33rd USENIX Security Symposium

August 14-16, 2024 · Philadelphia, Pennsylvania · 100 talks

The 33rd USENIX Security Symposium, a top-tier academic security conference covering systems, software, network, privacy, and applied security research.

→ See editor’s top picks at 33rd USENIX Security Symposium

• A World Where We Trust Hard-Won Lessons in Security Research, Technology, and People — David Brumley

  In this compelling keynote address at USENIX Security '24, David Brumley, a distinguished professor at Carnegie Mellon University and founder of ForAllSecure (creators of Mayhem), delivered a deeply…

• "I feel physically safe but not politically safe": Understanding the Digital Threats and Safety Practices of OnlyFans Creators — Ananta Soneji, Vaughn Hamilton, Adam Doupé, Allison McDonald, Elissa M. Redmiles

  This talk, presented by Ananta Soneji and her colleagues, delves into the complex digital security landscape faced by OnlyFans creators, a unique demographic at the intersection of sex work and…

• "I chose to fight, be brave, and to deal with it": Threat Experiences and Security Practices of Pakistani Content Creators — Lea Gröber, Waleed Arshad, Shanza, Angelica Goetzen, Elissa M. Redmiles, Maryam Mustafa, Katharina Krombholz

  This compelling talk, "I chose to fight, be brave, and to deal with it": Threat Experiences and Security Practices of Pakistani Content Creators," delivered at USENIX Security '24, sheds critical…

• Investigating Moderation Challenges to Combating Hate and Harassment: The Case of Mod-Admin Power Dynamics and Feature Misuse on Reddit — Madiha Tabassum, Alana Mackey, Ashley Schuett, Ada Lerner

  Online platforms continue to grapple with pervasive issues of hate, harassment, and abuse, which manifest in diverse forms from targeted hate speech to doxing and non-consensual sharing of intimate…

• "Did They F***ing Consent to That?": Safer Digital Intimacy via Proactive Protection Against Image-Based Sexual Abuse — Lucy Qin, Vaughn Hamilton, Sharon Wang, Yigit Aydinalp, Marin Scarlett, Elissa M. Redmiles

  This compelling talk, "Did They F***ing Consent to That?: Safer Digital Intimacy via Proactive Protection Against Image-Based Sexual Abuse," presented by Lucy Qin and her co-authors, addresses the…

• AttackGNN: Red-Teaming GNNs in Hardware Security Using Reinforcement Learning — Vasudev Gohil, Satwik Patnaik, Dileep Kalathil, Jeyavijayan Rajendran

  In an era defined by a globally interconnected semiconductor supply chain, the security of hardware devices faces unprecedented challenges. From malicious backdoor injections known as **Hardware…

• INSIGHT: Attacking Industry-Adopted Learning Resilient Logic Locking Techniques Using Explainable Graph Neural Network — Lakshmi Likhitha Mankali, Ozgur Sinanoglu, Satwik Patnaik

  In an era defined by a globalized IC supply chain, hardware security vulnerabilities have become a paramount concern, particularly **Hardware IP piracy**. This talk, presented by Lakshmi Likhitha…

• Eye of Sauron: Long-Range Hidden Spy Camera Detection and Positioning with Inbuilt Memory EM Radiation — Qibo Zhang, Daibo Liu, Xinyu Zhang, Zhichao Cao, Fanzi Zeng

  The proliferation of miniature, easily concealed spy cameras has become a significant threat to personal privacy, transforming everyday locations like hotels, Airbnbs, and even private homes into…

• Improving the Ability of Thermal Radiation Based Hardware Trojan Detection — Ting Su

  In the rapidly evolving landscape of integrated circuit (IC) security, **Hardware Trojans (HTs)** represent a persistent and growing threat. These insidious malicious circuits, stealthily embedded…

• Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation — Fangfei Yang, Bumjin Im, Weijie Huang, Kelly Kaoudis, Anjo Vahldiek-Oberwagner, Chia-Che Tsai, Nathan Dautenhahn

  The talk "Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation" by Fangfei Yang and collaborators from Rice University and other institutions, introduces **Endokernel**, a novel…

• HIVE: A Hardware-assisted Isolated Execution Environment for eBPF on AArch64 — Peihua Zhang, Chenggang Wu, Xiangyu Meng, Yinqian Zhang, Mingfan Peng, Mengyao Xie, Yuanming Lai, Yan Kang, Zhe Wang

  The talk "HIVE: A Hardware-assisted Isolated Execution Environment for eBPF on AArch64" presented at USENIX Security '24, introduces a novel approach to enhance the security and capability of…

• BUDAlloc: Defeating Use-After-Free Bugs by Decoupling Virtual Address Management from Kernel — Junho Ahn

  In the realm of memory safety vulnerabilities, **Use-After-Free (UAF)** bugs stand as a persistent and critical threat, particularly in systems developed with unsafe memory languages like C and C++…

• Page-Oriented Programming: Subverting Control-Flow Integrity of Commodity Operating System Kernels with Non-Writable Code Pages — Seunghun Han, Seong-Joong Kim, Jae-Cheol Ryou

  In the ever-escalating arms race between attackers and defenders, the integrity of operating system kernels remains a paramount concern. This talk, "Page-Oriented Programming: Subverting…

• SmartCookie: Blocking Large-Scale SYN Floods with a Split-Proxy Defense on Programmable Data Planes — Sophia Yoo

  In an era where cyberattacks are increasingly sophisticated and volumetric, the persistent threat of **SYN flooding** remains a significant challenge for network providers. Despite being a known…

• Loopy Hell(ow): Infinite Traffic Loops at the Application Layer — Yepeng Pan

  In a presentation at USENIX Security '24, Yepeng Pan unveiled groundbreaking research into **application layer traffic loops**, a critical yet under-analyzed vulnerability that can lead to severe…

• Zero-setup Intermediate-rate Communication Guarantees in a Global Internet — Marc Wyss, Adrian Perrig

  In an increasingly interconnected world, the availability of critical network services is paramount. However, **volumetric Distributed Denial of Service (DDoS)** attacks pose a significant and…

• Towards an Effective Method of ReDoS Detection for Non-backtracking Engines — Weihao Su, Haiming Chen, Tingjian Ge

  Regular expression Denial of Service (**ReDoS**) attacks represent a significant threat to applications that rely on regular expressions for pattern matching, often leading to severe performance…

• FAMOS: Robust Privacy-Preserving Authentication on Payment Apps via Federated Multi-Modal Contrastive Learning — Yifeng Cai, Ziqi Zhang, Jiaping Gui, Bingyan Liu, Xiaoke Zhao, Ding Li

  In an era where digital payment applications have become ubiquitous, securing transactions against unauthorized access is paramount. The talk "FAMOS: Robust Privacy-Preserving Authentication on…

• Efficient Privacy Auditing in Federated Learning — Hongyan Chang, Brandon Edwards, Anindya S. Paul, Reza Shokri

  Federated Learning (FL) has emerged as a prominent distributed machine learning paradigm, enabling multiple parties to collaboratively train a global model without directly sharing their raw local…

• Defending Against Data Reconstruction Attacks in Federated Learning: An Information Theory Approach — Qi Tan, Qi Li, Yi Zhao, Zhuotao Liu, Xiaobing Guo, Ke Xu

  In an era increasingly defined by data-driven decision-making, **Federated Learning (FL)** has emerged as a critical paradigm, promising to unlock the power of distributed data while simultaneously…

• Lotto: Secure Participant Selection against Adversarial Servers in Federated Learning — Zhifeng Jiang, Peng Ye, Shiqi He, Wei Wang, Ruichuan Chen, Bo Li

  The talk "Lotto: Secure Participant Selection against Adversarial Servers in Federated Learning" introduces a pioneering framework designed to fortify the privacy and security of Federated Learning…

• Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation — Zion Leonahenahe Basque

  In the realm of binary analysis, the ability to transform machine code back into human-readable source code — a process known as **decompilation** — is a cornerstone for security researchers…

• A Taxonomy of C Decompiler Fidelity Issues — Luke Dramko, Jeremy Lacomis, Edward J. Schwartz, Bogdan Vasilescu, Claire Le Goues

  This talk, presented by Luke Dramko from Carnegie Mellon University, delves into the inherent limitations and discrepancies found in the output of modern decompilers. Decompilers are indispensable…

• D-Helix: A Generic Decompiler Testing Framework Using Symbolic Differentiation — Muqi Zou

  In the intricate world of binary analysis, decompilers serve as critical tools, translating low-level machine code back into human-readable high-level languages like C. This talk, "D-Helix: A…

• SymFit: Making the Common (Concrete) Case Fast for Binary-Code Concolic Execution — Zhenxiao Qi

  In the realm of software security and vulnerability research, **concolic execution** (a hybrid of concrete and symbolic execution) stands as a powerful technique for path exploration and bug…

• K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures — Daniel Collins, Loïs Huguenin-Dumittan, Ngoc Khanh Nguyen, Nicolas Rolin, Serge Vaudenay

  In an era increasingly cognizant of the threat posed by quantum computers to current cryptographic standards, the development of **post-quantum cryptography (PQC)** has become a paramount concern…

• Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments — Gabriel K. Gegenhuber, Florian Holzbauer, Philipp É. Frenzel, Edgar Weippl, Adrian Dabrowski

  This talk, "Diffie-Hellman Picture Show," presented by Gabriel K. Gegenhuber from the University of Vienna, delves into the critical security landscape of Voice over Wi-Fi (VoWiFi), also known as…

• Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging — Karthikeyan Bhargavan, Charlie Jacomme, Franziskus Kiefer, Rolfe Schmidt

  This talk details the collaborative effort between Signal Messenger and academic researchers to formally verify PQXDH, a post-quantum key agreement protocol designed to augment the widely used…

• SWOOSH: Efficient Lattice-Based Non-Interactive Key Exchange — Phillip Gajland, Bor de Kock, Miguel Quaresma, Giulio Malavolta, Peter Schwabe

  In the realm of post-quantum cryptography, much attention has been directed towards **Key Encapsulation Mechanisms (KEMs)**, largely driven by the NIST Post-Quantum Cryptography (PQC)…

• PhishDecloaker: Detecting CAPTCHA-cloaked Phishing Websites via Hybrid Vision-based Interactive Models — Xiwen Teoh, Yun Lin, Ruofan Liu

  In an escalating arms race between phishers and anti-phishing entities, threat actors continually devise sophisticated cloaking techniques to evade detection and deny access to security crawlers. A…

• Less Defined Knowledge and More True Alarms: Reference-based Phishing Detection without a Pre-defined Reference List — Ruofan Liu, Yun Lin, Xiwen Teoh, Gongshen Liu, Zhiyong Huang, Jin Song Dong

  The digital landscape is under constant siege from sophisticated phishing attacks, a threat that has escalated dramatically from 26,000 reported victims in 2018 to an alarming 300,000 in 2023. This…

• In Wallet We Trust: Bypassing the Digital Wallets Payment Security for Free Shopping — Raja Hasnain Anwar, Syed Rafiul Hussain, Muhammad Taqi Raza

  In an era where digital wallets have become an indispensable part of our daily financial transactions, offering convenience and a perceived layer of security over physical cards, a critical analysis…

• The Impact of Exposed Passwords on Honeyword Efficacy — Zonghao Huang, Lujo Bauer, Michael K. Reiter

  In the ever-evolving landscape of cybersecurity, **credential database breaches** remain a persistent and critical threat. When these breaches occur, attackers gain access to vast repositories of…

• InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2 — Sander Wiebing

  In the realm of modern CPU architecture, speculative execution vulnerabilities like Spectre continue to pose a significant threat to system security. This talk, "InSpectre Gadget: Inspecting the…

• Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors — Anirban Chakraborty

  This talk introduces Shesha, an innovative automated framework designed to discover novel microarchitectural leakage vulnerabilities in modern Intel processors. Given the increasing complexity of…

• BeeBox: Hardening BPF against Transient Execution Attacks — Di Jin

  The talk "BeeBox: Hardening BPF against Transient Execution Attacks" by Di Jin introduces a novel framework designed to protect the **Berkeley Packet Filter (BPF)** from the insidious threat of…

• SpecLFB: Eliminating Cache Side Channels in Speculative Executions — Xiaoyu Cheng, Fei Tong, Purple Mountain Laboratories, Hongyu Wang, Wiscom System Co, Zhe Zhou, Fang Jiang, Yuxing Mao

  The talk "SpecLFB: Eliminating Cache Side Channels in Speculative Executions" by Xiaoyu Cheng and colleagues introduces a novel, low-overhead hardware defense mechanism designed to mitigate **cache…

• Towards Privacy-Preserving Social-Media SDKs on Android — Haoran Lu

  In an era where mobile applications are increasingly reliant on third-party libraries, the security and privacy implications of these dependencies have become a critical concern. Haoran Lu's talk…

• UIHash: Detecting Similar Android UIs through Grid-Based Visual Appearance Representation — Jiawei Li, Jian Mao, Jun Zeng, Qixiao Lin, Shaowen Feng, Zhenkai Liang

  In the contemporary mobile landscape, user interfaces (UIs) serve as the primary interaction point between users and applications. However, the prevalence of similar UIs in **counterfeit…

• Racing for TLS Certificate Validation: A Hijacker's Guide to the Android TLS Galaxy — Sajjad Pourali, Xiufen Yu, Lianying Zhao, Mohammad Mannan, Amr Youssef

  The security of mobile application communication hinges critically on the proper validation of **TLS certificates** presented by servers. While prior research has extensively documented…

• DVa: Extracting Victims and Abuse Vectors from Android Accessibility Malware — Haichuan Xu, Mohamed Moustafa Dawoud, Jeman Park, Brendan Saltaformaggio

  This talk introduces **DVa (Detector of Victim-specific Accessibility Abuse)**, a novel system designed to comprehensively analyze and mitigate Android accessibility malware. Presented by Haichuan…

• SoK: State of the Krawlers – Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements — Aleksei Stafeev, Giancarlo Pellegrino

  This talk, titled "SoK: State of the Krawlers – Evaluating the Effectiveness of Crawling Algorithms for Web Security Measurements," delves into the critical role of web crawlers in empirical…

• Vulnerability-oriented Testing for RESTful APIs — Wenlong Du, Jian Li, Yanhao Wang, Libo Chen, Zhengguang Han, Yijun Wang, Zhi Xue

  RESTful APIs have become the backbone of modern software architecture, powering everything from cloud services and enterprise applications to IoT devices. Their widespread adoption, however, has…

• Web Platform Threats: Automated Detection of Web Security Issues With WPT — Pedro Bernardo, Lorenzo Veronese, Valentino Dalla Valle, Stefano Calzavara, Marco Squarcina, Pedro Adão, Matteo Maffei

  The modern web platform is an incredibly complex ecosystem, built upon ever-evolving specifications implemented by various browsers. This talk, presented by Pedro Bernardo and a collaborative team…

• Rise of Inspectron: Automated Black-box Auditing of Cross-platform Electron Apps — Mir Masood Ali

  This talk, presented by Mir Masood Ali, a PhD student at the University of Illinois Chicago, delves into the often-overlooked security vulnerabilities prevalent in **Electron applications**…

• KnowPhish: Large Language Models Meet Multimodal Knowledge Graphs for Enhancing Reference-Based Phishing Detection — Yuexin Li, Mei Lin Lock, Tri Cao, Nay Oo, Hoon Wei Lim, Bryan Hooi

  Phishing attacks remain a pervasive and costly threat, leading to significant financial losses globally. Despite advancements in detection mechanisms, a critical gap persists in effectively…

• Exploring ChatGPT's Capabilities on Vulnerability Management — Peiyu Liu, Junming Liu, Lirong Fu, Kangjie Lu, Yifan Xia, Xuhong Zhang, Wenzhi Chen, Haiqin Weng, Shouling Ji, Wenhai Wang

  This talk presents a comprehensive evaluation of **ChatGPT**'s capabilities across the entire **vulnerability management lifecycle**. Given the burgeoning interest in **Large Language Models…

• Large Language Models for Code Analysis: Do LLMs Really Do Their Job? — Chongzhou Fang, Jialin Liu, Ruoyu Zhang, Han Wang, Houman Homayoun

  This talk, presented by Chongzhou Fang, a fourth-year PhD student at UC Davis, delves into a critical and timely evaluation of **Large Language Models (LLMs)** for **code analysis**. With the…

• PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing — Gelei Deng, Yi Liu, Víctor Mayoral-Vilches, Peng Liu, Yuekang Li, Yuan Xu, Martin Pinzger, Stefan Rass

  The talk "PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing" introduces an innovative, open-source solution that leverages the power of Large Language…

• OptFuzz: Optimization Path Guided Fuzzing for JavaScript JIT Compilers — Jiming Wang, Yan Kang, Chenggang Wu, Yuhao Hu, Yuanming Lai, Mengyao Xie, Charles Zhang, Tao Li, Zhe Wang

  This talk introduces **OptFuzz**, a novel fuzzing system designed to uncover vulnerabilities within JavaScript Just-In-Time (JIT) compilers by specifically targeting their optimization paths…

• Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing — Asmita, Yaroslav Oliinyk, Michael Scott, Ryan Tsang

  This talk, presented by Asmita and her collaborators from NetRise, delves into novel approaches for enhancing the effectiveness of fuzzing in embedded systems, specifically targeting **BusyBox**…

• Towards Generic Database Management System Fuzzing — Yupeng Yang, Yongheng Chen, Rui Zhong, Jizhou Chen, Wenke Lee

  Database Management Systems (DBMSs), encompassing both relational (SQL) and non-relational (NoSQL) variants, form the backbone of modern data storage, retrieval, and management across a vast array…

• HYPERPILL: Fuzzing for Hypervisor-bugs by Leveraging the Hardware Virtualization Interface — Alexander Bulekov, Qiang Liu, Manuel Egele, Mathias Payer

  In the realm of modern computing, hypervisors serve as the foundational layer enabling the efficient and secure execution of multiple virtual machines (VMs) on a single physical host. Their ubiquity…

• Less is More: Revisiting the Gaussian Mechanism for Differential Privacy — Tianxi Ji, Pan Li

  Differential Privacy (DP) stands as a foundational framework for privacy-preserving data analysis, machine learning, and AI. At its core, DP aims to quantify and limit the privacy loss incurred when…

• Relation Mining Under Local Differential Privacy — Kai Dong, Xinwen Fu

  In an era where centralized institutions amass vast quantities of data, data mining has become an indispensable tool for extracting immense value across diverse sectors, from market analysis and…

• Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD — Anvith Thudi, Hengrui Jia, Casey Meehan, Ilia Shumailov, Nicolas Papernot

  In this USENIX Security '24 talk, Anvith Thudi presented a groundbreaking analysis challenging the conventional understanding of privacy guarantees in **Differentially Private Stochastic Gradient…

• DPAdapter: Improving Differentially Private Deep Learning through Noise Tolerance Pre-training — Zihao Wang, Zhikun Zhang, John Mitchell, Haixu Tang, XiaoFeng Wang

  In the realm of deep learning, where models are increasingly deployed to process sensitive information, ensuring data privacy has become paramount. This talk introduces **DPAdapter**, a novel…

• Double Face: Leveraging User Intelligence to Characterize and Recognize AI-synthesized Faces — Matthew Joslin

  In an era witnessing an alarming surge of AI-generated images, particularly deepfakes, posing significant threats to information integrity and social trust, Matthew Joslin from the University of…

• SoK: The Good, The Bad, and The Unbalanced: Measuring Structural Limitations of Deepfake Media Datasets — Seth Layton

  In an era where synthetic media, or **deepfakes**, are becoming increasingly sophisticated and prevalent, the security community faces a critical challenge in accurately detecting them. This talk…

• Can I Hear Your Face? Pervasive Attack on Voice Authentication Systems with a Single Face Image — Nan Jiang, Jun Han

  This talk introduces "Voice," a groundbreaking generative model that demonstrates a pervasive new attack vector against voice authentication systems. Traditionally, deepfake attacks on voice…

• dp-promise: Differentially Private Diffusion Probabilistic Models for Image Synthesis — Haichen Wang, Shuchao Pang, Zhigang Lu, Yihang Rao, Yongbin Zhou, Minhui Xue

  This talk introduces **DP-promise**, a novel framework for training **differentially private diffusion probabilistic models** designed for image synthesis. Presented by Haichen Wang from Nanjing…

• DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks — Xingkai Wang

  This talk introduces DMAUTH, a novel hardware-software co-design architecture aimed at effectively defeating Direct Memory Access (DMA) attacks. Presented by Xingkai Wang at USENIX Security '24, the…

• Bending microarchitectural weird machines towards practicality — Ping-Lun Wang

  In a groundbreaking presentation at USENIX Security '24, Ping-Lun Wang unveiled Flexo, a novel design that significantly advances the practicality and scalability of **microarchitectural weird…

• GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers — Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher Fletcher, David Kohlbrenner, Riccardo Paccagnella, Daniel Genkin

  The talk "GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers" unveils a critical vulnerability in the security guarantees of **constant-time…

• CacheWarp: Software-based Fault Injection using Selective State Reset — Ruiyi Zhang, Youheng Lü, Andreas Kogler, Michael Schwarz

  In a groundbreaking presentation at USENIX Security '24, Ruiyi Zhang and Youheng Lü unveiled **CacheWarp**, a novel software-based fault injection attack that fundamentally compromises the integrity…

• MOAT: Towards Safe BPF Kernel Extension — Hongyi Lu, Shuai Wang, Yechang Wu, Wanning He, Fengwei Zhang

  The talk "MOAT: Towards Safe BPF Kernel Extension" by Hongyi Lu and colleagues from SASC and HK addresses a critical security challenge within the rapidly expanding **extended Berkeley Packet Filter…

• SeaK: Rethinking the Design of a Secure Allocator for OS Kernel — Zicheng Wang, Yicheng Guang, Yueqi Chen, Zhenpeng Lin, Michael Le, Dang K Le, Dan Williams, Xinyu Xing, Zhongshu Gu, Hani Jamjoom

  The talk "SeaK: Rethinking the Design of a Secure Allocator for OS Kernel" introduces a novel approach to mitigating kernel heap exploits by focusing on the selective protection of "exploit-critical…

• Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation — Ziyi Guo, Kyle Zeng, Xinyu Xing

  The talk "Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation" by Ziyi Guo, Kyle Zeng, and Xinyu Xing introduces **Page Spray**, a novel and highly effective page-level memory…

• SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching — Victor Duta

  This talk, presented by Victor Duta at USENIX Security '24, introduces **SafeFetch**, a novel approach to defend the kernel against a critical class of vulnerabilities known as **double-fetch…

• LanDscAPe: Exploring LDAP Weaknesses and Data Leaks at Internet Scale — Jonas Kaspereit, Gurur Öndarö, Gustavo Luvizotto Cesar, Simon Ebbers, Fabian Ising, Christoph Saatjohann, Mattijs Jonker, Ralph Holz, Sebastian Schinzel

  This talk, presented by Jonas Kaspereit and a team of researchers from FH Münster and other institutions, unveils the findings of a groundbreaking, internet-wide study into the security posture of…

• FakeBehalf: Imperceptible Email Spoofing Attacks against the Delegation Mechanism in Email Systems — Jinrui Ma, Bo Luo, Xuanbo Huang, David S.L. Wei, Yan Zhuang

  In an era where email remains a primary communication vector for both personal and professional interactions, the security of email systems is paramount. This talk, "FakeBehalf: Imperceptible Email…

• Rethinking the Security Threats of Stale DNS Glue Records — Yunyi Zhang, Baojun Liu, Haixin Duan, Min Zhang, Xiang Li, Fan Shi, Chengxi Xu, Eihal Alowaisheq

  The Domain Name System (DNS) is a foundational component of the internet, responsible for translating human-readable domain names into IP addresses. While seemingly robust, the intricate mechanics…

• EVOKE: Efficient Revocation of Verifiable Credentials in IoT Networks — Carlo Mazzocca, Abbas Acar, Selcuk Uluagac, Rebecca Montanari

  The talk "EVOKE: Efficient Revocation of Verifiable Credentials in IoT Networks" by Carlo Mazzocca from the University of Bologna, in collaboration with Florida International University, introduces…

• DNN-GP: Diagnosing and Mitigating Model's Faults Using Latent Concepts — Shuo Wang, Hongsheng Hu, Jiamin Chang, Benjamin Zi Hao Zhao, Qi Alfred Chen, Minhui Xue

  In an era where machine learning models underpin critical applications from advanced image generation to autonomous systems, their inherent robustness remains a significant challenge. Adversarial…

• Yes, One-Bit-Flip Matters! Universal DNN Model Inference Depletion with Runtime Code Fault Injection — Shaofeng Li, Xinyu Wang, Minhui Xue, Haojin Zhu, Zhi Zhang, Yansong Gao, Wen Wu, Xuemin (Sherman) Shen

  In a groundbreaking presentation at USENIX Security '24, Shaofeng Li and his co-authors unveiled a novel and alarming attack vector against Deep Neural Network (DNN) models, demonstrating that even…

• Tossing in the Dark: Practical Bit-Flipping on Gray-box Deep Neural Networks for Runtime Trojan Injection — Zihao Wang, Wei He

  This talk, "Tossing in the Dark: Practical Bit-Flipping on Gray-box Deep Neural Networks for Runtime Trojan Injection," presented by Zihao Wang and Wei He, delves into a novel and concerning threat…

• Forget and Rewire: Enhancing the Resilience of Transformer-based Models against Bit-Flip Attacks — Najmeh Nazari, Hossein Sayadi, Setareh Rafatirad, Khaled N. Khasawneh, Houman Homayoun

  In an era where **Transformer-based models** underpin a vast array of critical applications, from sophisticated text generation to precise image classification, their inherent vulnerabilities pose a…

• What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check — Yunlong Xing, Qi Li

  Null Pointer Dereference (NPD) is a pervasive and critical class of software vulnerabilities that occurs when a program attempts to access memory via a null pointer. This operation almost invariably…

• Unleashing the Power of Type-Based Call Graph Construction by Using Regional Pointer Information — Yuandao Cai

  This talk, presented by Yuandao Cai from The Hong Kong University of Science and Technology on behalf of the authors, introduces a novel approach to call graph construction, a fundamental task in…

• Practical Data-Only Attack Generation — Brian Johannesmeyer

  In an era where sophisticated defenses have rendered traditional **control flow hijacking (CFH)** attacks increasingly difficult, a new wave of research is shining a spotlight on **data-only attacks…

• Don't Waste My Efforts: Pruning Redundant Sanitizer Checks by Developer-Implemented Type Checks — Yizhuo Zhai, Paul Yu, Srikanth V. Krishnamurthy

  Type confusion vulnerabilities continue to pose a significant threat in C++ applications, potentially leading to system crashes, denial-of-service, or even arbitrary code execution. This talk…

• Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM — Yibin Yang, David Heath

  This talk, presented by Yibin Yang in collaboration with David Heath from UI, introduces a novel and highly efficient construction for **Zero-Knowledge Random Access Memory (ZK-RAM)**. ZK-RAM is a…

• Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators — Jiajun Xin

  The talk "Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators" introduces a novel system designed to enhance the transparency and security of centralized cryptocurrency…

• Practical Security Analysis of Zero-Knowledge Proof Circuits — Hongbo Wen, Jon Stephens, Yanju Chen, Kostas Ferles, Shankara Pailoor, Kyle Charbonnet, Isil Dillig, Yu Feng

  This talk by Hongbo Wen and his co-authors from UCSB PC Lab delves into the critical security challenges inherent in **Zero-Knowledge Proof (ZKP) circuits**. ZKP technologies are rapidly gaining…

• Formalizing Soundness Proofs of Linear PCP SNARKs — Bolton Bailey, Andrew Miller

  This talk, presented by Bolton Bailey and co-authored with Andrew Miller, addresses a critical challenge in modern cryptography: the formal verification of soundness proofs for **Succinct…

• Guardians of the Galaxy: Content Moderation in the InterPlanetary File System — Saidu Sokoto, Leonhard Balduf, Dennis Trautwein, Yiluo Wei, Gareth Tyson, Ignacio Castro, Onur Ascigil, George Pavlou, Maciej Korczyński, Björn Scheuermann, Michał Król

  This talk, presented by Saidu Sokoto and a team of international collaborators, delves into the complex and often contentious realm of content moderation within the **InterPlanetary File System…

• True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center — Limin Yang, Phuong Cao, Constantin Adam, Alexander Withers, Zbigniew Kalbarczyk

  In the increasingly complex landscape of modern cyber threats, Security Operations Centers (SOCs) serve as critical defenses, monitoring vast networks for anomalies and responding to detected…

• DARKFLEECE: Probing the Dark Side of Android Subscription Apps — Chang Yue, Chen Zhong, Kai Chen, Zhiyu Zhang, Yeonjoon Lee

  The proliferation of subscription-based applications has revolutionized the mobile app economy, offering developers a recurring revenue stream and users access to a vast array of services and…

• Into the Dark: Unveiling Internal Site Search Abused for Black Hat SEO — Yunyi Zhang, Mingxuan Liu, Baojun Liu, Yiming Zhang, Haixin Duan, Min Zhang, Hui Jiang, Baidu Inc, Yanzhe Li, Fan Shi

  This talk, presented by Yiming Zhang from Tsinghua University and a collaborative effort with researchers from Baidu Inc., introduces and thoroughly investigates a novel **black hat SEO** technique…

• ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation — Ataberk Olgun

  The integrity of modern computer systems relies heavily on **Dynamic Random Access Memory (DRAM)**, which serves as the main memory for most devices. However, DRAM is susceptible to a physical…

• SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism — Ingab Kang, Walter Wang, Jason Kim, Stephan van Schaik, Youssef Tobah, Daniel Genkin, Andrew Kwong, Yuval Yarom

  The "SledgeHammer" talk, presented by Ingab Kang at USENIX Security '24, delves into a significant advancement in Rowhammer attacks, demonstrating how **bank-level parallelism** in modern **DRAM**…

• ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms — Patrick Jattke

  For over a decade, AMD has steadily increased its market share in the x86 CPU landscape, with roughly one-third of all x86 CPUs sold today originating from the company. Despite this significant…

• Go Go Gadget Hammer: Flipping Nested Pointers for Arbitrary Data Leakage — Youssef Tobah, Andrew Kwong, Ingab Kang, Daniel Genkin, Kang G. Shin

  The "Go Go Gadget Hammer" talk at USENIX Security '24 introduces a novel and concerning approach to exploiting **Rowhammer** vulnerabilities, moving beyond the traditional targets of page table…

• 00SEVen – Re-enabling Virtual Machine Forensics: Introspecting Confidential VMs Using Privileged in-VM Agents — Fabian Schwarz, Christian Rossow

  Modern cloud computing environments rely heavily on virtual machines (VMs) to host diverse services and applications. A critical security capability in these environments is **VM introspection…

• WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web — Joey Allen, Zheng Yang, Roberto Perdisci, Wenke Lee

  In an era of escalating data breaches, understanding the precise vector and impact of an attack is paramount for effective incident response and future prevention. Traditional forensic approaches…

• AI Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images — David Oygenblik, Carter Yagemann, Joseph Zhang, Arianna Mastali, Jeman Park, Brendan Saltaformaggio

  In an increasingly AI-driven world, the integrity and security of deep learning (DL) models are paramount, especially in safety-critical applications like autonomous vehicles. This talk, "AI…

• Cost-effective Attack Forensics by Recording and Correlating File System Changes — Le Yu

  In an era marked by an unprecedented surge in Internet of Things (IoT) device attacks—a threefold increase between 2020 and 2022, surpassing 100 million incidents annually—the imperative for robust…

• Automated Large-Scale Analysis of Cookie Notice Compliance — Ahmed Bouhoula

  The internet browsing experience is frequently disrupted by ubiquitous cookie notices, a direct consequence of privacy regulations like the European Union's **General Data Protection Regulation…

• Detecting and Mitigating Sampling Bias in Cybersecurity with Unlabeled Data — Saravanan Thirumuruganathan, Fatih Deniz, Mohamed Nabeel, Mourad Ouzzani

  The deployment of machine learning (ML) models in cybersecurity faces a critical, yet often overlooked, challenge: **sampling bias**. This talk, presented by Fatih Deniz at USENIX Security '24…

• Code is not Natural Language: Unlock the Power of Semantics-Oriented Graph Representation for Binary Code Similarity Detection — Haojie He, Xingwei Lin, Ziang Weng, Ruijie Zhao, Shuitao Gan, Libo Chen, Yuede Ji, Jiashui Wang, Zhi Xue

  Binary code similarity detection is a foundational task in cybersecurity, aiming to determine the semantic equivalence between binary functions. This is particularly challenging when functions…