Accepted Posters
The following posters will be presented at the USENIX Security '25 Poster Session and Happy Hour on Wednesday, August 13, from 5:00 pm–6:00 pm.
Does Safe == Secure?: An Empirical Study of Vulnerabilities in Safe Rust
Ruicheng Miao, Wake Forest University; Zhengjie Ji, Virginia Tech; Lingxiang Wang, unaffiliated; Ruide Zhang, Google DeepMind; Ying Zhang, Wake Forest University
Detecting Server Side Tracking in the Wild
Muhammad Jazlan, University of California, Davis
Navigating the Patchwork: Investigating the Availability \& Consistency of Security Advisories
Ronald E. Thompson III and Luke Boshar, Tufts University; Eugene Vasserman, Kansas State University; Daniel Votipka, Tufts University
Sunlight for Darcula: Bypassing Emotet-Based Array Canaries via Autonomous Function Call Resolution
Nathaniel Oh, Danilo Guesela, Anas Obeidat, and Paul Attie, Augusta University
Investigating the Benefits of Composable Emulation: Styx Emulator as a Case Study
Jordan Moore, Styx Emulator; Emilie Taylor, Kudu Dynamics; Ramesh Balaji, Work done as NSF REU student at Montana State University; Matthew Revelle, Montana State University; Kevin Orr, Kudu Dynamics
Efficacy of Full-Packet Encryption for Evasive VPNs
Amy Parker, California State University, Fullerton
PSYLOCKE: Provably Secure Logic Locking with Practical Efficiency
Yohei Watanabe and Kyoichi Asano, The University of Electro-Communications / AIST, Japan; Haruka Hirata and Tomoki Ono, The University of Electro-Communications, Japan; Mingyu Yang, Institute of Science Tokyo, Japan; Mitsugu Iwamoto and Yang Li, The University of Electro-Communications, Japan; Yuko Hara, Institute of Science Tokyo, Japan
Private information leakage from polygenic risk scores
Kirill Nikitin and Gamze Gürsoy, Columbia University & New York Genome Center
Attention-Guided Trust Management in LLM-Based Multi-Agent Systems
Pengfei He, Yue Xing, and Jiliang Tang, Michigan State University
TBD: Compact & Private Tor Relay Selection
Pichsereyvattana Chan, Georgetown University; Rachel Cummings, Columbia University; Harel Berger, Ariel University
Leveraging ASIC AI Chips for Homomorphic Encryption
Jianming Tong, Georgia Institute of Technology; Tianhao Huang, Massachusetts Institute of Technology; Leo de Castro, MIT; Anirudh Itagi, Georgia Institute of Technology; Jingtian Dang, Georgia Tech; Anupam Golder, Georgia Institute of Technology; Asra Ali and Jevin Jiang, Google; Arvind Arvind, MIT; G. Edward Suh, Cornell University / NVIDIA; Tushar Krishna, Georgia Institute of Technology
Privatar: Enabling Privacy-preserving Real-time Multi-user VR through Secure Outsourcing
Jianming Tong, Georgia Institute of Technology; Hanshen Xiao, Massachusetts Institute of Technology; Hao Kang, Georgia Institute of Technology; G. Edward Suh, Cornell University / NVIDIA; Tushar Krishna, Georgia Institute of Technology
FlyTrap: Physical Distance-Pulling Attack Towards Camera-based Autonomous Target Tracking Systems
Shaoyuan Xie, University of California Irvine; Mohamad Habib Fakih, Junchi Lu, Fayzah Alshammari, and Ningfei Wang, University of California, Irvine; Takami Sato, Keio University; Halima Bouzidi, University of California Irvine; Mohammad Al Faruque, UC Irvine; Alfred Chen, University of California, Irvine
Binary CKKS: A Non-Leveled Approximate-Number FHE Scheme
Baigang Chen and Dongfang Zhao, University of Washington
Qualcomm Trusted Application Emulation for Fuzzing Testing
Chun-I Fan, Li-En Chang, and Cheng-Han Shie, Department of Computer Science and Engineering, National Sun Yat-sen University
Emerging Security & Privacy Issues in Schools - A German Case Study
Rebecca Panskus and Karola Marky, Ruhr University Bochum
Poster: Federated and Secure Vector Database Management for Collaborative Retrieval-Augmented Generation in Privacy-Preserving AI Applications
Shubing Yang and Dongfang Zhao, University of Washington
Rethinking Adversarial Attacks on Vision-Language Models
Aofan Liu, Peking University; LuLu Tang, Beijing Academy of Artificial Intelligence
LLM-Based Explainable Few-Shot Deception Detection with Improved K-Shot Ordering and Selection
Christopher Denq and Rakesh Verma, University of Houston
Real-time Speech Watermark for Defending Hidden Phone Call Recording
Yizhu Wen, University of Hawaii at Manoa; Rui Duan, University of Missouri-Kansas City; Yisheng Zhong and Zhuangdi Zhu, George Mason University; Hanqing Guo, University of Hawaii at Manoa
APILOT: Improving the Security and Usability of LLM Code Suggestions via Outdated API Mitigation
Weiheng Bai, University of Minnesota; Keyang Xuan, University of Illinois; Pengxiang Huang, Northwestern University; Qiushi Wu, IBM Research; Jianing Wen, Jingjing Wu, and Kangjie Lu, University of Minnesota
Optimizing Python Vulnerability Detection with LLM-enhanced Rule Generation
Weiheng Bai and Kangjie Lu, University of Minnesota
M$^2$AFuzz: Enhancing Parallel Fuzzing of MQTT Broker with Multi-Agent Systems
Ruoyu Zhou, Zhiwei Zhang, Zehan Chen, and Yulong Shen, School of Computer Science and Technology, Xidian University, Xi'an, China; Shaanxi Key Laboratory of Network and System Security, Xidian University, Xi'an, China
Training the Human Firewall: Strengthening Phishing Defense with Visual Cues and Feedback
Arifa Islam Champa, Md Fazle Rabbi, Farjana Eishita, and Minhaz Zibran, Idaho State University
Enhancing Fuzzing Testing via LLM-Assisted Code Transformation
Andrew Bao, Stephen McCamant, and Pen-Chung Yew, University of Minnesota, Twin Cities
CPExploiter: Understanding the End-to-End Physical Attack Capability of Cyber-Attacks on Robotic Vehicles
Fayzah Alshammari, Dhruv Kandula, Mboutidem Ekemini Mkpong, Shaoyuan Xie, Mohammad Abdullah Al Faruque, and Qi Alfred Chen, University of California, Irvine
Feasibility of Digital Identity Brain Wallet with Non-Alphanumeric Private Key Seeds
Sushanth Ambati, Dylan Jablonski, Brian Pugliese, Charalampos Papachristou, Jack Myers, and Nikolay Ivanov, Rowan University
ICS-Sniper: Targeting the Blind Spot of Modern Industrial Control Systems
Gargi Mitra, Pritam Dash, Yingao (Elaine) Yao, and Alain Zhiyanov, University of British Columbia; Aastha Mehta, University of British Columbia, Vancouver; Karthik Pattabiraman, University of British Columbia
Real-World Backdoor Attacks Against Traffic Light Detection
Achyut Hegde, Yilin Ji, Qi Zhao, and Nikolai Polley, Karlsruhe Institute of Technology (KIT); Svetlana Pavlitska and J. Marius Zöllner, Karlsruhe Institute of Technology (KIT) and FZI Research Center for Information Technology; Alessandro Erba and Christian Wressnegger, Karlsruhe Institute of Technology (KIT)
Prolonged Risk: Vulnerability Lifecycles in Maven
Md Fazle Rabbi, Rajshakhar Paul, Arifa Islam Champa, and Minhaz Zibran, Idaho State University
Synthesizing and Deploying 2D Image Spoofing Attacks Against Vision-Based Autonomous Driving Systems
Li-Chen Cheng, University of California Irvine; Hrushikesh Varma Bhupathiraju, University of Florida; Shaoyuan Xie, University of California Irvine; Michael Clifford, Toyota InfoTech Labs; Sara Rampazzi, University of Florida; Qi Alfred Chen, University of California, Irvine
Explainable Malware Classification with Human-Readable Behavioral Description Using Disassembled Opcode Sequences
Laxmi Kanta Poudel, Gandaki College of Engineering and Science; Kshitiz Aryal, University of Nebraska Omaha; Sushil Poudel, Caldwell University
Targeted Proof of Asset Ownership
Sky Pelletier Waterpeace and Nikolay Ivanov, Rowan University, Glassboro, New Jersey
Credential Sharing for Postmortem Account Management in Digital Estate Planning
Jenny Tang, Xiaoyuan Wu, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor, Carnegie Mellon University
Approaches for More Effective ML-based Anomaly Detection in Industrial Control Systems
Clement Fung, Eric Zeng, and Lujo Bauer, Carnegie Mellon University
Obfuscation in the Wild: An Empirical Measurement of Obfuscation Techniques in Real-World Malware
Zhiyong Sui, Lamine Noureddine, Mst E Khatun, and Adam Ben Hmida, Louisiana State University; Hasan Abbas, Woodland high school; Aakash Bansal and Aisha Ali-Gombe, Louisiana State University
Efficient Storage Integrity in Adversarial Settings
Quinn Burke, Ryan Sheatsley, Yohan Beugin, Eric Pauley, Owen Hines, Michael M. Swift, and Patrick McDaniel, University of Wisconsin-Madison
Plausible Deniability in Fully Homomorphic Computation
Shahzad Ahmad and Stefan Rass, LIT Secure and Correct Systems Lab, Johannes Kepler University Linz, Austria; Zahra Seyedi, Department of Electronics, Information and Bioengineering, Polytechnic University of Milan, Milan, Italy
Bit by Bit, Qubit by Qubit: LLM Classification of Quantum Malware
Justin Woodring, Lamine Noureddine, and Aisha Ali-Gombe, Louisiana State University
SPHERE: A National Testbed for Reproducible Cybersecurity and Privacy Research
Jelena Mirkovic, David Balenson, and Erik Kline, USC Information Sciences Institute; David Choffnes and Daniel Dubois, Northeastern University; Geoff Lawler, Joseph Barnes, Yuri Pradkin, Christopher Tran, Srivatsan Ravi, Terry Benzel, and Alba Regalado, USC Information Sciences Institute; Luis Garcia, University of Utah; Ganesh Chennimalai Sankaran, RENCI
AFLGopher: Accelerating Directed Fuzzing via Feasibility-Aware Guidance
Weiheng Bai and Kefu Wu, University of Minnesota; Qiushi Wu, IBM Research; Kangjie Lu, University of Minnesota
An implementation and usability study of backups for hardware security keys
Brennan Duncan, Jiwoong Kang, and Daniel Zappala, Brigham Young University
Topic Modeling Web Content Over Time: Understanding a Decade of Internet Censorship Data
Peter Whiting, University of Waterloo; Nguyen Phong Hoang, University of British Columbia
PIR-RAG: A System for Private Information Retrieval in Retrieval-Augmented Generation
Baiqiang Wang, University of Washington; Qian Lou and Mengxin Zheng, University of Central Florida; Dongfang Zhao, University of Washington
Investigating Software Provenance Consistency in the Open Source Publishing Pipeline
Kelechi G. Kalu and James C. Davis, Purdue University
Understanding Vulnerability Detection Difficulties, a New Metric and an Explanation
Leizhen Zhang, UL Lafayette; Peiheng Ni and Ashikur Rahaman, University of Louisiana at Lafayette; Md Rabib Noor, UL Lafayette; Yi He, William & Mary; Sheng Chen, UL Lafayette
Honeymind: An Adaptive SSH Honeypot Powered by AI and Reinforcement Learning
Steve Nyamwaya and Sajad Khorsandroo, North Carolina A&T State University; Mahmoud Abdelsalam, North Carolina Agricultural and Technical State University
Fingerprinting & Obfuscation in QUIC using Fragmented Frames
Karthik Nishanth Sengottuvelavan, The University of British Columbia; Alexander Gamero-Garrido, UC Davis; Nguyen Phong Hoang, University of British Columbia
Impedance Side Channels: Profiling Software Integrity and Exploiting Cryptographic Leakage
Md Sadik Awal and Md Tauhidur Rahman, Florida International University
Web Intellectual Property at Risk: Preventing Unauthorized Real-Time Retrieval by Large Language Models
Yisheng Zhong, George Mason University; Yizhu Wen, University of Hawaii at Manoa; Junfeng Guo and Heng Huang, University of Maryland; Mehran Kafai, Amazon; Hanqing Guo, University of Hawaii at Manoa; Zhuangdi Zhu, George Mason University
Meta SecAlign: A Secure Foundation LLM Against Prompt Injection Attacks
Sizhe Chen, UC Berkeley, Meta; Arman Zharmagambetov, Meta; David Wagner, University of California, Berkeley; Chuan Guo, Meta
A Liveness Attack to Ethereum PoS with No Additional Cost
Mingfei Zhang, Shandong University; Rujia Li, Tsinghua University; Xueqian Lu, Independent Reseacher; Sisi Duan, Tsinghua University
Differential Privacy Meets Data Correlation: The MIC-DP Framework
Wenjun Yang and Eyhab Al-masri, University of Washington Tacoma; Olivera Kotevska, Oak Ridge National Laboratory
Uncovering New DNS Vulnerabilities with LLMs
R. Can Aygun, UCLA; Yehuda Afek, Tel-Aviv University; Anat Bremler Barr, Tel Aviv University; Leonard Kleinrock, UCLA Computer Science Dept
FairDeFace: Evaluating the Fairness and Adversarial Robustness of Face Obfuscation Methods
Seyyed Mohammad Sadegh Moosavi Khorzooghi, Shirin Nilizadeh, Poojitha Thota, and Gautam Das, The University of Texas at Arlington; Mohit Singhal, Northeastern University; Abolfazl Asudeh, University of Illinois Chicago
Fingerprinting QUIC browser clients
Seungju Lee, Princeton University
Personalization of facial recognition prevention techniques
Paweł Borsukiewicz and Tegawendé F. Bissyandé, University of Luxembourg
VAlign-GLAR: Graph Retrieval-Based Vulnerability Intelligence Alignment via Structured LLM-Guided Inference
Lihua Wang, Jiaojiao Jiang, and Salil S. Kanhere, University of New South Wales; Jiamou Sun and Zhenchang Xing, CSIRO's Data61; Sanjay Jha, UNSW Sydney
SemFinder: A Semantics-Based Approach to Enhance Vulnerability Analysis in Web Applications
Neil P. Thimmaiah, University of Illinois Chicago; Rigel Gjomemo, Discovery Partners Institute; V.N. Venkatakrishnan, University of Illinois Chicago
PhishSieve: Global Internet Wide Zero-Day Phishing Protection
Avi Sollomoni, Tel Aviv University; Yehuda Afek, Tel-Aviv University; Jin Song Dong, National University of Singapore; Yaniv Harel, Tel Aviv University; Yun Lin, Shanghai Jiao Tong University; Ruofan Liu, National University of Singapore