default search action
43rd SP 2022: San Francisco, CA, USA
- 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE 2022, ISBN 978-1-6654-1316-9
- Jie Liang, Mingzhe Wang, Chijin Zhou, Zhiyong Wu, Yu Jiang, Jianzhong Liu, Zhe Liu, Jiaguang Sun:
PATA: Fuzzing with Path Aware Taint Analysis. 1-17 - Ju Chen, Jinghan Wang, Chengyu Song, Heng Yin:
JIGSAW: Efficient and Scalable Path Constraints Fuzzing. 18-35 - Heqing Huang, Yiyuan Guo, Qingkai Shi, Peisen Yao, Rongxin Wu, Charles Zhang:
BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning. 36-50 - Maria Leonor Pacheco, Max von Hippel, Ben Weintraub, Dan Goldwasser, Cristina Nita-Rotaru:
Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents. 51-68 - Bruno Blanchet, Vincent Cheval, Véronique Cortier:
ProVerif with Lemmas, Induction, Fast Subsumption, and Much More. 69-86 - Martin R. Albrecht, Lenka Mareková, Kenneth G. Paterson, Igors Stepanovs:
Four Attacks and a Proof for Telegram. 87-106 - Son Ho, Jonathan Protzenko, Abhishek Bichhawat, Karthikeyan Bhargavan:
Noise*: A Library of Verified High-Performance Secure Channel Protocol Implementations. 107-124 - Cas Cremers, Caroline Fontaine, Charlie Jacomme:
A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols. 125-141 - Sonia Belaïd, Darius Mercadier, Matthieu Rivain, Abdul Rahman Taleb:
IronMask: Versatile Verification of Masking Security. 142-160 - Priyanka Bose, Dipanjan Das, Yanju Chen, Yu Feng, Christopher Kruegel, Giovanni Vigna:
SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds. 161-178 - Samuel Steffen, Benjamin Bichsel, Roger Baumgartner, Martin T. Vechev:
ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs. 179-197 - Kaihua Qin, Liyi Zhou, Arthur Gervais:
Quantifying Blockchain Extractable Value: How dark is the forest? 198-214 - Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Nils Wenzler, Tim Würtele:
A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verification. 215-234 - Hernán Ponce de León, Johannes Kinder:
Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attacks. 235-248 - Mustafa Abdallah, Daniel Woods, Parinaz Naghizadeh, Issa Khalil, Timothy N. Cason, Shreyas Sundaram, Saurabh Bagchi:
TASHAROK: Using Mechanism Design for Enhancing Security Resource Allocation in Interdependent Systems. 249-266 - Sophie Stephenson, Bijeeta Pal, Stephen Fan, Earlence Fernandes, Yuhang Zhao, Rahul Chatterjee:
SoK: Authentication in Augmented and Virtual Reality. 267-284 - Haotian Chi, Chenglong Fu, Qiang Zeng, Xiaojiang Du:
Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks. 285-302 - Haojian Jin, Gram Liu, David Hwang, Swarun Kumar, Yuvraj Agarwal, Jason I. Hong:
Peekaboo: A Hub-Based Approach to Enable Transparency in Data Processing within Smart Homes. 303-320 - Shixuan Zhao, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin:
vSGX: Virtualizing SGX Enclaves on AMD SEV. 321-336 - Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, Yinqian Zhang:
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP. 337-351 - Jinwen Wang, Ao Li, Haoran Li, Chenyang Lu, Ning Zhang:
RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone. 352-369 - Hongyan Xia, David Zhang, Wei Liu, István Haller, Bruce Sherwin, David Chisnall:
A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilities. 370-385 - Lei Zhou, Xuhua Ding, Fengwei Zhang:
Smile: Secure Memory Introspection for Live Enclave. 386-401 - Önder Askin, Tim Kutta, Holger Dette:
Statistical Quantification of Differential Privacy: A Local Approach. 402-421 - Mingxun Zhou, Tianhao Wang, T.-H. Hubert Chan, Giulia Fanti, Elaine Shi:
Locally Differentially Private Sparse Vector Aggregation. 422-439 - Albert Cheu, Maxim Zhilyaev:
Differentially Private Histograms in the Shuffle Model from Fake Users. 440-457 - Miranda Christ, Sarah Radway, Steven M. Bellovin:
Differential Privacy and Swapping: Examining De-Identification's Impact on Minority Representation and Privacy Preservation in the U.S. Census. 457-472 - Jiankai Jin, Eleanor McMurtry, Benjamin I. P. Rubinstein, Olga Ohrimenko:
Are We There Yet? Timing and Floating-Point Attacks on Differential Privacy Systems. 473-488 - Jun Zeng, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, Zheng Leong Chua:
SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit Records. 489-506 - Saravanan Thirumuruganathan, Mohamed Nabeel, Euijin Choo, Issa Khalil, Ting Yu:
SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors. 507-521 - Thijs van Ede, Hojjat Aghakhani, Noah Spahn, Riccardo Bortolameotti, Marco Cova, Andrea Continella, Maarten van Steen, Andreas Peter, Christopher Kruegel, Giovanni Vigna:
DEEPCASE: Semi-Supervised Contextual Analysis of Security Events. 522-539 - Zhiqiang Xu, Pengcheng Fang, Changlin Liu, Xusheng Xiao, Yu Wen, Dan Meng:
DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigation. 540-557 - Eric Pauley, Ryan Sheatsley, Blaine Hoak, Quinn Burke, Yohan Beugin, Patrick D. McDaniel:
Measuring and Mitigating the Risk of IP Reuse on Public Clouds. 558-575 - Deevashwer Rathee, Anwesh Bhattacharya, Rahul Sharma, Divya Gupta, Nishanth Chandran, Aseem Rastogi:
SecFloat: Accurate Floating-Point meets Secure 2-Party Computation. 576-595 - Liang Feng Zhang, Huaxiong Wang:
Multi-Server Verifiable Computation of Low-Degree Polynomials. 596-613 - Amit Seal Ami, Nathan Cooper, Kaushal Kafle, Kevin Moran, Denys Poshyvanyk, Adwait Nadkarni:
Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques. 614-631 - Jan Jancar, Marcel Fourné, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar:
"They're not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks. 632-649 - Xuancheng Jin, Xuangan Xiao, Songlin Jia, Wang Gao, Dawu Gu, Hang Zhang, Siqi Ma, Zhiyun Qian, Juanru Li:
Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPK. 650-665 - Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan:
SoK: Practical Foundations for Software Spectre Defenses. 666-680 - Youssef Tobah, Andrew Kwong, Ingab Kang, Daniel Genkin, Kang G. Shin:
SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks. 681-698 - Ayush Agarwal, Sioli O'Connell, Jason Kim, Shaked Yehezkel, Daniel Genkin, Eyal Ronen, Yuval Yarom:
Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution. 699-715 - Patrick Jattke, Victor van der Veen, Pietro Frigo, Stijn Gunter, Kaveh Razavi:
BLACKSMITH: Scalable Rowhammering in the Frequency Domain. 716-734 - Michele Marazzi, Patrick Jattke, Flavien Solt, Kaveh Razavi:
ProTRR: Principled yet Optimal In-DRAM Target Row Refresh. 735-753 - Hammond Pearce, Baleegh Ahmad, Benjamin Tan, Brendan Dolan-Gavitt, Ramesh Karri:
Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions. 754-768 - Eugene Bagdasaryan, Vitaly Shmatikov:
Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures. 769-786 - Nils Lukas, Edward Jiang, Xinda Li, Florian Kerschbaum:
SoK: How Robust is Image Classification Deep Neural Network Watermarking? 787-804 - Federico Barbero, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro:
Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drift. 805-823 - Jialuo Chen, Jingyi Wang, Tinglan Peng, Youcheng Sun, Peng Cheng, Shouling Ji, Xingjun Ma, Bo Li, Dawn Song:
Copy, Right? A Testing Framework for Copyright Protection of Deep Learning Models. 824-841 - Daniele Lain, Kari Kostiainen, Srdjan Capkun:
Phishing in Organizations: Findings from a Large-Scale and Long-Term Study. 842-859 - Christian Stransky, Oliver Wiese, Volker Roth, Yasemin Acar, Sascha Fahl:
27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University. 860-875 - Omer Akgul, Richard Roberts, Moses Namara, Dave Levin, Michelle L. Mazurek:
Investigating Influencer VPN Ads on YouTube. 876-892 - Marco Gutfleisch, Jan H. Klemmer, Niklas Busch, Yasemin Acar, M. Angela Sasse, Sascha Fahl:
How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study. 893-910 - Sacha Servan-Schreiber, Simon Langowski, Srinivas Devadas:
Private Approximate Nearest Neighbor Search with Sublinear Communication. 911-929 - Samir Jordan Menon, David J. Wu:
SPIRAL: Fast, High-Rate Single-Server PIR via FHE Composition. 930-947 - Michael Rosenberg, Mary Maller, Ian Miers:
SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofs. 948-965 - Ding Wang, Yunkai Zou, Qiying Dong, Yuanming Song, Xinyi Huang:
How to Attack and Generate Honeywords. 966-983 - Yan Jiang, Xiaoyu Ji, Kai Wang, Chen Yan, Richard Mitev, Ahmad-Reza Sadeghi, Wenyuan Xu:
WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreens. 984-1001 - Patrick Cronin, Xing Gao, Haining Wang, Chase Cotton:
Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprints. 1002-1017 - John V. Monaco:
Device Fingerprinting with Peripheral Timestamps. 1018-1033 - Long Huang, Chen Wang:
PCR-Auth: Solving Authentication Puzzle Challenge with Encoded Palm Contact Response. 1034-1048 - Alyssa Milburn, Erik van der Kouwe, Cristiano Giuffrida:
Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation. 1049-1065 - Nicola Ruaro, Fabio Pagani, Stefano Ortolani, Christopher Kruegel, Giovanni Vigna:
SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros. 1066-1081 - Fabio Gritti, Fabio Pagani, Ilya Grishchenko, Lukas Dresel, Nilo Redini, Christopher Kruegel, Giovanni Vigna:
HEAPSTER: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images. 1082-1099 - Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Yuyan Bao:
SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications. 1100-1119 - Saeed Mahloujifar, Esha Ghosh, Melissa Chase:
Property Inference from Poisoning. 1120-1137 - Borja Balle, Giovanni Cherubin, Jamie Hayes:
Reconstructing Training Data with Informed Adversaries. 1138-1156 - Adnan Siraj Rakin, Md Hafizul Islam Chowdhuryy, Fan Yao, Deliang Fan:
DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories. 1157-1174 - Yun Shen, Xinlei He, Yufei Han, Yang Zhang:
Model Stealing Attacks Against Inductive Graph Neural Networks. 1175-1192 - Giovanni Camurati, Aurélien Francillon:
Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security. 1193-1210 - Suryoday Basak, Mahanth Gowda:
mmSpy: Spying Phone Calls using mmWave Radars. 1211-1228 - Jiska Classen, Francesco Gringoli, Michael Hermann, Matthias Hollick:
Attacks on Wireless Coexistence: Exploiting Cross-Technology Performance Features for Inter-Chip Privilege Escalation. 1229-1245 - Haoqi Shan, Boyi Zhang, Zihao Zhan, Dean Sullivan, Shuo Wang, Yier Jin:
Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices. 1246-1262 - Ruomu Hou, Haifeng Yu, Prateek Saxena:
Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchains. 1263-1280 - Muhammed F. Esgin, Ron Steinfeld, Raymond K. Zhao:
MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments. 1281-1298 - Sri Aravinda Krishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez:
Universal Atomic Swaps: Secure Exchange of Coins Across All Blockchains. 1299-1316 - Sisi Duan, Haibin Zhang:
Foundations of Dynamic BFT. 1317-1334 - Robin Vassantlal, Eduardo Alchieri, Bernardo Ferreira, Alysson Bessani:
COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Services. 1335-1353 - Virat Shejwalkar, Amir Houmansadr, Peter Kairouz, Daniel Ramage:
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning. 1354-1371 - Guanhong Tao, Yingqi Liu, Guangyu Shen, Qiuling Xu, Shengwei An, Zhuo Zhang, Xiangyu Zhang:
Model Orthogonalization: Class Distance Hardening in Neural Networks for Better Security. 1372-1389 - Shangyu Xie, Han Wang, Yu Kong, Yuan Hong:
Universal 3-Dimensional Perturbations for Black-Box Attacks on Video Recognition Systems. 1390-1407 - Rui Zhang, Jian Liu, Yuan Ding, Zhibo Wang, Qingbiao Wu, Kui Ren:
"Adversarial Examples" for Proof-of-Learning. 1408-1422 - Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang:
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings. 1423-1439 - Zihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, Xenofon D. Koutsoukos:
Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors. 1440-1457 - Yanan Guo, Andrew Zigerelli, Youtao Zhang, Jun Yang:
Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks. 1458-1473 - Andreas Kogler, Daniel Weber, Martin Haubenwallner, Moritz Lipp, Daniel Gruss, Michael Schwarz:
Finding and Exploiting CPU Features using MSR Templating. 1474-1490 - Jose Rodrigo Sanchez Vicarte, Michael Flanders, Riccardo Paccagnella, Grant Garrett-Grossman, Adam Morrison, Christopher W. Fletcher, David Kohlbrenner:
Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest. 1491-1505 - Junpeng Wan, Yanxiang Bi, Zhe Zhou, Zhou Li:
MeshUp: Stateless Cache Side-channel Attack on CPU Mesh. 1506-1524 - Zihao Jin, Ziqiao Kong, Shuo Chen, Haixin Duan:
Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation. 1525-1539 - Zhiju Yang, Weiping Pei, Monchu Chen, Chuan Yue:
WTAGRAPH: Web Tracking and Advertising Detection using Graph Neural Networks. 1540-1557 - Jiajun Gong, Wuqi Zhang, Charles Zhang, Tao Wang:
Surakav: Generating Realistic Traces for a Strong Website Fingerprinting Defense. 1558-1573 - Alan Romano, Daniel Lehmann, Michael Pradel, Weihang Wang:
Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly. 1574-1589 - Soheil Khodayari, Giancarlo Pellegrino:
The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies. 1590-1607 - Zhenghao Hu, Brendan Dolan-Gavitt:
IRQDebloat: Reducing Driver Attack Surface in Embedded Devices. 1608-1622 - Jiawei Yin, Menghao Li, Wei Wu, Dandan Sun, Jianhua Zhou, Wei Huo, Jingling Xue:
Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis. 1623-1637 - Marton Bognar, Jo Van Bulck, Frank Piessens:
Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures. 1638-1655 - Julian Speith, Florian Schweins, Maik Ender, Marc Fyrbiak, Alexander May, Christof Paar:
How Not to Protect Your IP - An Industry-Wide Break of IEEE 1735 Implementations. 1656-1671 - Animesh Chhotaray, Thomas Shrimpton:
Hardening Circuit-Design IP Against Reverse-Engineering Attacks. 1672-1689 - Hadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, Aaron Schulman:
Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices. 1690-1704 - Paul Staat, Simon Mulzer, Stefan Roth, Veelasha Moonsamy, Markus Heinrichs, Rainer Kronberger, Aydin Sezgin, Christof Paar:
IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensing. 1705-1721 - Paul Staat, Johannes Tobisch, Christian T. Zenger, Christof Paar:
Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems. 1722-1736 - Andreea-Ina Radu, Tom Chothia, Christopher J. P. Newton, Ioana Boureanu, Liqun Chen:
Practical EMV Relay Protection. 1737-1756 - Pengfei Hu, Hui Zhuang, Panneer Selvam Santhalingam, Riccardo Spolaor, Parth H. Pathak, Guoming Zhang, Xiuzhen Cheng:
AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabulary. 1757-1773 - Mohammad Ghasemisharif, Chris Kanich, Jason Polakis:
Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments. 1774-1790 - Adil Ahmad, Sangho Lee, Marcus Peinado:
HARDLOG: Practical Tamper-Proof System Auditing Using a Novel Audit Device. 1791-1807 - Chijung Jung, Ali Ahad, Yuseok Jeon, Yonghwi Kwon:
SWARMFLAWFINDER: Discovering and Exploiting Logic Flaws of Swarm Algorithms. 1808-1825 - Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu:
PGPatch: Policy-Guided Logic Bug Patching for Robotic Vehicles. 1826-1844 - Ananta Soneji, Faris Bugra Kokulu, Carlos E. Rubio-Medrano, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé:
"Flawed, but like democracy we don't have a better system": The Experts' Insights on the Peer Review Process of Evaluating Security Papers. 1845-1862 - Yuxi Wu, W. Keith Edwards, Sauvik Das:
SoK: Social Cybersecurity. 1863-1879 - Dominik Wermke, Noah Wöhler, Jan H. Klemmer, Marcel Fourné, Yasemin Acar, Sascha Fahl:
Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects. 1880-1896 - Nicholas Carlini, Steve Chien, Milad Nasr, Shuang Song, Andreas Terzis, Florian Tramèr:
Membership Inference Attacks From First Principles. 1897-1914 - Se Eun Oh, Taiji Yang, Nate Mathews, James K. Holland, Mohammad Saidur Rahman, Nicholas Hopper, Matthew Wright:
DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplification. 1915-1932 - Kyle Hogan, Sacha Servan-Schreiber, Zachary Newman, Ben Weintraub, Cristina Nita-Rotaru, Srinivas Devadas:
ShorTor: Improving Tor Network Latency via Multi-hop Overlay Routing. 1933-1952 - Adithya Vadapalli, Kyle Storrier, Ryan Henry:
Sabre: Sender-Anonymous Messaging with Fast Audits. 1953-1970 - James K. Howes IV, Marios Georgiou, Alex J. Malozemoff, Thomas Shrimpton:
Security Foundations for Application-Based Covert Communication Channels. 1971-1986 - Nicholas Boucher, Ilia