Search results

  1. Whispering Under the Eaves: Protecting User Privacy Against Commercial and LLM-powered Automatic Speech Recognition Systems

    paper, we concentrate on using adversarial examples to mitigate unauthorized disclosure of speech privacy ...

    admin - October 13, 2025 - 7:04 pm

  2. Exposing the Guardrails: Reverse-Engineering and Jailbreaking Safety Filters in DALL·E Text-to-Image Pipelines

    Corban Villa, New York University Abu Dhabi; Shujaat Mirza, New York University; Christina Pöpper, New York University Abu Dhabi Distinguished Artifact Award Winner We investigate the specific design and implementation of safety guardrails in black-box te ...

    admin - October 13, 2025 - 4:42 pm

  3. A Comprehensive Formal Security Analysis of OPC UA

    Vincent Diemunsch, ANSSI and Université de Lorraine, CNRS, Inria, LORIA, France; Lucca Hirschi and Steve Kremer, Université de Lorraine, CNRS, Inria, LORIA, France OPC UA is a standardized Industrial Control System (ICS) protocol, deployed in critical inf ...

    admin - October 30, 2025 - 2:42 pm

  4. Engorgio: An Arbitrary-Precision Unbounded-Size Hybrid Encrypted Database via Quantized Fully Homomorphic Encryption

    Song Bian, Haowen Pan, Jiaqi Hu, Zhou Zhang, and Yunhao Fu, Beihang University; Jiafeng Hua, Huawei Technology; Yi Chen and Bo Zhang, Beijing Academy of Blockchain and Edge Computing; Yier Jin, University of Science and Technology of China; Jin Dong, Beij ...

    admin - October 14, 2025 - 3:21 pm

  5. Efficient Multi-Party Private Set Union Without Non-Collusion Assumptions

    Minglang Dong, School of Cyber Science and Technology, Shandong University; Quan Cheng Laboratory; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University; Cong Zhang, Institute for Advanced Study, BNR ...

    admin - October 13, 2025 - 4:50 pm

  6. Await() a Second: Evading Control Flow Integrity by Hijacking C++ Coroutines

    exploitation. This paper introduces Coroutine Frame-Oriented Programming (CFOP), a novel code reuse attack that ...

    admin - October 14, 2025 - 3:09 pm

  7. Posthammer: Pervasive Browser-based Rowhammer Attacks with Postponed Refresh Commands

    Finn de Ridder, Patrick Jattke, and Kaveh Razavi, ETH Zurich Rowhammer attacks are pervasive in client systems when launched natively. The biggest Rowhammer threat for such systems, however, lies in the browser. Our large-scale evaluation of browser-based ...

    admin - October 30, 2025 - 2:35 pm

  8. The DOMino Effect: Detecting and Exploiting DOM Clobbering Gadgets via Concolic Execution with Symbolic DOM

    been seen before. In this paper, we present Hulk, the first dynamic analysis framework to automatically ...

    admin - October 14, 2025 - 3:20 pm

  9. Enhanced Label-Only Membership Inference Attacks with Fewer Queries

    Hao Li, Institute of Software, Chinese Academy of Sciences; Zheng Li, Shandong University; Siyuan Wu, Yutong Ye, Min Zhang, and Dengguo Feng, Institute of Software, Chinese Academy of Sciences; Yang Zhang, CISPA Helmholtz Center for Information Security M ...

    admin - October 30, 2025 - 2:33 pm

  10. HateBench: Benchmarking Hate Speech Detectors on LLM-Generated Content and Hate Campaigns

    largely unknown. In this paper, we propose HateBench, a framework for benchmarking hate speech detectors ...

    admin - October 13, 2025 - 4:30 pm

  11. Synthesis of Code-Reuse Attacks from p-code Programs

    Mark DenHoed and Tom Melham, University of Oxford We present a new method for automatically synthesizing code-reuse attacks—for example, using Return Oriented Programming—based on mechanized formal logic. Our method reasons about machine code via abstract ...

    admin - October 13, 2025 - 4:33 pm

  12. TYPEPULSE: Detecting Type Confusion Bugs in Rust Programs

    solutions in C/C++ cannot be directly applied to Rust. In this paper, we develop a static analysis tool ...

    admin - October 14, 2025 - 2:59 pm

  13. Bots can Snoop: Uncovering and Mitigating Privacy Risks of Bots in Group Chats

    policies to limit chatbot access, no platforms successfully combine these features. This paper introduces ...

    admin - October 30, 2025 - 2:21 pm

  14. Learning from Functionality Outputs: Private Join and Compute in the Real World

    Francesca Falzon, ETH Zürich; Tianxin Tang, Eindhoven University of Technology Private Join and Compute (PJC) is a two-party protocol recently proposed by Google for various use-cases, including ad conversion (Asiacrypt 2021) and which generalizes their d ...

    admin - October 14, 2025 - 3:12 pm

  15. Catch-22: Uncovering Compromised Hosts using SSH Public Keys

    Paper Award Winner Attackers regularly use SSH (Secure SHell) to compromise systems, e.g., via ... targeted clean-up efforts. In this paper, we present a method to identify compromised SSH servers at scale. ...

    admin - October 30, 2025 - 2:46 pm

  16. Chimera: Creating Digitally Signed Fake Photos by Fooling Image Recapture and Deepfake Detectors

    specialized for detecting image recaptures. This paper introduces Chimera, an end-to-end attack strategy that ...

    admin - October 13, 2025 - 7:01 pm

  17. Voluntary Investment, Mandatory Minimums, or Cyber Insurance: What Minimizes Losses?

    process remains far more of an art than a science. This paper introduces a novel method for quantitatively ...

    admin - October 16, 2025 - 11:53 am

  18. HawkEye: Statically and Accurately Profiling the Communication Cost of Models in Multi-party Learning

    efforts in a monotonous procedure. In this paper, we propose HawkEye, a static model communication cost ...

    admin - October 13, 2025 - 6:16 pm

  19. Available Attestation: Towards a Reorg-Resilient Solution for Ethereum Proof-of-Stake

    Mingfei Zhang, Shandong University; Rujia Li, Tsinghua University; Xueqian Lu, Independent Reseacher; Sisi Duan, Tsinghua University Ethereum transitioned from Proof-of-Work consensus to Proof-of-Stake (PoS) consensus in September 2022. While this upgrade ...

    admin - October 13, 2025 - 4:46 pm

  20. Voting-Bloc Entropy: A New Metric for DAO Decentralization

    Andres Fabrega, Cornell University; Amy Zhao, IC3; Jay Yu, Stanford University; James Austgen, Cornell Tech; Sarah Allen, IC3 and Flashbots; Kushal Babel, Cornell Tech and IC3; Mahimna Kelkar, Cornell Tech; Ari Juels, Cornell Tech and IC3 Decentralized Au ...

    admin - October 13, 2025 - 4:46 pm

  21. Practical Keyword Private Information Retrieval from Key-to-Index Mappings

    Information Systems, Singapore Management University This paper introduces practical schemes for keyword ...

    admin - October 13, 2025 - 6:56 pm

  22. Tracking You from a Thousand Miles Away! Turning a Bluetooth Device into an Apple AirTag Without Root Privileges

    Junming Chen, Xiaoyue Ma, Lannan Luo, and Qiang Zeng, George Mason University Distinguished Artifact Award Winner Apple's Find My network, leveraging over a billion active Apple devices, is the world's largest device-locating network. We investi ...

    admin - October 30, 2025 - 3:25 pm

  23. Endangered Privacy: Large-Scale Monitoring of Video Streaming Services

    Martin Björklund and Romaric Duvignau, Chalmers University of Technology and University of Gothenburg Despite the widespread adoption of HTTPS for enhanced web privacy, encrypted network traffic may still leave traces that can lead to privacy breaches. On ...

    admin - October 30, 2025 - 2:20 pm

  24. FIXX: FInding eXploits from eXamples

    vulnerability in the application. In this paper, we propose FIXX, a tool that can automatically find multiple ...

    admin - October 30, 2025 - 2:47 pm

  25. Surviving in Dark Forest: Towards Evading the Attacks from Front-Running Bots in Application Layer

    Zuchao Ma, Muhui Jiang, Feng Luo, and Xiapu Luo, The Hong Kong Polytechnic University; Yajin Zhou, Zhejiang University Blockchains face significant risks from front-running attacks, leading to multi-billion USD losses. These attacks are often executed by ...

    admin - October 30, 2025 - 2:49 pm

Pages