Search results

  1. Fuzzing the PHP Interpreter via Dataflow Fusion

    Liang, National University of Singapore Distinguished Paper Award Winner PHP, a dominant scripting ... and availability of PHP servers. This paper introduces FlowFusion, the first automatic fuzzing ...

    admin - October 30, 2025 - 1:48 pm

  2. Finding Metadata Inconsistencies in Distributed File Systems via Cross-Node Operation Modeling

    paper presents a comprehensive study of metadata inconsistencies over the past five years across four ...

    admin - October 14, 2025 - 4:28 pm

  3. Lemon: Network-Wide DDoS Detection with Routing-Oblivious Per-Flow Measurement

    Wenhao Wu, Zhenyu Li, and Xilai Liu, Institute of Computing Technology, Chinese Academy of Sciences; University of Chinese Academy of Sciences; Zhaohua Wang and Heng Pan, Computer Network Information Center, Chinese Academy of Sciences; Guangxing Zhang, I ...

    admin - October 14, 2025 - 4:36 pm

  4. ORTHRUS: Achieving High Quality of Attribution in Provenance-based Intrusion Detection Systems

    Baoxiang Jiang, Xi'an Jiaotong University; Tristan Bilot, Université Paris-Saclay, LISITE– Isep, and Iriguard; Nour El Madhoun, LISITE – Isep; Khaldoun Al Agha, Université Paris-Saclay; Anis Zouaoui, Iriguard; Shahrear Iqbal, National Research Counci ...

    admin - October 30, 2025 - 2:42 pm

  5. BlueGuard: Accelerated Host and Guest Introspection Using DPUs

    Meni Orenbach, Rami Ailabouni, and Nael Masalha, NVIDIA; Thanh Nguyen, unaffiliated; Ahmad Saleh, Frank Block, Fritz Alder, Ofir Arkin, and Ahmad Atamli, NVIDIA Virtual Machine Introspection (VMI) is an essential technique for monitoring the runtime state ...

    admin - October 14, 2025 - 4:04 pm

  6. Arbitrary-Threshold Fully Homomorphic Encryption with Lower Complexity

    types of non-participants. In this paper, we propose an AThFHE scheme to handle all types of ...

    admin - October 14, 2025 - 3:48 pm

  7. The Silent Danger in HTTP: Identifying HTTP Desync Vulnerabilities with Gray-box Testing

    Desync, overlooking vulnerabilities in HTTP responses. In this paper, we present HDHunter, a novel ...

    admin - October 14, 2025 - 5:13 pm

  8. Principled and Automated Approach for Investigating AR/VR Attacks

    provenance graphs, or fail to work due to operational restrictions in AR/VR devices. This paper presents ...

    admin - October 14, 2025 - 4:53 pm

  9. SoK: Come Together – Unifying Security, Information Theory, and Cognition for a Mixed Reality Deception Attack Ontology & Analysis Framework

    cybersecurity challenges, particularly concerning deception attacks and their effects on humans. In this paper ...

    admin - October 14, 2025 - 3:49 pm

  10. Security Implications of Malicious G-Codes in 3D Printing

    Jost Rossel, Paderborn University; Vladislav Mladenov, Ruhr University Bochum; Nico Wördenweber and Juraj Somorovsky, Paderborn University The rapid growth of 3D printing technology has transformed a wide range of industries, enabling the on-demand produc ...

    admin - October 14, 2025 - 5:04 pm

  11. Detecting Compromise of Passkey Storage on the Cloud

    account login routines. In this paper, we present CASPER, the first passkey breach detection framework ...

    admin - October 14, 2025 - 4:16 pm

  12. Secure Caches for Compartmentalized Software

    them vulnerable to side-channel attacks. In this paper, we take on the problem of protecting ...

    admin - October 30, 2025 - 3:26 pm

  13. An Industry Interview Study of Software Signing for Supply Chain Security

    Kelechi G. Kalu, Tanmay Singla, Chinenye Okafor, Santiago Torres-Arias, and James C. Davis, Purdue University Many software products are composed of components integrated from other teams or external parties. Each additional link in a software product ...

    admin - October 30, 2025 - 2:37 pm

  14. Fighting Fire with Fire: Continuous Attack for Adversarial Android Malware Detection

    Yinyuan Zhang, School of Computer Science, Peking University; Key Laboratory of High Confidence Software Technologys (Peking University), Ministry of Education; Cuiying Gao, Huazhong University of Science and Technology; JD.com; Yueming Wu, Nanyang Techno ...

    admin - October 14, 2025 - 4:28 pm

  15. PoiSAFL: Scalable Poisoning Attack Framework to Byzantine-resilient Semi-asynchronous Federated Learning

    underexplored. To plug this gap and fully explore the vulnerability of SAFL, in this paper, we propose a scalable ...

    admin - October 14, 2025 - 4:53 pm

  16. Too Much of a Good Thing: (In-)Security of Mandatory Security Software for Financial Services in South Korea

    Taisic Yun, Theori Inc., KAIST; Suhwan Jeong, KAIST; Yonghwa Lee, Theori Inc.; Seungjoo Kim, Korea University; Hyoungshick Kim, Sungkyunkwan University; Insu Yun and Yongdae Kim, KAIST Motivated by real-world hacking incidents exploiting Korea Security Ap ...

    admin - October 14, 2025 - 5:13 pm

  17. "Threat modeling is very formal, it's very technical, and also very hard to do correctly": Investigating Threat Modeling Practices in Open-Source Software Projects

    Harjot Kaur, CISPA Helmholtz Center for Information Security; Carson Powers and Ronald E. Thompson III, Tufts University; Sascha Fahl, CISPA Helmholtz Center for Information Security; Daniel Votipka, Tufts University Vulnerabilities in open-source softwar ...

    admin - October 14, 2025 - 3:44 pm

  18. OneTouch: Effortless 2FA Scheme to Secure Fingerprint Authentication with Wearable OTP Token

    interfaces that are not available on these devices. In this paper, we propose a novel 2FA scheme termed ...

    admin - October 14, 2025 - 4:48 pm

  19. THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models

    post-deployment models. To protect the intellectual property of on-device DL models, in this paper, we propose ...

    admin - October 14, 2025 - 5:13 pm

  20. Beyond Statistical Estimation: Differentially Private Individual Computation via Shuffling

    each user requires a personalized output. This paper introduces a novel paradigm termed Private ...

    admin - October 14, 2025 - 4:03 pm

  21. AudioMarkNet: Audio Watermarking for Deepfake Speech Detection

    Wei Zong, Yang-Wai Chow, Willy Susilo, and Joonsang Baek, University of Wollongong; Seyit Camtepe, CSIRO Data61 Deep generative models have improved significantly in recent years to the point where generated fake images or audio are now indistinguishable ...

    admin - October 14, 2025 - 3:53 pm

  22. Improved Secure Two-party Computation from a Geometric Perspective

    such as truncation, signed extension, and signed non-uniform multiplication. This paper aims to ...

    admin - October 14, 2025 - 4:35 pm

  23. "That's my perspective from 30 years of doing this": An Interview Study on Practices, Experiences, and Challenges of Updating Cryptographic Code

    Alexander Krause, Harjot Kaur, Jan H. Klemmer, Oliver Wiese, and Sascha Fahl, CISPA Helmholtz Center for Information Security Keeping cryptographic code up to date and free of vulnerabilities is critical for overall software security. Updating algorithms ...

    admin - October 30, 2025 - 3:09 pm

  24. Provably Robust Multi-bit Watermarking for AI-generated Text

    Wenjie Qu, Wengrui Zheng, Tianyang Tao, Dong Yin, Yanze Jiang, and Zhihua Tian, National University of Singapore; Wei Zou and Jinyuan Jia, Pennsylvania State University; Jiaheng Zhang, National University of Singapore Large Language Models (LLMs) have dem ...

    admin - October 14, 2025 - 4:58 pm

  25. LLMmap: Fingerprinting for Large Language Models

    Dario Pasquini, RSAC Labs; Evgenios M. Kornaropoulos and Giuseppe Ateniese, George Mason University We introduce LLMmap, a first-generation fingerprinting technique targeted at LLM-integrated applications. LLMmap employs an active fingerprinting approach, ...

    admin - October 14, 2025 - 4:36 pm

Pages