Day 3 (Wednesday, 3 July 2024) | |||
---|---|---|---|
Systems Track (Grand Ballroom 1) |
Hardware, CPS and ML Track (Grand Ballroom 2) |
Formal Guarantees Track (Grand Ballroom 3) |
|
07:45 – 08:30 | Registration & Breakfast | ||
08:30 – 09:00 | Opening Remark (Grand Ballroom) Slides: Opening Remarks by General Chairs Opening Remarks by PC Chairs |
||
09:00 – 10:00 | Keynote 1: Robert Deng (Singapore Management University, Singapore) Toward Practical Client-Side Encryption in Cloud Computing (Grand Ballroom) Session Chair: Jianying Zhou Slides: Keynote 1 Note: Only ACM ASIACCS’24 registered attendants can request the password at eyasu_chekole@sutd.edu.sg. No circulation of the file without permission. |
||
10:00 – 10:30 | Tea Break | ||
10:30 – 12:30 | Session 1: Network Security Session Chair: Michalis Polychronakis |
Session 2: Side Channels Session Chair: Mihalis Maniatakos |
Session 3: Privacy-Preserving Protocols Session Chair: Joseph Liu |
Towards Robust Domain Generation Algorithm Classification Arthur Drichel, Marc Meyer, Ulrike Meyer (RWTH Aachen University) Kirin: Hitting the Internet with Distributed BGP Announcements Lars Prehn (Max Planck Institute for Informatics); Pawel Foremski (IITiS PAN / DomainTools); Oliver Gasser (IPinfo / Max Planck Institute for Informatics) X-Ray-TLS: Transparent Decryption of TLS Sessions by Extracting Session Keys from Memory Florent Moriconi (EURECOM, Amadeus); Olivier Levillain (Samovar, Télécom SudParis, Institut Polytechnique de Paris); Aurélien Francillon, Raphael Troncy (EURECOM) Semantic Ranking for Automated Adversarial Technique Annotation in Security Text Udesh Kumarasinghe (University of Colombo); Ahmed Lekssays, Husrev Taha Sencar, Sabri Boughorbel (Qatar Computing Research Institute); Charitha Elvitigala (C2SI); Preslav Nakov (MBZUAI) Exposed by Default: A Security Analysis of Home Router Default Settings Junjian Ye (Nanjing University of Posts and Telecommunications); Xavier de Carné de Carnavalet (The Hong Kong Polytechnic University); Lianying Zhao (Carleton University); Mengyuan Zhang (Vrije Universiteit Amsterdam); Lifa Wu, Wei Zhang (Nanjing University of Posts and Telecommunications) Look What’s There! Utilizing the Internet’s Existing Data for Censorship Circumvention with OPPRESSION Sebastian Zillien (Worms University of Applied Sciences); Tobias Schmidbauer (Nuremberg Institute of Technology); Mario Kubek (Georgia State University); Joerg Keller (FernUniversität in Hagen); Steffen Wendzel (Worms University of Applied Sciences/FernUniversität in Hagen) Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments Xiangmin Shen (Northwestern University); Zhenyuan Li (Zhejiang University); Graham Burleigh, Lingzhi Wang, Yan Chen (Northwestern University) C2Miner: Tricking IoT Malware into Revealing Live Command & Control Servers Ali Davanian, Michail Faloutsos (University of California Riverside); Martina Lindorfer (TU Wien) |
Generic and Automated Drive-by GPU Cache Attacks from the Browser Cloud-Based Machine Learning Models as Covert Communication Channels WebGPU-SPY: Finding Fingerprints in the Sandbox through GPU Cache Attacks SoK: Can We Really Detect Cache Side-Channel Attacks by Monitoring Performance Counters? Non-Fusion Based Coherent Cache Randomization Using Cross-Domain Accesses Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8 ABBY: Automating leakage modelling for side-channel analysis |
Privacy-Preserving Popularity-Based Deduplication against Malicious Behaviors of the Cloud Xiaowei Ge, Guanxiong Ha (College of Cyber Science, Nankai University); Chunfu Jia (Nankai University); Zhen Su (College of Cyber Science, Nankai University) Nomadic: Normalising Maliciously-Secure Distance with Cosine Similarity for Two-Party Biometric Authentication Nan Cheng (University of St. Gallen); Melek Önen (EURECOM); Aikaterini Mitrokotsa (University of St. Gallen); Oubaïda Chouchane, Massimiliano Todisco (EURECOM); Alberto Ibarrondo (Copper.co) SiGBDT: Large-Scale Gradient Boosting Decision Tree Training via Function Secret Sharing Yufan Jiang, Fei Mei, Tianxiang Dai, Yong Li (Huawei European Research Center) zkMatrix: Batched Short Proof for Committed Matrix Multiplication Mingshu Cong (The University of Hong Kong); Tsz Hon Yuen (Monash University); Siu-Ming Yiu (The University of Hong Kong) Efficient Privacy-Preserving Approximation of the Kidney Exchange Problem Malte Breuer, Ulrike Meyer (RWTH Aachen University); Susanne Wetzel (Stevens Institute of Technology) Honest Majority Multiparty Computation over Rings with Constant Online Communication Minghua Zhao (Shanghai Fudan Microelectronics Group Company Limited) Ratel: MPC-extensions for Smart Contracts Yunqi Li, Kyle Soska (University of Illinois at Urbana-Champaign); Zhen Huang (Shanghai Jiao Tong University); Sylvain Bellemare (The Initiative for CryptoCurrencies and Contracts); Mikerah Quintyne-Collins (HashCloack Inc.); Lun Wang (Google); Xiaoyuan Liu, Dawn Song (University of California, Berkeley); Andrew Miller (University of Illinois at Urbana-Champaign) |
|
12:30 – 14:00 | Lunch | ||
14:00 – 17:00 | Poster Session | ||
POSTER: Seccomp profiling with Dynamic Analysis via ChatGPT-assisted Test Code Generation |
|||
14:00 – 15:30 | Session 4: Wireless and Mobile Security Session Chair: Hongxin Hu |
Session 5: Hardware Security Session Chair: Aurélien Francillon |
Session 6: Post Quantum Session Chair: Haiyang Xue |
Physical-Layer Public Key Encryption Through Massive MIMO Senlin Liu, Tong Gao, Yijian Liu, Xianhui Lu (Institute of Information Engineering, CAS, University of Chinese Academy of Sciences) Battle of Wits: To What Extent Can Fraudsters Disguise Their Tracks in International bypass Fraud? Anne Josiane Kouam (TU Berlin); Aline Carneiro Viana (INRIA); Alain Tchana (Grenoble INP) Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware Antonio Ruggia (University of Genova); Dario Nisi, Savino Dambra (EURECOM); Alessio Merlo (CASD – School for Advanced Defense Studies); Davide Balzarotti, Simone Aonzo (EURECOM) TriSAS: Toward Dependable Inter-SAS Coordination with Auditability Shanghao Shi (Virginia Tech); Yang Xiao (University of Kentucky); Changlai Du, Yi Shi (Virginia Tech); Chonggang Wang, Robert Gazda (InterDigital); Y. Thomas Hou, Eric Burger, Luiz DaSilva, Wenjing Lou (Virginia Tech) Key Establishment for Secure Asymmetric Cross-Technology Communication Wei Wang (Saint Louis University); Xin Liu (The Ohio State University); Zicheng Chi (Cleveland State University); Stuart Ray (Saint Louis University); Ting Zhu (The Ohio State University) |
Secure Data-Binding in FPGA-based Hardware Architectures utilizing PUFs Florian Frank, Martin Schmid, Felix Klement (University of Passau); Purushothaman Palani (Virginia Tech); Andreas Weber, Elif Bilge Kavun (University of Passau); Wenjie Xiong (Virginia Tech); Tolga Arul, Stefan Katzenbeisser (University of Passau) SoK: Rowhammer on Commodity Operating Systems Zhi Zhang (The University of Western Australia); Decheng Chen, Jiahao Qi (School of Microelectronics, South China University of Technology, China); Yueqiang Cheng (NIO); Shijie Jiang, Yiyang Lin (School of Microelectronics, South China University of Technology, China); Yansong Gao, Surya Nepal (CSIRO’s Data61); Yi Zou (School of Microelectronics, South China University of Technology, China); Jiliang Zhang (College of Integrated Circuits, Hunan University, China); Yang Xiang (School of Software and Electrical Engineering, Swinburne University of Technology, Australia) SRAM Imprinting for System Protection and Differentiation Jubayer Mahmod, Matthew Hicks (Virginia Tech) Mayhem: Targeted Corruption of Register and Stack Variables Andrew Adiletta, M. Caner Tol, Yarkın Doröz, Berk Sunar (Worcester Polytechnic Institute) On The Effect of Replacement Policies on The Security of Randomized Cache Architectures Moritz Peters (Horst Görtz Institute for IT-Security, Ruhr University Bochum); Nicolas Gaudin (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Jan Philipp Thoma (Horst Görtz Institute for IT-Security, Ruhr University Bochum); Vianney Lapôtre (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Pascal Cotret (UMR 6285, Lab-STICC, ENSTA Bretagne, Brest, France); Guy Gogniat (UMR 6285, Lab-STICC, Univ. Bretagne-Sud, Lorient, France); Tim Güneysu (Ruhr University Bochum, Bochum, DFKI GmbH, Bremen) PowSpectre: Powering Up Speculation Attacks with TSX-based Replay Md Hafizul Islam Chowdhuryy (University of Central Florida); Zhenkai Zhang (Clemson University); Fan Yao (University of Central Florida) |
HQsFL: A Novel Training Strategy for Constructing High-performance and Quantum-safe Federated Learning Bo Yu, Huajie Shen, Qian Xu, Wei He, Wankui Mao, Qing Zhang (Bestpay Co., Ltd.); Fan Zhang (Zhejiang University) Efficient Post-Quantum Secure Deterministic Threshold Wallets from Isogenies Poulami Das (CISPA Helmholtz Center for Information Security); Andreas Erwig (Technical University of Darmstadt); Michael Meyer (University of Regensburg); Patrick Struck (University of Konstanz) REPQC: Reverse Engineering and Backdooring Hardware Accelerators for Post-quantum Cryptography Samuel Pagliarini (Carnegie Mellon University/Tallinn University of Technology); Aikata Aikata (Institute of Applied Information Processing and Communications, Graz University of Technology); Malik Imran (Tallinn University of Technology); Sujoy Sinha Roy (Institute of Applied Information Processing and Communications, Graz University of Technology) Pairwise and Parallel: Enhancing the Key Mismatch Attacks on Kyber and Beyond Mingyao Shao (Institute of Information Engineering, CAS & School of Cyber Security, UCAS); Yuejun Liu (School of Cyber Science and Engineering, NJUST ); Yongbin Zhou (School of Cyber Science and Engineering, NJUST & Institute of Information Enginee, CAS & School of Cyber Security, UCAS) SoK: CryptographicEstimators – a Software Library for Cryptographic Hardness Estimation Andre Esser, Javier Verbel, Floyd Zweydinger, Emanuele Bellini (Technology Innovation Institute) OPRFs from Isogenies: Designs and Analysis Lena Heimberger, Tobias Hennerbichler (Graz University of Technology); Fredrik Meisingseth (Graz University of Technology and Know-Center); Sebastian Ramacher (AIT Austrian Institute of Technology); Christian Rechberger (Graz University of Technology) |
|
15:30 – 16:00 | Tea Break | ||
16:00 – 17:00 | Session 7: Measurements Session Chair: Marc Dacier |
Session 8: IoT and Voice Assistants Session Chair: Sridhar Adepu |
Session 9: Formal Methods Session Chair: Sudipta Chattopadhyay |
External Attack-Surface of Modern Organizations Nethanel Gelernter (IONIX ); Haya Schulmann (Goethe-Universität Frankfurt); Michael Waid- ner (Fraunhofer SIT and TU Darmstadt) Cryptography in the Wild: An Empirical Analysis of Vulnerabilities in Cryptographic Libraries Jenny Blessing (University of Cambridge); Michael Specter (Georgia Institute of Technology); Daniel J. Weitzner (MIT ) Username Squatting on Online Social Networks: A Study on X Anastasios Lepipas, Anastasia Borovykh, Soteris Demetriou (Imperial College London) Deep Dive into Client-Side Anti-Phishing: A Longitudinal Study Bridging Academia and Industry Rana Pourmohamad, Steven Wirsz, Adam Oest, Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Adam Doupé, Rida A. Bazzi (Arizona State University) |
Command Hijacking on Voice-Controlled IoT in Amazon Alexa Platform Wenbo Ding (University at Buffalo); Song Liao, Long Cheng (Clemson University); Xianghang Mi (University of Science and Technology of China); Ziming Zhao, Hongxin Hu (University at Buffalo) WhisperVoiceTrace: A Comprehensive Analysis of Voice Command Fingerprinting Hyojin Kim, Minji Jo, Jiwoo Hong, Hosung Kang (Ewha Womans University); Nate Mathews (Rochester Institute of Technology); Se Eun Oh (Ewha Womans University) SpotOn: Adversarially Robust Keyword Spotting on Resource-Constrained IoT Platforms Mehreen Jabbeen, Vireshwar Kumar (Indian Institute of Technology, Delhi); Rijurekha Sen (IIT Delhi) OASIS: An Intrusion Detection System Embedded in Bluetooth Low Energy Controllers Romain Cayre (EURECOM); Vincent Nicomette, Guillaume Auriol, Mohamed Kaâniche (LAAS-CNRS); Aurélien Francillon (EURECOM) |
A Formal Analysis of Data Distribution Service Security Binghan Wang, Hui Li, Jingjing Guan (Beijing University of Posts and Telecommunications, Beijing, China) Formal Verification and Solutions for Estonian E-Voting Sevdenur Baloglu, Sergiu Bursuc, Sjouke Mauw, Jun Pang (University of Luxembourg) Camel: E2E Verifiable Instant Runoff Voting without Tallying Authorities Luke Harrison, Samiran Bag, Feng Hao (University of Warwick) Segment-Based Formal Verification of WiFi Fragmentation and Power Save Mode Zilin Shen, Imtiaz Karim, Elisa Bertino (Purdue University) |
Day 4 (Thursday, 4 July 2024) | |||
---|---|---|---|
Systems Track (Grand Ballroom 1) |
Hardware, CPS and ML Track (Grand Ballroom 2) |
Formal Guarantees Track (Grand Ballroom 3) |
|
08:00 – 08:30 | Breakfast | ||
08:30 – 10:30 | Session 10: Web Security Session Chair: Qingyang Wang |
Session 11: Cyber-Physical Systems Session Chair: Daisuke Mashima |
Session 12: Crypto and Privacy Session Chair: Yu Zheng |
FakeX: A Framework for Detecting Fake Reviews of Browser Extensions Eric Olsson, Benjamin Eriksson (Chalmers University of Technology); Pablo Picazo-Sanchez (Chalmers University of Technology, Halmstad University); Lukas Andersson, Andrei Sabelfeld (Chalmers University of Technology) What is in the Chrome Web Store Sync-Millibottleneck Attack on Microservices Cloud Architecture Towards Understanding and Improving Security-Relevant Web Application Logging RootFree Attacks: Exploiting Mobile Platform’s Super Apps From Desktop Who’s Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact Beneath the Phishing Scripts: A Script-Level Analysis of Phishing Kits and Their Impact on Real-World Phishing Websites |
The SA4P Framework: Sensing and Actuation as a Privilege Piet De Vaere (ETH Zürich); Felix Stöger, Adrian Perrig (ETH Zürich); Gene Tsudik (UCI ) ConFIDe: A PWM-Driven Control-Fused Intrusion Detection System for Hardware Security in Unmanned Aerial Vehicles Muneeba Asif (Florida International University); Ahmad Mohammad (Middle Tennessee State University); Mohammad Ashiqur Rahman, Kemal Akkaya (Florida International University) Catch me if you can: Covert Information Leakage from Drones using MAVLink Protocol Maryna Veksler, Kemal Akkaya, Selcuk Uluagac (Florida International University) Diagnosis-guided Attack Recovery for Securing Robotic Vehicles from Sensor Deception Attacks Pritam Dash (University of British Columbia); Guanpeng Li (University of Iowa); Mehdi Karimibiuki, Karthik Pattabiraman (University of British Columbia) FAKEPCD: Fake Point Cloud Detection via Source Attribution Yiting Qu, Zhikun Zhang (CISPA Helmholtz Center for Information Security); Yun Shen (Netapp); Michael Backes, Yang Zhang (CISPA Helmholtz Center for Information Security) On Practicality of Using ARM TrustZone Trusted Execution Environment for Securing Programmable Logic Controllers Zhiang Li (National University of Singapore); Daisuke Mashima, Wen Shei Ong, Ertem Esiner (Illinois ARCS); Zbigniew Kalbarczyk (University of Illinois at Urbana-Champaign); Ee-Chien Chang (School of Computing, NUS) Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication Eric Wagner (Fraunhofer FKIE & RWTH Aachen University); David Heye (RWTH Aachen University & Fraunhofer FKIE); Martin Serror (Fraunhofer FKIE); Ike Kunze, Klaus Wehrle (RWTH Aachen University); Martin Henze (RWTH Aachen University & Fraunhofer FKIE) Uncovering Covert Attacks on EV Charging Infrastructure: How OCPP Backend Vulnerabilities Could Compromise Your System Khaled Sarieddine, Mohammad Ali Sayed (Concordia University); Sadegh Torabi (George Mason University); Ribal Attallah, Danial Jafarigiv (Hydro-Quebec Research Institute); Chadi Assi (Concordia University); Mourad Debbabi (Security Research Centre, Concordia University, Quebec, Canada) |
Exploiting Data Redundancy in CKKS Encoding for High-Speed Homomorphic Encryption Amir Sabbagh Molahosseini (Queen’s University Belfast); Hans Vandierendonck (Queen’s University of Belfast) Efficient Unbalanced Quorum PSI from Homomorphic Encryption Xinpeng Yang, Liang Cai, Yinghao Wang, Keting Yin, Lu Sun (Zhejiang University); Jingwei Hu (Nanyang Technological University) SweetPAKE: Key exchange with decoy passwords Afonso Arriaga (SnT, University of Luxembourg); Peter Y.A. Ryan (SnT, Univeristy of Luxembourg); Marjan Skrobot (SnT, University of Luxembourg) MOSAIC: A Prune-and-Assemble Approach for Efficient Model Pruning in Privacy-Preserving Deep Learning Yifei Cai (Old Dominion University); Qiao Zhang (Chongqing University); Rui Ning, Chunsheng Xin (Old Dominion University); Hongyi Wu (University of Arizona) LightPIR: Single-Server PIR via FHE without Gaussian Noise Han Xia, Mingsheng Wang (Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, CAS; School of Cyber Security, University of Chinese Academy of Sciences) Reconstructing Chameleon Hash: Full Security and the Multi-Party Setting Kwan Yin Chan (The University of Hong Kong); Liqun Chen, Yangguang Tian (University of Surrey); Tsz Hon Yuen (Monash University) Skye: An Expanding PRF based Fast KDF and its Applications Amit Singh Bhati (COSIC, KU Leuven); Antonín Dufka (Masaryk University); Elena Andreeva (Technical University of Vienna); Arnab Roy (University of Innsbruck); Bart Preneel (COSIC, KU Leuven) Publishing Common Neighbors Histograms of Social Networks under Edge Differential Privacy Chaojie Lv (University of Science and Technology of China); Xiaokui Xiao (NUS); Lan Zhang (University of Science and Technology of China); Ting Yu (Qatar Computing Research Institute) |
|
10:30 – 11:00 | Tea Break | ||
11:00 – 12:00 | Keynote 2: Alexandra Dmitrienko (University of Würzburg, Germany) Federated Learning Security: From Dusk to Dawn (Grand Ballroom) Session Chair: Alvaro Cardenas Slides: Keynote 2 Note: Only ACM ASIACCS’24 registered attendants can request the password at eyasu_chekole@sutd.edu.sg. No circulation of the file without permission. |
||
12:00 – 13:15 | Lunch | ||
13:15 – 18:00 | Social Event (Bird Paradise) |
||
19:00 – 22:00 | Conference Dinner, Award Ceremony and Announcement of ASIACCS’25 (Conference Hotel) |
Day 5 (Friday, 5 July 2024) | |||
---|---|---|---|
Systems Track (Grand Ballroom 1) |
Hardware, CPS and ML Track (Grand Ballroom 2) |
Formal Guarantees Track (Grand Ballroom 3) |
|
08:30 – 09:00 | Breakfast | ||
09:00 – 10:00 | Keynote 3: XiaoFeng Wang (Indiana University at Bloomington, USA) Security Of AI, By AI and For AI: Charting New Territories in AI-Centered Cybersecurity Research (Grand Ballroom) Session Chair: Debin Gao |
||
10:00 – 10:30 | Tea Break | ||
10:30 – 12:30 | Session 13: Software Security Session Chair: Ziming Zhao |
Session 14: Machine Learning Session Chair: Ziyao Liu |
Session 15: Distributed and Decentralized Systems Session Chair: Lena Heimberger |
Cross-Language Differential Testing of JSON Parsers VFCFinder: Pairing Security Advisories and Patches On the Role of Pre-trained Embeddings in Binary Code Analysis ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels DMTI: Accelerating Memory Error Detection in Precompiled C/C++ Binaries with ARM Memory Tagging Extension Beyond the Edges of Kernel Control-Flow Hijacking Protection with HEK-CFI |
Model Extraction Attacks Revisited Jiacheng Liang (Stony Brook University); Ren Pang (Penn State University); Changjiang Li, Ting Wang (Stony Brook University) A Generative Framework for Low-Cost Result Validation of Machine Learning-as-a-Service Inference VLIA: Navigating Shadows with Proximity for Highly Accurate Visited Location Inference Attack against Federated Recommendation Models Self-Supervised Fine-Tuning of Automatic Speech Recognition Systems against Signal Processing Attacks Mitigating Distributed Backdoor Attack in Federated Learning Through Mode Connectivity An Investigation into Misuse of Java Security APIs by Large Language Models Multi-Turn Hidden Backdoor in Large Language Model-powered Chatbot Models PARL: Poisoning Attacks Against Reinforcement Learning-based Recommender Systems |
An Empirical Study of Consensus Protocols’ DoS Resilience Giacomo Giuliari (ETH Zürich & Mysten Labs); Alberto Sonnino (Mysten Labs & University College London (UCL)); Marc Frei (ETH Zürich); Fabio Streun (Anapaya Systems); Lefteris Kokoris-Kogias (Mysten Labs & IST Austria); Adrian Perrig (ETH Zürich & Mysten Labs) SilentProof: Anonymous Authentication with Blockchain-Backed Offloading Revocable TACO: Revocable Threshold based Anonymous Credentials over Blockchains SecPLF: Secure Protocols for Loanable Funds against Oracle Manipulation Attacks zkLogis: Scalable, Privacy-Enhanced, and Traceable Logistics on Public Blockchain CapsuleFormer: A Capsule and Transformer combined model for Decentralized Application encrypted traffic classification BlindShuffler: Universal and Trustless Mixing for Confidential Transactions PEPPER: Privacy-prEserving, auditable, and fair Payment based resource discovery at the PERvasive edge |
|
12:30 – 14:00 | Lunch | ||
14:00 – 15:30 | Session 16: Fuzzing Session Chair: Mohammad Ashiqur Rahman |
Session 17: Trusted Execution Environments and Enclaves Session Chair: Wenbo Shen |
Session 18: ORAM and Searchable Encryption Session Chair: Chi Hung Chi |
Make out like a (Multi-Armed) Bandit: Improving the Odds of Fuzzer Seed Scheduling with T-Scheduler Simon Luo (The University of New South Wales); Adrian Herrera (Australian National Univeristy); Paul Quirk, Michael Chase (DSTG); Damith C. Ranasinghe (University of Adelaide); Salil S Kanhere (The University of New South Wales) SyzRisk: A Change-Pattern-Based Continuous Kernel Regression Fuzzer Fuzzing API Error Handling Behaviors using Coverage Guided Fault Injection AIMFuzz: Automated Function-Level In-Memory Fuzzing on Binaries What All the PHUZZ Is About: A Coverage-guided Fuzzer for Finding Vulnerabilities in PHP Web Applications SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing |
ESem: To Harden Process Synchronization for Servers Zhanbo Wang (Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China, and Peng Cheng Laboratory, China); Jiaxin Zhan (Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China, and Department of Computer Science and Engineering, Southern University of Science and Technology, China); Xuhua Ding (Singapore Management University); Fengwei Zhang (Department of Computer Science and Engineering, Southern University of Science and Technology, China, and Research Institute of Trustworthy Autonomous Systems, Southern University of Science and Technology, China); Ning Hu (Peng Cheng Laboratory, China) TeeFilter: High-Assurance Network Filtering Engine for High-End IoT and Edge Devices based on TEEs Building Your Own Trusted Execution Environments Using FPGA SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments MultiTEE: Distributing Trusted Execution Environments (In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices |
Single Round-trip Hierarchical ORAM via Succinct Indices William Holland (CSIRO’s data61); Olga Ohrimenko (The University of Melbourne); Anthony Wirth (the University of Melbourne) CryptGraph: An Efficient Privacy-Enhancing Solution for Accurate Shortest Path Retrieval in Cloud Environments Menhir: An Oblivious Database with Protection against Access and Volume Pattern Leakage Tokenised Multi-client Provisioning for Dynamic Searchable Encryption with Forward and Backward Privacy ALLOSAUR: Accumulator with Low-Latency Oblivious Sublinear Anonymous credential Updates with Revocations DISCO: Dynamic Searchable Encryption with Constant State |
|
15:30 – 15:50 | Tea Break | ||
15:50 – 16:50 | Session 19: Usability Session Chair: Ertem Esiner |
Session 20: Authentication and Signatures Session Chair: Xuhua Ding |
Session 21: Payment Channel Networks and Ticket Payments Session Chair: Binbin Chen |
The Catcher in the Eye: Recognizing Users by their Blinks Ryo Iijima (National Institute of Advanced Industrial Science and Technology, Waseda University); Tatsuya Takehisa (National Institute of Information and Communications Technology); Tetsushi Ohki (Shizuoka University, RIKEN AIP); Tatsuya Mori (Waseda University, NICT, RIKEN AIP) From User Insights to Actionable Metrics: A User-Focused Evaluation of Privacy-Preserving Browser Extensions Charting the Path to SBOM Adoption: A Business Stakeholder-Centric Approach SoK: False Information, Bots and Malicious Campaigns: Demystifying Elements of Social Media Manipulations |
Delegating FIDO Credentials Using Single-use ECDSA Signatures Wei-Zhu Yeoh, Lucjan Hanzlik, Oliver Valta (CISPA Helmholtz Center for Information Security) Quantum-Safe Account Recovery for WebAuthn Byzantine Fault-Tolerant Aggregate Signatures Unstoppable Wallets: Chain-assisted Threshold ECDSA and its Applications |
Auroch: Auction-Based Multipath Routing for Payment Channel Networks Mohammed Ababneh, Kartick Kolachala, Roopa Vishwanathan (New Mexico State University) SPRITE: Secure and Private Routing in Payment Channel Networks RACED: Routing in Payment Channel Networks Using Distributed Hash Tables Transferable, Auditable and Anonymous Ticketing Protocol |
|
16:50 – 17:00 | Closing Remark (Grand Ballroom 1) |