Vienna, July 8-12, 2024

9th IEEE European Symposium on Security and Privacy

Accepted Papers

(Deep) Learning of Android Access Control Recommendation from Static Execution Paths Dheeraj Vagavolu (University of Waterloo), Yousra Aafer (University of Waterloo), Mei Nagappan (University of Waterloo)
(Strong) aPAKE Revisited: Capturing Multi-User Security and Salting Dennis Dayanikli (Hasso-Plattner-Institute, University of Potsdam), Anja Lehmann (Hasso-Plattner-Institute, University of Potsdam)
Activity Recognition Protection for IoT Trigger-Action Platforms Mahmoud Aghvamipanah (Sharif University of Technology), Morteza Amini (Sharif University of Technology), Cyrille Artho (KTH Royal Institute of Technology), Musard Balliu (KTH Royal Institute of Technology)
Are We There Yet? Filling the Gap Between ML-Based Binary Similarity Analysis and Binary Software Composition Analysis. Huaijin Wang (Hong Kong University of Science and Technology), Zhibo Liu (Hong Kong University of Science and Technology), Shuai Wang (Hong Kong University of Science and Technology), Ying Wang (Northeastern University (China)), Qiyi Tang (Keen Security Lab, Tencent), Sen Nie (Keen Security Lab, Tencent), Shi Wu (Keen Security Lab, Tencent)
Bad Design Smells in Benchmark NIDS Datasets Robert Flood (University of Edinburgh), Gints Engelen (DistriNet, KU Leuven), David Aspinall (University of Edinburgh), Lieven Desmet (DistriNet, KU Leuven)
Can Allowlists Capture the Variability of Home IoT Device Network Behavior? Weijia He (Dartmouth University), Kevin Bryson (University of Chicago), Ricardo Calderon (University of Chicago), Vijay Prakash (New York University), Nick Feamster (University of Chicago), Danny Yuxing Huang (New York University), Blase Ur (University of Chicago)
chainBoost: A Secure Performance Booster for Blockchain-based Resource Markets Zahra Motaqy (University of Connecticut), Mohamed E. Najd (University of Connecticut), Ghada Almashaqbeh (University of Connecticut)
Communication-Efficient Secure Logistic Regression Amit Agarwal (University of Illinois Urbana-Champaign), Stanislav Peceny (Georgia Tech), Mariana Raykova (Google), Phillipp Schoppmann (Google), Karn Seth (Google)
CSRF-ing the SSO waves: security testing of SSO-based account linking process Andrea Bisegna (Fondazione Bruno Kessler (Italy) and Futuro & Conoscenza (Italy)), Matteo Bitussi (Fondazione Bruno Kessler (Italy)), Roberto Carbone (Fondazione Bruno Kessler (Italy)), Luca Compagna (SAP Labs (France)), Silvio Ranise (Fondazione Bruno Kessler (Italy) and Department of Mathematics, University of Trento (Italy)), Avinash Sudhodanan (Independent Researcher)
David and Goliath: An Empirical Evaluation of Attacks and Defenses for QNNs at the Deep Edge Miguel Costa (Universidade do Minho), Sandro Pinto (Universidade do Minho)
DeGhost: Unmasking Phantom Intrusions in Autonomous Recognition Systems Hotaka Oyama (Waseda University), Ryo Iijima (AIST, Waseda University), Tatsuya Mori (Waseda University, NICT, RIKEN AIP)
DISC-NG: Robust Service Discovery in the Ethereum Global Network Michal Król (City, University of London), Onur Ascigil (Lancaster University), Sergi Rene (University College London), Alberto Sonnino (MystenLabs & University College London), Matthieu Pigaglio (UCLouvain), Ramin Sadre (UCLouvain), Felix Lange (Ethereum Foundation), Etienne Rivière (UCLouvain)
DNS Exfiltration Guided by Generative Adversarial Networks Abdulrahman Fahim (University of California, Riverside), Shitong Zhu (University of California, Riverside), Zhiyun Qian (University of California, Riverside), Chengyu Song (University of California, Riverside), Vagelis Papalexakis (University of California, Riverside), Supriyo Chakraborty (IBM T.J. Watson Research Center), Kevin Chan (Army Research Lab), Paul Yu (Army Research Lab), Trent Jaeger (The Pennsylvania State University), Srikanth V. Krishnamurthy (University of California, Riverside), Supriyo Chakraborty (IBM T.J. Watson Research Center)
Dynamic Frequency-Based Side-Channel Attacks against Modern Sandbox Environments Debopriya Roy Dipta (Iowa State University), Thore Tiemann (University of Luebeck), Berk Gulmezoglu (Iowa State University), Eduard Marin (Telefonica Research), Thomas Eisenbarth (University of Luebeck)
Efficient and Secure Two Party Maximum Computing via Incremental Distributed Point Functions Nan Cheng (University of St. Gallen), Aikaterini Mitrokotsa (University of St. Gallen), Feng Zhang (Nanyang Institute of Technology), Frank Hartmann (University of St. Gallen)
Faster Homomorphic DFT and Speech Analysis for Torus Fully Homomorphic Encryption Kang Hoon Lee (Korea University, School of Cyber Security), YoungBae Jeon (Samsung Research), Ji Won Yoon (Korea University, School of Cyber Security)
FHEDA: Efficient Circuit Synthesis with Reduced Bootstrapping for Torus FHE Animesh Singh (Indian Institute of Technology, Kharagpur), Smita Das (Indian Institute of Technology, Kharagpur), Anirban Chakraborty (Indian Institute of Technology, Kharagpur), Rajat Sadhukhan (Indian Institute of Technology, Kharagpur), Ayantika Chatterjee (Indian Institute of Technology, Kharagpur), Debdeep Mukhopadhyay (Indian Institute of Technology, Kharagpur)
Fingerprinting Image-to-Image Generative Adversarial Networks Guanlin Li (Nanyang Technological University), Guowen Xu (City University of Hong Kong), Han Qiu (Tsinghua University), Shangwei Guo (Chongqing University), Run Wang (Wuhan University), Jiwei Li (Zhejiang University), Tianwei Zhang (Nanyang Technological University), Rongxing Lu (University of New Brunswick)
GOTCHA: Real-Time Video Deepfake Detection via Challenge-Response Govind Mittal (New York University), Chinmay Hegde (New York University), Nasir Memon (New York University)
Green Security: A Framework for Measurement and Optimization of Energy Consumption of Cybersecurity Solutions Sagi Brudni (Ben Gurion University of the Negev), Sapir Anidgar (Ben Gurion University of the Negev), Oleg Brodt (Ben Gurion University of the Negev), Dudu Mimran (Ben Gurion University of the Negev), Yuval Elovici (Ben Gurion University of the Negev), Asaf Shabtai (Ben Gurion University of the Negev)
How Many Hands in the Cookie Jar? Examining Privacy Implications of Popular Apps in India Koustuv Kanungo (Indraprastha Institute of Information Technology, New Delhi), Aairah Bari (Indraprastha Institute of Information Technology, New Delhi), Rahul Khatoliya (Indraprastha Institute of Information Technology, New Delhi), Vishrut Arora (Indraprastha Institute of Information Technology, New Delhi), Arani Bhattacharya (Indraprastha Institute of Information Technology, New Delhi), Mukulika Maity (Indraprastha Institute of Information Technology, New Delhi), Sambuddho (Indraprastha Institute of Information Technology, New Delhi)
Learning-Based Difficulty Calibration for Enhanced Membership Inference Attacks Haonan Shi (Case Western Reserve University), Tu Ouyang (Independent Researcher), An Wang (Case Western Reserve University)
Memory Tagging using Cryptographic Memory Integrity on Commodity x86 CPUs David Schrammel (Graz, University of Technology), Martin Unterguggenberger (Graz, University of Technology), Lukas Lamster (Graz, University of Technology), Salmin Sultana (Intel Labs), Karanvir Grewal (Intel Labs), Michael LeMay (Intel Labs), David M. Durham (Intel Labs), Stefan Mangard (Graz, University of Technology)
Metadata Privacy Beyond Tunneling for Instant Messaging Boel Nelson (Aarhus University), Elena Pagnin (Chalmers University of Technology), Aslan Askarov (Aarhus University)
MQ on my Mind: Post-Quantum Signatures from the Non-Structured Multivariate Quadratic Problem Ryad Benadjila (CryptoExperts), Thibauld Feneuil (CryptoExperts, Sorbonne Université), Matthieu Rivain (CryptoExperts)
MtdScout: Complementing the Identification of Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search Zicheng Zhang (Singapore Management University), Haoyu Ma (Zhejiang Lab), Daoyuan Wu (The Chinese University of Hong Kong), Debin Gao (Singapore Management University), Xiao Yi (The Chinese University of Hong Kong), Yufan Chen (Xidian University), Yan Wu (Morgan Stanley China), Lingxiao Jiang (Singapore Management University)
Panacea: Stateless and Non-Interactive Oblivious RAM Kelong Cong (COSIC, KU Leuven), Debajyoti Das (COSIC, KU Leuven), Georgio Nicolas (COSIC, KU Leuven), Jeongeun Park (COSIC, KU Leuven)
PASA: Attack Agnostic Unsupervised Adversarial Detection using Prediction & Attribution Sensitivity Analysis Dipkamal Bhusal (Rochester Institute of Technology), Md Tanvirul Alam (Rochester Institute of Technology), Monish Kumar Manikya Veerabhadran (Rochester Institute of Technology), Michael Clifford (Toyota Motor North America), Sara Rampazzi (University of Florida), Nidhi Rastogi (Rochester Institute of Technology)
Porting to Morello: An In-depth Study on Compiler Behaviors, CERT Guideline Violations, and Security Implications Sami Ullah (University of Bristol), Awais Rashid (University of Bristol)
Practical Constructions for Single Input Functionality against a Dishonest Majority Zhelei Zhou (Zhejiang University), Bingsheng Zhang (Zhejiang University), Hong-Sheng Zhou (Virginia Commonwealth University), Kui Ren (Zhejiang University)
ProInspector: Uncovering Logical Bugs in Protocol Implementations Zichao Zhang (Carnegie Mellon University), Limin Jia (Carnegie Mellon University), Corina Pasareanu (Carnegie Mellon University)
SACfe: Secure Access Control in Functional Encryption with Unbounded Data Uddipana Dowerah (University of St Gallen, Switzerland), Subhranil Dutta (Indian Institute of Technology Kharagpur, India), Aikaterini Mitrokotsa (University of St Gallen, Switzerland), Sayantan Mukherjee (Indian Institute of Technology Jammu, India), Tapas Pal (NTT Social Informatics Laboratories, Japan), Frank Hartmann (University of St Gallen, Switzerland)
Secure compilation of rich smart contracts on poor UTXO blockchains Massimo Bartoletti (University of Cagliari), Riccardo Marchesin (University of Trento), Roberto Zunino (University of Trento)
Seeing is Not Always Believing: An Empirical Analysis of Fake Evidence Generators Zhaojie Hu (University of Central Florida), Jingzhou Ye (University of Central Florida), Yifan Zhang (Indiana University Bloomington), Xueqiang Wang (University of Central Florida)
SEKA: Secretless Key Exchange and Authentication in LiFi Networks Eric Ackermann (Fraunhofer HHI and HPI), Kai Lennert Bober (Fraunhofer HHI), Volker Jungnickel (Fraunhofer HHI), Anja Lehmann (HPI)
Share with Care: Breaking E2EE in Nextcloud Martin R. Albrecht (King's College London), Matilda Backendal (ETH Zurich), Daniele Coppola (ETH Zurich), Kenneth G. Paterson (ETH Zurich)
Single-Server PIR via NTRU-Based FHE: Simpler, Smaller, and Faster Han Xia (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences), Mingsheng Wang (State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences)
SoK: Public Randomness Alireza Kavousi (University College London), Zhipeng Wang (Imperial College London), Philipp Jovanovic (University College London)
SoK: SSO-Monitor - The Current State and Future Research Directions in Single Sign-On Security Measurements Louis Jannett (Ruhr University Bochum), Maximilian Westers (Heilbronn University of Applied Sciences), Tobias Wich (ecsec GmbH), Christian Mainka (Ruhr University Bochum), Andreas Mayer (Heilbronn University of Applied Sciences), Vladislav Mladenov (Ruhr University Bochum)
The IEMI Effect: On the Efficacy of PCB-level Countermeasures in Adversarial Environments Abdullah Zubair Mohammed (Virginia Tech), Louis Jenkins II (Virginia Tech), Rees Hatch (Utah State University), Gokcen Yilmaz Dayanikli (Qualcomm), Craig Simpson (Utah State University), Ryan Gerdes (Virginia Tech), Hongjie Wang (Utah State University)
The Web of Abuse: A Comprehensive Analysis of Online Resource in the Context of Technology-Enabled Intimate Partner Surveillance Majed Almansoori (University of Wisconsin-Madison), Mazharul Islam (University of Wisconsin-Madison), Saptarshi Ghosh (Indian Institute of Technology, Kharagpur), Mainack Mondal (Indian Institute of Technology, Kharagpur), Rahul Chatterjee (University of Wisconsin-Madison)
Trojan attribute inference attack on gradient boosting decision trees Kunihiro Ito (NEC Corporation), Batnyam Enkhtaivan (NEC Corporation), Isamu Teranishi (NEC Corporation), Jun Sakuma (Tokyo Institute of Technology / RIKEN AIP)
Uncovering the Role of Support Infrastructure in Clickbait PDF Campaigns Giada Stivala (CISPA Helmholtz Center for Information Security), Gianluca De Stefano (CISPA Helmholtz Center for Information Security), Andrea Mengascini (CISPA Helmholtz Center for Information Security), Mariano Graziano (Cisco Talos), Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)
Using Honeybuckets to Characterize Cloud Storage Scanning in the Wild Katherine Izhikevich (University of California San Diego), Geoffrey M. Voelker (University of California San Diego), Stefan Savage (University of California San Diego), Liz Izhikevich (Stanford University), Geoff Voelker (University of California San Diego), Stefan Savage (University of California San Diego)
Whispering Pixels: Exploiting Uninitialized Register Accesses in Modern GPUs Frederik Dermot Pustelnik (Technische Universität Berlin), Xhani Marvin Sass (Technische Universität Berlin), Jean-Pierre Seifert (Technische Universität Berlin)