh Bhati (COSIC, KU Leuven); Antonín Dufka (Masaryk University); Elena Andreeva (Technical University of Vienna); Arnab Roy (University of Innsbruck); Bart Preneel (COSIC, KU Leuven)

Publishing Common Neighbors Histograms of Social Networks under Edge Differential Privacy
Chaojie Lv (University of Science and Technology of China); Xiaokui Xiao (NUS); Lan Zhang (University of Science and Technology of China); Ting Yu (Qatar Computing Research Institute)
10:30 – 11:00 Tea Break
11:00 – 12:00 Keynote 2: Alexandra Dmitrienko (University of Würzburg, Germany)
Federated Learning Security: From Dusk to Dawn
(Grand Ballroom)
Session Chair: Alvaro Cardenas

Slide: Keynote 2
Note: Only ACM ASIACCS’24 registered attendants can request the password at eyasu_chekole@sutd.edu.sg. No circulation of the file without permission.
12:00 – 13:15 Lunch
13:15 – 18:00 Social Event
(Bird Paradise)
19:00 – 22:00 Conference Dinner, Award Ceremony and Announcement of ASIACCS’25
(Conference Hotel)

 

Day 5 (Friday, 5 July 2024)
  Systems Track
(Grand Ballroom 1)
Hardware, CPS and ML Track
(Grand Ballroom 2)
Formal Guarantees Track
(Grand Ballroom 3)
08:30 – 09:00 Breakfast
09:00 – 10:00 Keynote 3: XiaoFeng Wang (Indiana University at Bloomington, USA)
Security Of AI, By AI and For AI: Charting New Territories in AI-Centered Cybersecurity Research
(Grand Ballroom)
Session Chair: Debin Gao 
10:00 – 10:30 Tea Break
10:30 – 12:30 Session 13: Software Security
Session Chair: Ziming Zhao
Session 14: Machine Learning
Session Chair: Ziyao Liu
Session 15: Distributed and Decentralized Systems
Session Chair: Lena Heimberger
 

Cross-Language Differential Testing of JSON Parsers
Jonas Möller, Felix Weißberg, Lukas Pirch, Thorsten Eisenhofer, Konrad Rieck (Technische Universität Berlin)

VFCFinder: Pairing Security Advisories and Patches
Trevor Dunlap, Elizabeth Lin, William Enck, Bradley Reaves (North Carolina State University)

On the Role of Pre-trained Embeddings in Binary Code Analysis 
Alwin Maier, Felix Weißberg, Konrad Rieck (TU Berlin)

ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels 
Marius Momeu, Fabian Kilger, Christopher Roemheld, Simon Schnückel (Technical University of Munich); Sergej Proskurin (BedRock Systems); Michalis Polychronakis (Stony Brook University); Vasileios P. Kemerlis (Brown University)

DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging Extension 
Andreas Hager-Clukas (University of Applied Sciences Munich); Konrad Hohentanner (Fraunhofer AISEC)

BinGo: Identifying Security Patches in Binary Code with Graph Representation Learning 
Xu He, Shu Wang (George Mason University); Pengbin Feng (Xidian University); Xinda Wang (The University of Texas at Dallas); Shiyu Sun (George Mason University); Qi Li (Tsinghua University); Kun Sun (George Mason University)

Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI
Lukas Maar, Pascal Nasahl, Stefan Mangard (Graz University of Technology, Graz)

Model Extraction Attacks Revisited
Jiacheng Liang (Stony Brook University); Ren Pang (Penn State University); Changjiang Li, Ting Wang (Stony Brook University)

A Generative Framework for Low-Cost Result Validation of Machine Learning-as-a-Service Inference
Abhinav Kumar (Saint Louis University); Miguel A. Guirao Aguilera (New Mexico State University); Reza Tourani (Saint Louis University); Satyajayant Misra (New Mexico State University)

VLIA: Navigating Shadows with Proximity for Highly Accurate Visited Location Inference Attack against Federated Recommendation Models
Thirasara Ariyarathna (University of New South Wales); Meisam Mohammady (Iowa State University of Science and Technology, Iowa, The USA); Hye-Young Paik, Salil S. Kanhere (University of New South Wales)

Self-Supervised Fine-Tuning of Automatic Speech Recognition Systems against Signal Processing Attacks
Oshan Jayawardena, Dilmi Caldera, Sandani Jayawardena, Avishka Sandeepa (University of Moratuwa); Vincent Bindschaedler (University of Florida); Subodha Charles (University of Moratuwa)

Mitigating Distributed Backdoor Attack in Federated Learning Through Mode Connectivity
Kane Walter (UNSW, Sydney, Australia); Meisam Mohammady (Iowa State University of Science and Technology, Iowa, The USA); Surya Nepal (Data61, CSIRO); Salil S. Kanhere (UNSW, Sydney, Australia)

An Investigation into Misuse of Java Security APIs by Large Language Models
Zahra Mousavi (CREST – The Centre for Research on Engineering Software Technologies, University of Adelaide, Cyber Security Cooperative Research Centre, CSIRO/Data61, Australia); Chadni Islam (Queensland University of Technology); Kristen Moore, Alsharif Abuadbba (CSIRO’s Data61, Australia); M. Ali Babar (CREST – The Centre for Research on Engineering Software Technologies, University of Adelaide)

Multi-Turn Hidden Backdoor in Large Language Model-powered Chatbot Models
Bocheng Chen (Michigan State University); Nikolay Ivanov (Rowan University); Guangjing Wang, Qiben Yan (Michigan State University)

PARL: Poisoning Attacks Against Reinforcement Learning-based Recommender Systems
Linkang Du, Quan Yuan (Zhejiang University); Min Chen (CISPA Helmholtz Center for Information Security); Mingyang Sun, Peng Cheng, Jiming Chen, Zhikun Zhang (Zhejiang University)

An Empirical Study of Consensus Protocols’ DoS Resilience
Giacomo Giuliari (ETH Zürich & Mysten Labs); Alberto Sonnino (Mysten Labs & University College London (UCL)); Marc Frei (ETH Zürich); Fabio Streun (Anapaya Systems); Lefteris Kokoris-Kogias (Mysten Labs & IST Austria); Adrian Perrig (ETH Zürich & Mysten Labs)

SilentProof: Anonymous Authentication with Blockchain-Backed Offloading
Jamal H. Mosakheil, Kan Yang (The University of Memphis)

Revocable TACO: Revocable Threshold based Anonymous Credentials over Blockchains
Kanchan Bisht, Neel Yogendra Kansagra, Reisha Ali, Mohammed Sayeed Shaik, Maria Francis, Kotaro Kataoka (IIT Hyderabad)

SecPLF: Secure Protocols for Loanable Funds against Oracle Manipulation Attacks
Sanidhay Arora, Yingjiu Li (University of Oregon); Yebo Feng (Nanyang Technological University); Jiahua Xu (UCL)

zkLogis: Scalable, Privacy-Enhanced, and Traceable Logistics on Public Blockchain
Jongho Kim, Junhee Lee, Hyunok Oh (Hanyang University); Jihye Kim (Kookmin University)

CapsuleFormer: A Capsule and Transformer combined model for Decentralized Application encrypted traffic classification
Xiang Zhou, Xi Xiao (Shenzhen International Graduate School, Tsinghua University, China); Qing Li (Peng Cheng Laboratory); Bin Zhang (Pengcheng Laboratory); Guangwu Hu (School of Computer Science, Shenzhen Institute of Information Technology,Shenzhen, China); Xiapu Luo (The Hong Kong Polytechnic University); Tianwei Zhang (Nanyang Technological University)

BlindShuffler: Universal and Trustless Mixing for Confidential Transactions
Chenke Wang, Zhonghui Ge, Yu Long (Shanghai Jiao Tong University); Xian Xu (East China University of Science and Technology); Shi-Feng Sun, Dawu Gu (Shanghai Jiao Tong University)

PEPPER: Privacy-prEserving, auditable, and fair Payment based resource discovery at the PERvasive edge
Emrah Sariboz (New Mexico State University); Reza Tourani (Saint Louis University); Roopa Vishwanathan, Satyajayant Misra (New Mexico State University)

12:30 – 14:00 Lunch
14:00 – 15:30 Session 16: Fuzzing
Session Chair: Mohammad Ashiqur Rahman
Session 17: Trusted Execution Environments and Enclaves
Session Chair: Wenbo Shen
Session 18: ORAM and Searchable Encryption
Session Chair: Chi Hung Chi
  Make out like a (Multi-Armed) Bandit: Improving the Odds of Fuzzer Seed Scheduling with T-Scheduler
Simon Luo (The University of New South Wales); Adrian Herrera (Australian National Univeristy); Paul Quirk, Michael Chase (DSTG); Damith C. Ranasinghe (University of Adelaide); Salil S Kanhere (The University of New South Wales)

SyzRisk: A Change-Pattern-Based Continuous Kernel Regression Fuzzer
Gwangmu Lee, Duo Xu (EPFL); Solmaz Salimi (Sharif University of Technology); Byoungyoung Lee (Seoul National University); Mathias Payer (EPFL)

Fuzzing API Error Handling Behaviors using Coverage Guided Fault Injection
Shashank Sharma, Sai Ritvik Tanksalkar, Sourag Cherupattamoolayil, Aravind Machiry (Purdue University)

AIMFuzz: Automated Function-Level In-Memory Fuzzing on Binaries
TaeWook Kim, Seokhyun Hong, Yeongpil Cho (Hanyang University)

What All the PHUZZ Is About: A Coverage-guided Fuzzer for Finding Vulnerabilities in PHP Web Applications
Sebastian Neef, Lorenz Kleissner, Jean-Pierre Seifert (Technische Universität Berlin)

SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing
Felix Weissberg, Jonas Möller (Technische Universität Berlin); Tom Ganz, Erik Imgrund (SAP Security Research); Lukas Pirch (Technische Universität Berlin); Lukas Seidel (Binarly); Moritz Schloegel (CISPA Helmholtz Center for Information Security); Thorsten Eisenhofer, Konrad Rieck (Technische Universität Berlin)

ESem: To Harden Process Synchronization for Servers
Zhanbo Wang (Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China, and Peng Cheng Laboratory, China); Jiaxin Zhan (Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China, and Department of Computer Science and Engineering, Southern University of Science and Technology, China); Xuhua Ding (Singapore Management University); Fengwei Zhang (Department of Computer Science and Engineering, Southern University of Science and Technology, China, and Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China); Ning Hu (Peng Cheng Laboratory, China)

TeeFilter: High-Assurance Network Filtering Engine for High-End IoT and Edge Devices based on TEEs
Jonas Röckl, Nils Bernsdorf (FAU Erlangen-Nürnberg); Tilo Müller (Hof University of Applied Sciences)

Building Your Own Trusted Execution Environments Using FPGA
MD Armanuzzaman (University at Buffalo); Ahmad-Reza Sadeghi (Technische Universität Darmstadt); Ziming Zhao (University at Buffalo)

SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments
Mengyuan Li, Yuheng Yang (Massachusetts Institute of Technology); Guoxing Chen (Shanghai Jiao Tong University); Mengjia Yan (Massachusetts Institute of Technology); Yinqian Zhang (Southern University of Science and Technology)

MultiTEE: Distributing Trusted Execution Environments
Simon Ott, Benjamin Orthen, Alexander Weidinger, Julian Horsch (Fraunhofer AISEC); Vijayanand Nayani, Jan-Erik Ekberg (Huawei Technologies)

(In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices
Yurak Choe (Sungkyunkwan University); Hyungseok Yu, Taeho Kim, Shinjae Lee (Samsung Electronics); Hojoon Lee, Hyoungshick Kim (Sungkyunkwan University)

Single Round-trip Hierarchical ORAM via Succinct Indices
William Holland (CSIRO’s data61); Olga Ohrimenko (The University of Melbourne); Anthony Wirth (the University of Melbourne)

CryptGraph: An Efficient Privacy-Enhancing Solution for Accurate Shortest Path Retrieval in Cloud Environments
Fuyi Wang (Deakin University); Zekai Chen (Fuzhou University); Lei Pan (Deakin University); Leo Yu Zhang (Griffith University); Jianying Zhou (Singapore University of Technology and Design)

Menhir: An Oblivious Database with Protection against Access and Volume Pattern Leakage
Leonie Reichert, Gowri R Chandran (Technical University of Darmstadt); Phillipp Schoppmann (Google); Thomas Schneider, Björn Scheuermann (Technical University of Darmstadt)

Tokenised Multi-client Provisioning for Dynamic Searchable Encryption with Forward and Backward Privacy
Arnab Bag (Indian Institute of Technology Kharagpur); Sikhar Patranabis (IBM Research India); Debdeep Mukhopadhyay (Department of Computer Science and Engineering, IIT Kharagpur)

ALLOSAUR: Accumulator with Low-Latency Oblivious Sublinear Anonymous credential Updates with Revocations
Samuel Jaques (University of Waterloo); Hart Montgomery (The Linux Foundation); Michael Lodder

DISCO: Dynamic Searchable Encryption with Constant State
Xiangfu Song (National University of Singapore); Yu Zheng (Chinese University of Hong Kong); Jianli Bai (University of Auckland); Changyu Dong (Guangzhou University); Zheli Liu (Nankai University); Ee-Chien Chang (National University of Singapore)

15:30 – 15:50 Tea Break
15:50 – 16:50 Session 19: Usability
Session Chair: Ertem Esiner
Session 20: Authentication and Signatures
Session Chair: Xuhua Ding
Session 21: Payment Channel Networks and Ticket Payments
Session Chair: Binbin Chen
  The Catcher in the Eye: Recognizing Users by their Blinks
Ryo Iijima (National Institute of Advanced Industrial Science and Technology, Waseda University); Tatsuya Takehisa (National Institute of Information and Communications Technology); Tetsushi Ohki (Shizuoka University, RIKEN AIP); Tatsuya Mori (Waseda University, NICT, RIKEN AIP)

From User Insights to Actionable Metrics: A User-Focused Evaluation of Privacy-Preserving Browser Extensions
Ritik Roongta, Rachel Greenstadt (New York University)

Charting the Path to SBOM Adoption: A Business Stakeholder-Centric Approach
Berend Kloeg (Northwave Cyber Security); Aaron Yi Ding (TU Delft); Sjoerd Pellegrom (Northwave Cyber Security); Yury Zhauniarovich (TU Delft)

SoK: False Information, Bots and Malicious Campaigns: Demystifying Elements of Social Media Manipulations
Mohammad Majid Akhtar, Rahat Masood (University of New South Wales); Muhammad Ikram (Macquarie University); Salil S Kanhere (UNSW, Sydney, Australia)

Delegating FIDO Credentials Using Single-use ECDSA Signatures
Wei-Zhu Yeoh, Lucjan Hanzlik, Oliver Valta (CISPA Helmholtz Center for Information Security)

Quantum-Safe Account Recovery for WebAuthn
Douglas Stebila, Spencer Wilson (University of Waterloo)

Byzantine Fault-Tolerant Aggregate Signatures
Quentin Kniep, Roger Wattenhofer (ETH Zürich)

Unstoppable Wallets: Chain-assisted Threshold ECDSA and its Applications
Guy Zyskind (MIT ); Avishay Yanai (unaffiliated); Alex Pentland (MIT)

Auroch: Auction-Based Multipath Routing for Payment Channel Networks
Mohammed Ababneh, Kartick Kolachala, Roopa Vishwanathan (New Mexico State University)

SPRITE: Secure and Private Routing in Payment Channel Networks
Gaurav Panwar, Roopa Vishwanathan, George Torres, Satyajayant Misra (New Mexico State University)

RACED: Routing in Payment Channel Networks Using Distributed Hash Tables
Kartick Kolachala, Mohammed Ababneh, Roopa Vishwanathan (New Mexico State University)

Transferable, Auditable and Anonymous Ticketing Protocol
Pascal Lafourcade, Dhekra Mahmoud, Gael Marcadet (Université Clermont-Auvergne, CNRS, Clermont-Auvergne-INP, LIMOS); Charles Olivier-Anclin (be ys Pay and Université Clermont-Auvergne, CNRS, Clermont-Auvergne-INP, LIMOS and LIFO, Université d’Orléans, INSA Centre Val de Loire)

16:50 – 17:00 Closing Remark
(Grand Ballroom 1)