| GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes | USENIX Security '24 | Eric Cornelissen, Mikhail Shcherbakov, Musard Balliu |
| PURL: Safe and Effective Sanitization of Link Decoration | USENIX Security '24 | Shaoor Munir, Patrick Lee, Umar Iqbal, Zubair Shafiq, Sandra Siby |
| Digital Discrimination of Users in Sanctioned States: The Case of the Cuba Embargo | USENIX Security '24 | Anna Ablove, Shreyas Chandrashekaran, Hieu Le, Ram Sundara Raman, Reethika Ramesh, Harry Oppenheimer, Roya Ensafi |
| Stateful Least Privilege Authorization for the Cloud | USENIX Security '24 | Leo Cao, Luoxi Meng, Deian Stefan, Earlence Fernandes |
| SoK: What Don't We Know? Understanding Security Vulnerabilities in SNARKs | USENIX Security '24 | Stefanos Chaliasos, Jens Ernstberger, David Theodore, David Wong, Mohammad Jahanara, Benjamin Livshits |
| How does Endpoint Detection use the MITRE ATT&CK Framework? | USENIX Security '24 | Apurva Virkud, Muhammad Adil Inam, Andy Riddle, Jason Liu, Gang Wang, Adam Bates |
| Election Eligibility with OpenID: Turning Authentication into Transferable Proof of Eligibility | USENIX Security '24 | Véronique Cortier, Alexandre Debant, Anselme Goetschmann, Lucca Hirschi |
| Rethinking the Invisible Protection against Unauthorized Image Usage in Stable Diffusion | USENIX Security '24 | Shengwei An, Lu Yan, Siyuan Cheng, Guangyu Shen, Kaiyuan Zhang, Qiuling Xu, Guanhong Tao, Xiangyu Zhang |
| Detecting Kernel Memory Bugs through Inconsistent Memory Management Intention Inferences | USENIX Security '24 | Dinghao Liu, Zhipeng Lu, Shouling Ji, Kangjie Lu, Jianhai Chen, Zhenguang Liu, Dexin Liu, Renyi Cai, Qinming He |
| Understanding the Security and Privacy Implications of Online Toxic Content on Refugees | USENIX Security '24 | Arjun Arunasalam, Habiba Farrukh, Eliz Tekcan, Z. Berkay Celik |
| Finding Traceability Attacks in the Bluetooth Low Energy Specification and Its Implementations | USENIX Security '24 | Jianliang Wu, Patrick Traynor, Dongyan Xu, Dave (Jing) Tian, Antonio Bianchi |
| Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities | USENIX Security '24 | Emre Güler, Sergej Schumilo, Moritz Schloegel, Nils Bars, Philipp Görz, Xinyi Xu, Cemal Kaygusuz, Thorsten Holz |
| ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing | USENIX Security '24 | Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li |
| Racing on the Negative Force: Efficient Vulnerability Root-Cause Analysis through Reinforcement Learning on Counterexamples | USENIX Security '24 | Dandan Xu, Di Tang, Yi Chen, XiaoFeng Wang, Kai Chen, Haixu Tang, Longxing Li |
| Exploring Covert Third-party Identifiers through External Storage in the Android New Era | USENIX Security '24 | Zikan Dong, Tianming Liu, Jiapeng Deng, Li Li, Minghui Yang, Meng Wang, Guosheng Xu, Guoai Xu |
| Hermes: Unlocking Security Analysis of Cellular Network Protocols by Synthesizing Finite State Machines from Natural Language Specifications | USENIX Security '24 | Abdullah Al Ishtiaq, Sarkar Snigdha Sarathi Das, Syed Md Mukit Rashid, Ali Ranjbar, Kai Tu, Tianwei Wu, Zhezheng Song, Weixuan Wang, Mujtahid Akon, Rui Zhang, Syed Rafiul Hussain |
| Closed-Form Bounds for DP-SGD against Record-level Inference Attacks | USENIX Security '24 | Giovanni Cherubin, Boris Köpf, Andrew Paverd, Shruti Tople, Lukas Wutschitz, Santiago Zanella-Béguelin |
| Does Online Anonymous Market Vendor Reputation Matter? | USENIX Security '24 | Alejandro Cuevas, Nicolas Christin |
| OPTIKS: An Optimized Key Transparency System | USENIX Security '24 | Julia Len, Melissa Chase, Esha Ghosh, Kim Laine, Radames Cruz Moreno |
| Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content | USENIX Security '24 | Qinge Xie, Manoj Vignesh Kasi Murali, Paul Pearce, Frank Li |
| Smudged Fingerprints: Characterizing and Improving the Performance of Web Application Fingerprinting | USENIX Security '24 | Brian Kondracki, Nick Nikiforakis |
| PURE: Payments with UWB RElay-protection | USENIX Security '24 | Daniele Coppola, Giovanni Camurati, Claudio Anliker, Xenia Hofmeier, Patrick Schaller, David Basin, Srdjan Capkun |
| LaKey: Efficient Lattice-Based Distributed PRFs Enable Scalable Distributed Key Management | USENIX Security '24 | Matthias Geihs, Hart Montgomery |
| Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models | USENIX Security '24 | Zhiyuan Yu, Xiaogeng Liu, Shunning Liang, Zach Cameron, Chaowei Xiao, Ning Zhang |
| Enabling Contextual Soft Moderation on Social Media through Contrastive Textual Deviation | USENIX Security '24 | Pujan Paudel, Mohammad Hammas Saeed, Rebecca Auger, Chris Wells, Gianluca Stringhini |
