IEEE Symposium on Security and Privacy 2024

May 20-23, 2024 · San Francisco, CA · 183 talks

The 45th IEEE Symposium on Security and Privacy, a premier academic security venue covering systems, web, privacy, cryptography, and machine-learning security research.

→ See editor’s top picks at IEEE Symposium on Security and Privacy 2024

• No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML — Ziqi Zhang, Chen Gong, Yifeng Cai, Yuanyuan Yuan, Bingyan Liu, Shuai Wang

  In an era where machine learning (ML) models are both immensely valuable and deeply integrated into private applications, their secure deployment on edge devices presents significant challenges…

• TCP Spoofing: Reliable Payload Transmission Past the Spoofed TCP Handshake — Yepeng Pan, Christian Rossow

  This talk, "TCP Spoofing: Reliable Payload Transmission Past the Spoofed TCP Handshake," presented by Yepeng Pan and Christian Rossow at IEEE S&P, delves into advanced techniques for exploiting TCP…

• Learn What You Want to Unlearn: Unlearning Inversion Attacks against Machine Unlearning — Hongsheng Hu, Shuo Wang, Tian Dong, Minhui Xue

  The proliferation of machine learning (ML) models in virtually every sector of society has brought forth a critical challenge: the "right to be forgotten" and the need for data deletion. Machine…

• LACMUS: Latent Concept Masking for General Robustness Enhancement of DNNs — Shuo Wang, Hongsheng Hu, Jiamin Chang, Benjamin Zi Hao Zhao, Minhui Xue

  The talk "LACMUS: Latent Concept Masking for General Robustness Enhancement of DNNs" presented by Hongsheng Hu at the IEEE S&P conference, introduces a novel framework designed to improve the…

• Efficient Zero-Knowledge Arguments For Paillier Cryptosystem — Borui Gong, Wang Fat Lau, Man Ho Au, Rupeng Yang, Haiyang Xue, Lichun Li

  This talk, presented by Borui Gong and co-authored by Wang Fat Lau, Man Ho Au, Rupeng Yang, Haiyang Xue, and Lichun Li, introduces a novel and efficient zero-knowledge proof (ZKP) system designed…

• Efficient Zero-Knowledge Arguments For Paillier Cryptosystem — Borui Gong, Wang Fat Lau, Man Ho Au, Rupeng Yang, Haiyang Xue, Lichun Li

  This talk, presented by Borui Gong at IEEE S&P, introduces a novel and efficient construction for **Zero-Knowledge Arguments (ZKAs)** tailored specifically for the **Paillier cryptosystem**. The…

• NURGLE: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation — Zheyuan He, Zihao Li, Ao Qiao, Xiapu Luo, Xiaosong Zhang, Ting Chen

  This talk, titled "NURGLE: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation," introduces a novel and insidious **Denial of Service (DoS)** attack targeting the…

• FLShield: A Validation Based Federated Learning Framework to Defend Against Poisoning Attacks — Ehsanul Kabir, Zeyu Song, Md Rafi Ur Rashid, Shagufta Mehnaz

  This talk introduces **FLShield**, an innovative framework designed to enhance the security of Federated Learning (FL) systems against a spectrum of poisoning attacks. Presented by Ehsanul Kabir…

• Prune+PlumTree - Finding Eviction Sets at Scale — Tom Kessous, Niv Gilboa

  The talk "Prune+PlumTree - Finding Eviction Sets at Scale" by Tom Kessous and Niv Gilboa introduces a groundbreaking algorithm designed to rapidly identify a large number of **eviction sets** within…

• INVISILINE: Invisible Plausibly-Deniable Storage — Sandeep Kiran Pinjala, Bogdan Carbunar, Anrin Chakraborti, Radu Sion

  In this talk, Sandeep Kiran Pinjala, a PhD student at Stony Brook University, presents "INVISILINE," a novel system for invisible, plausibly-deniable storage. The work, a collaboration with…

• P4Control: Line-Rate Cross-Host Attack Prevention via In-Network Information Flow Control Enabled by Programmable Switches and eBPF — Osama Bajaber, Bo Ji, Peng Gao

  In an era of sophisticated cyber threats, **lateral movement** has emerged as a pervasive technique allowing attackers to navigate compromised networks, escalating privileges and accessing sensitive…

• A Picture is Worth 500 Labels: A Case Study of Demographic Disparities in Local Machine Learning Models for Instagram and TikTok — Jack West, Lea Thiemt, Shimaa Ahmed, Maggie Bartig, Kassem Fawaz, Suman Banerjee

  This talk, presented by Lea Thiemt and Jack West at IEEE S&P, delves into the often-hidden world of local machine learning (ML) models embedded within popular social media applications like…

• UnTrustZone: Systematic Accelerated Aging to Expose On-chip Secrets — Jubayer Mahmod, Matthew Hicks

  The talk "UnTrustZone: Systematic Accelerated Aging to Expose On-chip Secrets" by Jubayer Mahmod and Matthew Hicks from Virginia Tech introduces a groundbreaking physical attack methodology that…

• PIRANA: Faster Multi-query PIR via Constant-weight Codes — Jian Liu, Jingyu Li, Di Wu, Kui Ren

  This talk introduces PIRANA, a novel protocol designed to significantly accelerate **Private Information Retrieval (PIR)**, particularly for multi-query scenarios. Presented by Jian Liu and…

• Preserving Node-level Privacy in Graph Neural Networks — Zihang Xiang, Tianhao Wang, Di Wang

  In an era of ubiquitous data, information often manifests in complex graph structures, such as social networks. The past few years have witnessed a surge in the popularity of Graph Neural Networks…

• The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web — Soheil Khodayari, Thomas Barber, Giancarlo Pellegrino

  This talk, "The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web," presented by Soheil Khodayari, Thomas Barber, and Giancarlo Pellegrino, delves…

• BULKOR: Enabling Bulk Loading for Path ORAM — Xiang Li, Yunqian Luo, Mingyu Gao

  In an era where cloud computing is ubiquitous, the security of sensitive data processed in remote environments is a paramount concern. While **Trusted Execution Environments (TEEs)** like Intel SGX…

• Efficient and Generic Microarchitectural Hash-Function Recovery — Lukas Gerlach, Simon Schwarz, Nicolas Faraß, Michael Schwarz

  In the realm of modern computing, microarchitectural details often remain opaque, treated as proprietary intellectual property by hardware manufacturers. This talk, "Efficient and Generic…

• Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study — Mindy Tran, Collins W. Munyendo, Harshini Sri Ramulu, Rachel Gonzalez Rodriguez, Luisa Ball Schnell, Cora Sula

  This talk, presented at IEEE S&P, delves into the multifaceted security, privacy, and data-sharing challenges encountered by individuals migrating to the United States. Led by co-first authors Mindy…

• Test-Time Poisoning Attacks Against Test-Time Adaptation Models — Tianshuo Cong, Xinlei He, Yun Shen, Yang Zhang

  The talk "Test-Time Poisoning Attacks Against Test-Time Adaptation Models" by Tianshuo Cong and colleagues from IEEE S&P presents a novel and concerning vulnerability in an emerging class of machine…

• SoK: Security and Privacy of Blockchain Interoperability — Andre Augusto, Rafael Belchior, Miguel Nuno Dias Alves Pupo Correia, Andre Vasconcelos, Luyao Zhang, Thomas Hardjono

  Blockchain interoperability, the ability for disparate blockchain systems to communicate and exchange assets or data, is a cornerstone of the burgeoning Web3 ecosystem. However, this critical…

• Don't Eject the Impostor: Fast Three-Party Computation With a Known Cheater — Andreas Brüggemann, Oliver Schick, Thomas Schneider, Ajith Suresh, Hossein Yalame

  The "Don't Eject the Impostor: Fast Three-Party Computation With a Known Cheater" talk, presented by Andreas Brüggemann and co-authored with Oliver Schick, Thomas Schneider, Ajith Suresh, and…

• BadVFL: Backdoor Attacks in Vertical Federated Learning — Mohammad Naseri, Yufei Han, Emiliano De Cristofaro

  This talk, "BadVFL: Backdoor Attacks in Vertical Federated Learning," presented by Mohammad Naseri, Yufei Han, and Emiliano De Cristofaro, delves into a novel class of adversarial attacks targeting…

• Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection — Mahmoud Nazzal, Issa Khalil, Abdallah Khreishah, NhatHai Phan, Yao Ma

  This talk, presented by Mahmoud Nazzal, delves into a critical vulnerability within **Graph Neural Networks (GNNs)** when applied to security-critical tasks, specifically **Malicious Domain…

• PIANO: Extremely Simple, Single-Server PIR with Sublinear Server Computation — Mingxun Zhou, Andrew Park, Elaine Shi, Wenting Zheng

  This article delves into PIANO, a groundbreaking Private Information Retrieval (PIR) construction presented at IEEE S&P. The talk, led by Mingxun Zhou, a fourth-year PhD student from Carnegie Mellon…

• Sabre: Cutting through Adversarial Noise with Adaptive Spectral Filtering and Input Reconstruction — Alec F Diallo, Paul Patras

  In an era where machine learning (ML) models underpin countless critical applications, from sophisticated cyber security systems to advanced voice recognition, their inherent susceptibility to…

• Backdooring Multimodal Learning — Xingshuo Han, Yutong Wu, Qingjie Zhang, Yuan Zhou, Yuan Xu, Han Qiu

  Multimodal learning, which integrates information from multiple data streams such as visual, audio, and textual inputs, has achieved impressive performance across a wide range of applications. From…

• Text-CRS: A Generalized Certified Robustness Framework against Textual Adversarial Attacks — Xinyu Zhang, Hanbin Hong, Yuan Hong, Peng Huang, Binghui Wang, Zhongjie Ba

  This talk introduces Text-CRS, a groundbreaking framework designed to provide **certified robustness** against **textual adversarial attacks** on deep learning language models. Presented by Xinyu…

• SrcMarker: Dual-Channel Source Code Watermarking via Scalable Code Transformations — Borui Yang, Wei Li, Liyao Xiang, Bo Li

  In an era defined by the explosive growth of the developer community and the pervasive influence of large language models (LLMs) in code generation, the protection of intellectual property and the…

• A Representative Study on Human Detection of Artificially Generated Media Across Countries — Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer

  In an era increasingly shaped by sophisticated artificial intelligence, the line between authentic and artificially generated media has become dangerously blurred. This IEEE S&P talk, presented by…

• Don't Shoot the Messenger: Localization Prevention of Satellite Internet Users — David Koisser, Richard Mitev, Marco Chilese, Ahmad-Reza Sadeghi

  In an era where global conflicts increasingly impact civilian infrastructure, reliable and private communication channels become paramount. This talk, "Don't Shoot the Messenger: Localization…

• Everyone for Themselves? A Qualitative Study about Individual Security Setups of Open Source Software Contributors — Sabrina Amft, Sandra Höltervennhoff, Rebecca Panskus, Karola Marky, Sascha Fahl

  The rapid expansion and increasing criticality of open-source software (OSS) have brought its unique security landscape into sharp focus. This talk, presented by Sabrina Amft at IEEE S&P, delves…

• Where URLs Become Weapons: Automated Discovery of SSRF Vulnerabilities in Web Applications — Enze Wang, Jianjun Chen, Wei Xie, Chuhan Wang, Yifei Gao, Zhenhua Wang

  This presentation, "Where URLs Become Weapons: Automated Discovery of SSRF Vulnerabilities in Web Applications," delivered by Enze Wang from the National University of Defense Technology and…

• NFCEraser: A Security Threat of NFC Message Modification Caused by Quartz Crystal Oscillator — Jianshuo Liu, Hong Li, Mengjie Sun, Haining Wang, Hui Wen, Zhi Li

  In the rapidly expanding landscape of Near Field Communication (NFC) technology, where convenience often takes precedence, the security implications of wireless message exchange remain a critical…

• Transferable Multimodal Attack on Vision-Language Pre-training Models — Haodi Wang, Kai Dong, Zhilei Zhu, Haotong Qin, Aishan Liu, Xiaolin Fang

  This talk introduces a novel framework for generating highly transferable adversarial examples against **Vision-Language Pre-training Models (VLPMs)**, a critical class of deep learning models that…

• Group Oblivious Message Retrieval — Zeyu Liu, Eran Tromer, Yunhao Wang

  This talk, "Group Oblivious Message Retrieval," presented by Zeyu Liu and co-authored with Eran Tromer and Yunhao Wang, introduces a novel cryptographic primitive designed to enhance recipient…

• Scalable Verification of Zero-Knowledge Protocols — Miguel Isabel, Clara Rodríguez-Núñez, Albert Rubio

  This talk, presented by Clara Rodríguez-Núñez alongside Miguel Isabel and Albert Rubio from the University of Complutense Madrid, delves into the critical challenge of verifying **Zero-Knowledge…

• LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks — Saad Ullah, Mingji Han, Saurabh Pujar, Hammond Pearce, Ayse Kivilcim Coskun, Gianluca Stringhini

  The proliferation of large language models (LLMs) as general-purpose assistants has led to their increasing deployment in various automated cybersecurity tasks, including vulnerability analysis…

• Springproofs: Efficient Inner Product Arguments for Vectors of Arbitrary Length — Jianning Zhang, Ming Su, Xiaoguang Liu, Gang Wang

  The talk "Springproofs: Efficient Inner Product Arguments for Vectors of Arbitrary Length" introduces a novel cryptographic primitive designed to enhance the efficiency of zero-knowledge proofs…

• Nightshade: Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models — Shawn Shan, Wenxin Ding, Josephine Passananti, Stanley Wu, Haitao Zheng, Ben Y. Zhao

  This talk introduces **Nightshade**, a novel data poisoning attack designed to protect copyrighted content from unauthorized use in **text-to-image generative AI models**. Presented by Shawn Shan…

• Node-aware Bi-smoothing: Certified Robustness against Graph Injection Attacks — Yuni LAI, Yulin ZHU, Bailin PAN, Kai ZHOU

  This talk, presented at IEEE S&P, delves into a critical vulnerability within Graph Neural Networks (GNNs): **Graph Injection Attacks (GIA)**. The speakers, Yuni LAI, Yulin ZHU, Bailin PAN, and Kai…

• Pulling Off The Mask: Forensic Analysis of the Deceptive Creator Wallets Behind Smart Contract Fraud — Mingxuan Yao, Runze Zhang, Haichuan Xu, Ryan Chou, Varun Chowdhary Paturi, Amit Kumar Sikder

  The proliferation of smart contracts on public blockchains like Ethereum has unfortunately been accompanied by a significant rise in sophisticated fraud schemes. These schemes often involve…

• SoK: Efficient Design and Implementation of Polynomial Hash Functions over Prime Fields — Jean Paul Degabriele, Jan Gilcher, Jérôme Govinden, Kenneth G. Paterson

  This talk, presented by Jérôme Govinden and Jan Gilcher, delves into a comprehensive Systematization of Knowledge (SoK) regarding the design and implementation of polynomial hash functions over…

• Measure-Observe-Remeasure: An Interactive Paradigm for Differentially-Private Exploratory Analysis — Priyanka Nanayakkara, Hyeok Kim, Yifan Wu, Ali Sarvghad, Narges Mahyar, Gerome Miklau

  This talk introduces "Measure-Observe-Remeasure," a novel interactive paradigm designed to enhance the efficiency of **Differential Privacy (DP)** budget allocation during exploratory data analysis…

• Targeted and Troublesome: Tracking and Advertising on Children's Websites — Zahra Moti, Asuman Senol, Hamid Bostani, Frederik Zuiderveen Borgesius, Veelasha Moonsamy, Arunesh Mathur

  This talk, presented by Zahra Moti from Radboud University, delves into the pervasive and often problematic landscape of **online tracking** and **targeted advertising** on **child-directed…

• FLASH: A Comprehensive Approach to Intrusion Detection via Provenance Graph Representation Learning — Mati Ur Rehman, Hadi Ahmadi, Wajih Ul Hassan

  In the realm of modern cybersecurity, the detection of highly sophisticated cyberattacks, particularly **Advanced Persistent Threats (APTs)**, remains a formidable challenge. These stealthy and…

• Pandora: Principled Symbolic Validation of Intel SGX Enclave Runtimes — Fritz Alder, Lesly-Ann Daniel, David Oswald, Frank Piessens, Jo Van Bulck

  Intel Software Guard Extensions (**SGX**) are designed to provide a "fortress inside the process," allowing sensitive code and data to execute in isolation from the rest of the system, even a…

• BELT: Old-School Backdoor Attacks can Evade the State-of-the-Art Defense with Backdoor Exclusivity Lifting — Huming Qiu, Junjie Sun, Mi Zhang, Xudong Pan, Min Yang

  This talk introduces BELT, a novel attack technique demonstrating how traditional backdoor attacks can bypass even the most advanced deep learning defense mechanisms by enhancing a property termed…

• Patchy Performance? Uncovering the Vulnerability Management Practices of IoT-Centric Vendors — Sandra Rivera Pérez, Michel van Eeten, Carlos H. Gañán

  This talk, presented by Sandra Rivera Pérez from Delft University of Technology, delves into a systematic analysis of the **vulnerability management practices** of vendors heavily invested in the…

• Cohere: Managing Differential Privacy in Large Scale Systems — Nicolas Küchler, Emanuel Opel, Hidde Lycklama, Alexander Viand, Anwar Hithnawi

  The talk "Cohere: Managing Differential Privacy in Large Scale Systems" by Nicolas Küchler and his co-authors addresses the significant challenges organizations face when attempting to deploy…

• Break the Wall from bottom: Automated Discovery of Protocol-Level Evasion Vulnerabilities in Web Application Firewalls — Qi Wang, Jianjun Chen, Zheyu Jiang, Run Guo, Ximeng Liu, Chao Zhang

  This talk, presented by Qi Wang at IEEE S&P, delves into a critical and persistent challenge in web security: the evasion of **Web Application Firewalls (WAFs)** through **protocol-level…

• SHERPA: Explainable Robust Algorithms for Privacy-preserved Federated Learning in Future Networks to Defend against Data Poisoning Attacks — Chamara Sandeepa, Bartlomiej Siniarski, Shen Wang, Madhusanka Liyanage

  Federated Learning (FL) has emerged as a powerful paradigm for collaborative machine learning, enabling multiple clients to jointly train a global model without sharing their raw data. This…

• Larger-scale Nakamoto-style Blockchains Don't Necessarily Offer Better Security — Jannik Albrecht, Sebastien Andreina, Frederik Armknecht, Ghassan Karame, Giorgia Marson, Julian Willingmann

  The prevailing intuition in blockchain security suggests that increasing the number of nodes in a network inherently leads to greater security due to enhanced decentralization and a reduced risk of…

• PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification — Hongwei Yao, Jian Lou, Zhan Qin, Kui Ren

  The rapid advancements in Large Language Models (LLMs), exemplified by the phenomenal growth of platforms like ChatGPT, have underscored the critical role of **prompts** in harnessing their…

• INTFAIL: Using Spurious #VC Interrupts to Break AMD SEV-SNP — Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, Shweta Shinde

  This talk, "INTFAIL: Using Spurious #VC Interrupts to Break AMD SEV-SNP," delves into a critical vulnerability discovered in **AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)**…

• Attacking Byzantine Robust Aggregation in High Dimensions — Sarthak Choudhary, Aashish Kolluri, Prateek Saxena

  This talk, presented by Aashish Kolluri, Sarthak Choudhary, and Prateek Saxena, delves into critical vulnerabilities within **Byzantine robust aggregation** mechanisms, particularly in…

• SoK: Prudent Evaluation Practices for Fuzzing — Moritz Schloegel, Nils Bars, Nico Schiller, Lukas Bernhard, Tobias Scharnowski, Addison Crump

  This talk, presented by Moritz Schloegel, delves into the critical issue of evaluation practices within the rapidly expanding field of fuzzing research. Titled "SoK: Prudent Evaluation Practices for…

• Obelix: Mitigating Side-Channels through Dynamic Obfuscation — Jan Wichelmann, Anja Rabich, Anna Pätschke, Thomas Eisenbarth

  This talk introduces Obelix, a novel software-based, drop-in countermeasure designed to mitigate a broad spectrum of side-channel attacks against workloads running within **Trusted Execution…

• POMABuster: Detecting Price Oracle Manipulation Attacks in Decentralized Finance — Rui Xi, Zehua Wang, Karthik Pattabiraman

  This article delves into POMABuster, a novel detection system for **Price Oracle Manipulation Attacks (POMAs)** in Decentralized Finance (DeFi). Presented by Rui Xi, a PhD student from the…

• One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices — Marco Chilese, Richard Mitev, Meni Orenbach, Robert Thorburn, Ahmad Atamli, Ahmad-Reza Sadeghi

  This talk introduces RAGE, a novel approach to **control-flow attestation (CFA)** for embedded devices that leverages **Graph Neural Networks (GNNs)** to detect **code reuse attacks** like…

• CoreLocker: Neuron-level Usage Control — Zihan Wang, Zhongkui Ma, Xinguo Feng, Ruoxi Sun, Hu Wang, Minhui Xue

  The talk "CoreLocker: Neuron-level Usage Control" introduces a novel approach to protect the **intellectual property (IP)** of **deep neural networks (DNNs)** and enable their controlled…

• Formal Model-Driven Analysis of Resilience of GossipSub to Attacks from Misbehaving Peers — Ankit Kumar, Max von Hippel, Panagiotis Manolios, Cristina Nita-Rotaru

  This talk presents groundbreaking research into the security and resilience of **GossipSub**, a widely adopted peer-to-peer (P2P) publish-subscribe protocol. Utilized by high-value applications such…

• LLMIF: Augmented Large Language Model for Fuzzing IoT Devices — Jincheng Wang, Le Yu, Xiapu Luo

  This talk, presented by Jincheng Wang, Le Yu, and Xiapu Luo, introduces **LLMIF** (Augmented Large Language Model for Fuzzing IoT Devices), a novel approach that leverages the power of large…

• NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge — Patrick Tser Jern Kon, Aniket Gattani, Dhiraj Saharia, Tianyu Cao, Diogo Barradas, Ang Chen

  In an era where digital censorship affects over half the world's population, the talk "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" introduces a novel, robust system…

• Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis — Penghui Li, Wei Meng, Mingxue Zhang, Chenlin Wang, Changhua Luo

  This talk, presented by Penghui Li, introduces a groundbreaking methodology named **Symbolic Interpreter Analysis (SIA)** for performing **concolic execution** on dynamic web applications. Developed…

• BENZENE: A Practical Root Cause Analysis System with an Under-Constrained State Mutation — Younggi Park, Hwiwon Lee, Jinho Jung, Hyungjoon Koo, Huy Kang Kim

  Software crashes pose a persistent and critical security challenge, frequently signaling underlying vulnerabilities such as memory corruption bugs. The sheer volume of crash reports generated daily…

• BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect — Cristiano Rodrigues, Daniel Oliveira, Sandro Pinto

  The talk "BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect," presented by Cristiano Rodrigues, Daniel Oliveira, and Sandro Pinto from the University of Minho, Portugal…

• SoK: Safer Digital-Safety Research Involving At-Risk Users — Rosanna Bellini, Emily Tseng, Noel Warford, Alaa Daffalla, Tara Matthews, Sunny Consolvo

  In an increasingly interconnected world, all technology users face a myriad of digital safety threats, ranging from online harassment and privacy invasions to sophisticated security attacks…

• SwiftRange: A Short and Efficient Zero-Knowledge Range Argument For Confidential Transactions and More — Nan Wang, Sid Chi-Kin Chau, DongXi Liu

  In an era where digital transactions are increasingly prevalent, the need for both transparency and privacy presents a significant challenge, particularly within decentralized blockchain systems…

• BAFFLE: Hiding Backdoors in Offline Reinforcement Learning Datasets — Chen Gong, Zhou Yang, Yunpeng Bai, Jieke Shi, Junda He, Kecen Li

  This talk, presented by Jun from Singapore Management University, introduces BAFFLE, a novel method for embedding backdoors into **offline reinforcement learning (RL)** datasets. The research, a…

• DY Fuzzing: Formal Dolev-Yao Models Meet Cryptographic Protocol Fuzz Testing — Max Ammann, Lucca Hirschi, Steve Kremer

  Cryptographic protocols are the bedrock of secure digital communication, yet their complex design and implementation often harbor subtle, dangerous vulnerabilities. The talk "DY Fuzzing: Formal…

• The Dark Side of Scale: Insecurity of Direct-to-Cell Satellite Mega-Constellations — Wei Liu, Yuanjie Li, Hewu Li, Yimei Chen, Yufeng Wang, Jingyi Lan

  In this compelling talk from IEEE S&P, Wei Liu and his co-authors unveil a critical security vulnerability within the rapidly expanding landscape of direct-to-cell satellite mega-constellations…

• BounceAttack: A Query-Efficient Decision-based Adversarial Attack by Bouncing into the Wild — Jie Wan, Jianhao Fu, Lijin Wang, Ziqi Yang

  In the rapidly evolving landscape of artificial intelligence, the robustness of machine learning models against adversarial attacks remains a critical concern. The talk "BounceAttack: A…

• LOKI: Large-scale Data Reconstruction Attack against Federated Learning through Model Manipulation — Joshua C. Zhao, Atul Sharma, Ahmed Roushdy Elkordy, Yahya H. Ezzeldin, Salman Avestimehr, Saurabh Bagchi

  This article delves into LOKI, a groundbreaking data reconstruction attack designed to compromise the privacy of Federated Learning (FL) systems through sophisticated model manipulation. Presented…

• DeepTheft: Stealing DNN Model Architectures through Power Side Channel — Yansong Gao, Huming Qiu, Zhi Zhang, Binghui Wang, Hua Ma, Alsharif Abuadbba

  In the rapidly expanding landscape of cloud-based machine learning services, Deep Neural Network (DNN) models are increasingly deployed to provide inference capabilities for various applications…

• Withdrawing is believing? Detecting Inconsistencies Between Withdrawal Choices and Third-party Data Collections in Mobile Apps — Xiaolin Du, Zhemin Yang, Jiapeng Lin, Yinzhi Cao, Min Yang

  This talk, presented at IEEE S&P by a collaborative team from Fudan University and Johns Hopkins University, delves into a critical yet often overlooked aspect of mobile application privacy…

• Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities — Julia Wunder, Andreas Kurtz, Christian Eichenmüller, Freya Gassmann, Zinaida Benenson

  The Common Vulnerability Scoring System (**CVSS**), maintained by FIRST, is a foundational tool for organizations worldwide in their vulnerability management processes. It provides a standardized…

• PassREfinder: Credential Stuffing Risk Prediction by Representing Password Reuse between Websites on a Graph — Jaehan Kim, Minkyoo Song, Minjae Seo, Youngjin Jin, Seungwon Shin

  In the contemporary digital landscape, where individuals manage an ever-increasing number of online accounts, the convenience of reusing passwords across multiple services has unfortunately become a…

• Private Analytics via Streaming, Sketching, and Silently Verifiable Proofs — Mayank Rathee, Yuwen Zhang, Henry Corrigan-Gibbs, Raluca Ada Popa

  This talk introduces Whisper, a novel system designed to significantly enhance the efficiency of private analytics, particularly for scenarios involving a large number of users and sensitive data…

• PolySphinx: Extending the Sphinx Mix Format With Better Multicast Support — Daniel Schadt, Christoph Coijanovic, Christiane Weis, Thorsten Strufe
• The Times They Are A-Changin': Characterizing Post-Publication Changes to Online News — Chris Tsoukaladelis, Brian Kondracki, Niranjan Balasubramanian, Nick Nikiforakis

  In an era dominated by digital information, the integrity and trustworthiness of online news are paramount. This talk, "The Times They Are A-Changin': Characterizing Post-Publication Changes to…

• FlowMur: A Stealthy and Practical Audio Backdoor Attack with Limited Knowledge — Jiahe Lan, Jie Wang, Baochen Yan, Zheng Yan, Elisa Bertino

  This presentation introduces FlowMur, a novel and highly effective audio backdoor attack designed to operate with limited knowledge of the target system. Developed through a collaboration between…

• SoK: Unintended Interactions among Machine Learning Defenses and Risks — Vasisht Duddu, Sebastian Szyller, N. Asokan

  In the rapidly evolving landscape of machine learning (ML), models are increasingly deployed in sensitive applications, necessitating robust defenses against a myriad of security, privacy, and…

• FCert: Certifiably Robust Few-Shot Classification with Foundation Models — Yanting Wang, Wei Zou, Jinyuan Jia

  The proliferation of powerful **Foundation Models** (FMs) has revolutionized machine learning, enabling rapid development of high-performing downstream classifiers even with limited labeled data – a…

• Pianist: Scalable zkRollups via Fully Distributed Zero-Knowledge Proofs — Tianyi Liu, Tiancheng Xie, Jiaheng Zhang, Dawn Song, Yupeng Zhang

  The presented work, "Pianist: Scalable zkRollups via Fully Distributed Zero-Knowledge Proofs," introduces a novel framework for significantly enhancing the scalability and efficiency of…

• eAUDIT: A Fast, Scalable and Deployable Audit Data Collection System — R. Sekar, Hanke Kimm, Rohit Aich

  In this IEEE S&P presentation, Hungi Kim from the Secure Systems Lab at Stony Brook University introduces **eAUDIT**, a novel system designed to overcome critical limitations in existing audit data…

• Routing Attacks on Cryptocurrency Mining Pools — Muoi Tran, Theo von Arx, Laurent Vanbever

  This talk, "Routing Attacks on Cryptocurrency Mining Pools," delivered by Muoi Tran, Theo von Arx, and Laurent Vanbever at IEEE S&P, unveils a critical vulnerability in the infrastructure supporting…

• ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation — Joyanta Debnath, Christa Jenkins, Yuteng SUN, Sze Yiu Chau, Omar Chowdhury

  The talk "ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation" introduces a groundbreaking project aimed at developing a robust, formally verified implementation for the…

• Understanding and Benchmarking the Commonality of Adversarial Examples — Ruiwen He, Yushi Cheng, Junning Ze, Xiaoyu Ji, Wenyuan Xu

  In an era where intelligent voice devices are increasingly integrated into critical applications, the security of speech content has emerged as a paramount concern. This talk, presented by Ruiwen He…

• From Individual Computation to Allied Optimization: Remodeling Privacy-Preserving Neural Inference with Function Input Tuning — Qiao Zhang, Tao Xiang, Chunsheng Xin, Hongyi Wu

  The proliferation of Machine Learning as a Service (MLaaS) has democratized access to powerful AI capabilities, yet it introduces significant privacy challenges, particularly when handling sensitive…

• Private Hierarchical Governance for Encrypted Messaging — Armin Namavari, Barry Wang, Sanketh Menda, Ben Nassi, Nirvan Tyagi, James Grimmelmann

  End-to-end encrypted (E2EE) messaging has become a cornerstone of digital privacy, deployed to billions of users across platforms like WhatsApp. This technology ensures that message content remains…

• Poisoned ChatGPT Finds Work for Idle Hands: Exploring Developers' Coding Practices with Insecure Suggestions from Poisoned AI Models — Sanghak Oh, Kiho Lee, Seonhye Park, Doowon Kim, Hyoungshick Kim

  This talk, presented by Sanghak Oh and colleagues from KAIST, delves into the critical and emerging threat of **poisoning attacks** against AI coding assistant tools. With the widespread adoption of…

• Backdooring Multimodal Learning — Xingshuo Han, Yutong Wu, Qingjie Zhang, Yuan Zhou, Yuan Xu, Han Qiu

  This talk, "Backdooring Multimodal Learning," presented by Xingshuo Han and colleagues from Nanjing Technological University Singapore and Tsinghua University China, delves into the novel and…

• Chronos: Finding Timeout Bugs in Practical Distributed Systems by Deep-Priority Fuzzing with Transient Delay — Yuanliang Chen, Fuchen Ma, Yuanhang Zhou, Ming Gu, Qing Liao, Yu Jiang

  Distributed systems, the backbone of modern computing, are inherently complex and susceptible to various runtime faults. Among these, unexpected delays – stemming from network traffic, resource…

• MEA-Defender: A Robust Watermark against Model Extraction Attack — Peizhuo Lv, Hualong Ma, Kai Chen, Jiachen Zhou, Shengzhi Zhang, Ruigang Liang

  In an era where artificial intelligence models represent significant intellectual property and competitive advantage, protecting these valuable assets from unauthorized duplication and misuse has…

• GrOVe: Ownership Verification of Graph Neural Networks using Embeddings — Asim Waheed, Vasisht Duddu, N. Asokan

  In an era where Graph Neural Networks (GNNs) are becoming indispensable for modeling complex real-world relationships in social networks, recommendation systems, and scientific applications, the…

• Lower Bounds for Rényi Differential Privacy in a Black-Box Setting — Tim Kutta, Önder Askin, Martin Dunsche

  This talk, presented by Tim Kutta alongside collaborators Martin Dunsche and Önder Askin, introduces a novel method for statistically assessing **Rényi Differential Privacy (RDP)** in a black-box…

• Where Are the Red Lines? Towards Ethical Server-Side Scans in Security and Privacy Research — Florian Hantke, Sebastian Roth, Rafael Mrowczynski, Christine Utz, Ben Stock

  This talk, "Where Are the Red Lines? Towards Ethical Server-Side Scans in Security and Privacy Research," delivered by Florian Hantke from TSPA and his co-authors, delves into the complex ethical…

• To Auth or Not To Auth? A Comparative Analysis of the Pre- and Post-Login Security Landscape — Jannis Rautenstrauch, Metodi Mitkov, Thomas Helbrecht, Lorenz Hetterich, Ben Stock

  Traditional web security research often relies on automated crawlers that interact with websites as unauthenticated users, starting each session from a fresh browser state. This approach, while…

• MMBD: Post-Training Detection of Backdoor Attacks with Arbitrary Backdoor Pattern Types Using a Maximum Margin Statistic — Hang Wang, Zhen Xiang, David J. Miller, George Kesidis

  In an era increasingly reliant on machine learning models across critical infrastructure and everyday applications, the integrity and security of these models are paramount. This talk introduces…

• SoK: Explainable Machine Learning in Adversarial Environments — Maximilian Noppel, Christian Wressnegger

  In an era where machine learning (ML) models are increasingly deployed in critical applications, the demand for transparency and accountability has led to the rise of **Explainable Artificial…

• C-FRAME: Characterizing and measuring in-the-wild CAPTCHA attacks — Hoang Dai Nguyen, Karthika Subramani, Bhupendra Acharya, Roberto Perdisci, Phani Vadrevu

  The talk "C-FRAME: Characterizing and measuring in-the-wild CAPTCHA attacks" presents a groundbreaking measurement study on the prevalence and nature of real-world CAPTCHA abuse. Delivered by Hoang…

• Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection — Mahmoud Nazzal, Issa Khalil, Abdallah Khreishah, NhatHai Phan, Yao Ma

  This talk, presented by Mahmoud Nazzal, delves into the critical security vulnerabilities of Graph Neural Networks (GNNs) when applied to security-critical tasks, specifically **malicious domain…

• eAUDIT: A Fast, Scalable and Deployable Audit Data Collection System — R. Sekar, Hanke Kimm, Rohit Aich

  In the realm of cybersecurity, **Advanced Persistent Threats (APTs)** represent a formidable challenge. These sophisticated attack campaigns are characterized by their ability to bypass preventative…

• The Dark Side of Scale: Insecurity of Direct-to-Cell Satellite Mega-Constellations — Wei Liu, Yuanjie Li, Hewu Li, Yimei Chen, Yufeng Wang, Jingyi Lan

  This talk, presented at IEEE S&P, delves into the often-overlooked security vulnerabilities inherent in the burgeoning **direct-to-cell (D2C) satellite mega-constellations**. Led by Wei Liu and…

• Text-CRS: A Generalized Certified Robustness Framework against Textual Adversarial Attacks — Xinyu Zhang, Hanbin Hong, Yuan Hong, Peng Huang, Binghui Wang, Zhongjie Ba

  The talk "Text-CRS: A Generalized Certified Robustness Framework against Textual Adversarial Attacks" presented by Xinyu Zhang and co-authored by Hanbin Hong, Yuan Hong, Peng Huang, Binghui Wang…

• Pulling Off The Mask: Forensic Analysis of the Deceptive Creator Wallets Behind Smart Contract Fraud — Mingxuan Yao, Runze Zhang, Haichuan Xu, Ryan Chou, Varun Chowdhary Paturi, Amit Kumar Sikder

  In the rapidly evolving landscape of blockchain technology, smart contracts have emerged as a powerful tool, yet they also present new vectors for sophisticated fraud. This talk, "Pulling Off The…

• Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis — Penghui Li, Wei Meng, Mingxue Zhang, Chenlin Wang, Changhua Luo

  This talk, presented by Penghui Li from Zhejiang University, introduces a novel approach to **concolic execution** for dynamic web applications, dubbed **Symbolic Interpreter Analysis (SIA)**…

• TCP Spoofing: Reliable Payload Transmission Past the Spoofed TCP Handshake — Yepeng Pan, Christian Rossow

  In the realm of network security, **TCP spoofing** remains a persistent threat, allowing attackers to establish and utilize TCP connections with a forged source IP address. Historically, the primary…

• CoreLocker: Neuron-level Usage Control — Zihan Wang, Zhongkui Ma, Xinguo Feng, Ruoxi Sun, Hu Wang, Minhui Xue

  The presented talk, "CoreLocker: Neuron-level Usage Control," by Zihan Wang and collaborators, introduces a novel framework designed to protect and monetize the intellectual property inherent in…

• Targeted and Troublesome: Tracking and Advertising on Children's Websites — Zahra Moti, Asuman Senol, Hamid Bostani, Frederik Zuiderveen Borgesius, Veelasha Moonsamy, Arunesh Mathur

  This research, presented by Zahra Moti, a PhD student from Radboud University, delves into the pervasive and often problematic landscape of online tracking and advertising on websites directed at…

• Poisoned ChatGPT Finds Work for Idle Hands: Exploring Developers' Coding Practices with Insecure Suggestions from Poisoned AI Models — Sanghak Oh, Kiho Lee, Seonhye Park, Doowon Kim, Hyoungshick Kim

  In an era where AI coding assistants are rapidly becoming indispensable tools for software developers, this talk from IEEE S&P presents a critical examination of their inherent security risks…

• Certifying Zero-Knowledge Circuits with Refinement Types — Junrui Liu, Ian Kretz, Hanzhi Liu, Bryan Tan, Jonathan Wang, Yi Sun

  This technical article delves into "Certifying Zero-Knowledge Circuits with Refinement Types," a presentation by Junrui Liu, a PhD student from UC Santa Barbara, alongside a collaborative team from…

• Serberus: Protecting Cryptographic Code from Spectres at Compile-Time — Nicholas Mosier, Hamed Nemati, John C. Mitchell, Caroline Trippel

  The talk "Serberus: Protecting Cryptographic Code from Spectres at Compile-Time" introduces a novel, comprehensive defense mechanism designed to safeguard **constant-time cryptographic code**…

• TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets — Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang

  The "TuDoor Attack" presentation at IEEE S&P unveiled a novel class of DNS-based attacks that systematically exploit logic vulnerabilities within the DNS response pre-processing mechanisms of widely…

• MQTTactic: Security Analysis and Verification for Logic Flaws in MQTT Implementations — Bin Yuan, Zhanxiang Song, Yan Jia, Zhenyu Lu, Deqing Zou, Hai Jin

  The Internet of Things (IoT) relies heavily on efficient and lightweight communication protocols, with **MQTT (Message Queuing Telemetry Transport)** emerging as the most widely adopted standard in…

• Who Left the Door Open? Investigating the Causes of Exposed IoT Devices in an Academic Network — Takayuki Sasaki, Takaya Noma, Yudai Morii, Toshiya Shimura, Michel van Eeten, Katsunari Yoshioka

  This talk, "Who Left the Door Open? Investigating the Causes of Exposed IoT Devices in an Academic Network," delves into a critical and pervasive security challenge: the widespread exposure of…

• Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors — Taylor R. Schorlemmer, Kelechi G. Kalu, Luke Chigges, Kyung Myung Ko, Eman Abdul-Muhd Abu Ishgair, Saurabh Bagchi

  This technical article delves into the findings presented by Taylor R. Schorlemmer and co-authors at the IEEE S&P conference, based on their paper investigating software signing practices across…

• Attacking and Improving the Tor Directory Protocol — Zhongtang Luo, Adithya Bhat, Kartik Nayak, Aniket Kate

  Tor, short for The Onion Router, stands as the largest anonymous communication service globally, serving approximately 4 million users daily. Its fundamental operation relies on clients obtaining a…

• Rethinking IC Layout Vulnerability: Simulation-Based Hardware Trojan Threat Assessment with High Fidelity — Xinming Wei, Jiaxi Zhang, Guojie Luo

  This talk introduces **Silicon Critique**, a novel, simulation-based framework designed for high-fidelity hardware Trojan threat assessment in integrated circuit (IC) layouts. Presented by Xinming…

• GAuV: A Graph-Based Automated Verification Framework for Perfect Semi-Honest Security of Multiparty Computation Protocols — Xingyu Xie, Yifei Li, Wei Zhang, Tuowei Wang, Shizhen Xu, Jun Zhu

  Multiparty Computation (MPC) protocols are foundational to privacy-preserving technologies, enabling multiple parties to jointly compute a function over their private inputs without revealing those…

• Asterisk: Super-fast MPC with a Friend — Banashri Karmakar, Nishat Koti, Arpita Patra, Sikhar Patranabis, Protik Paul, Divya Ravi

  The talk "Asterisk: Super-fast MPC with a Friend" introduces a novel approach to **Multi-Party Computation (MPC)** that significantly enhances efficiency and security guarantees by incorporating a…

• GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression — Yingchen Wang, Riccardo Paccagnella, Zhao Gang, Willy R. Vasquez, David Kohlbrenner, Hovav Shacham

  The talk "GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression" by Yingchen Wang and colleagues introduces a novel and insidious form of side-channel attack that…

• Nebula: A Privacy-First Platform for Data Backhaul — Jean-Luc Watson, Tess Despres, Alvin Tan, Shishir G. Patil, Prabal Dutta, Raluca Ada Popa

  The talk "Nebula: A Privacy-First Platform for Data Backhaul" introduces a novel system designed to address the persistent challenges of collecting data from large-scale deployments of…

• Janus: Safe Biometric Deduplication for Humanitarian Aid Distribution — Kasra EdalatNejad, Wouter Lueks, Justinas Sukaitis, Vincent Graf Narbel, Massimo Marelli, Carmela Troncoso

  This talk introduces Janus, a novel privacy-preserving biometric **deduplication** system designed specifically for humanitarian aid distribution. Presented by Kasra EdalatNejad, this collaborative…

• An Analysis of Recent Advances in Deepfake Image Detection in an Evolving Threat Landscape — Sifat Muhammad Abdullah, Aravind Cheruvu, Shravya Kanchi, Taejoong Chung, Peng Gao, Murtuza Jadliwala

  In an era where artificial intelligence is rapidly advancing, the creation and detection of deepfake images have become a critical area of research and security concern. This talk, presented by…

• Please Tell Me More: Privacy Impact of Explainability through the Lens of Membership Inference Attack — Han Liu, Yuhao Wu, Zhiyuan Yu, Ning Zhang
• E-Vote Your Conscience: Perceptions of Coercion and Vote Buying, and the Usability of Fake Credentials in Online Voting — Louis-Henri Merino, Alaleh Azhir, Haoqian Zhang, Simone Colombo, Bernhard Tellenbach, Vero Estrada-Galiñanes

  This talk, "E-Vote Your Conscience: Perceptions of Coercion and Vote Buying, and the Usability of Fake Credentials in Online Voting," delves into one of the most persistent and insidious threats to…

• To Boldly Go Where No Fuzzer Has Gone Before: Finding Bugs in Linux' Wireless Stacks through VirtIO Devices — Jan Sönke Huster, Matthias Hollick, Jiska Classen

  In a compelling presentation at IEEE S&P, Jan Sönke Huster, alongside Matthias Hollick and Jiska Classen, unveiled "To Boldly Go Where No Fuzzer Has Gone Before," a groundbreaking paper detailing a…

• "Watching over the shoulder of a professional": Why hackers make mistakes and how they fix them — Irina Ford, Ananta Soneji, Faris Bugra Kokulu, Jayakrishna Vadayath, Zion Leonahenahe Basque, Gaurav Vipat

  This talk, presented by Irina Ford and her colleagues from Arizona State University, delves into the often-overlooked aspect of human error in vulnerability research and exploitation. Titled…

• "Len or index or count, anything but v1": Predicting Variable Names in Decompilation Output with Transfer Learning — Kuntal Kumar Pal, Ati Priya Bajaj, Pratyay Banerjee, Audrey Dutcher, Mutsumi Nakamura, Zion Leonahenahe Basque

  In the realm of computer science, the challenge of "naming things" is notoriously difficult, and its impact is profoundly felt in the domain of reverse engineering. This talk, presented by Ati Priya…

• Can we cast a ballot as intended and be receipt free? — Henri Devillez, Olivier Pereira, Thomas Peters, Quentin Yang

  In the realm of electronic voting, ensuring both the integrity of a voter's choice and the secrecy of that choice is paramount. This talk, presented by Henri Devillez and co-authored with Olivier…

• DeepShuffle: A Lightweight Defense Framework against Adversarial Fault Injection Attacks on Deep Neural Networks in Multi-Tenant Cloud-FPGA — Yukui Luo, Adnan Siraj Rakin, Deliang Fan, Xiaolin Xu

  This talk introduces **DeepShuffle**, a novel and lightweight defense framework designed to protect **Deep Neural Networks (DNNs)** from **adversarial fault injection attacks** within **multi-tenant…

• Scalable Mixed-Mode MPC — Radhika, Kang Yang, Jonathan Katz, Xiao Wang

  Multiparty Computation (MPC) is a cryptographic primitive that enables several parties to jointly compute a function on their private inputs without revealing anything beyond the function's output…

• Undefined-oriented Programming: Detecting and Chaining Prototype Pollution Gadgets in Node.js Template Engines for Malicious Consequences — Zhengyu Liu, Kecheng An, Yinzhi Cao

  This talk, presented by Zhengyu Liu from Johns Hopkins University, delves into a sophisticated exploitation technique for **Prototype Pollution (PP)** vulnerabilities in JavaScript, specifically…

• From Principle to Practice: Vertical Data Minimization for Machine Learning — Robin Staab, Nikola Jovanovic, Mislav Balunovic, Martin Vechev

  This talk, presented by Robin Staab and his colleagues from the SML Lab at ETH Zurich, introduces a novel approach to data privacy known as **Vertical Data Minimization (VDM)** for machine learning…

• On SMS Phishing Tactics and Infrastructure — Aleksandr Nahapetyan, Sathvik Prasad, Kevin Childs, Adam Oest, Yeganeh Ladwig, Alexandros Kapravelos

  SMS phishing, commonly known as **smishing**, represents a pervasive and evolving threat in the landscape of social engineering attacks. This presentation, delivered by Aleksandr Nahapetyan from NC…

• Cohere: Managing Differential Privacy in Large Scale Systems — Nicolas Küchler, Emanuel Opel, Hidde Lycklama, Alexander Viand, Anwar Hithnawi

  In an era increasingly defined by data-driven insights, the challenge of leveraging vast datasets for research, service provision, and public statistics without compromising individual privacy has…

• SINBAD: Saliency-informed detection of breakage caused by ad blocking — Saiid El Hajj Chehade, Sandra Siby, Carmela Troncoso

  The proliferation of privacy-enhancing technologies (PETs) like ad blockers has dramatically improved user experience and privacy online. However, these tools often modify web page content and…

• SneakyPrompt: Jailbreaking Text-to-image Generative Models — Yuchen Yang, Bo Hui, Haolin Yuan, Neil Gong, Yinzhi Cao

  This article delves into "SneakyPrompt," a novel framework designed to jailbreak **text-to-image generative models** by bypassing their integrated safety features. Presented by Yuchen Yang and…

• Hyena: Balancing Packing, Reuse, and Rotations for Encrypted Inference — Sarabjeet Singh, Shreyas Singh, Sumanth Gudaparthi, Xiong Fan, Rajeev Balasubramonian

  This talk introduces **Hyena**, a significant advancement towards achieving practical **privacy-preserving inference** using **Homomorphic Encryption (HE)**. Homomorphic Encryption is a powerful…

• Holepunch: Fast, Secure File Deletion with Crash Consistency — Zachary Ratliff, Wittmann Goh, Abe Wieland, James Mickens, Ryan Williams

  In the realm of digital security and privacy, the concept of "deletion" often carries a misleading connotation. Users and businesses alike frequently operate under the assumption that deleting a…

• Eureka: A General Framework for Black-box Differential Privacy Estimators — Yun Lu, Malik Magdon-Ismail, Yu Wei, Vassilis Zikas

  In the realm of data privacy, ensuring that algorithms do not inadvertently leak sensitive information is paramount. This talk introduces "Eureka," a novel and general framework designed for…

• From Chatbots to Phishbots?: Phishing Scam Generation in Commercial Large Language Models — Sayak Saha Roy, Poojitha Thota, Krishna Vamsi Naragam, Shirin Nilizadeh

  The advent of commercial Large Language Models (LLMs) such as ChatGPT, Claude, and Bard has revolutionized various industries, offering unprecedented capabilities in content generation, data…

• Understanding Parents' Perceptions and Practices Toward Children's Security and Privacy in Virtual Reality — Jiaxun Cao, Abhinaya S B, Anupam Das, Pardis Emami-Naeini

  This talk, presented by Jiaxun Cao from Duke University on behalf of co-authors Abhinaya S B, Anupam Das, and Pardis Emami-Naeini, delves into a critical and under-researched area: parents'…

• More is Merrier: Relax the Non-Collusion Assumption in Multi-Server PIR — Tiantian Gong, Ryan Henry, Alexandros Psomas, Aniket Kate

  This talk, "More is Merrier: Relax the Non-Collusion Assumption in Multi-Server PIR," presented by Tiantian Gong, delves into a critical security challenge within **Private Information Retrieval…

• Practical Attacks against DNS Reputation Systems — Tillson Galloway, Kleanthis Karakolios, Zane Ma, Roberto Perdisci, Manos Antonakakis, Angelos Keromytis

  This talk, presented by Tillson Galloway and collaborators from Georgia Tech, Oregon State University, and the University of Georgia, delves into the critical vulnerabilities of **DNS reputation…

• SoK: Collusion-resistant Multi-party Private Set Intersections in the Semi-honest Model — Jelle Vos, Mauro Conti, Zekeriya Erkin

  This article delves into the Systematization of Knowledge (SoK) paper titled "SoK: Collusion-resistant Multi-party Private Set Intersections in the Semi-honest Model," presented by Jelle Vos in…

• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices — Qinying Wang, Boyu Chang, Shouling Ji, Yuan Tian, Xuhong Zhang, Binbin Zhao

  The rapid proliferation of Internet of Things (IoT) devices has underscored the critical need for robust security mechanisms to protect sensitive data and operations. Trusted Execution Environments…

• AFGen: Whole-Function Fuzzing for Applications and Libraries — Yuwei Liu, Yanhao Wang, Xiangkun Jia, Zheng Zhang, Purui Su

  In the realm of software security, **fuzzing** has long stood as a cornerstone technique for discovering vulnerabilities by feeding programs with malformed or unexpected inputs. Despite its…

• Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation — Mathé Hertogh, Sander Wiebing, Cristiano Giuffrida

  This talk, presented by Mathé Hertogh, Sander Wiebing, and Cristiano Giuffrida from VUsec, introduces a novel and concerning development in the landscape of speculative execution attacks…

• MAWSEO: Adversarial Wiki Search Poisoning for Illicit Online Promotion — Zilong Lin, Zhengyi Li, Xiaojing Liao, XiaoFeng Wang, Xiaozhong Liu

  In an era where online visibility translates directly to profit, the landscape of illicit online promotion has grown increasingly sophisticated. The talk "MAWSEO: Adversarial Wiki Search Poisoning…

• Pudding: Private User Discovery in Anonymity Networks — Ceren Kocaogullar, Daniel Hugenroth, Martin Kleppmann, Alastair R. Beresford

  In the evolving landscape of digital communication, **end-to-end encryption** has become a widely adopted standard for securing message content. However, the talk "Pudding: Private User Discovery in…

• From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover — Xingli Zhang, Yazhou Tu, Yan Long, Liqun Shan, Mohamed A Elsaadani, Kevin Fu

  This talk, presented by Xingli Zhang and collaborators at IEEE S&P, unveils a novel and concerning attack vector that allows an attacker to manipulate a Tesla vehicle without the owner's interaction…

• Efficient Actively Secure DPF and RAM-based 2PC with One-Bit Leakage — Wenhao Zhang, Xiaojie Guo, Kang Yang, Ruiyu Zhu, Yu Yu, Xiao Wang

  This talk introduces a groundbreaking protocol for **actively secure Distributed Point Function (DPF)** and **RAM-based Two-Party Computation (2PC)**, designed to achieve high efficiency with…

• Enforcing End-to-end Security for Remote Conferencing — Yuelin Liu, Huangxun Chen, Zhice Yang
• ALIF: Low-Cost Adversarial Audio Attacks on Black-Box Speech Platforms using Linguistic Features — Peng Cheng, Yuwei Wang, Peng Huang, Zhongjie Ba, Xiaodong Lin, Feng Lin
• ERASAN: Efficient Rust Address Sanitizer — Jiun Min, Dongyeon Yu, Seongyun Jeong, Dokyung Song, Yuseok Jeon

  Rust has rapidly gained traction in systems programming due to its powerful memory safety guarantees, enforced through mechanisms like **ownership**, **borrow checking**, **lifetime inference**, and…

• Everything is Good for Something: Counterexample-Guided Directed Fuzzing via Likely Invariant Inference — Heqing Huang, Anshunkang Zhou, Mathias Payer, Charles Zhang

  In an era where software underpins nearly every facet of modern society, the prevalence and potential impact of software bugs have escalated dramatically. From critical infrastructure to personal…

• Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs — Hans Winderix, Marton Bognar, Job Noorman, Lesly-Ann Daniel, Frank Piessens

  In an era where the security of sensitive data is paramount, **microarchitectural side-channel attacks** pose a significant threat, particularly those targeting **control-flow leakage**. These…

• SoK: SGX.Fail: How Stuff Gets eXposed — Stephan van Schaik, Alex Seto, Thomas Yurek, Adam Batori, Bader AlBassam, Daniel Genkin

  This talk, "SoK: SGX.Fail: How Stuff Gets eXposed," delivered by Stephan van Schaik, provides a comprehensive Systemization of Knowledge (SoK) regarding vulnerabilities in Intel Software Guard…

• BOLT: Privacy-Preserving, Accurate and Efficient Inference for Transformers — Qi Pang, Jinhao Zhu, Helen Möllering, Wenting Zheng, Thomas Schneider

  The proliferation of powerful Transformer-based models, such as GPT, BERT, and ViT, has fueled the rapid expansion of Machine Learning as a Service (MLaaS). While these models offer unprecedented…

• A Security Analysis of Honey Vaults — Fei Duan, Ding Wang, Chunfu Jia, Zhenduo Hou

  This talk, presented by Fei Duan at the IEEE S&P 2024 conference, delves into a comprehensive security analysis of **Honey Vaults**, a specialized type of password manager designed to thwart offline…

• The Role of User-Agent Interactions on Mobile Money Practices in Kenya and Tanzania — Karen Sowon, Edith Luhanga, Lorrie Cranor, Giulia Fanti, Conrad Tucker, Assane Gueye

  This talk, presented by Karen Sowon and a team of researchers from Carnegie Mellon University, delves into the often-overlooked security and privacy implications of **user-agent interactions**…

• CaFA: Cost-aware, Feasible Attacks With Database Constraints Against Neural Tabular Classifiers — Matan Ben-Tov, Daniel Deutch, Nave Frost, Mahmood Sharif

  This article delves into CaFA, a novel framework for generating **cost-aware, feasible adversarial attacks** against neural tabular classifiers. Presented at IEEE S&P, this research by Matan…

• Exploring the Orthogonality and Linearity of Backdoor Attacks — Kaiyuan Zhang, Siyuan Cheng, Guangyu Shen, Guanhong Tao, Shengwei An, Anuran Makur

  In this insightful talk from IEEE S&P, Kaiyuan Zhang, a PhD student from Purdue University, presented a systematic study titled "Exploring the Orthogonality and Linearity of Backdoor Attacks." The…

• The Inventory is Dark and Full of Misinformation: Understanding Ad Inventory Pooling in the Ad-Tech Supply Chain — Yash Vekaria, Rishab Nithyanand, Zubair Shafiq

  In the complex and often opaque world of online advertising, a deceptive practice known as **dark pooling** allows misinformation websites to clandestinely monetize their content, often at the…

• Casual Users and Rational Choices within Differential Privacy — Narges Ashena, Oana Inel, Badrie L. Persaud, Abraham Bernstein

  This presentation, delivered by Narges Ashena, delves into the critical challenge of making **Differential Privacy (DP)** comprehensible and actionable for everyday users. Differential Privacy is a…

• Practical Obfuscation of BLE Physical-Layer Fingerprints on Mobile Devices — Hadi Givehchian, Nishant Bhaskar, Alexander Redding, Han Zhao, Aaron Schulman, Dinesh Bharadia
• Few-shot Unlearning — Youngsik Yoon, Jinhwan Nam, Hyojeong Yun, Jaeho Lee, Dongwoo Kim, Jungseul Ok

  In the rapidly evolving landscape of machine learning, the ability to selectively remove specific data's influence from a trained model—a process known as **machine unlearning**—has become…

• Side-Channel-Assisted Reverse-Engineering of Encrypted DNN Hardware Accelerator IP and Attack Surface Exploration — Cheng Gongye, Yukui Luo, Xiaolin Xu, Yunsi Fei

  This talk, presented by Cheng Gongye, delves into the critical and often overlooked realm of hardware security, specifically focusing on **physical side-channel attacks** against **Deep Neural…

• It's Simplex! Disaggregating Measures to Improve Certified Robustness — Andrew C. Cullen, Paul Montague, Shijie Liu, Sarah M. Erfani, Benjamin I.P. Rubinstein

  In the realm of machine learning security, **adversarial examples** pose a significant threat, capable of subtly altering input data to mislead classification models. While numerous reactive…

• Understanding the Privacy Practices of Political Campaigns: A Perspective from the 2020 US Election Websites — Kaushal Kafle, Prianka Mandal, Kapil Singh, Benjamin Andow, Adwait Nadkarni

  This article delves into the critical findings presented by Kaushal Kafle, a PhD student at William & Mary and lead graduate student at the Secure Platforms Lab, alongside his colleagues from…

• Tabbed Out: Subverting the Android Custom Tab Security Model — Philipp Beer, Marco Squarcina, Lorenzo Veronese, Martina Lindorfer

  In the realm of Android application development, the choice of how to display web content within an app carries significant security implications. While the Android WebView component offers…

• Thwarting Last-Minute Voter Coercion — Rosario Giustolisi, Maryam Sheikhi, Carsten Schuermann

  This talk, presented by Rosario Giustolisi, Maryam Sheikhi, and Carsten Schuermann at IEEE S&P, introduces a novel technique designed to enhance the security and integrity of internet-based voting…

• Automated Synthesis of Effect Graph Policies for Microservice-Aware Stateful System Call Specialization — William Blair, Frederico Araujo, Teryl Taylor, Jiyong Jang

  In an era dominated by cloud-native applications and microservice architectures, securing the underlying infrastructure against sophisticated attacks remains a paramount challenge for cloud…

• Specular: Towards Secure, Trust-minimized Optimistic Blockchain Execution — Zhe Ye, Ujval Misra, Jiajun Cheng, Andy Zhou, Dawn Song

  In this presentation at IEEE S&P, Zhe Ye, a PhD student at UC Berkeley, introduced "Specular," a novel approach aimed at enhancing the security and trust-minimization of optimistic blockchain…

• Wear's my Data? Understanding the Cross-Device Runtime Permission Model in Wearables — Doguhan Yeke, Muhammad Ibrahim, Güliz Seray Tuncay, Habiba Farrukh, Abdullah Imran, Antonio Bianchi

  This talk, "Wear's my Data? Understanding the Cross-Device Runtime Permission Model in Wearables," presented by researchers from Purdue University, Google, and the University of Florida, delves into…

• MPC-in-the-Head Framework without Repetition and its Applications to the Lattice-based Cryptography — Weihao Bai, Long Chen, Qianwen Gao, Zhenfeng Zhang

  The talk "MPC-in-the-Head Framework without Repetition and its Applications to the Lattice-based Cryptography" by Chal from The Institute of Software at the Chinese Academy of Sciences, along with…

• APP-Miner: Detecting API Misuses via Automatically Mining API Path Patterns — Jiasheng Jiang, Jingzheng Wu, Xiang Ling, Tianyue Luo, Sheng Qu, Yanjun Wu

  The talk "APP-Miner: Detecting API Misuses via Automatically Mining API Path Patterns" by Jiasheng Jiang and his co-authors from the Institute of Software, Chinese Academy of Sciences, introduces a…

• Pryde: A Modular Generalizable Workflow for Uncovering Evasion Attacks Against Stateful Firewall Deployments — Soo-jin Moon, Milind Srivastava, Yves Bieri, Ruben Martins, Vyas Sekar

  In the realm of network security, **stateful firewall deployments** are a cornerstone, designed to protect internal networks from external threats by enforcing strict access policies. However, as…

• Distributed & Scalable Oblivious Sorting and Shuffling — Nicholas Ngai, Ioannis Demertzis, Javad Ghareh Chamani, Dimitrios Papadopoulos

  In an era where data privacy is paramount, traditional encryption alone often proves insufficient to protect sensitive information from sophisticated attacks. This talk, presented by Nicholas Ngai…

• mimoCrypt: Multi-User Privacy-Preserving Wi-Fi Sensing via MIMO Encryption — Jun Luo, Hangcheng Cao, Hongbo Jiang, Yanbing Yang, Zhe Chen

  The talk "mimoCrypt: Multi-User Privacy-Preserving Wi-Fi Sensing via MIMO Encryption" by Jun Luo and co-authors introduces a groundbreaking defensive mechanism against privacy threats posed by…