June 16-18, 2020 in Genova   September 7-11, 2020 in Genova, Italy

5th IEEE European Symposium on Security and Privacy

Accepted Papers

Here is a preliminary list of Euro S&P 2020 papers. A number of papers have been accepted conditionally and therefore their presence in this list is not a guarantee that they will be presented in Genova. The order of the papers in this list is not significant and not indicative of the final running order.

''Anyone Else Seeing this Error?'': Community, System Administrators, and Patch Information

Adam Jenkins, Pieris Kalligeros, Maria Wolters, and Kami Vaniea (University of Edinburgh)

A Vehicular DAA Scheme for Unlinkable ECDSA Pseudonyms in V2X

Christopher Hicks and Flavio D. Garcia (University of Birmingham)

Accountability in a Permissioned Blockchain:Formal Analysis of Hyperledger Fabric

Ralf Küsters, Daniel Rausch, and Mike Simon (University of Stuttgart)

Attack Me if You Want: Towards Provable Security Guarantees Against Arbitrary Attacks in CPS

Jairo Giraldo (University of Utah); Sahand Kafash and Justin Ruths (University of Texas at Dallas); Alvaro Cardenas (University of California Santa Cruz)

AVGuardian: Detecting and Mitigating Publish-Subscribe Overprivilege for Autonomous Vehicle Systems

David Ke Hong, John Kloosterman, Yuqi Jin, and Yulong Cao (University of Michigan); Qi Alfred Chen (University of California, Irvine); Scott Mahlke and Z. Morley Mao (University of Michigan)

Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updating

Giulio Lovisotto, Simon Eberz, and Ivan Martinovic (University of Oxford)

Bypassing Backdoor Detection Algorithms in Deep Learning

Te Juin Lester Tan and Reza Shokri (NUS)

Chameleons' Oblivion: Complex-Valued Neural Networks for Protocol-Agnostic RF Device Fingerprinting

Ioannis Agadakos (SRI International); Nikolaos Agadakos and Jason Polakis (University of Illinois at Chicago); Mohamed R. Amer (Robust AI)

CHORUS: a Programming Framework for Building Scalable Differential Privacy Mechanisms

Noah Johnson (Oasis Labs; University of California, Berkeley); Joseph P. Near (University of Vermont); Joseph M. Hellerstein (University of California, Berkeley); Dawn Song (Oasis Labs; University of California, Berkeley)

COMAR: Classification of Compromised versus Maliciously Registered domains

Sourena Maroofi and Maciej Korczynski (Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG); Cristian Hesselman (SIDN Labs); Benoit Ampeau (AFNIC); Andrzej Duda (Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG)

Detecting Malware Injection with Program-DNS Behavior

Yixin Sun (Princeton University); Kangkook Jee (University of Texas at Dallas); Suphannee Sivakorn (Rajamangala University of Technology Tawan-ok); Zhichun Li (Aella Data); Cristian Lumezanu (NEC Laboratories America); Lauri Korts-Pärn (Cyber Defense Institute); Zhenyu Wu (Google); Junghwan Rhee and Chung Hwan Kim (NEC Laboratories America); Mung Chiang (Purdue University); Prateek Mittal (Princeton University)

Differentially Private Two-Party Set Operations

Bailey Kacsmar, Basit Khurram, Nils Lukas, Alexander Norton, Masoumeh Shafieinejad, Zhiwei Shang, and Yasser Baseri (University of Waterloo); Maryam Sepehri (Universita degli studi di Milano); Simon Oya and Florian Kerschbaum (University of Waterloo)

DLA: Dense-Layer-Analysis for Adversarial Example Detection

Philip Sperl, Ching-Yu Kao, Peng Chen, Xiao Lei, and Konstantin Boettinger (Fraunhofer AISEC)

Evaluating Explanation Methods for Deep Learning in Computer Security

Alexander Warnecke, Daniel Arp, Christian Wressnegger, and Konrad Rieck (TU Braunschweig)

Extensive Security Verification of LoRaWAN Key Establishment: Insecurities & Patches

Ioana Boureanu and Steve Wesemeyer (University of Surrey - Surrey Centre for Cyber Security); Zach Smith (University of Luxembourg); Helen Treharne (University of Surrey - Surrey Centre for Cyber Security)

Generalized Iterative Bayesian Update and Applications to Mechanisms for Privacy Protection

Ehab ElSalamouny and Catuscia Palamidessi (INRIA)

Improving Fuzzing through Controlled Compilation

Laurent Simon and Akash Verma (Samsung Research America)

IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis

Roberto Perdisci (University of Georgia and Georgia Institute of Technology); Thomas Papastergiou, Omar Alrawi, and Manos Antonakakis (Georgia Institute of Technology)

Jekyll: Attacking Medical Image Diagnostics Using Neural Translation

Neal Mangaokar and Jiameng Pu (Virginia Tech); Parantapa Bhattacharya (University of Virginia); Chandan K Reddy and Bimal Viswanath (Virginia Tech)

KASLR-Tag: Bypassing Kernel Address Space Isolation on Tagged TLB Architectures

Jakob Koschel, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi (Vrije Universiteit Amsterdam)

Membership Inference Against DNA Methylation Databases

Inken Hagestedt (CISPA Helmholtz Center for Information Security); Mathias Humbert (Cyber-Defence Campus, armasuisse S+T); Pascal Berrang (CISPA Helmholtz Center for Information Security); Irina Lehmann (Helmholtz Centre for Environmental Research Leipzig, UFZ); Roland Eils (Berlin Institue of Health); Michael Backes (CISPA Helmholtz Center for Information Security); Yang Zhang (CISPA Helmholz Center for Information Security)

Modular Security Analysis of OAuth 2.0 in the Three-Party Setting

xinyu li, jing xu, and zhenfeng zhang (Institute of Software, Chinese Academy of Sciences); xiao lan (Cybersecurity Research Institute, Sichuan University); yuchen wang (Institute of Software, Chinese Academy of Sciences)

Multi-country Study of Third Party Trackers from Real Browser Histories

Xuehui Hu, Guillermo Suarez-Tangil, and Nishanth Sastry (King's College London)

On Deploying Secure Computing: Private Intersection-Sum-with-Cardinality Protocols

Mihaela Ion, Ben Kreuter, Erhan Nergiz, Sarvar Patel, Mariana Raykova, Shobhit Saxena, Karn Seth, David Shanahan, and Moti Yung (Google LLC)

Ordinos: A Verifiable Tally-Hiding E-Voting System

Ralf Küsters and Julian Liedtke (University of Stuttgart); Johannes Müller (University of Luxembourg); Daniel Rausch (University of Stuttgart); Andreas Vogt (FHNW Switzerland)

PESTO: Proactively Secure Distributed Single Sign-On, or How to Trust a Hacked Server

Carsten Baum (Aarhus University); Tore Frederiksen (Alexandra Institute); Julia Hesse and Anja Lehmann (IBM Research Zurich); Avishay Yanai (Bar-Ilan University)

Practical Volume-Based Attacks on Encrypted Databases

Stephanie Wang and Rishabh Poddar (UC Berkeley); Jianan Lu (Princeton University); Raluca Ada Popa (UC Berkeley)

Quantitative Assessment on the Limitations of Code Randomization for Legacy Binaries

Pei Wang (Baidu X-Lab); Jinquan Zhang (The Pennsylvania State Unviersity); Shuai Wang (The Hong Kong University of Science and Technology); Dinghao Wu (The Pennsylvania State Unviersity)

Replay Attacks and Defenses Against Cross-shard Consensus in Sharded Distributed Ledgers

Alberto Sonnino, Shehar Bano, Mustafa Al-Bassam, and George Danezis (University College London)

Reward Sharing Schemes for Stake Pools

Lars Bruenjes (IOHK); Aggelos Kiayias (University of Edinburgh and IOHK); Elias Koutsoupias (University of Oxford); Aikaterini-Panagiota Stouka (University of Edinburgh and IOHK)

Saffire: Call-site-specific Function Specialization and Hardening against Code Reuse Attacks

Shachee Mishra and Michalis Polychronakis (Stony Brook University)

SecurePay: Strengthening Two-Factor Authentication for Arbitrary Transactions

Radhesh Krishnan Konoth, Björn Fischer, and Wan Fokkink (Vrije Universiteit Amsterdam); Elias Athanasopoulos (University of Cyprus); Kaveh Razavi and Herbert Bos (Vrije Universiteit Amsterdam)

SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust

Laurent Chuat (ETH Zurich); AbdelRahman Abdou (Carleton University); Ralf Sasse, Christoph Sprenger, David Basin, and Adrian Perrig (ETH Zurich)

Understanding Membership Inferences on Well-Generalized Learning Models

Yunhui Long (University of Illinois at Urbana-Champaign); Lei Wang and Diyue Bu (Indiana University Bloomington); Vincent Bindschadler (University of Florida); Xiaofeng Wang and Haixu Tang (Indiana University Bloomington); Carl A. Gunter (University of Illinois at Urbana-Champaign); Kai Chen (Chinese Academy of Sciences)

User Attitudes On Commercial Genetic Testing

Debjani Saha, Anna Chan, Brook Stacy, and Kiran Javkar (University of Maryland); Sushant Patkar (University of Maryland; Cancer Data Science Laboratory, NCI, NIH); Michelle L. Mazurek (University of Maryland)

VGraph: A Robust Vulnerable Code Clone Detection System Using Code Property Triplets

Benjamin Bowman and H. Howie Huang (George Washington University)

X-Men: A Mutation-Based Approach for the Formal Analysis of Security Ceremonies

Diego Sempreboni and Luca Vigano (Department of Informatics, King's College London)

Zone Encryption with Anonymous Authentication for V2V Communication

Jan Camenisch and Manu Drijvers (DFINITY); Anja Lehmann (IBM Research - Zurich); Gregory Neven (DFINITY); Patrick Towa (IBM Research - Zurich/ ENS and PSL Research University)